Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bootsektorvirus BOO/TDss.o (https://www.trojaner-board.de/143563-bootsektorvirus-boo-tdss-o.html)

Markus100 25.10.2013 19:16
Bootsektorvirus BOO/TDss.o
 
Hallo,

ich habe folgendes Problem:
Ich habe seit längerer Zeit den Bootsektorvirus BOO/TDss.o auf meinem System (Windows 8).
Nun versuche ich seit ein paar Tagen verzweifelt, ihn loszuwerden:

Ich habe zunächst den Pc von der Windows-CD aus gebootet und dort in der Konsole mittels "bootrec/fixmbr" den Master Boot Record neu geschrieben. Anschließend habe ich das System ohne es neu zu starten mittels der Windows-CD zunächst formatiert und dann Windows neu installiert. Nach der Installation zeigt Avira Antivir aber immer noch den Virus an.

Was kann ich noch tun? bzw. was mache ich falsch? Kann es sein, dass die Windows-CD bereits vom Virus befallen ist?

Hier der Scan-Log:


Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 25. Oktober 2013 08:24


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 8 Pro
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : MARKUS

Versionsinformationen:
BUILD.DAT : 14.0.0.411 55393 Bytes 10.10.2013 19:14:00
AVSCAN.EXE : 14.0.0.383 968776 Bytes 10.10.2013 17:14:05
AVSCANRC.DLL : 14.0.0.225 62024 Bytes 10.10.2013 17:14:05
LUKE.DLL : 14.0.0.383 65096 Bytes 10.10.2013 17:14:07
AVSCPLR.DLL : 14.0.0.383 92232 Bytes 10.10.2013 17:14:05
AVREG.DLL : 14.0.0.383 250440 Bytes 10.10.2013 17:14:05
avlode.dll : 14.0.0.383 512584 Bytes 10.10.2013 17:14:05
avlode.rdf : 13.0.1.42 26846 Bytes 10.10.2013 17:14:05
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 17:14:08
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 17:14:08
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 17:14:08
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:14:08
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 17:14:08
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:14:08
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 17:14:08
VBASE007.VDF : 7.11.103.231 2048 Bytes 24.09.2013 17:14:08
VBASE008.VDF : 7.11.103.232 2048 Bytes 24.09.2013 17:14:08
VBASE009.VDF : 7.11.103.233 2048 Bytes 24.09.2013 17:14:08
VBASE010.VDF : 7.11.103.234 2048 Bytes 24.09.2013 17:14:08
VBASE011.VDF : 7.11.103.235 2048 Bytes 24.09.2013 17:14:08
VBASE012.VDF : 7.11.103.236 2048 Bytes 24.09.2013 17:14:08
VBASE013.VDF : 7.11.103.237 2048 Bytes 24.09.2013 17:14:08
VBASE014.VDF : 7.11.104.123 282112 Bytes 26.09.2013 17:14:08
VBASE015.VDF : 7.11.104.237 359424 Bytes 28.09.2013 17:14:08
VBASE016.VDF : 7.11.105.103 195072 Bytes 02.10.2013 17:14:08
VBASE017.VDF : 7.11.105.243 571904 Bytes 07.10.2013 17:14:08
VBASE018.VDF : 7.11.106.91 185856 Bytes 08.10.2013 17:14:08
VBASE019.VDF : 7.11.106.167 183296 Bytes 09.10.2013 01:28:51
VBASE020.VDF : 7.11.107.5 236544 Bytes 11.10.2013 01:28:51
VBASE021.VDF : 7.11.107.85 178688 Bytes 13.10.2013 01:28:51
VBASE022.VDF : 7.11.107.163 276992 Bytes 15.10.2013 01:28:51
VBASE023.VDF : 7.11.108.15 308224 Bytes 17.10.2013 01:28:52
VBASE024.VDF : 7.11.108.79 190464 Bytes 18.10.2013 01:28:52
VBASE025.VDF : 7.11.108.159 245248 Bytes 20.10.2013 01:28:52
VBASE026.VDF : 7.11.109.41 454144 Bytes 23.10.2013 01:28:53
VBASE027.VDF : 7.11.109.42 2048 Bytes 23.10.2013 01:28:53
VBASE028.VDF : 7.11.109.43 2048 Bytes 23.10.2013 01:28:53
VBASE029.VDF : 7.11.109.44 2048 Bytes 23.10.2013 01:28:53
VBASE030.VDF : 7.11.109.45 2048 Bytes 23.10.2013 01:28:53
VBASE031.VDF : 7.11.109.82 154112 Bytes 24.10.2013 01:28:53
Engineversion : 8.2.12.134
AEVDF.DLL : 8.1.3.4 102774 Bytes 10.10.2013 17:14:02
AESCRIPT.DLL : 8.1.4.160 516478 Bytes 25.10.2013 01:28:57
AESCN.DLL : 8.1.10.4 131446 Bytes 10.10.2013 17:14:02
AESBX.DLL : 8.2.16.26 1245560 Bytes 10.10.2013 17:14:02
AERDL.DLL : 8.2.0.128 688504 Bytes 10.10.2013 17:14:02
AEPACK.DLL : 8.3.3.4 758136 Bytes 25.10.2013 01:28:56
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10.10.2013 17:14:02
AEHEUR.DLL : 8.1.4.716 6209914 Bytes 25.10.2013 01:28:56
AEHELP.DLL : 8.1.27.6 266617 Bytes 10.10.2013 17:14:02
AEGEN.DLL : 8.1.7.14 446839 Bytes 10.10.2013 17:14:02
AEEXP.DLL : 8.4.1.84 344439 Bytes 25.10.2013 01:28:57
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.10.2013 17:14:02
AECORE.DLL : 8.1.32.0 201081 Bytes 10.10.2013 17:14:02
AEBB.DLL : 8.1.1.4 53619 Bytes 10.10.2013 17:14:02
AVWINLL.DLL : 14.0.0.225 23624 Bytes 10.10.2013 17:14:05
AVPREF.DLL : 14.0.0.225 48712 Bytes 10.10.2013 17:14:05
AVREP.DLL : 14.0.0.225 175688 Bytes 10.10.2013 17:14:05
AVARKT.DLL : 14.0.0.225 257096 Bytes 10.10.2013 17:14:03
AVEVTLOG.DLL : 14.0.0.383 165960 Bytes 10.10.2013 17:14:03
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10.10.2013 17:14:07
AVSMTP.DLL : 14.0.0.225 60488 Bytes 10.10.2013 17:14:05
NETNT.DLL : 14.0.0.225 13384 Bytes 10.10.2013 17:14:07
RCIMAGE.DLL : 14.0.0.225 4786760 Bytes 10.10.2013 17:14:07
RCTEXT.DLL : 14.0.0.225 67144 Bytes 10.10.2013 17:14:07

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Freitag, 25. Oktober 2013 08:24

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[FUND] Enthält Code des Bootsektorvirus BOO/TDss.O

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '195' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'apnmcp.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '181' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'TBNotifier.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinLogon.exe' - '24' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:

Die Registry wurde durchsucht ( '1112' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Acer>


Ende des Suchlaufs: Freitag, 25. Oktober 2013 08:49
Benötigte Zeit: 24:26 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

19017 Verzeichnisse wurden überprüft
121857 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
121857 Dateien ohne Befall
530 Archive wurden durchsucht
0 Warnungen
0 Hinweise
421682 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

aharonov 25.10.2013 19:23
Hallo,

Zitat:
Kann es sein, dass die Windows-CD bereits vom Virus befallen ist?
Nein. Ich vermute, dass noch eine (inaktive) Malwarepartition rumliegt, welche Avira findet und meldet.
Lass und das anschauen:


Schritt 1

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Schritt 2

Downloade dir ListParts (von Farbar) herunter und speichere es auf den Desktop.
  • Starte die ListParts64.exe.
  • Drücke auf den Scan Button.
  • Wenn der Scan abgeschlossen ist, wird eine Logdatei Result.txt auf den Desktop gespeichert.
    Post deren Inhalt bitte hier.



Schritt 3

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Markus100 25.10.2013 19:46
Vielen Dank!



Hier das logfile von TDSS rootkit removing tool:
Code:
20:38:08.0328 0x0fc8  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
20:38:27.0215 0x0fc8  ============================================================
20:38:27.0215 0x0fc8  Current date / time: 2013/10/25 20:38:27.0215
20:38:27.0215 0x0fc8  SystemInfo:
20:38:27.0215 0x0fc8 
20:38:27.0215 0x0fc8  OS Version: 6.2.9200 ServicePack: 0.0
20:38:27.0215 0x0fc8  Product type: Workstation
20:38:27.0215 0x0fc8  ComputerName: Markus
20:38:27.0215 0x0fc8  UserName: Markus
20:38:27.0215 0x0fc8  Windows directory: C:\Windows
20:38:27.0215 0x0fc8  System windows directory: C:\Windows
20:38:27.0215 0x0fc8  Running under WOW64
20:38:27.0215 0x0fc8  Processor architecture: Intel x64
20:38:27.0215 0x0fc8  Number of processors: 2
20:38:27.0215 0x0fc8  Page size: 0x1000
20:38:27.0215 0x0fc8  Boot type: Normal boot
20:38:27.0215 0x0fc8  ============================================================
20:38:29.0027 0x0fc8  System UUID: {58548BA2-E657-B406-5EE4-5F1A1E10BEA6}
20:38:29.0745 0x0fc8  !crdlk
20:38:29.0760 0x0fc8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
20:38:29.0807 0x0fc8  ============================================================
20:38:29.0807 0x0fc8  \Device\Harddisk0\DR0:
20:38:29.0807 0x0fc8  MBR partitions:
20:38:29.0807 0x0fc8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
20:38:29.0807 0x0fc8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
20:38:29.0807 0x0fc8  ============================================================
20:38:29.0870 0x0fc8  C: <-> \Device\Harddisk0\DR0\Partition2
20:38:29.0870 0x0fc8  ============================================================
20:38:29.0870 0x0fc8  Initialize success
20:38:29.0870 0x0fc8  ============================================================
20:39:38.0667 0x09f0  ============================================================
20:39:38.0667 0x09f0  Scan started
20:39:38.0667 0x09f0  Mode: Manual; SigCheck; TDLFS;
20:39:38.0667 0x09f0  ============================================================
20:39:38.0667 0x09f0  KSN ping started
20:39:41.0148 0x09f0  KSN ping finished: true
20:39:41.0866 0x09f0  ================ Scan system memory ========================
20:39:41.0866 0x09f0  System memory - ok
20:39:41.0866 0x09f0  ================ Scan services =============================
20:39:42.0401 0x09f0  [ 17495C8F96D57904C2E9630CF77F5B02, 426E1F92585D922EE40E63DD8FDF8213E3ABA3A2FD6FAF869ACE1AA01E281258 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:39:42.0533 0x09f0  1394ohci - ok
20:39:42.0627 0x09f0  [ 20EE62BA8318B249EE4C5A208A645E7E, 3868B926461B15226068E23BBC61BE9FAFDE5C4D043EA62CDC11C027762731E2 ] 3ware          C:\Windows\system32\drivers\3ware.sys
20:39:42.0658 0x09f0  3ware - ok
20:39:42.0721 0x09f0  [ 5165287A849B6DEB83D5B1E167FD31A3, D6CFDA90F28A89E5B55B22D6AAD42C99927FE345A01CDFC168CDEA1058998B63 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:39:42.0783 0x09f0  ACPI - ok
20:39:42.0799 0x09f0  [ 64F237B2C6EF0111BB870C8B64861CAD, 164304BC71165AF7D1D7E157A00DD63AD4CD2219BBB042CB30E4FF9A9C5C1F4F ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:39:42.0830 0x09f0  acpiex - ok
20:39:42.0845 0x09f0  [ A11500807F1877BD2ADBA1023E42F784, F059143C84EF34054BCF7DFD3155C366B2A2BF866DCF1953C0F1F16490159841 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:39:42.0892 0x09f0  acpipagr - ok
20:39:42.0908 0x09f0  [ 13C3D41BE36FE2027FB3FFCE2CD2CCF0, D524FB36FC33528F43ECBB0607D239037A8A01E506F3E4A5711A766C45C83C6C ] AcpiPmi        C:\Windows\System32\drivers\acpipmi.sys
20:39:42.0939 0x09f0  AcpiPmi - ok
20:39:42.0955 0x09f0  [ 3EE3093708B2DCA60323B0AA14DF359F, BD11A04AC1025CC941EF15A0517283C9234657DDC1D3BBD1794EF7266B6AA85A ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:39:42.0986 0x09f0  acpitime - ok
20:39:43.0079 0x09f0  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:39:43.0095 0x09f0  AdobeARMservice - ok
20:39:43.0445 0x09f0  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:39:43.0476 0x09f0  AdobeFlashPlayerUpdateSvc - ok
20:39:43.0554 0x09f0  [ 764584A0AD1BD3FF198135AD2D7692B8, DFFF1AF774AFE5CFF55F5BF4F0BE6271ACB80D6685FBF77BE0A6288F8F99C2C4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
20:39:43.0616 0x09f0  adp94xx - ok
20:39:43.0663 0x09f0  [ 5C82D0A150CB633A54751A3111C06398, 64EA04F87F0A1CC0A72296C0E6C13A8407F0E0635A4674B412CD7DE591826C75 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
20:39:43.0710 0x09f0  adpahci - ok
20:39:43.0748 0x09f0  [ DB4E3210CE6A79ECAAD1C09AE2922322, F8D96243DADB980620310BF272449900FF996F1D000F5D2FD5456CE7A7712F6C ] adpu320        C:\Windows\system32\drivers\adpu320.sys
20:39:43.0784 0x09f0  adpu320 - ok
20:39:43.0831 0x09f0  [ 8889F910936A68EEB448177DA135656F, 8281DFBBEFC111C708B7716CED7523D7DBC00CDDAB0C5A5E633C1D9BDA7B7984 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
20:39:43.0894 0x09f0  AeLookupSvc - ok
20:39:43.0972 0x09f0  [ D3C1DE857B2CC4DCC9805AA460E95375, 5432BE91B8D0B24E756A3228946D4C036F343D631B8B137EE701206E872F27A1 ] AFD            C:\Windows\system32\drivers\afd.sys
20:39:44.0066 0x09f0  AFD - ok
20:39:44.0128 0x09f0  [ EE103CB9714AF259CE02E05B802443AE, 36B1BF40266CA6BA51F620E156455EB8AB4C4BD204AD604CF02195CEE354B7BC ] agp440          C:\Windows\system32\drivers\agp440.sys
20:39:44.0159 0x09f0  agp440 - ok
20:39:44.0206 0x09f0  [ 22A49960013C51651E5C6C0D896819FE, B6A1ECE260719F88291BB245CE667A524C75AA3C8B22ACB52920E7B1FD8E5775 ] ALG            C:\Windows\System32\alg.exe
20:39:44.0269 0x09f0  ALG - ok
20:39:44.0300 0x09f0  [ 0210340186C19D133BCE3F31914BE63D, 57DCAC6D13B1BA389DA96AC9BDA350672E103CFDA0030343FE5645A6ABE7B3CE ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:39:44.0347 0x09f0  AllUserInstallAgent - ok
20:39:44.0393 0x09f0  [ 9AC4C8659A13D9CACBB9387A92DF4299, FFB8D82E59204AA7A4C071CC2D51862482B3A296D97E75D5CC72AAD1380C81FE ] AmdK8          C:\Windows\System32\drivers\amdk8.sys
20:39:44.0456 0x09f0  AmdK8 - ok
20:39:44.0471 0x09f0  [ 9E2B8A93C6BAC8AD6B62853FE134E666, 66360C2DD0D2B8CB35B9605A51B60E4F719DA98967308C1914A0A7C61B851EA3 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:39:44.0534 0x09f0  AmdPPM - ok
20:39:44.0549 0x09f0  [ 87C7DAC076B22EE0817AA6393573770D, 22A85C5D859615236C3552794968852AE98B78811829C24C8611A314018FC846 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
20:39:44.0581 0x09f0  amdsata - ok
20:39:44.0612 0x09f0  [ 6BDD088E9002743EB7721998876239F4, 9D741B9B9D2A9D01C75AB244346DAFAA2F9038BA762014DF561257C7AB3E40D3 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:39:44.0659 0x09f0  amdsbs - ok
20:39:44.0690 0x09f0  [ 2EFF0617F34D7B61DDF80980EEF01D24, CE78CE21D34A185F0F798E2C4F675A866ADE9F540331CD2DEA153AECC3EC048A ] amdxata        C:\Windows\system32\drivers\amdxata.sys
20:39:44.0721 0x09f0  amdxata - ok
20:39:44.0924 0x09f0  [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:39:44.0971 0x09f0  AntiVirSchedulerService - ok
20:39:45.0033 0x09f0  [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:39:45.0064 0x09f0  AntiVirService - ok
20:39:45.0127 0x09f0  [ 59A16E5DEA0EDBEF76EA40C4E6FE597D, 4777D703E79B79673FBA9EDD44BC01D39B77E91E2336A604156DD6F5F495C257 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:39:45.0220 0x09f0  AntiVirWebService - ok
20:39:45.0267 0x09f0  [ 97BCBD4C0257A469D8E55A41C2DF29C7, 4D8980370729E731E302E7F272F7C472BEBA2115AB2DBEC5AFA790919535B724 ] AppID          C:\Windows\system32\drivers\appid.sys
20:39:45.0329 0x09f0  AppID - ok
20:39:45.0376 0x09f0  [ 45E046FA37ADF4B738B9C8AEC97C81D9, FB35AEED64A82F277396AD159F36D1E025EAC76578B831B157237F5C394A3BB1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:39:45.0439 0x09f0  AppIDSvc - ok
20:39:45.0454 0x09f0  [ F8EC4211BED681F86848EC2D516BADEC, 654B81C62DFB596D08696FCF52CABCF0F670D0D45EE99189F1FBB7601A2F78CC ] Appinfo        C:\Windows\System32\appinfo.dll
20:39:45.0501 0x09f0  Appinfo - ok
20:39:45.0517 0x09f0  [ 7A575C64548A630B6BF06D014D774750, 5C4F79AF927EC71F9F46FE6D6032E594344B54F822F0A30F4996C7F7B441FA9C ] AppMgmt        C:\Windows\System32\appmgmts.dll
20:39:45.0579 0x09f0  AppMgmt - ok
20:39:45.0610 0x09f0  [ 3242E9F093CEC59A891AF84B664D728C, 51A21D425D4746B910101E80781F8811B14DE9EAD26F7CFBB1E4C67C750F78E4 ] arc            C:\Windows\system32\drivers\arc.sys
20:39:45.0641 0x09f0  arc - ok
20:39:45.0673 0x09f0  [ 1DF0B7A719F4A29F51C22E58D4383629, BE68C5A47B465AE0E30857287E0BD17D18158F37DD408E857FA4641EE500A702 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:39:45.0704 0x09f0  arcsas - ok
20:39:45.0735 0x09f0  [ 9D20D357E10498AA3DA5DFAAC7E4A598, C1FC676CFF0CA998A3C14B67ABD034C1B64D71961DAC35D0E8FB75853B5C5196 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:39:45.0797 0x09f0  AsyncMac - ok
20:39:45.0813 0x09f0  [ 04E65143EE20BAD768389C61718F116A, 98C2549DB1BC8772E99CB9C895A0A71BB27C4529D33F26B9CB0322AC8718E511 ] atapi          C:\Windows\system32\drivers\atapi.sys
20:39:45.0844 0x09f0  atapi - ok
20:39:45.0907 0x09f0  [ 70A96EB82AE095554D7A2928FD0FB099, 412F46B64A90B541CD6A9BAF2DB6FC4F05E1CA5FEA9632C25899C871AA2AC861 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:39:45.0953 0x09f0  AudioEndpointBuilder - ok
20:39:45.0988 0x09f0  [ A3499B83F027D7EF549190D6FCF283F1, F82AB55EDAC14BC9FF8E62DDE084FA0012D163072A7951E80AD4A8A4A2686710 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:39:46.0113 0x09f0  Audiosrv - ok
20:39:46.0160 0x09f0  [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:39:46.0207 0x09f0  avgntflt - ok
20:39:46.0238 0x09f0  [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:39:46.0269 0x09f0  avipbb - ok
20:39:46.0285 0x09f0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:39:46.0300 0x09f0  avkmgr - ok
20:39:46.0332 0x09f0  [ D1D40E04F258917863F8F6AE3D49DC33, D620C721686F7A5161781119E94B5B21B757384A40B1115F68CD97475638FCED ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
20:39:46.0363 0x09f0  avnetflt - ok
20:39:46.0394 0x09f0  [ CF4E5D4F4CA70859A9B8C2FC2E231AD7, F6B2FEBA3808BDFCB9D084EB73F3B9FFA24D24D7F5273B6E31215ECBFA4B6B42 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:39:46.0456 0x09f0  AxInstSV - ok
20:39:46.0519 0x09f0  [ EABCCC87C98C4A87C792E8D7E0E2A4DA, 3B54971FBFB6AC90CEB2E9A9A8B08BBFD26FEB870A3D767192A310EB1292DC80 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
20:39:46.0581 0x09f0  b06bdrv - ok
20:39:46.0612 0x09f0  [ 70C6C26CD374699D6DBB6D681B8A972E, 808AD40C5E239D657024A208FCB63BF76309F5A3921D07B6353F2DE4B5DE5D18 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:39:46.0659 0x09f0  BasicDisplay - ok
20:39:46.0690 0x09f0  [ 9FC9F32E41B9BACBF721A6BE64B45A21, A7E58F27110B37A493383817B28B305CE1C9CEC61146ADE9A7EDDB9026DE41C3 ] BasicRender    C:\Windows\System32\drivers\BasicRender.sys
20:39:46.0706 0x09f0  BasicRender - ok
20:39:46.0971 0x09f0  [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl63a.sys
20:39:47.0408 0x09f0  BCM43XX - ok
20:39:47.0517 0x09f0  [ 1A61CBA65EAD2EEB3E54C4346BF19BBB, 4F1CF764E487623F7E650CC152EE3ABCA8C9B73C2BD16195DA8D386F3D6C8F57 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:39:47.0580 0x09f0  BDESVC - ok
20:39:47.0611 0x09f0  [ 9CA7506575641FA017C69649A6CA0EFF, D0DADD656B3EB40AC2E30C65ED7F65BF653EEA543F37FB251BE897E7A698379D ] Beep            C:\Windows\system32\drivers\Beep.sys
20:39:47.0642 0x09f0  Beep - ok
20:39:47.0704 0x09f0  [ 0C85BC19619931FBDEFF48830F95D5AE, BC30F4F2709FAB7040D06CB3CB130001684D59D57B451E9350DC0A6E83C8DFCB ] BFE            C:\Windows\System32\bfe.dll
20:39:47.0814 0x09f0  BFE - ok
20:39:47.0892 0x09f0  [ B94800B76A324834796BC68246DD3E31, 3D3BA07324605D5B01FB45D8F7A160130ACD7FAA5E181F163A78AD128B6DB987 ] BITS            C:\Windows\System32\qmgr.dll
20:39:48.0001 0x09f0  BITS - ok
20:39:48.0048 0x09f0  [ 199FCFF2B289F66111B7770D8CAF341C, 03B5B0EA168BA336354EE032CD0EFA7C8A1CC4A87954B913B1BCBA022C5F20A2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:39:48.0126 0x09f0  bowser - ok
20:39:48.0172 0x09f0  [ F79B65F8B44DA6735CF0FE6DD5D50BB2, 4867B9BE4ABCDCE237FBC05322E5E1CA5708FBC98D0037CA63FDC75ECAE7D6A8 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:39:48.0204 0x09f0  BrokerInfrastructure - ok
20:39:48.0240 0x09f0  [ 44C16C5F3CD2E85E341B4758E391A6B3, B8CE78813BE06D18B753970E19EF3078B3E659D14C424B2505592E1FB4F14FF3 ] Browser        C:\Windows\System32\browser.dll
20:39:48.0302 0x09f0  Browser - ok
20:39:48.0334 0x09f0  [ F92BBA7BBF29C991CBEB9C79F8456BED, 717E4F75F83F7DECEE627BDE04583F6F9AECBEF49602B8783CA7D0CB973E6C31 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:39:48.0380 0x09f0  BthAvrcpTg - ok
20:39:48.0412 0x09f0  [ 8DA65E6D5C2BBEC9F1DF8E46995540BD, D73208F756F762D4DE9990B18A0227EC9420496E244073FB6DCD853FA5422C15 ] BthHFEnum      C:\Windows\System32\drivers\bthhfenum.sys
20:39:48.0474 0x09f0  BthHFEnum - ok
20:39:48.0505 0x09f0  [ 0375B8756A92CA4F53C8058C6BD75082, 3480500D449165A779347D08482354377470E9B10FC2D16393D7420B55BB2CF4 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:39:48.0568 0x09f0  bthhfhid - ok
20:39:48.0583 0x09f0  [ 4373A04575405AAE159AFB2EA857D586, F6A72BD8BF6E0CBA6BE608B0E0338B346AB576715D985EDB0306E1F1669847BA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:39:48.0661 0x09f0  BTHMODEM - ok
20:39:48.0708 0x09f0  [ 097E028F506D68D198A86E8EA342A297, 19B58C6D7955320EEA96C392EA7034BFD813FC58F4815D1F41B72B0118A79CFF ] bthserv        C:\Windows\system32\bthserv.dll
20:39:48.0755 0x09f0  bthserv - ok
20:39:48.0802 0x09f0  [ 9FDF55B0486D9A59C979645FBC3F132B, 696668AE62F2BD2CB3ABA226D517E80504CD982AB770DF865A6EE396D648B2CD ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:39:48.0848 0x09f0  cdfs - ok
20:39:48.0864 0x09f0  [ 40B7C9B1593614385B9C2F3B8D89CE8D, B3ED39281AE6FCFCD8B421B934BDA5B433FA4DC174A820AE2C3573F6610C56EA ] cdrom          C:\Windows\System32\drivers\cdrom.sys
20:39:48.0911 0x09f0  cdrom - ok
20:39:48.0942 0x09f0  [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] CertPropSvc    C:\Windows\System32\certprop.dll
20:39:49.0036 0x09f0  CertPropSvc - ok
20:39:49.0051 0x09f0  [ 60B681FF66540A7E9F00D2073030BF29, A92F041420FAD05F9CE1B29F33ECC6AC7C38934111FAC1B221E756F90EB8FE1A ] circlass        C:\Windows\System32\drivers\circlass.sys
20:39:49.0114 0x09f0  circlass - ok
20:39:49.0160 0x09f0  [ 705B02F6B765BDEF2EF8BB37D5D371EC, E5CDA3854E38F1AA5C7CF51336F8C4F3961AB3B8EFC852FB4C46108BDDE44E1F ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:39:49.0223 0x09f0  CLFS - ok
20:39:49.0254 0x09f0  [ D8993E1CEB237DB41A18F14D2D873B6F, 772D50D538214B2F0B2F5FAFD264C29BC05BDCCB1D51439E18FF7CCD18660091 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:39:49.0285 0x09f0  CmBatt - ok
20:39:49.0332 0x09f0  [ C0BF8F5D780CFE07A9690E5B6F5FCB32, 8D9154D0C7E7487B594E9E2262E998C98D278AAFB957028127EFC86EDFEB609C ] CNG            C:\Windows\system32\Drivers\cng.sys
20:39:49.0394 0x09f0  CNG - ok
20:39:49.0426 0x09f0  [ C850B672E78BB45A4F980FFA2197EEFB, FC8ACE717D7872E5269071808CBD2D77CE129027604A1339E8958FC37AFB8A5F ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
20:39:49.0488 0x09f0  CompositeBus - ok
20:39:49.0504 0x09f0  COMSysApp - ok
20:39:49.0519 0x09f0  [ 587F4752B4892ECCB1FF14F478BE7396, 9598738EC0C8C4B3E94029EE0ED0875721450A25A0C37DDB014F32F37AEC286A ] condrv          C:\Windows\system32\drivers\condrv.sys
20:39:49.0550 0x09f0  condrv - ok
20:39:49.0597 0x09f0  [ F25BBEFB14A75AA154417991BAD98967, 3447AA3F44028A836529F494483CDAEAB5BEEFA48240E8E07512409A6EF31264 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:39:49.0644 0x09f0  CryptSvc - ok
20:39:49.0691 0x09f0  [ 0F67E05737A49D43B0A50A6482F57B1A, 2A12C10121A01FB1337A88E12791BE4782AD42778AAC83986E9BACD11967208D ] CSC            C:\Windows\system32\drivers\csc.sys
20:39:49.0800 0x09f0  CSC - ok
20:39:49.0878 0x09f0  [ 09DEA2ADC74E46CA5CC66AC26F13A7AF, 04F133B880848429F9B0896F84796680974EED07F2249A19EEDD97EBD63FBC17 ] CscService      C:\Windows\System32\cscsvc.dll
20:39:49.0987 0x09f0  CscService - ok
20:39:50.0018 0x09f0  [ 7B08F79034E4EEF9E10BB77939D2C72F, 0FABEA070805052798788C45C563BAF139D7E348B02C00C99E214BA0075A6161 ] dam            C:\Windows\system32\drivers\dam.sys
20:39:50.0050 0x09f0  dam - ok
20:39:50.0112 0x09f0  [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:39:50.0190 0x09f0  DcomLaunch - ok
20:39:50.0268 0x09f0  [ FA7AC7454EBBA1AD402E32B399BC9CE5, C7C12728E80DADFAF3187B829FCE71D4098BB491EC4DEF6E5992BD73922419EC ] defragsvc      C:\Windows\System32\defragsvc.dll
20:39:50.0346 0x09f0  defragsvc - ok
20:39:50.0377 0x09f0  [ 565B3ABEF0B54B0731BEFA4DEF9EE845, F379ADCB5B6DF257883B0908A4B780A706A8955E30D1745E91048BBA47109949 ] DeviceAssociationService C:\Windows\system32\das.dll
20:39:50.0455 0x09f0  DeviceAssociationService - ok
20:39:50.0518 0x09f0  [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] DeviceInstall  C:\Windows\system32\umpnpmgr.dll
20:39:50.0564 0x09f0  DeviceInstall - ok
20:39:50.0611 0x09f0  [ 91E1FD9887DF6CAD9AAB3796AFB0D87C, 819014D6C15D354D25EF08C553C3D40E77E0A0DFEAFD3FE9DB3E99BF2593D874 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:39:50.0658 0x09f0  Dfsc - ok
20:39:50.0705 0x09f0  [ E628016CC8982BEE0D7190DEBC4A34F4, DDE032D514C2237836F645BFC963EE91A47DA2CB780B9115B6C2679EE5F3A41F ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:39:50.0767 0x09f0  Dhcp - ok
20:39:50.0783 0x09f0  [ 9B6F6E3153D1C05CFF3D2A6EBA8B371C, 3907B9D879973738B520F46C27E56257F4A8BF7CA72E91CEACD5B2F4F70D4F60 ] discache        C:\Windows\system32\drivers\discache.sys
20:39:50.0845 0x09f0  discache - ok
20:39:50.0861 0x09f0  [ 387792EA19C374A785ADBC385EDE3D4E, 2987941D8C437C2B81C4870C0D725464E5FC6DF0190EF2B3404C180BE2A1BF16 ] disk            C:\Windows\system32\drivers\disk.sys
20:39:50.0908 0x09f0  disk - ok
20:39:50.0923 0x09f0  [ 666B3B00C02B0D1D7D186EDBE0815092, A9DB43170472A13473AB9EF0E3FB6583485276C5EA0CD9372C2382B4AD3D503E ] dmvsc          C:\Windows\System32\drivers\dmvsc.sys
20:39:50.0970 0x09f0  dmvsc - ok
20:39:51.0017 0x09f0  [ E627748CC6DF1A0E32CF62125701972F, 71191820754C2C64036B393175E5A2067CE42B981D6092CEF17B0E716A5A162B ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:39:51.0088 0x09f0  Dnscache - ok
20:39:51.0120 0x09f0  [ A7C7A276FA35BC09723F754756616363, D777587A6919A944AAE2C5DF8EC8B39ECE53CD549D9848FE94A035B1F199E82C ] dot3svc        C:\Windows\System32\dot3svc.dll
20:39:51.0166 0x09f0  dot3svc - ok
20:39:51.0198 0x09f0  [ 58BECDD07D2C142B5B885CFCE2417E37, B40985E4DEA06F96B1B00E951209FB50BAE35BDDE4D5CA5C0C1AC7C772C1B64E ] DPS            C:\Windows\system32\dps.dll
20:39:51.0260 0x09f0  DPS - ok
20:39:51.0322 0x09f0  [ 66E92FA5752E142145E4713129B839A0, 267BEA7B69C8A92031762474534967588305658A747BEB0D1308C976417D5886 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
20:39:51.0372 0x09f0  drmkaud - ok
20:39:51.0419 0x09f0  [ 95B29527993D6CF37A793F3A021A27C3, 5502765548AC728E2FB043BA3AF8182675597F8EAE8F5AEC1F0978A0C3398685 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:39:51.0497 0x09f0  DsmSvc - ok
20:39:51.0591 0x09f0  [ 87CB29AC7973AEFEF9A3C8F8A37E68A4, EF2F34976D0D62C48CDBC5DDB48C2AE6C982D5661DDD905017558CB0809D6BA4 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
20:39:51.0747 0x09f0  DXGKrnl - ok
20:39:51.0809 0x09f0  [ 2DA79F8979B3B4915C061B7940072411, 207065F040FCD49A50F8978D8DA9AE9E670AC2C8CC8B8B3760E3319CD29D261B ] Eaphost        C:\Windows\System32\eapsvc.dll
20:39:51.0871 0x09f0  Eaphost - ok
20:39:52.0059 0x09f0  [ 06265D21ACA4359D6F950BB0B5D77A8A, 81B5DE840DC6FE6D86BC2FAAB065812C9C699AE40A543BE933DFF6361DB832F8 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
20:39:52.0402 0x09f0  ebdrv - ok
20:39:52.0480 0x09f0  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] EFS            C:\Windows\System32\lsass.exe
20:39:52.0527 0x09f0  EFS - ok
20:39:52.0573 0x09f0  [ 3F654C1AD8AE56F5C8D2B10AE6367FB4, 930BF850BC10A3143EBEB133099044F1C2C3A0A11213C9B8B833EACD0CB185C4 ] EhStorClass    C:\Windows\system32\drivers\EhStorClass.sys
20:39:52.0605 0x09f0  EhStorClass - ok
20:39:52.0620 0x09f0  [ 589EB959679725E43F36843E56100240, 612515D8DE32FA16763C9BA815141877212B84A06F396C04C9FB26CF44FB7C09 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:39:52.0667 0x09f0  EhStorTcgDrv - ok
20:39:52.0683 0x09f0  [ 194D8325063BB5EA1DD93F7C014E85B4, B64CCC4D786ADDC433595327E8F9B24236D96C8BA34760643380E965692CB8F3 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:39:52.0714 0x09f0  ErrDev - ok
20:39:52.0792 0x09f0  [ A6EC6E7D226DDF8A9B7179AA67E21BB9, 1B45B908E6BE479CDCD5831EAB4E4E853D81FF8EB668277A673E2C66BB6F1F29 ] EventSystem    C:\Windows\system32\es.dll
20:39:52.0854 0x09f0  EventSystem - ok
20:39:52.0901 0x09f0  [ 09BE68D402EFABB9EA1C41391A1980C9, C55659AAEBC51A6025521C814A4CE46D9A9245FBE8A7E20CCE56A82B1B44CBC1 ] exfat          C:\Windows\system32\drivers\exfat.sys
20:39:52.0963 0x09f0  exfat - ok
20:39:52.0979 0x09f0  [ F9EFFB914427E904FE9A34055C8343BE, 4028620B55F1E22AA02FF9309024AA8EA9C45CD8C11972F9500F19E34C53B62D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
20:39:53.0017 0x09f0  fastfat - ok
20:39:53.0081 0x09f0  [ 00CF8E60010A9941EB6CE04E65953589, C09D08BAB67DC358A09CEB00EA2E92569BF387B4DE6016B63DC5EF62E259E4D4 ] Fax            C:\Windows\system32\fxssvc.exe
20:39:53.0221 0x09f0  Fax - ok
20:39:53.0268 0x09f0  [ E7887664718A3EBE0B2C5CB530DD66E8, 13622929175390F6E061B5429019B10D5C96304E698331BEEE194AB1F0E53F91 ] fdc            C:\Windows\System32\drivers\fdc.sys
20:39:53.0299 0x09f0  fdc - ok
20:39:53.0330 0x09f0  [ 1F8564FA6576322F4F4CE3193D62AEC2, 302676FAF062269A2D255324D55C00A5AF730D1E64F9D0310208C78EDECA1DE6 ] fdPHost        C:\Windows\system32\fdPHost.dll
20:39:53.0393 0x09f0  fdPHost - ok
20:39:53.0408 0x09f0  [ B4130625D12F80C116CE41E1854C8B2D, 9FA3F8C4FAD7A6F209C5B07F0E79AC6D351B03091E12693DF3F8E2DE968D857C ] FDResPub        C:\Windows\system32\fdrespub.dll
20:39:53.0455 0x09f0  FDResPub - ok
20:39:53.0471 0x09f0  [ 2CFA5D87BC7062D82F188915B1C0906E, 6C3613350EE6E2AFB9318D4D2C32C850AB9B61FE573109277D67EC01D65859BC ] fhsvc          C:\Windows\system32\fhsvc.dll
20:39:53.0533 0x09f0  fhsvc - ok
20:39:53.0580 0x09f0  [ 8C857A0D3923AC7781C9B46960A58C1E, AA976D74BF27E7B87FBA6586127204FCA2F7004258A6F1F7208618F8C2D395EE ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:39:53.0611 0x09f0  FileInfo - ok
20:39:53.0627 0x09f0  [ 7F209B1C0E011FD01EDC4B73D045B39A, 61FECACB1ECEB8D5866ADBAAB98A360F9E403372D10F6E79F82C686999B124AE ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
20:39:53.0658 0x09f0  Filetrace - ok
20:39:53.0690 0x09f0  [ BDC556E08AC280E4FDD493653DB636E5, 52E2DE40B80E046D84533AC5B6DD76047DE8CCE4C1A3477AD7112B2D63203491 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:39:53.0721 0x09f0  flpydisk - ok
20:39:53.0754 0x09f0  [ EE84ACFE47C3B47D3F6B2B037F09BDB9, B74964DE47E93432F5C489BD10674C6F6DA691B7F9B48EC9643968C06B03080A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:39:53.0817 0x09f0  FltMgr - ok
20:39:53.0910 0x09f0  [ 9405DC324331FA918F0F6B4ECE22B16A, 73C537B95A7E8A5D0EE26C6409C86EBA9DBCD5DB03127B1770ACFFF8B8DD42E1 ] FontCache      C:\Windows\system32\FntCache.dll
20:39:54.0129 0x09f0  FontCache - ok
20:39:54.0175 0x09f0  [ C44DF89B95173F08E392CB16697AB736, 7E8AB7BBFA29D5615D369BED615EE3C1C43A68BAA0936121F2430380DA5C371B ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
20:39:54.0222 0x09f0  FsDepends - ok
20:39:54.0238 0x09f0  [ AE804E1B405A79197F27FEAF73E1B1D9, 247235B2C70F1EF57EBD1D63D045E9AE8F2E41730066E1BB03C0BCDFB0EA72C5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:39:54.0269 0x09f0  Fs_Rec - ok
20:39:54.0331 0x09f0  [ CFCA5826E2B8430848FF9D28A4B103F6, A3D1AFA3CE3FC03998A984F53A876BDC4440F10DF4DE74365F59699EDC6D91D8 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:39:54.0378 0x09f0  fvevol - ok
20:39:54.0425 0x09f0  [ E8FC085A40148801EA66745D1247C379, 37C74FABF1E5D78517F03FD5A6810ACCF484D03A79F6BC4B31BAAD888DB58478 ] FxPPM          C:\Windows\System32\drivers\fxppm.sys
20:39:54.0456 0x09f0  FxPPM - ok
20:39:54.0472 0x09f0  [ F3A74355FE0F38D599DC30A31E6F47DD, 8B8E97714682C7C1034FBEB2DCEFB7AFDE4FE4990EEC4EFD0C90E15E95CD3856 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:39:54.0503 0x09f0  gagp30kx - ok
20:39:54.0534 0x09f0  [ E818CF36D8FCB46AF9726490B9285683, 3770E186752C87E7799C48033CB0457152AA3064E8CE9E9AEEDEAE7BE37DBBB1 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:39:54.0581 0x09f0  gencounter - ok
20:39:54.0612 0x09f0  [ 80756BE0B7DB1880CAB1D8169F500521, B136980DE9A0CF6D7114FD4D36730D1E5953190893103AE56152C1B977E679AB ] GPIOClx0101    C:\Windows\system32\Drivers\msgpioclx.sys
20:39:54.0643 0x09f0  GPIOClx0101 - ok
20:39:54.0737 0x09f0  [ BAE87B5D00CF637430E0DC64752BC890, 0E9C015F956C7FA8B47AA307BB0C5B8217A56C46B851ED6D1BE589F3902A9BD7 ] gpsvc          C:\Windows\System32\gpsvc.dll
20:39:54.0909 0x09f0  gpsvc - ok
20:39:54.0987 0x09f0  [ D954548CA876D33FA87992EAC3A907E9, 7A182533F24C5B35D8B421D0FA07C151879D9B53FCC9FB9A71086F30979D3902 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:39:55.0096 0x09f0  HdAudAddService - ok
20:39:55.0143 0x09f0  [ 5EEBB5F5F86DF444B144D8FC0586164E, 433000F4CCD2468B371E62ACE5E4022E2EEFFF64ABA9C52B66807F22AA07278A ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:39:55.0189 0x09f0  HDAudBus - ok
20:39:55.0221 0x09f0  [ 90229C967C2D75DA5A0825E1473875F6, DE3762BA83EC2210B5251C8C6E6B3B1E80C2B9AD9F75AB32F9CE4231561400C2 ] HidBatt        C:\Windows\System32\drivers\HidBatt.sys
20:39:55.0267 0x09f0  HidBatt - ok
20:39:55.0283 0x09f0  [ B70CD61C1B2F282463A32E0C41481148, 8CBEA39C5B4CEF6746997B1E1E4C538888A28F9B5D4ED17A7F457748A1094716 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:39:55.0345 0x09f0  HidBth - ok
20:39:55.0361 0x09f0  [ 33609592291468A3C494B44DEE1FCF79, 79AC4E2A7DC07124FDBAC2B7CBF5BAA7C38790BF094AA4E2C51B8638DF46AF20 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:39:55.0423 0x09f0  hidi2c - ok
20:39:55.0439 0x09f0  [ D6850FA3EE1ECD7457F8E53726250CD1, 0FEF80F2C1BF0B8C89C0574C4183E8977D8C7631C49F7646BF08C1879D0B8500 ] HidIr          C:\Windows\System32\drivers\hidir.sys
20:39:55.0517 0x09f0  HidIr - ok
20:39:55.0548 0x09f0  [ A52EF1D6B8F4B9ED040B909009349DCE, 27CA5D923F2C05E82F0522420F50A7884C6A4E7E6DF2B13E00D793A7823EB90E ] hidserv        C:\Windows\system32\hidserv.dll
20:39:55.0595 0x09f0  hidserv - ok
20:39:55.0626 0x09f0  [ 8FADE4B0D0AAFFE4187E2D940A694D1F, B54441365E606925902A4A088DD8E52A3E1156143BF698C995C09FB3E376FA4D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:39:55.0673 0x09f0  HidUsb - ok
20:39:55.0704 0x09f0  [ 9BD84DF296F61203EA4B90A4C38C966E, BC33075557A5961ADE2DD4C624C21997E46AF135B49517CE9AE90A5681BC2205 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:39:55.0767 0x09f0  hkmsvc - ok
20:39:55.0813 0x09f0  [ 9A63274C72E567B06F0674ED51AF6430, B5ABAB89B7C35C97098B02DD6AA741836D4254DD5C3073B56E6E7F3D9C069F8E ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:39:55.0876 0x09f0  HomeGroupListener - ok
20:39:55.0923 0x09f0  [ C42B7A6216465AEDACE06E71DAB01E00, 02EA72B87D9D49624C8293082A6CEF34BDABADFAD9A2BC45F13F4A0FE62E88E9 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:39:56.0001 0x09f0  HomeGroupProvider - ok
20:39:56.0032 0x09f0  [ AE3BF8D78963AAAB2F8E5B1D4DB48DB6, F655723A914EFD8F276F3ACB0B0E6873BDC7C86720B54F7C0C436BC5EE09CA5D ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:39:56.0079 0x09f0  HpSAMD - ok
20:39:56.0141 0x09f0  [ 5FBC36B5A11DDED4BA7CA0F373E089F7, 97511B98CDECC7AA4CC6BB1E4236715CEE22FFEE07B765968915200AD465DAFE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:39:56.0250 0x09f0  HTTP - ok
20:39:56.0297 0x09f0  [ 8EBD3CDD8BEBA39CAF6F83D7EBAB950D, 5450E3D1674BF453AC74E3FD2E480C0B9A0981F3FC1188479BA5954874BBB773 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:39:56.0313 0x09f0  hwpolicy - ok
20:39:56.0328 0x09f0  [ B4D8CFAA814300E7604C634F5C5B25DB, EC60DE2E23569BAE162714A2560DD9D7903094D0176A38B3E7D2811094E6A2A4 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:39:56.0359 0x09f0  hyperkbd - ok
20:39:56.0375 0x09f0  [ CD657365669B52CCA07B20F07E53CA4B, CF20832504B266EBB477EB125A76EC1CE4425BC57A8113897442BA8F8752A35C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
20:39:56.0406 0x09f0  HyperVideo - ok
20:39:56.0422 0x09f0  [ 7F2D02F109F427BB79B09026BFD4497C, 2F37E0C63AD3BFE2478DB7689C6349683C1B3452486E2374AAAAB83FFD8F444F ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:39:56.0469 0x09f0  i8042prt - ok
20:39:56.0531 0x09f0  [ 6B031913FA9387744A70099E8CACB568, DADB1C38636F14AF7BD7F6B7FB104E7B8CD3D1F395A870AAD9FDB1DB75DFE646 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
20:39:56.0625 0x09f0  iaStorV - ok
20:39:56.0656 0x09f0  [ D789021B5ED044A82242895017F40E94, 13BAA853E5D04C0C417BB876B359DA8396B77130931DF2979A7CD4F65A754948 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
20:39:56.0687 0x09f0  iirsp - ok
20:39:56.0749 0x09f0  [ 634C6D286178700BDE9122C55175F654, A67B44C93AD26219C41C80FEAC8107FCA10AC02CAF7E626DA2A5D174562F9C4C ] IKEEXT          C:\Windows\System32\ikeext.dll
20:39:56.0874 0x09f0  IKEEXT - ok
20:39:56.0921 0x09f0  [ BFE2E1129284CEB8A4C1771AE6A6595B, BDA34DF3A378B75E70E2FDD3A2D2BC67E3939CE56919D256A34B3B8358613841 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:39:56.0937 0x09f0  intelide - ok
20:39:56.0968 0x09f0  [ 40C0816BF04741CCD3D0DE04172FB2A9, CA062A1FF9963168EB782C37870F32620402461C4F423F894A1EE655921FCE9C ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:39:57.0015 0x09f0  intelppm - ok
20:39:57.0030 0x09f0  [ F9C5A1592AC4F5432ED09C1D26041A57, E54B3F06479701E83C8ADF91ADD5B68238AB876DAFEFF738E292AACBAE12E101 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:39:57.0077 0x09f0  IpFilterDriver - ok
20:39:57.0155 0x09f0  [ D40C8D59F2BDB7CF6D4A0CE08042640E, 4D378CE22E2A3C089D4A333B6DC00B19465759438C4E0D5CDC5B2EB91DFAC49B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:39:57.0280 0x09f0  iphlpsvc - ok
20:39:57.0327 0x09f0  [ 46F807A9C6EE8C4CA477BC037F37D154, 70E8B9FB0675212DE8C57599975DC0D28110206DCD37879B9523053845351919 ] IPMIDRV        C:\Windows\System32\drivers\IPMIDrv.sys
20:39:57.0374 0x09f0  IPMIDRV - ok
20:39:57.0389 0x09f0  [ CECF7E60DEF1A500673BF299A8B99E25, EEB10A4B137DE48C160D1191A390E047BA36B12C4B22145F16A3273BD2ED3328 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
20:39:57.0452 0x09f0  IPNAT - ok
20:39:57.0467 0x09f0  [ B5F2900361C7747E6F831824759482A2, B6D1DDE654202563C2A24461F3D03733E80D1F9D4D224B3CAD8BE837D8EF11C6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:39:57.0514 0x09f0  IRENUM - ok
20:39:57.0530 0x09f0  [ 023C558E997F09BAB91B736A1714095F, 241D280F62248FC270BCE8EF8DDCE240813858A5A8AEE8A97855045657876388 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:39:57.0561 0x09f0  isapnp - ok
20:39:57.0592 0x09f0  [ 1CB65E4C55B135FDCFB41B53C03C0E86, 57FF4D6E6F1E05EDF2A1885937F88F20960E4BC7BA229D23FB8F68D07BE0A174 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:39:57.0654 0x09f0  iScsiPrt - ok
20:39:57.0670 0x09f0  [ 2C8AB975DEA711046AF8D7B6FEF790F2, A65AE55265A0E15D063AA311AC44D5768D7FA253901FCCBF328FD5AF4C95C74A ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:39:57.0701 0x09f0  kbdclass - ok
20:39:57.0717 0x09f0  [ 8A0FBD022B316E7CDB8072E33C4A348A, CFC5E705874ACA4F75601B56A5EE34903F7360184D4F814451EF1C5F1A108B54 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:39:57.0764 0x09f0  kbdhid - ok
20:39:57.0779 0x09f0  [ 7108512F89511DB5B4AA4B4988C48984, 11BA6D744FD0FFF2EBA3DC90BFE82ED6EECB312D56CCFF70063F166F236DCF93 ] kdnic          C:\Windows\system32\DRIVERS\kdnic.sys
20:39:57.0810 0x09f0  kdnic - ok
20:39:57.0842 0x09f0  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] KeyIso          C:\Windows\system32\lsass.exe
20:39:57.0873 0x09f0  KeyIso - ok
20:39:57.0888 0x09f0  [ D154BEE5E0A8E8576DFB243632B08D4C, 004366D5DA831D9B08A943BC9B9EAE51D4A4F233FBDBDD7466C522A38D5299D1 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:39:57.0935 0x09f0  KSecDD - ok
20:39:57.0966 0x09f0  [ 77080A55782B0FB515969E28CA7A3E17, 983B9AC21809C34680F62BF0995FEE874A4977F0F94A1E6CA5968B7D8F3A301F ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
20:39:57.0998 0x09f0  KSecPkg - ok
20:39:58.0013 0x09f0  [ E2BDD62776D1EA24FF2CB9EE995BA05F, 8328142485F1F5104FE62CA9B51A4145CC788A1D31CD402A6E5BB76D63804518 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
20:39:58.0044 0x09f0  ksthunk - ok
20:39:58.0091 0x09f0  [ 959BB9C502B0EB11F10E60AC83E302DC, D2275C54271B77ADF3EE71E066C33B2272EF03BDC926FC828C3D5106F16B61B2 ] KtmRm          C:\Windows\system32\msdtckrm.dll
20:39:58.0169 0x09f0  KtmRm - ok
20:39:58.0216 0x09f0  [ 8412D334F6B18F655BFF430E9DB1ABC6, 1F38AA06B3F0437393884479DC4B63109672C557FC118AF0D005BB188DEF2636 ] L1C            C:\Windows\system32\DRIVERS\L1C63x64.sys
20:39:58.0263 0x09f0  L1C - ok
20:39:58.0294 0x09f0  [ B98C14ADDAB35C842A6E6C7569319BD8, D5EAC5B7537D876B10F3024AF56A775BD7DADC55134EF498F16C5BE998B0E7D5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:39:58.0372 0x09f0  LanmanServer - ok
20:39:58.0403 0x09f0  [ 1485CF3F698BA2B09BEDBAEF13EBD45F, D34C642E2E4C9E8CC3A63B630A7EB9E53F9D40D295D4F435B05C6E9C97CBC8A3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:39:58.0450 0x09f0  LanmanWorkstation - ok
20:39:58.0481 0x09f0  [ FAC973039530C50FECCAF7E72FFA3524, CDE0837E37D3ADE152FC7077C16758A0BEAD0B7CA3B89E81C1EAF2091996C063 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:39:58.0528 0x09f0  lltdio - ok
20:39:58.0575 0x09f0  [ EB320128404659367A50774094B72210, D331E970FCF4E37C31CE591BD59D0D2B27F85F42435DCFE8F5D85C4ED58C6971 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
20:39:58.0637 0x09f0  lltdsvc - ok
20:39:58.0684 0x09f0  [ 04FB978A11E7BBBAB90909B222675337, B5865689B9CAC15EB724C5E097527CDDB148D49A5DA9E4BC6D428D06A265BB13 ] lmhosts        C:\Windows\System32\lmhsvc.dll
20:39:58.0715 0x09f0  lmhosts - ok
20:39:58.0746 0x09f0  [ 8FDBE4BA532047F678E39F6770941ED2, FD6FD8B718E44A2D023B1A4554FB56D6F56AD01CAD652CE9660CC4E8CDFC8327 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
20:39:58.0778 0x09f0  LSI_SAS - ok
20:39:58.0809 0x09f0  [ C06811E17E37F5EEC06D90535801424A, 77F11ED1BAD6FC1B53B1A9C1D4DE6D83E1D01040DB88C8F6691AB0C16D72DC55 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:39:58.0840 0x09f0  LSI_SAS2 - ok
20:39:58.0871 0x09f0  [ 6F2C426DF48334BB2F0B74C76985FE2A, F26C0C08302B95D4CA9D328B9717EBF1AB7E07DF0901107BB60365BE61F1372E ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:39:58.0902 0x09f0  LSI_SCSI - ok
20:39:58.0934 0x09f0  [ D01AE7845DE31EA30887FAEC6E8DCB65, 854C500B707E874BC6D7683E0A6135F3A702CCCC0FD1305A07A036615CA46E01 ] LSI_SSS        C:\Windows\system32\drivers\lsi_sss.sys
20:39:58.0965 0x09f0  LSI_SSS - ok
20:39:59.0012 0x09f0  [ B7809CBCF86839FE5C2DADD412666787, EE16B035B9874E5C0D072413DC85F9DCC660168B0DCB475C5256CCB5436B7402 ] LSM            C:\Windows\System32\lsm.dll
20:39:59.0074 0x09f0  LSM - ok
20:39:59.0121 0x09f0  [ 588AB727594A6778FB1FBEC4280C62C6, 5ADB8841D321C9FC9AFC3F39E31F2C5842627628BA1A56193A078CD6700139F7 ] luafv          C:\Windows\system32\drivers\luafv.sys
20:39:59.0183 0x09f0  luafv - ok
20:39:59.0214 0x09f0  [ 7E052CF6115C9CD8FBDDE37569C0426C, 467F112AAC27CA1DA56A304C2A08A2745C2B5B008C7981049745301348A1CDBA ] megasas        C:\Windows\system32\drivers\megasas.sys
20:39:59.0246 0x09f0  megasas - ok
20:39:59.0308 0x09f0  [ 6D808A6597FB161729E2EF050A9D76E4, 12159A0AF27120A037A073454DDD58A2628D8543A245EB8107E30A68ADE45496 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:39:59.0386 0x09f0  MegaSR - ok
20:39:59.0417 0x09f0  [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] MMCSS          C:\Windows\system32\mmcss.dll
20:39:59.0464 0x09f0  MMCSS - ok
20:39:59.0495 0x09f0  [ 1D9717FA1195CB9F8A7B92F4BF2FDCDB, 868798DDE2D55D1E2F95436B13F671C4EA46419EEBBBBA9CEDA8B31838C1D242 ] Modem          C:\Windows\system32\drivers\modem.sys
20:39:59.0558 0x09f0  Modem - ok
20:39:59.0589 0x09f0  [ 7E237CA07779A30EDFC7B2AD21172019, 8FBA4DFC0A9A67F81E119816D75023AAF0DAEF3863B33233B4AE7A0A240B5DE4 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
20:39:59.0620 0x09f0  monitor - ok
20:39:59.0620 0x09f0  [ 9F029A7247126ACE95BF3BFB2305DBB6, 54C5F36D6E1806ECAF50604950FBFDDF964167A3D132000523D43AFC926F4839 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:39:59.0651 0x09f0  mouclass - ok
20:39:59.0667 0x09f0  [ 7F557A4CDF0838B1251A35304B1FD4BD, 0DBB52F0A2360175D0521DA306D93722E391E468F6AEE503F725F7AEE2A893D1 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:39:59.0714 0x09f0  mouhid - ok
20:39:59.0729 0x09f0  [ BFBB08994C56B5FACDDE64858FA766CD, 982E31528770DE1D7BE556BA045C2124C84863685544E27B911CB174662CF35B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:39:59.0760 0x09f0  mountmgr - ok
20:39:59.0854 0x09f0  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:39:59.0885 0x09f0  MozillaMaintenance - ok
20:39:59.0932 0x09f0  [ B15DC7D5DBFDC0C7E49877EA51E7B6D3, 7AFD66E6447771344C0A20E4E4C708673D8651C8B88714B1A709A0F978CDDF25 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:40:00.0010 0x09f0  mpsdrv - ok
20:40:00.0104 0x09f0  [ 94B5D3B01A4A6E6BDD59ED001D650A6C, C602819159C11083444A7C9A4C2010546D2D519D498DA515EEC980145E33B134 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:40:00.0275 0x09f0  MpsSvc - ok
20:40:00.0338 0x09f0  [ 0154E2CF4E6C13189150081D26BBADCF, 0BE62D6E8DC459CDA08767E1915A94EA2F8143161768670318CC88B398DD0261 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:40:00.0400 0x09f0  MRxDAV - ok
20:40:00.0447 0x09f0  [ BD43E075C75A0DA06E16BEAB997919E1, 85F7185CCD59E5851F6D5D593CDE6B95FC8CFF66790A12123D6CB0D98E4D063E ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:00.0494 0x09f0  mrxsmb - ok
20:40:00.0525 0x09f0  [ E2E3BB261B69B41EB8FCB4BA9B08CDA5, F414C6AB4115917339F6609027F5B025D7B4798A9088DAF6C184F9AB60E2FFD2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:00.0587 0x09f0  mrxsmb10 - ok
20:40:00.0618 0x09f0  [ 15C9E57A7D3347F985486F9A09E67538, 2E4B133C2D7DE02E5BD760512E3EDB2424A0A413517062D1A33FFE1853C2051A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:00.0665 0x09f0  mrxsmb20 - ok
20:40:00.0696 0x09f0  [ 5D95E6DD5E8AE8F1D1BBF9B15AC1C29B, 4874B0FF974AD8C598891E2974BA1E75268EDF8C1D26F512BBF2FDED651343FE ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
20:40:00.0743 0x09f0  MsBridge - ok
20:40:00.0774 0x09f0  [ 0C13FCA740312536BF89AF4214E02803, EDCC63607789DC9F26C977D19D6546EF1F07D7031879DB4AEEA38466982FC269 ] MSDTC          C:\Windows\System32\msdtc.exe
20:40:00.0821 0x09f0  MSDTC - ok
20:40:00.0868 0x09f0  [ 6196FF7C20AEA729A8E0A344D04CEE48, C96126E6F0FE67A8283E9EF4CDB8EB14EB8729B67E6784E00CBA0C332F7FD467 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:40:00.0915 0x09f0  Msfs - ok
20:40:00.0930 0x09f0  [ 3E60AB00CB326348AA75165F428B4453, BBEFE2A5E897F46B089C5B7CFF4C6B48533BB6EA49FF626D5DF5DB209936CEAB ] msgpiowin32    C:\Windows\System32\drivers\msgpiowin32.sys
20:40:00.0962 0x09f0  msgpiowin32 - ok
20:40:00.0977 0x09f0  [ A12249F2C8A15A34239625E8CA857CF2, E6DC4A1FA4D9D182196E3D7522EA8A199025AB78AD0C708B564B2AC6AD4AAEAB ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
20:40:01.0008 0x09f0  mshidkmdf - ok
20:40:01.0024 0x09f0  [ D516EE4A6B5DDED62673C4A49A808CF9, E8D99F76D4686F82204A16C311CFF142A9F396CB3F6FD35BADBDF2CE9EA9E849 ] mshidumdf      C:\Windows\System32\drivers\mshidumdf.sys
20:40:01.0055 0x09f0  mshidumdf - ok
20:40:01.0071 0x09f0  [ C8FC57640D9AE3856AEFBB48F9C246E3, C6FE1C477CDBC8169B14564D960225C2F48333E2D01E4A5FF858529EC371C839 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:40:01.0102 0x09f0  msisadrv - ok
20:40:01.0149 0x09f0  [ 8A1589AD1F0D4BB5417BA4E0A143DFCC, 1748AE142C48A5524321E1F0BC248E570AAC39E1A433FCDB3C1FDC45865C20F7 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
20:40:01.0196 0x09f0  MSiSCSI - ok
20:40:01.0211 0x09f0  msiserver - ok
20:40:01.0227 0x09f0  [ 81FD1141F6843053D045099EF1E9FFF4, 9E7091C38F81ED920D2E40E0687DC378CC8323367E4E490BA0E7E866FF275472 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
20:40:01.0258 0x09f0  MSKSSRV - ok
20:40:01.0289 0x09f0  [ 56D27E5B5D5FCF993058426B73701C26, 7711FFD113EE4A6304A40E2C69805A12B127791489FBD7EB88C4FB1E24A40C3C ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
20:40:01.0352 0x09f0  MsLldp - ok
20:40:01.0383 0x09f0  [ 05E5204D25C6EB88D870D82E73DFA6A6, 153E3ABFD19DACE8F80F08925AFCC2F8ED9067EE308C837226129F092B2E38CA ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:01.0398 0x09f0  MSPCLOCK - ok
20:40:01.0414 0x09f0  [ 59789052F097F995C53C4F1A751961BA, 26BDF9D09F7FC2A35F8CA72ADDFE1774FC6A25CF92FDFDFECC5DBF3D43D43F93 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
20:40:01.0462 0x09f0  MSPQM - ok
20:40:01.0525 0x09f0  [ 573528C6A0753B72F86B765D5B607E0E, CD6343DF6F044ABC65058379E3E41040B3DFDEAA8A44E1B3C3487B1345AE71AB ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
20:40:01.0572 0x09f0  MsRPC - ok
20:40:01.0618 0x09f0  [ 417AFCB41E395182A911431B039DEBB9, 9482B98110D9DF3A83544DAF3D582B5AF37BBBF7AB491BEA2728F45F2976C283 ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:40:01.0634 0x09f0  mssmbios - ok
20:40:01.0665 0x09f0  [ 0AAA0930A7FDFA71B5808E5DCC313C17, 7F6ECF8BC7545BC3642C2F04012AA41944A846BA754B52C9BC4E0CBC1E18B6E2 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
20:40:01.0696 0x09f0  MSTEE - ok
20:40:01.0712 0x09f0  [ C8C114A691B4B5EA4093064E2C942DCD, 7B78C0DB7CA08897B58246F77B87FBDDEEA0EECE203A5E4F3773D27FA2C6F6BF ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:40:01.0743 0x09f0  MTConfig - ok
20:40:01.0759 0x09f0  [ 6F9A0DC60178D403AFF77370FC046B7E, 9310B420C02192AFC271D6DC42AE55AA20382D19610EB2171CE03AC0208CBE7F ] Mup            C:\Windows\system32\Drivers\mup.sys
20:40:01.0790 0x09f0  Mup - ok
20:40:01.0806 0x09f0  [ 3094B508C7C40544A60D9EF5C62A9D5F, 934B859749844CC8EE7244393783EA35DB466E3C1A4816A42D8C9765171BE4DE ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:40:01.0837 0x09f0  mvumis - ok
20:40:01.0884 0x09f0  [ 7FC8E15AAB7FF630EACCFB977195452D, CCF4846D62BA619DDEE3C3612139A14C8C6F9C4D11C2D82E653799BDFDA791BA ] napagent        C:\Windows\system32\qagentRT.dll
20:40:01.0946 0x09f0  napagent - ok
20:40:01.0993 0x09f0  [ 153B849C9692E6BAE7666A6361B8B65C, 65D315A4E6C950C9C70AA6DE8E486D32871EDA267B2AAEDD628532132D187178 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
20:40:02.0055 0x09f0  NativeWifiP - ok
20:40:02.0086 0x09f0  [ E5001E5C5C766B095971F6EF07C93DE3, 38AB58AE4391317BC1661A17809146AB481B2BFA8A2772A116EE10834332E924 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:40:02.0133 0x09f0  NcaSvc - ok
20:40:02.0164 0x09f0  [ 392B0E0CB50218037CEDE5588FFAD1AB, E7CBAEB55AF64D2F087BAE7FC0BEE3CCECB12B6FA120586E10B75EF33100898E ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:40:02.0227 0x09f0  NcdAutoSetup - ok
20:40:02.0305 0x09f0  [ BB639DE49430EE053F6FCD61B57041C2, 79369DE6068D19AE575C4DA1B1ACDA5A2EE5DE8AD7CF08B6572E2DFCC8BA4AE6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:40:02.0383 0x09f0  NDIS - ok
20:40:02.0461 0x09f0  [ D461CFB366F933840C8B37C4E39A9B4D, 95EAA8F222BBF8146CE836B7BE04DB95289A2A4A323FE123824C24BA9F79F334 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
20:40:02.0508 0x09f0  NdisCap - ok
20:40:02.0539 0x09f0  [ EE813CA43B87655DFF7C2D5406CC0379, B6A5DE024AF7F1097E22B51046E86CE84529F4DD5D4DD4891427A00A36DBC864 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:40:02.0602 0x09f0  NdisImPlatform - ok
20:40:02.0602 0x09f0  [ 097107F94AFFCF749A051B6443C130A7, 07C43E2C15E087F707634D8564C6562390DD6AD53E4FCCAAF452E32A377E9686 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:02.0649 0x09f0  NdisTapi - ok
20:40:02.0680 0x09f0  [ 048DCECEB6EF091D92947CF96ADB1CAF, 1FE96D6E8662526578BA328CE231FC4F589DCF47A716508715F4F2462BB06546 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:02.0727 0x09f0  Ndisuio - ok
20:40:02.0758 0x09f0  [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:02.0821 0x09f0  NdisWan - ok
20:40:02.0836 0x09f0  [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NDISWANLEGACY  C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:02.0867 0x09f0  NDISWANLEGACY - ok
20:40:02.0883 0x09f0  [ 670C782064DE46493E468C1606A9ABE7, 09791767D210C422C75617B488BADFC20E27AED6F2EB52A9A173ADA3CE7FD800 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
20:40:02.0945 0x09f0  NDProxy - ok
20:40:02.0977 0x09f0  [ CC8B7A1AFEBE219F5BB2A2A172B385FF, 8B5DFBCA1DC89CEFF0EC01C6C0D7DB0FAD44AC61D9FADE569C59CDC9DD4AE857 ] Ndu            C:\Windows\system32\drivers\Ndu.sys
20:40:03.0039 0x09f0  Ndu - ok
20:40:03.0055 0x09f0  [ 35FFEC755452F8DFE59538815FA95136, D455BBA416315F1ACAEA4CE6CEA207E2650A6069E5AA4DD71C782BCBEC86A5EF ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
20:40:03.0101 0x09f0  NetBIOS - ok
20:40:03.0155 0x09f0  [ 70CA93D2D94F5EDD2B634F5A39E5713C, BDDA39C4A99D2BA7490AB538B569A0DA949E18D55E63A65739C636F1ADE4C6F1 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
20:40:03.0217 0x09f0  NetBT - ok
20:40:03.0248 0x09f0  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] Netlogon        C:\Windows\system32\lsass.exe
20:40:03.0264 0x09f0  Netlogon - ok
20:40:03.0326 0x09f0  [ 43EA14A7DC7AF57E5C12F1974C43E467, 36B2E0C1667CBDD92423649F92271DF05A271C6C5CB0E3FB74D5905D1DA2912A ] Netman          C:\Windows\System32\netman.dll
20:40:03.0373 0x09f0  Netman - ok
20:40:03.0420 0x09f0  [ 60AD109DD43E1F86A9BFCF2B6E8B885F, B4597EC4CF20ABAF571C15E2E1D828C35715283F7CD7C4FE036C401D59CA365B ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:40:03.0514 0x09f0  netprofm - ok
20:40:03.0670 0x09f0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:03.0732 0x09f0  NetTcpPortSharing - ok
20:40:03.0763 0x09f0  [ 021B9AB328E5757520A88AA3D8379C3A, 1E1195FA28BF8E1CE2AF8EED2395600A51B45179FE7C82274627AD8553FD7016 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
20:40:03.0794 0x09f0  nfrd960 - ok
20:40:03.0841 0x09f0  [ 95C3BEB611D0F63AD26C31F0D23123DF, D30F13D571A60D8E4F27812CB48957EF77FEA703EE1C611DBC691D5674F82314 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:40:03.0919 0x09f0  NlaSvc - ok
20:40:03.0935 0x09f0  [ 41ED6F90DF31F85F9682EA715402D085, 55AFBF779DCAD0F1B54DA2320CEDBFEA90125F729AF07F469DEA4603D1964FBD ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:40:03.0982 0x09f0  Npfs - ok
20:40:03.0997 0x09f0  [ 41BF79B2371A3821F41A4C060E067961, 0A7AA24CD65AA5D0689D3B800FE639FD1B050A3742835ED8379EBFCCA67383E0 ] npsvctrig      C:\Windows\System32\drivers\npsvctrig.sys
20:40:04.0028 0x09f0  npsvctrig - ok
20:40:04.0044 0x09f0  [ FE4741AC4331724ACE78EA1D95B86705, 28DF7AD69BA78D53EA6A6E33FE11C91BF503EF87EF2BC71AD136AB9C21B00079 ] nsi            C:\Windows\system32\nsisvc.dll
20:40:04.0106 0x09f0  nsi - ok
20:40:04.0122 0x09f0  [ 71343C73520814808B8F11A77DBAB939, 8B153F5D90F90557B385B3CF973AC95ED80A3C1906C1957175FECC3B67619923 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:40:04.0153 0x09f0  nsiproxy - ok
20:40:04.0278 0x09f0  [ C0B3937287DB54B104F209A0B8322E04, F8E8387574EA4C6BDFAEFB4F73CF035E3F670ADA37E5A8FC110C837388E458B9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:40:04.0496 0x09f0  Ntfs - ok
20:40:04.0574 0x09f0  [ 29B1334BD9E24648F54C373DC99E7D70, 1CC13AE6250DBD4F9647C473071C02B05C38910F534BE6EFD887F2A803BBD9F7 ] Null            C:\Windows\system32\drivers\Null.sys
20:40:04.0606 0x09f0  Null - ok
20:40:05.0245 0x09f0  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:40:06.0368 0x09f0  nvlddmkm - ok
20:40:06.0556 0x09f0  [ 0D63F22609BAB3886F0230B941391805, D1A85903B574D182AB623A8AE017D54A03F971FACF40FFF6648B9E07C822B1CA ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:40:06.0602 0x09f0  nvraid - ok
20:40:06.0618 0x09f0  [ F55FAE2A40129EFD3D0A1BE46AF8989E, 3157F349ACA0E1F2AB6AF4D7643973C2B2C9562E78CE8809D02CB632A1F66DDD ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:40:06.0665 0x09f0  nvstor - ok
20:40:06.0696 0x09f0  [ 268326902900187FFF45C30111FB6597, 11D447F9E9DE1D8FA5EB97F8D43B47DED526A168DE39C5DA779CBC072D0BA4FF ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:40:06.0727 0x09f0  nv_agp - ok
20:40:06.0774 0x09f0  [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:40:06.0836 0x09f0  p2pimsvc - ok
20:40:06.0883 0x09f0  [ C6B277E5590ED43C097D9B34A70EBC96, 104532EAD79B103AE3D000EA04E32EBC165E493A0C814E98BA98D9F6AB2621A3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:40:06.0961 0x09f0  p2psvc - ok
20:40:06.0992 0x09f0  [ 7952733956DEDC283BB670CC8507B82F, 9D416D506C25C4B80EF86665246C032A169E71406E2888C7A41A1BE4D4B7CF76 ] Parport        C:\Windows\System32\drivers\parport.sys
20:40:07.0055 0x09f0  Parport - ok
20:40:07.0086 0x09f0  [ 7B07B33ACAA1EFF76B234CF5AD290B60, F259EBDEC14ED953D500A891248532A75526BB97A5C1CB4CDAFD87F9C2E778BB ] partmgr        C:\Windows\system32\drivers\partmgr.sys
20:40:07.0117 0x09f0  partmgr - ok
20:40:07.0164 0x09f0  [ 4120E1D48D03CEE451C57E3F7E4BF98E, D15CDF0E6E55A9EDBB005165F0047A6CB054FA498F5E06CC85B98ABA7123CA1E ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:40:07.0226 0x09f0  PcaSvc - ok
20:40:07.0273 0x09f0  [ 448054F3715D27C57A5F9D0AEEB75B4F, 84268A713B2C3585F90D74F21BCB5E7BAF4693DF122E0CC0A81885BBD47E2E6C ] pci            C:\Windows\system32\drivers\pci.sys
20:40:07.0320 0x09f0  pci - ok
20:40:07.0351 0x09f0  [ 33575A8402F4F99853E6C82E36D896BB, 24AFF39052FCBDE35DD16E7737BE35769A134570971E6FDA4E89392F3C14E768 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:40:07.0367 0x09f0  pciide - ok
20:40:07.0414 0x09f0  [ BB66139986C93CEBAC93B93753F554A1, 3DEB701A962497C133C560DA3CA73AD6535E1ACA67CC8255F43CAB496A769940 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:40:07.0460 0x09f0  pcmcia - ok
20:40:07.0492 0x09f0  [ C4DD119D342C2257B18235AB845780F9, E0A5C0712F68F846ECC2FACDFEB34DA4A18AE2428F7AC97E056246FFE3623E34 ] pcw            C:\Windows\system32\drivers\pcw.sys
20:40:07.0523 0x09f0  pcw - ok
20:40:07.0538 0x09f0  [ 7460CEEC923A65870400ED44C9B64B35, 164D3430C1B836D01D2B51574FE593FA0801C80E68CB82507EF852697D2A50BC ] pdc            C:\Windows\system32\drivers\pdc.sys
20:40:07.0570 0x09f0  pdc - ok
20:40:07.0632 0x09f0  [ AC865A94D9E72EBE57D1857FEF153B7E, 726A4F0C482837EF4B9A2C43971798B43EBC4C2CD27605962B28BCE9C9DBD659 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:40:07.0757 0x09f0  PEAUTH - ok
20:40:07.0913 0x09f0  [ 9FFDA8D2F8B53F1CB3B2F5767CE93D36, 1BE581A49B92107FD57E1B151E03BBA26C02BC51AF60430EE2D32BB636802FF1 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
20:40:08.0168 0x09f0  PeerDistSvc - ok
20:40:08.0465 0x09f0  [ D05073358971569CE89D3207826C3AF6, A78060F5157C3ECC7D70FBC225F891A31BE300D74FF850436FF29F2EA71C451C ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:40:08.0512 0x09f0  PerfHost - ok
20:40:08.0621 0x09f0  [ 7D901118FFE2798DB7EBD2C3D58464F5, F72C3E444F9E302224B6419ED456CE70E72A8178E82310F16062EE28A58D3E34 ] pla            C:\Windows\system32\pla.dll
20:40:08.0839 0x09f0  pla - ok
20:40:08.0870 0x09f0  [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:40:08.0917 0x09f0  PlugPlay - ok
20:40:08.0948 0x09f0  [ 792ED24914C5950602631EE5A2CF27DE, 6BC03D5A05C17E6E7264929DFF918DB3F2C67E596FDBC5D4C881A4A514007C54 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
20:40:08.0980 0x09f0  PNRPAutoReg - ok
20:40:09.0011 0x09f0  [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
20:40:09.0058 0x09f0  PNRPsvc - ok
20:40:09.0136 0x09f0  [ 210022F2576232F658F4E51B94E0C007, 4B7A03EE44347520AC4493B652EE7831D1818822B3EB08C19F591B507C01EEF9 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
20:40:09.0260 0x09f0  PolicyAgent - ok
20:40:09.0323 0x09f0  [ EE13ADD1EC56499137DA684A62F862DB, B84551B1100D6243B1B6472C25572594F0CCA81B8B3D7A2AE74A5548C196C0BF ] Power          C:\Windows\system32\umpo.dll
20:40:09.0370 0x09f0  Power - ok
20:40:09.0432 0x09f0  [ 2EFA11495641A7699DB0994C59F83F49, 147874AD73ABD547BC33BF09307B6E46A5D34EE846A9F2C623A3EA0EFAC11769 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:40:09.0479 0x09f0  PptpMiniport - ok
20:40:09.0666 0x09f0  [ 3453D93F6E1615A95A1E07B21E93C975, B2E9B05C6135D39E83C252EDE419699202FC2940EBB3C4E2D724DAED8C1717EC ] PrintNotify    C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:40:10.0072 0x09f0  PrintNotify - ok
20:40:10.0134 0x09f0  [ 4A80590E3BBA28BD74DC44AD6CFC048C, 0B0B879C3A017779E0A14FFA149C8A66A9DA43369C97FA863A88C30D39BFECF7 ] Processor      C:\Windows\System32\drivers\processr.sys
20:40:10.0181 0x09f0  Processor - ok
20:40:10.0212 0x09f0  [ 07CBE151F9071CFCB13758E13C15DD3F, B6E4D51938859EC86DA53D88FF9FEDD46F3F253C151F4229104BF4D945B8AD89 ] ProfSvc        C:\Windows\system32\profsvc.dll
20:40:10.0259 0x09f0  ProfSvc - ok
20:40:10.0306 0x09f0  [ DE85A3DDF540AB318789B55537D14975, BB7C87C750E3370CE85F26FF69FD6C23034A034F5D93A3648019C65E28F82759 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:40:10.0337 0x09f0  Psched - ok
20:40:10.0368 0x09f0  [ D1BC31AFF3071E8E2088011846A0B7C3, 7AD87D0CA8F7952652A24876695C09C1587B7AB4A880310DF375BE20640D2FDA ] QWAVE          C:\Windows\system32\qwave.dll
20:40:10.0446 0x09f0  QWAVE - ok
20:40:10.0477 0x09f0  [ A65A4F0072C2CD763D5B053DFF164597, 1E3D7B3E8AA117E0D106D68726F5E56A2E906995E235087CB8EBA1FB614DDF75 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:40:10.0508 0x09f0  QWAVEdrv - ok
20:40:10.0524 0x09f0  [ A4E18A22432A27142EF3F6CC388F77E6, B02771E0075BD1778F3D1D3FE91189E436CCBD9EF3EB081D8CA3D899EDFA1CA3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:40:10.0555 0x09f0  RasAcd - ok
20:40:10.0586 0x09f0  [ 929B76FA637DCC5214ABB2B80345AE5B, C6D469161BE64541236E228494094275B03033ACFC786D8BA71C716EB0592664 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
20:40:10.0633 0x09f0  RasAgileVpn - ok
20:40:10.0649 0x09f0  [ 51FF61A349DC465B1671885039D1BDD6, E9E7F7924CDDBB826955C4028209192EF31E7128C3D1FE980BFE16BF54D587EA ] RasAuto        C:\Windows\System32\rasauto.dll
20:40:10.0696 0x09f0  RasAuto - ok
20:40:10.0789 0x09f0  [ 5C1A0389769C8C15BB7DA0A0F3C7FF6F, F7CC42E9A56DE3C99EFA4F2A253B6CE8C59F03588CF081D4B8AF1372847E4551 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:10.0836 0x09f0  Rasl2tp - ok
20:40:10.0898 0x09f0  [ 2D6D75A0CEF355094F0291E4779B8EEA, CD43F75368C06EFB404E8CE8F9424CBAA54B126A1E31E2A6C348BE3AF070F301 ] RasMan          C:\Windows\System32\rasmans.dll
20:40:10.0976 0x09f0  RasMan - ok
20:40:11.0008 0x09f0  [ C0FCBE1C9EC14B076C43721AD87B0217, 3D6962B411BD8FB89D001B88692E656A0A78C59AD101B8337B79A5622E0420BE ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:11.0054 0x09f0  RasPppoe - ok
20:40:11.0070 0x09f0  [ 29B17662D3130B0040B4666CBB5B15BF, 853425B37065172137AD13A7A8A61B962336D5BB2C853452417BA55332FB57E8 ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
20:40:11.0117 0x09f0  RasSstp - ok
20:40:11.0164 0x09f0  [ 84A2C0A8429AC708C567483F2253C47B, B6B1618E4DDE04027EADFF9CD55FC02C7A82E253D868C9567B32668F7128C63D ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
20:40:11.0257 0x09f0  rdbss - ok
20:40:11.0273 0x09f0  [ 1CA9376CA1C0D2E55CE50C755F6DC483, EB3C52662201C9C0E7BA416C2D90E88F57C220772136098585E757BBF8C197E6 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:40:11.0304 0x09f0  rdpbus - ok
20:40:11.0351 0x09f0  [ 09C2F1E1AACEB431C645F8C708E7DD02, 00E3A151DB8EEFE3518E5A30C6F61564F67512855BD91AB41C4C64F8517F26C6 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
20:40:11.0398 0x09f0  RDPDR - ok
20:40:11.0413 0x09f0  [ 666C31466EC8E91A8BBB623F7F32A93E, FFF243455835343A84C1977822A5223ECD2E5C7869EFC69F5D04DE0390B8F3ED ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:40:11.0444 0x09f0  RdpVideoMiniport - ok
20:40:11.0491 0x09f0  [ 5AC07890A77E42729B674366E508F569, 04161C573BA24F470CA4A5CE66EF619AE2775E3254AD6AC2582595214134D7E3 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
20:40:11.0538 0x09f0  RDPWD - ok
20:40:11.0569 0x09f0  [ DD9EB082A1839271AC6D251CEE6DF765, 1B213F27419A367217A99B51C0709736205E7EEB35EFD25F8002242DD13984A6 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:40:11.0616 0x09f0  rdyboost - ok
20:40:11.0663 0x09f0  [ 671C1F8FEFD5C3C9A2BF472EC566822E, 7654DEBAD8E5DE130AE764AADF7D8E7B6F5DE8393EE82B65D6CB8A773126650D ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:40:11.0710 0x09f0  RemoteAccess - ok
20:40:11.0741 0x09f0  [ 44B42C98A2A51717EECF8F58F2275B34, 162B2C4CA7C6D5B234A99D38360A9C248AC051C6720EFD2AE7CBA5897D2D36A7 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:40:11.0803 0x09f0  RemoteRegistry - ok
20:40:11.0834 0x09f0  [ 1C6B8B9452A03BF2C046F534E5D7309B, CDBB5BF186E19883B353212D16AB78199BC5B6B72946623E23377B2534DA4C57 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:40:11.0866 0x09f0  RpcEptMapper - ok
20:40:11.0912 0x09f0  [ 7D3DFAC8C2A12A2B155701856423D988, F96F285DAF068ECECE25F3695C57E5310CAA62226B85FA85AC2F13D8ED4F3D34 ] RpcLocator      C:\Windows\system32\locator.exe
20:40:11.0944 0x09f0  RpcLocator - ok
20:40:11.0990 0x09f0  [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] RpcSs          C:\Windows\system32\rpcss.dll
20:40:12.0053 0x09f0  RpcSs - ok
20:40:12.0084 0x09f0  [ E0431BEBB118507797C66114616E760B, DEBC75F9A2AB366A43FDD9B558815AE7AC73458D51A9CD7FE3163FF63710D9E5 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:40:12.0131 0x09f0  rspndr - ok
20:40:12.0162 0x09f0  [ 868E3F54FA9B213545548CE3DD317C2B, 02C9260FDEA53C5F1607D3573F87759ADA2AD087613E7511DB25F0F32F8EC42D ] s3cap          C:\Windows\System32\drivers\vms3cap.sys
20:40:12.0224 0x09f0  s3cap - ok
20:40:12.0240 0x09f0  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] SamSs          C:\Windows\system32\lsass.exe
20:40:12.0271 0x09f0  SamSs - ok
20:40:12.0302 0x09f0  [ 65B271C79076149F4330F6E1EC5FEA89, 8F4ED4826C8273C10009AB7A7A9A6C3A49A93A27A56EBA2394EC8C7266EB1FB6 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:40:12.0334 0x09f0  sbp2port - ok
20:40:12.0380 0x09f0  [ F226ADCCDF951B5E6C6AEC4C5BF6E5AD, B6E5C63160D8B7D482FDA35706DC8B15E196289CB4FFCCE6396626E9F4178425 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:40:12.0443 0x09f0  SCardSvr - ok
20:40:12.0468 0x09f0  [ A02331E45B378E2E2E8B3F9054F91B28, 3C32B2B7A74A853BF0F3D851B55BA9737AA7B4CD431B7264F6347373A1E766AB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:40:12.0500 0x09f0  scfilter - ok
20:40:12.0593 0x09f0  [ BBB5F9F353106E1FFD6636EF52F9B21A, D0EFA2183A18ECACB95BDCFD99BC2C1B017327E500E247E6C07A0BBDA866F4BF ] Schedule        C:\Windows\system32\schedsvc.dll
20:40:12.0796 0x09f0  Schedule - ok
20:40:12.0858 0x09f0  [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] SCPolicySvc    C:\Windows\System32\certprop.dll
20:40:12.0890 0x09f0  SCPolicySvc - ok
20:40:12.0936 0x09f0  [ A6426111F4AC173F98D9615C3A384EE0, FCD66C13584FE5A66743EB8E0571358A29CA009DC6D39C4E1FD15AF64279F2E3 ] sdbus          C:\Windows\System32\drivers\sdbus.sys
20:40:12.0983 0x09f0  sdbus - ok
20:40:13.0030 0x09f0  [ C56B0F3E2F27E1A43F9CD9F46586D1AF, 3559AF03656038A45931F2B534EB56F5AFC504EAA502776916A8DBCCBA1C1419 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:40:13.0092 0x09f0  SDRSVC - ok
20:40:13.0139 0x09f0  [ 6E4C20D038664B4D19D866919BA740C2, 05EEE9AAACDD79E4A523E4D03696368E26FD49980827A11C63CECC709230E814 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:40:13.0170 0x09f0  sdstor - ok
20:40:13.0186 0x09f0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:40:13.0217 0x09f0  secdrv - ok
20:40:13.0264 0x09f0  [ 7DFA8291BE7FB33DECE217307A75D2FD, 0A7C22F8606A9185851A336117FA65811D1499F89F8D3D23F74B26F200EA4656 ] seclogon        C:\Windows\system32\seclogon.dll
20:40:13.0295 0x09f0  seclogon - ok
20:40:13.0326 0x09f0  [ 27B770C28CFBD80E60516DA112E0C8F3, E125DC9C93D657094E440C809C0CC4CB2C5113246B7FA0CF8DEE4F5707C0212B ] SENS            C:\Windows\System32\sens.dll
20:40:13.0373 0x09f0  SENS - ok
20:40:13.0404 0x09f0  [ F8CDB64F6DA38D8812DE211362B98A12, FFF7EEC31E2C623F63C84F096EBB241D50BBAF7D1BCDE31DDF6314C1468B6367 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:40:13.0451 0x09f0  SensrSvc - ok
20:40:13.0467 0x09f0  [ 000BD3414CFFF5B38F8374D620C8F43E, 997E512B3DE024E35059DDBD6552567417E480CEDF3F2B954FA3F45A3C76295E ] SerCx          C:\Windows\system32\drivers\SerCx.sys
20:40:13.0514 0x09f0  SerCx - ok
20:40:13.0545 0x09f0  [ B79AA351309FB7AF95B2E1634F4C0F89, 55BCB89BC03721FFB7B5A03E954117399F80CC490CA1A7D41362516A602A326C ] Serenum        C:\Windows\System32\drivers\serenum.sys
20:40:13.0576 0x09f0  Serenum - ok
20:40:13.0592 0x09f0  [ E0DAA18F4694579C7D66D0FFD42C3B4B, 1B3728BB621B91DB0C448C22C582B5CF14424F2995DC8057235FF04F7F456A0B ] Serial          C:\Windows\System32\drivers\serial.sys
20:40:13.0638 0x09f0  Serial - ok
20:40:13.0654 0x09f0  [ 96FE02C72242D4AD5EFC610DC37DA107, 42EAF2DE69332462EDD76B4506D35954C3E97CE8A90356AD59B30F46598C38A2 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:40:13.0701 0x09f0  sermouse - ok
20:40:13.0763 0x09f0  [ 63CC3E3F5CEF3D3BD22ACB670B1D9154, 0FAA9C2B7899127385C14B246EA3E777AE6C9DC0259CEECBF1272004CE3396A3 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:40:13.0841 0x09f0  SessionEnv - ok
20:40:13.0872 0x09f0  [ 18F2EEA5A661E1B808D84EA7D2CB3E5E, FA544AFE3DE4B8838462399C0658F649D38AF99D73A399E70F9EE707C48E5BC7 ] sfloppy        C:\Windows\System32\drivers\sfloppy.sys
20:40:13.0904 0x09f0  sfloppy - ok
20:40:13.0997 0x09f0  [ 05CA53E25BBD45CE0022AD966638A19B, EDD24EA163F53743BC1813C393E05EF3181EDA512BCFED069DA2C80676E4BF79 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:40:14.0106 0x09f0  SharedAccess - ok
20:40:14.0169 0x09f0  [ FA431599A1631AD4D110D0ADDE9D333C, D1725648FFA9E6C4E65FB784986598A0B07367EA7B1762456B1D1CD6D9611FFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:14.0262 0x09f0  ShellHWDetection - ok
20:40:14.0309 0x09f0  [ EE13C9F22485DADEB864F3D93DB30F29, 9F7CF8031AE387BF24CBC51554A51A9E665D7382EEB6388B867DAC23E41D955F ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:40:14.0340 0x09f0  SiSRaid2 - ok
20:40:14.0356 0x09f0  [ 456FD58EE194BC7F289B8D9F2A2BC000, 9835F2A50A88A134B0E7D4CBDA9C70B797F32E5D4C39D324EB6BD29DC98F0C03 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:40:14.0387 0x09f0  SiSRaid4 - ok
20:40:14.0434 0x09f0  [ 2D0CC4CDC4E5805800A9615A4AE2E826, 32AC81A21135B1F2C9460C4A3C10DA0791DAE3EDC707EFFB49B4EA372295D702 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:40:14.0465 0x09f0  SNMPTRAP - ok
20:40:14.0496 0x09f0  [ 0312EE5B88383F9C8C69C4B3611BBCDF, 27A8A4938233B047EDDC1A61C3577278A940A01E949B44904340EAC1386908CB ] spaceport      C:\Windows\system32\drivers\spaceport.sys
20:40:14.0543 0x09f0  spaceport - ok
20:40:14.0559 0x09f0  [ AE81DC8F9EC833A2578DD5F195B091BA, ABD2135462148B26BF40E2240D048499BC899EE13E3F01F91A39C15FF61C20F0 ] SpbCx          C:\Windows\system32\drivers\SpbCx.sys
20:40:14.0606 0x09f0  SpbCx - ok
20:40:14.0652 0x09f0  [ C65FEFCD539B1ACAE87FB8DA7014C320, 064E6112CB02E71AB7BF508352D4CB3931716C662BE236209CACE20284ADD342 ] Spooler        C:\Windows\System32\spoolsv.exe
20:40:14.0762 0x09f0  Spooler - ok
20:40:15.0012 0x09f0  [ CE5998B0CE281A8EB15CC6B4BACB50CB, C271C240DD1865B3EC4D291800AAF22D5FE1DA4346A42FB9836C8D0BA1FD74B0 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:40:15.0512 0x09f0  sppsvc - ok
20:40:15.0621 0x09f0  [ 5848941CEEAFB81EA975465CA7F95980, 955C593A46E7FDAB2E0E0C3B01A10DD17315881CEEF11E1A3FF09951DAC45373 ] srv            C:\Windows\system32\DRIVERS\srv.sys
20:40:15.0683 0x09f0  srv - ok
20:40:15.0730 0x09f0  [ A83F32595367896B32523A3124A652C3, BD2AA5B19DFDE1EA08972A47FB1B3E9E85D6C3D0D86EBF3B50C5F90409324EC2 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:40:15.0808 0x09f0  srv2 - ok
20:40:15.0870 0x09f0  [ EC101EB41762E038CAE4D630998C9351, 921A930B6FA5F1CE218B745C5797FB78829621A5E9F627D8EA3C7DBFA97738F2 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:40:15.0917 0x09f0  srvnet - ok
20:40:15.0964 0x09f0  [ 82F694259060F222CA079FC2BA7A8A47, E717D83D48B370A2B20FDFCF887228AE17B6F70B0AC52D848208F1E244D255EC ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
20:40:16.0026 0x09f0  SSDPSRV - ok
20:40:16.0042 0x09f0  [ 21D742D8259AA4FD94411F5738841DFD, 50B2075AA79DD01C8B69C94439EA299B5B2399CBC7EA934D1F5BAD2C345A02FF ] SstpSvc        C:\Windows\system32\sstpsvc.dll
20:40:16.0089 0x09f0  SstpSvc - ok
20:40:16.0120 0x09f0  [ C0A03E9D1DF7671B0CAED016EEB67074, 5795129A70B9A702B0332EAA9A2F56E4CEFF5EB839CB7605504292BABAF2AF2D ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:40:16.0151 0x09f0  stexstor - ok
20:40:16.0206 0x09f0  [ 4D400620DCD449E1E22639C7585B8E3C, F68CC58C4D0BA85BFBBD4AF5DE6B3952B9467652E552AF8F447F45CE24AC6C38 ] stisvc          C:\Windows\System32\wiaservc.dll
20:40:16.0299 0x09f0  stisvc - ok
20:40:16.0331 0x09f0  [ 383821D628B9843D8BA7501FD8C6D4D3, E0AD4FA5AF8DB20CD42C45FCF162BA812AA8A5132428CA78512CF00F372C1D18 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:40:16.0346 0x09f0  storahci - ok
20:40:16.0377 0x09f0  [ 844F73085E49A0B46ECCDD16CAFC1C1E, 7AD84AF4DC2BA8D84EA962AE4EB903D13123FBAEBA881674620383B6FC57BA74 ] storflt        C:\Windows\system32\DRIVERS\vmstorfl.sys
20:40:16.0424 0x09f0  storflt - ok
20:40:16.0455 0x09f0  [ 29AD38D45DB2161CE60812E99402CFF6, 2ED09732186E8A754D900324B0E1EA5854CDDE1764B08E04C253E8B885585A7C ] StorSvc        C:\Windows\system32\storsvc.dll
20:40:16.0502 0x09f0  StorSvc - ok
20:40:16.0518 0x09f0  [ 799E1DD1D72CC320E2CC0B9202F2A899, 1A5AD40ED5ED597FC52177444AF073F35D8D66030B94906123BE94BB81421FCB ] storvsc        C:\Windows\system32\drivers\storvsc.sys
20:40:16.0549 0x09f0  storvsc - ok
20:40:16.0580 0x09f0  [ 3AF3BC53DCF91DC3D1D2A6A30AD051CF, 3495FF296378714B922D8C624AA527B78D850A17D7D94CE5D3259F3C5AEB44FE ] storvsp        C:\Windows\System32\drivers\storvsp.sys
20:40:16.0627 0x09f0  storvsp - ok
20:40:16.0658 0x09f0  [ B25224A4EDF64737F4300968BC45AB9C, 63ACC8AD3E5C861EDA4144D63760286D7C190F494CBC1E09B6AFEAA82819281F ] svsvc          C:\Windows\system32\svsvc.dll
20:40:16.0721 0x09f0  svsvc - ok
20:40:16.0752 0x09f0  [ 53C4A8832F1A0C01ED2A47998CA68070, E36E1BC361C4E468508D1536D63FFCB9FF9FB7ED5DE3CA4CA73C0BE6BA812BCA ] swenum          C:\Windows\System32\drivers\swenum.sys
20:40:16.0767 0x09f0  swenum - ok
20:40:16.0814 0x09f0  [ 3DA2D680BC7CFB4F832DD8C402045DDE, 6ED5E646FF59E185F3BF1234C14166828064A12CDDB4018C12C601F9515EC7C9 ] swprv          C:\Windows\System32\swprv.dll
20:40:16.0908 0x09f0  swprv - ok
20:40:16.0989 0x09f0  [ B63ADA5B8CA26A7D56B782B7ECE495CF, 31C89C69CF27EE1FDA907501A77882D24F278782CB117740BCD17C71E3F061DB ] SysMain        C:\Windows\system32\sysmain.dll
20:40:17.0129 0x09f0  SysMain - ok
20:40:17.0176 0x09f0  [ AA1C13A4153AB9D839ECF3F626CA0FDA, FA41DD96A2927A69E942FBFE01370E73E0655A688DE8487E2B0CA7250E700884 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:40:17.0238 0x09f0  SystemEventsBroker - ok
20:40:17.0269 0x09f0  [ A1878EF21CC43AB0C20E9E226C61CF8F, F92EAA45340F3A1CBF98C745D9C67EBE50EF03865AC2863922F6AD44833A50A9 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:17.0301 0x09f0  TabletInputService - ok
20:40:17.0332 0x09f0  [ 23D9550BCFB35E2EAFEA65EACB4E447D, 4446E0A29C4C085D743743050FAD3BADBAAEFB3F7CEE7BC03A7DFF04AD33B3D2 ] TapiSrv        C:\Windows\System32\tapisrv.dll
20:40:17.0394 0x09f0  TapiSrv - ok
20:40:17.0519 0x09f0  [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
20:40:17.0755 0x09f0  Tcpip - ok
20:40:17.0978 0x09f0  [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:40:18.0134 0x09f0  TCPIP6 - ok
20:40:18.0196 0x09f0  [ AA231BA5CD8A6769099FA1E01D5CF8F4, 30E20C1B3EEDACD866352C6B06D38023FAB111909396E1D32BFA61B94B694E5A ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:40:18.0243 0x09f0  tcpipreg - ok
20:40:18.0259 0x09f0  [ 82944280D22410A0A5CA7133EC81AA92, 039F30E39C39E6312654C442D22601DFD9216707BB78FD1F381F2205FE707DF0 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
20:40:18.0305 0x09f0  tdx - ok
20:40:18.0352 0x09f0  [ FD64257C5F21CD800AFBC98443ED2410, 9B32D7662B7735E74609A87BC9088816C7CE9C15068B4494BC5416A740DD67E7 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:40:18.0383 0x09f0  terminpt - ok
20:40:18.0461 0x09f0  [ 771564E254793B33E51D62303480BE97, 83D4B5E987B4B75027C8984FF5C244C7FA3C2FD8261B1C7D085A3F96F170E371 ] TermService    C:\Windows\System32\termsrv.dll
20:40:18.0586 0x09f0  TermService - ok
20:40:18.0633 0x09f0  [ 99CD7A3F21958E4386B853AE7CDF1149, 44FAFA81AEA271AED3EDE82A408B0ED045524A30640E7A934E82292404F7C0D8 ] Themes          C:\Windows\system32\themeservice.dll
20:40:18.0680 0x09f0  Themes - ok
20:40:18.0711 0x09f0  [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] THREADORDER    C:\Windows\system32\mmcss.dll
20:40:18.0742 0x09f0  THREADORDER - ok
20:40:18.0773 0x09f0  [ 969E681262181C4D3786C1F038594FF0, 5868FDE6F5E407B49A6AA356345C1D173FF5DB4B9705A7B425A1E8623EBE5BDD ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
20:40:18.0820 0x09f0  TimeBroker - ok
20:40:18.0851 0x09f0  [ C595E59E47AE16286A84EFDE9B8E394B, 1587019150D9C44318ACE6398425401948D7DBD05AA583578CBB2209A3D225FB ] TPM            C:\Windows\system32\drivers\tpm.sys
20:40:18.0883 0x09f0  TPM - ok
20:40:18.0929 0x09f0  [ D1D9A607FBCD1493F3E48F7EF4274DA7, D33D869BD2C0317AE1ED779A2AEDEA2965F5DD92A056875A6163D25F1482C770 ] TrkWks          C:\Windows\System32\trkwks.dll
20:40:18.0976 0x09f0  TrkWks - ok
20:40:19.0023 0x09f0  [ 9FE0BE086B89218187E02435FC3356B7, 6C2F02B948513460568BCB21DD18ADAE8ABFB2E5F7B992B0CDC7A341DEF12BAD ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:19.0054 0x09f0  TrustedInstaller - ok
20:40:19.0101 0x09f0  [ C1B8409E6A4BA28CFB3C874AAB60A2EC, 8BE9B5B9DCBEBE677CABE09101725D898F4CB3DEFBC00002F0CBF75B9193EFE2 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:40:19.0148 0x09f0  TsUsbFlt - ok
20:40:19.0179 0x09f0  [ 403C610E2EDD0523803951BC648B74C3, 9579819505D8D546B845BE02923890D1870C1B9683E9897C46F364E0D87B0431 ] TsUsbGD        C:\Windows\System32\drivers\TsUsbGD.sys
20:40:19.0210 0x09f0  TsUsbGD - ok
20:40:19.0226 0x09f0  [ 880F87B7A75F39E6A41508DA43C966A8, 1B7954BC814DF8847EDD6A86AF9BBC9981385020A830AD3BE00E8DA5280D6F00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:40:19.0288 0x09f0  tunnel - ok
20:40:19.0304 0x09f0  [ 6300E896D59730C8E30998B0C546E189, 5B3F8FA1A7C57BF8AC467285B446394480E30D4CC7AD5ECF88A952CC76753B42 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:40:19.0335 0x09f0  uagp35 - ok
20:40:19.0351 0x09f0  [ BD1EE7A81DBD00797F22CA8785F53C26, A118F1B72CF3AC6A98E876B1D7946C8025149EDEFD31749667135E2E7DD96897 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:40:19.0397 0x09f0  UASPStor - ok
20:40:19.0429 0x09f0  [ C56348B01CF40F04BC0A37DC3ABAFD33, 7D1F5E8A2286FF73BE0489823317BCCA3FB2AE59D0682B41ED148D082870E697 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
20:40:19.0475 0x09f0  UCX01000 - ok
20:40:19.0491 0x09f0  [ F9E7170D13E0222F74435614D06669C4, E86449EDAF30CE975227F26920936593834E5EF87AF01A938AEBA0099CAEF38C ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:40:19.0569 0x09f0  udfs - ok
20:40:19.0616 0x09f0  [ DC38F7BDA9CB58A3974DE16E5B92B373, C79FC7AAF603F3996FE036F4DC464B09F402F3C2F33F24F3342D5B903EA46D89 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
20:40:19.0678 0x09f0  UI0Detect - ok
20:40:19.0709 0x09f0  [ FF40F051E4587B23D42324BB41E6AC3D, 6A0AD3C53434CA0009D1CAEE60B50EF992A371339B4A594CE18A0EB2505C0F58 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:40:19.0741 0x09f0  uliagpkx - ok
20:40:19.0756 0x09f0  [ E50E55AFADD4BA807EFAE884820F631C, 3DE18E6A89E77783077F445198DD842A0C1FCAB9E554ADFD91E5C31C354E6E1D ] umbus          C:\Windows\System32\drivers\umbus.sys
20:40:19.0803 0x09f0  umbus - ok
20:40:19.0819 0x09f0  [ C8B523CFCC5AA060CC019ED9E54E1D1A, 0035BAF0F7A935440F4CC0578D495269D474EE58A4A0B342AE06F35312B1B1F9 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:40:19.0865 0x09f0  UmPass - ok
20:40:19.0928 0x09f0  [ E7E4E3F0EF460D07E4A3642CF220893C, 60B869451C0E13D1DF47C6D819226DE6E7855198BD1316044DB3A9FED94E093F ] UmRdpService    C:\Windows\System32\umrdp.dll
20:40:19.0990 0x09f0  UmRdpService - ok
20:40:20.0037 0x09f0  [ F04BE595430D590F2788966890B54DAD, 372F49E3DACA44A4113C13B9416A4669BFA18B4EBBB23E9C28062C32AAF54B07 ] upnphost        C:\Windows\System32\upnphost.dll
20:40:20.0099 0x09f0  upnphost - ok
20:40:20.0131 0x09f0  [ 72EA2F0611459449E30014EBFB0548BE, A88FE762B207D7FE96495C9976C8C31E8977D3D6E47792C09001CF2F6DBFD787 ] usbccgp        C:\Windows\System32\drivers\usbccgp.sys
20:40:20.0177 0x09f0  usbccgp - ok
20:40:20.0224 0x09f0  [ A11C6D32F0942D3301EF159AF73ABC1D, 14F891D873BB5BA56708F80EB4CAE2E20BAE3ACB95092AFD56BBDC34C619683A ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:40:20.0287 0x09f0  usbcir - ok
20:40:20.0302 0x09f0  [ A35CA67BD41E5F5D4DCB7BFCCC3490B0, 6176768493E2D36F52B9DE7644681E8FB91B9B5D32921236B20031FBED73281C ] usbehci        C:\Windows\System32\drivers\usbehci.sys
20:40:20.0333 0x09f0  usbehci - ok
20:40:20.0365 0x09f0  [ E5789E9E8D771CF55D90E897487C06F0, 0AA71E05A003AB0C32AF24CD0B9FC0F20779CCE22DF3FCC40C9115FD200D2049 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:40:20.0443 0x09f0  usbhub - ok
20:40:20.0474 0x09f0  [ 68F582D743424837C082A46AAD7F5C2A, A292EB81D612C092559F737DCDF42D50F805E074752F9492FAF43481410C9B71 ] USBHUB3        C:\Windows\System32\drivers\UsbHub3.sys
20:40:20.0536 0x09f0  USBHUB3 - ok
20:40:20.0552 0x09f0  [ 0F04142FF6103B898F8BAA04EC626FC4, 8925F76E8249BD809B0B53F954C1CB4A087F0E04358118FF8698F23E40BB074E ] usbohci        C:\Windows\System32\drivers\usbohci.sys
20:40:20.0583 0x09f0  usbohci - ok
20:40:20.0599 0x09f0  [ F3CDD4A88125BD7B91D6847170E06B96, 60C1D8E5E6C2DF6D7412A6B20C5B5CB6AEFEB72A79538A1FCB75AC75ED6CFF1E ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:40:20.0630 0x09f0  usbprint - ok
20:40:20.0645 0x09f0  [ D68B7268CA888C06447FB8ADC8E0ACF7, 67580E237B7D7D9862A537EE11EBE3BB9AB029E522EAB94EC9A41642A8466019 ] USBSTOR        C:\Windows\System32\drivers\USBSTOR.SYS
20:40:20.0677 0x09f0  USBSTOR - ok
20:40:20.0692 0x09f0  [ B1FC6C75482078C324A2470CBA5CD737, E687204FF0FE22CAAAFD05285FA07229668B737DABEC2A63697D0A48B0BCF9FE ] usbuhci        C:\Windows\System32\drivers\usbuhci.sys
20:40:20.0739 0x09f0  usbuhci - ok
20:40:20.0786 0x09f0  [ 99F8D02C629F6EA68AC057647A7A4A5E, 2A76EB8A58D94DA1B4CD93894671F9E9505BEAF23CA3C0A5B07872A3FF7C2486 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:40:20.0879 0x09f0  usbvideo - ok
20:40:20.0926 0x09f0  [ FCCCCFE107E17D834B9B132DAE965B25, F6F80EEF47FC3C975C9E68135372E16CF913DC40DF111F0C6E72D11CACCD0065 ] USBXHCI        C:\Windows\System32\drivers\USBXHCI.SYS
20:40:20.0989 0x09f0  USBXHCI - ok
20:40:21.0004 0x09f0  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] VaultSvc        C:\Windows\system32\lsass.exe
20:40:21.0035 0x09f0  VaultSvc - ok
20:40:21.0051 0x09f0  [ CC402B1ED2921B39BB972913422219BB, 3037CCC6EB07CCFBD72D7C772486FB4DCC8560CF577EB65C65BC06C0BA532437 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:40:21.0082 0x09f0  vdrvroot - ok
20:40:21.0160 0x09f0  [ 5A57E3FBB73FF8B503FFDBBBE06C7F73, 7346212BFAC8AE404B231DC1E6D4B5934ED2EBC12511E19931FF137F0FA6B0B3 ] vds            C:\Windows\System32\vds.exe
20:40:21.0269 0x09f0  vds - ok
20:40:21.0285 0x09f0  [ 5BD4FBB9E65CDC70C029612D1DE26356, E4E79FA2ED32AC3EC8240C007ABD9255EBCFD7E9B5C7B5408AC6990E070B68F3 ] VerifierExt    C:\Windows\system32\drivers\VerifierExt.sys
20:40:21.0332 0x09f0  VerifierExt - ok
20:40:21.0394 0x09f0  [ 5FE0329F82B1AD8F95A155231E2AAE37, BFFBF7D4AE3C33985A225206491C25E0F8B6438AC2B7069E0E258DAE86EB1708 ] vhdmp          C:\Windows\System32\drivers\vhdmp.sys
20:40:21.0488 0x09f0  vhdmp - ok
20:40:21.0535 0x09f0  [ 51A2636F86F50484FB35E14AB2AA764C, 6273D9E68F5E7401817D95B53999A5B71D3870BFAA97C2733551DCB8AFC4AA2F ] viaide          C:\Windows\system32\drivers\viaide.sys
20:40:21.0566 0x09f0  viaide - ok
20:40:21.0581 0x09f0  [ 684A0454B2C377DCBE138159F5F1E102, 55E93778D92C1E7452179C847679030AC7F0672C4F8750931B64FA1F8A2B4C50 ] Vid            C:\Windows\System32\drivers\Vid.sys
20:40:21.0644 0x09f0  Vid - ok
20:40:21.0675 0x09f0  [ 1E5B68D3A799EFC803942801D14EB1D9, 0B8548C589C0EE4A4BB08C4D1B88B9B58A623B55FBC6DBF23C16C4DFCF82D66D ] vmbus          C:\Windows\system32\drivers\vmbus.sys
20:40:21.0706 0x09f0  vmbus - ok
20:40:21.0737 0x09f0  [ 2B69692D7A89A55A91657D070B265C51, 2F85D625E53A5393E7C19EF247864BC0619EFBD13365F9F76C5EF53F3C01D582 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:40:21.0769 0x09f0  VMBusHID - ok
20:40:21.0784 0x09f0  [ 273477B3331983A356E132700288FF2D, 883450DED09363F5614699B702773B2100B9EED269F4E43116C6578D6B6938D8 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
20:40:21.0815 0x09f0  vmbusr - ok
20:40:21.0878 0x09f0  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicheartbeat  C:\Windows\System32\ICSvc.dll
20:40:21.0940 0x09f0  vmicheartbeat - ok
20:40:21.0971 0x09f0  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:40:22.0003 0x09f0  vmickvpexchange - ok
20:40:22.0049 0x09f0  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicrdv        C:\Windows\System32\ICSvc.dll
20:40:22.0143 0x09f0  vmicrdv - ok
20:40:22.0268 0x09f0  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
20:40:22.0408 0x09f0  vmicshutdown - ok
20:40:22.0502 0x09f0  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmictimesync    C:\Windows\System32\ICSvc.dll
20:40:22.0689 0x09f0  vmictimesync - ok
20:40:22.0845 0x09f0  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicvss        C:\Windows\System32\ICSvc.dll
20:40:22.0923 0x09f0  vmicvss - ok
20:40:22.0954 0x09f0  [ A6FD547C67E16300F880CFC29EB1180B, B6C4EDBC00A145C93184E63C8B5FB5A1647D93B12EB2A3259A72C6281678EB46 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:40:22.0985 0x09f0  volmgr - ok
20:40:23.0017 0x09f0  [ 4EC94AFA246E256460811D8CEBBC914A, FCF4C445B964F1BB26DE173737CE1C1E6CAED11E9E05CB67C32244C8090C5A28 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
20:40:23.0063 0x09f0  volmgrx - ok
20:40:23.0095 0x09f0  [ ED7880AB1743BEB09A8549B6E88E7FF5, 4938FC4FE246FC756CDF58262C092A439F00699172CC09B992EDA3AE9D76067D ] volsnap        C:\Windows\system32\drivers\volsnap.sys
20:40:23.0141 0x09f0  volsnap - ok
20:40:23.0157 0x09f0  [ 569755E8A09406F074764A9C72361969, 6E3E64390DD3CB0459BDD9AFFDFDE95493CA10D49CAE186CA4EE601BB12327C4 ] vpci            C:\Windows\System32\drivers\vpci.sys
20:40:23.0188 0x09f0  vpci - ok
20:40:23.0204 0x09f0  [ BD272A755B8D028CC558E3CD0330E286, 725A4900CD4981EB922B94CD3462322669BA46AC175C132B4C2EC16C7BCE1401 ] vpcivsp        C:\Windows\System32\drivers\vpcivsp.sys
20:40:23.0251 0x09f0  vpcivsp - ok
20:40:23.0282 0x09f0  [ 9EE2C503B3960AE8E43DDB85523428CA, CBC0A1FAF9861FACF3805CBEC24F40F9E4B8164A7CF01BF2A16F766EF18AD03A ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
20:40:23.0329 0x09f0  vsmraid - ok
20:40:23.0438 0x09f0  [ 9BD38DF6B2C7D020B2F29C0573B557C8, 621AE44A7E01F6294F4D690D6D6C1E11FB56C96BBEE241D34B4155252B620798 ] VSS            C:\Windows\system32\vssvc.exe
20:40:23.0609 0x09f0  VSS - ok
20:40:23.0705 0x09f0  [ 4ACE469E3FD59CB605D680124938DD06, D7C0BC0DEFD75C30F94FDC840FEF53D48DA44D28B101DA0ED8EA4DE5A11FA091 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:40:23.0799 0x09f0  VSTXRAID - ok
20:40:23.0814 0x09f0  [ 3C84A039E2796EECA1997902F5D635E7, A503051F5820E61EE15221AF1BA7A7C04CDB3760487D287743D0FAA0A167B59C ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:40:23.0861 0x09f0  vwifibus - ok
20:40:23.0892 0x09f0  [ C6BB1AD6603A83B0B00C344DE2BA652D, 869EFD4EBC4F19C7C82DBC12CF59CAB71946F242401B59D23AE8BF6C91DCA499 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:40:23.0955 0x09f0  vwififlt - ok
20:40:23.0970 0x09f0  [ C78819ED0FF21EFFA23465267E507441, E9FBA09783DC516FB66465960CC793BF0BE348665E28A21C79534DC3D856BC0D ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
20:40:24.0017 0x09f0  vwifimp - ok
20:40:24.0080 0x09f0  [ 9192AECDDAB77DB096AF1557EF58EF07, 56B6B14B6873522270F257BCA382773DE2B33D89DBE53EC012F67A6551A86855 ] W32Time        C:\Windows\system32\w32time.dll
20:40:24.0158 0x09f0  W32Time - ok
20:40:24.0173 0x09f0  [ 142617854B09099C9F32FB4A3B96CB83, 3A90636E00D01EAFF559F2C9BB0EE7C803E381EB738D825D7D68F1245BEFE146 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:40:24.0204 0x09f0  WacomPen - ok
20:40:24.0236 0x09f0  [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:40:24.0282 0x09f0  Wanarp - ok
20:40:24.0298 0x09f0  [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:40:24.0329 0x09f0  Wanarpv6 - ok
20:40:24.0414 0x09f0  [ 1B7B06CF9206E129D03BE3011E35C6E5, 653545F4C709ABE8292C7CBD948E5300F7CFE91003D236280138A9C116E5006A ] wbengine        C:\Windows\system32\wbengine.exe
20:40:24.0616 0x09f0  wbengine - ok
20:40:24.0694 0x09f0  [ 06212EE0E6FFE33E40CB519EFA2E055D, 4381248FE810284114FAE659A160CE1FA612A8B2F70B3F98E3FD97753D4D2815 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:40:24.0741 0x09f0  WbioSrvc - ok
20:40:24.0772 0x09f0  [ DC45A1C14D36A4FB1E581D69602306A5, E33EC9182A1525E59C039E5060C65C6930768A739FC6B8E410B83F790A359968 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:40:24.0835 0x09f0  Wcmsvc - ok
20:40:24.0866 0x09f0  [ 7C86BF53418BAE01483853E129B1FCB7, DEE1568020702F10F72EEE35E3195922478E1AA19948EC5A12A9DE6578576637 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
20:40:24.0960 0x09f0  wcncsvc - ok
20:40:24.0991 0x09f0  [ B6B3F1A5BCEC66B1E08A8A96B67161E1, 2E4269DC1820DDB22A7C4FC866746F0057F3E3DBDDFDEBAAFAB5EE00502E5654 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:25.0022 0x09f0  WcsPlugInService - ok
20:40:25.0069 0x09f0  [ 80915B11341BD6A0653A2E2DC73A1A87, 6F45B16662F7606CA7AAC43A31E8392BC3BC7CDF925B11478ABD7CBC4B2D4F24 ] Wd              C:\Windows\system32\drivers\wd.sys
20:40:25.0084 0x09f0  Wd - ok
20:40:25.0116 0x09f0  [ 664BDB2F6B12FE9B07538B5BF443F403, BAAE3A784D5FBB5E68BD5FFE9F3984E71362DFFFADDFC8D1CC618A23672ECEA4 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:40:25.0147 0x09f0  WdBoot - ok
20:40:25.0201 0x09f0  [ 7F2978DE8DDF0145DEF9EA8FB1E3D019, 7C4129C045CE82440FFA0582F184647B67A8E197AE206CF23B70627640E31540 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:40:25.0326 0x09f0  Wdf01000 - ok
20:40:25.0357 0x09f0  [ C22973DD5DA19664C51583D30E5DE3B3, C535A32DB10600510F2682BC049FD182B40AD3E4B2B5340619D80469CACABEE0 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:40:25.0482 0x09f0  WdFilter - ok
20:40:25.0545 0x09f0  [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:40:25.0591 0x09f0  WdiServiceHost - ok
20:40:25.0607 0x09f0  [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiSystemHost  C:\Windows\system32\wdi.dll
20:40:25.0654 0x09f0  WdiSystemHost - ok
20:40:25.0701 0x09f0  [ 950D8382A389844DED765834A796EEDC, B1E1AF2D9F0048C51A5E32DA0B273021F26AD88037209371255411367594643D ] WebClient      C:\Windows\System32\webclnt.dll
20:40:25.0763 0x09f0  WebClient - ok
20:40:25.0794 0x09f0  [ 02D478D6142E0FF303C53D9FB8D34A53, 657A34E9A23DA4317D53447AAEFA1904DA46BA974C9F39AC94CB8BF07A8A8249 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:40:25.0841 0x09f0  Wecsvc - ok
20:40:25.0872 0x09f0  [ F2F427F3C188877E0754C4D0D9D7321D, FBC6ED0EE41D13D170B36476297211EDA200621EDD0F7341012C3D4D667761BF ] wercplsupport  C:\Windows\System32\wercplsupport.dll
20:40:25.0935 0x09f0  wercplsupport - ok
20:40:25.0950 0x09f0  [ 158AB68C9761845EB6B240CD273D667F, 11D0291F04632DDF6EAD266214011125405B32326CB48C50BCD97024C8BDE893 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:40:26.0013 0x09f0  WerSvc - ok
20:40:26.0059 0x09f0  [ 01353FA4F412E1CFEBD049B604208A90, 860F06EE231771E2021B400B7D6931A9601562CA8EBEE52F79865F8B8EEB9250 ] WFPLWFS        C:\Windows\system32\DRIVERS\wfplwfs.sys
20:40:26.0091 0x09f0  WFPLWFS - ok
20:40:26.0122 0x09f0  [ D16E5C1F2E4680C7263784B45916EE52, 156BE46EF6B61A732CFB112E18099F70D72F32C841FBCF87F2DA4B827FD89A6D ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:40:26.0153 0x09f0  WiaRpc - ok
20:40:26.0184 0x09f0  [ 1B6DA2B0F0ED2FCF77BC64E33513A329, 25854A6E7D3384123E62BF954FEED9596D1BB28A8EB134C5FFF63F0D51B56683 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:40:26.0215 0x09f0  WIMMount - ok
20:40:26.0247 0x09f0  WinDefend - ok
20:40:26.0309 0x09f0  [ E9A19812C75CC074B20088C714AEB690, 47546E381D72AE9D2F5330B982582199E2E6D2DE66ADE3C5DEE6FAC831631D72 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:40:26.0371 0x09f0  WinHttpAutoProxySvc - ok
20:40:26.0574 0x09f0  [ 4C5FD622294D2F81F6F06F741E895F70, 258E56A01B2CD29A754D6CDF7FCF103883AB7088B4E262DB46DAA93F885747BD ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
20:40:26.0621 0x09f0  Winmgmt - ok
20:40:26.0793 0x09f0  [ 4083852CC0E31D32B3B16AC9E18F0B3F, 055A2C9340CEDBFE2F9D6617A2D75A05AB03B0F6714E982AD41C4260359115CE ] WinRM          C:\Windows\system32\WsmSvc.dll
20:40:27.0120 0x09f0  WinRM - ok
20:40:27.0276 0x09f0  [ AE5D57594A2F1A6A6C34DD47066201E8, 69773BEB53F43255613472886C27A2FAE9387127821A7361A34CE3848993809D ] WlanSvc        C:\Windows\System32\wlansvc.dll
20:40:27.0448 0x09f0  WlanSvc - ok
20:40:27.0588 0x09f0  [ C347251ACD04EA68E62BCE707B42E756, 603C408792541B441A3FB27C51EE0FED598CE97832205F596BE093510F339A73 ] wlidsvc        C:\Windows\system32\wlidsvc.dll
20:40:27.0791 0x09f0  wlidsvc - ok
20:40:27.0947 0x09f0  [ F274B2E40D94B41098AB82F2EEE07898, C55B80FCAAE218C375169DA821EDD5BD36DCCC6105AD8BCECCD890FE99C61C23 ] WmiAcpi        C:\Windows\System32\drivers\wmiacpi.sys
20:40:27.0978 0x09f0  WmiAcpi - ok
20:40:28.0041 0x09f0  [ F8FD8BF814C83FEAAA3110477D49C57E, 82FE4325EF8BF56A94C2D4E28B7E3E6CAFB060985A850380E3C6C2647E997D77 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:40:28.0087 0x09f0  wmiApSrv - ok
20:40:28.0134 0x09f0  WMPNetworkSvc - ok
20:40:28.0165 0x09f0  [ 4E8429A8E3873D99581B76F4BB2E2BCD, 7B6EA55C1DF3C12B6108D6F7E6C1BFC71B54BCA65199ADD685B9133092ECFAEE ] wpcfltr        C:\Windows\system32\DRIVERS\wpcfltr.sys
20:40:28.0197 0x09f0  wpcfltr - ok
20:40:28.0243 0x09f0  [ 247140C51FE0424C54AA85412CDFB26D, 36B61FA1794FC8580AC2A2679C3ED00AA0A11E4520A77611660E21672CE15947 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:40:28.0290 0x09f0  WPCSvc - ok
20:40:28.0306 0x09f0  [ AA429F7C7B9E18FF66FE3504B80FAB9A, A676B24F0A7519066404DE6C9598F9DCDF676E50ECBFE1CB736468162D272B82 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:40:28.0353 0x09f0  WPDBusEnum - ok
20:40:28.0368 0x09f0  [ FA4024915B947A7A4C33F6F18454B32A, 9BF9A3FC1099A9472EFF2B54D36F64D009A683535EF102D1172D2385C9DEFEBC ] WpdUpFltr      C:\Windows\system32\drivers\WpdUpFltr.sys
20:40:28.0399 0x09f0  WpdUpFltr - ok
20:40:28.0399 0x09f0  [ B4E48459933B8C48F388BCC3EB1F58D1, 23DE611C880E60B8A4E81F8A44541119D86B15E1718D5E3ADE4E600DE1D0A515 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
20:40:28.0462 0x09f0  ws2ifsl - ok
20:40:28.0477 0x09f0  [ C3A047C10C2B4C6A1C081F04EFBCE1E3, 3AC760E742CE4357FEE5E8E33344586D5D38D495733B9829866CADFAB7071B4D ] wscsvc          C:\Windows\System32\wscsvc.dll
20:40:28.0540 0x09f0  wscsvc - ok
20:40:28.0540 0x09f0  WSearch - ok
20:40:28.0680 0x09f0  [ 8760CCDABD00942F32DD02B8F04D7EA8, AF00539CE9312CEB624664F66E8834D086807CD6ED6BFD76DCAD457D1D22FC4E ] WSService      C:\Windows\System32\WSService.dll
20:40:28.0930 0x09f0  WSService - ok
20:40:29.0257 0x09f0  [ 3E8C4507F587C7151F0755DAA1FDB997, E2F9630CC777A76F10788DD146AE4CADC6CE4EBD419DF3EB78F71DA57D7F08E1 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:40:29.0632 0x09f0  wuauserv - ok
20:40:29.0725 0x09f0  [ A599942A2C8DED90CB73C28A86F56EF3, C5F7103ADBB7DBAF10CC39C4D02264222EA08719829BEB6924AA6F2295102430 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:40:29.0772 0x09f0  WudfPf - ok
20:40:29.0803 0x09f0  [ EB155EDD2256E626368796F4B7CBE013, D049298AD903C967A336596CAF030DDA1B66AACADC4A2E9ECD7E15082B4EA0BC ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
20:40:29.0850 0x09f0  WUDFRd - ok
20:40:29.0897 0x09f0  [ C4B15954BFF994889DEB6A2AFE9E8985, EA55A7CD5C4B718C2693AA39B151D7A0F8D1272E47DD13F1136F9146C938A7BC ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
20:40:29.0944 0x09f0  wudfsvc - ok
20:40:29.0975 0x09f0  [ DD9797B5157EF2CAB24454D0F5A08837, 5F25EA5C5B75E45212D463C59B36A79202DE77DE56B6C63FAF1487860A219CF9 ] WwanSvc        C:\Windows\System32\wwansvc.dll
20:40:30.0037 0x09f0  WwanSvc - ok
20:40:30.0084 0x09f0  ================ Scan global ===============================
20:40:30.0131 0x09f0  [ 26E0369D73B00093D046562F22676D70, 96CE28CCD5DF70EEACE9223A9939F8845B93B3F71EAF3215C167A1E8B1FB593E ] C:\Windows\system32\basesrv.dll
20:40:30.0193 0x09f0  [ E84549406F758028C87FB4C404AD582B, B512E562763D6E85D17BDDC73213CC292F41134588295B47B1F732B14544776E ] C:\Windows\system32\winsrv.dll
20:40:30.0271 0x09f0  [ E1F689E799E6BF3EE078A228E01E6DAB, B51ACDE3A47E02F3D8C7988B21E7B277535C0C102497FBB2C54B8B644DF37EF0 ] C:\Windows\system32\sxssrv.dll
20:40:30.0334 0x09f0  [ 0D9642ECA426AB06234E41161BCC9628, DAB7EB1321B7F246878720DD5011D90D57CE5C9F22E4EAA6B450E0F5EE88B0A1 ] C:\Windows\system32\services.exe
20:40:30.0334 0x09f0  [ Global ] - ok
20:40:30.0349 0x09f0  ================ Scan MBR ==================================
20:40:30.0365 0x09f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:40:31.0290 0x09f0  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
20:40:31.0290 0x09f0  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:40:33.0778 0x09f0  ================ Scan VBR ==================================
20:40:33.0809 0x09f0  [ ACF4FFFBB302AD629A0DF9B0851E0D8E ] \Device\Harddisk0\DR0\Partition1
20:40:33.0825 0x09f0  \Device\Harddisk0\DR0\Partition1 - ok
20:40:33.0856 0x09f0  [ 74D9421ADA4FD2181D471B391C4D34F6 ] \Device\Harddisk0\DR0\Partition2
20:40:33.0856 0x09f0  \Device\Harddisk0\DR0\Partition2 - ok
20:40:33.0856 0x09f0  Waiting for KSN requests completion. In queue: 52
20:40:34.0870 0x09f0  Waiting for KSN requests completion. In queue: 52
20:40:35.0978 0x09f0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x60100 ( disabled : updated )
20:40:35.0993 0x09f0  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
20:40:36.0056 0x09f0  Win FW state via NFP2: enabled
20:40:38.0511 0x09f0  ============================================================
20:40:38.0511 0x09f0  Scan finished
20:40:38.0511 0x09f0  ============================================================
20:40:38.0543 0x11a4  Detected object count: 1
20:40:38.0543 0x11a4  Actual detected object count: 1
20:41:01.0000 0x11a4  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:41:01.0000 0x11a4  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Hier das Log von ListParts:

Code:
ListParts by Farbar Version: 20-10-2013
Ran by Markus (administrator) on 25-10-2013 at 20:45:46
Windows 8 (X64)
Running From: C:\Users\Markus\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 31%
Total physical RAM: 4060.93 MB
Available physical RAM: 2789.78 MB
Total Pagefile: 7644.93 MB
Available Pagefile: 6134.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:284.99 GB) (Free:267.59 GB) NTFS
2 Drive d: (HRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.46 GB) (Free:0 GB) UDF


  Disk ###  Status        Size    Free    Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          298 GB      0 B       

Partitions of Disk 0:
===============

Disk ID: D5EB9B58

  Partition ###  Type              Size    Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery            13 GB  1024 KB
  Partition 2    Primary            100 MB    13 GB
  Partition 3    Primary            284 GB    13 GB
  Partition 4    Primary          1360 KB  298 GB

======================================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs    Type        Size    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3                      NTFS  Partition    13 GB  Healthy    Hidden 

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs    Type        Size    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1                      NTFS  Partition    100 MB  Healthy    System (partition with boot components) 

======================================================================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs    Type        Size    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2    C                NTFS  Partition    284 GB  Healthy    Boot   

======================================================================================================

Disk: 0
Partition 4
Type  : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: D5EB9B58
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1360 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4


****** End Of Log ******

Markus100 25.10.2013 19:52
Hier die ergebnisse von FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2013
Ran by Markus (administrator) on Markus on 25-10-2013 20:48:43
Running from C:\Users\Markus\Downloads
Windows 8 Pro (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe
(Kaspersky Lab ZAO) C:\Users\Markus\Desktop\TDSSKiller.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Farbar) C:\Users\Markus\Desktop\ListParts64.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2657C24EA9D1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\gf7mczwi.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15952 2012-07-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83160 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 05:21 - 2013-10-25 19:35 - 00000000 ____D C:\Windows\Panther
2013-10-25 20:48 - 2013-10-25 20:48 - 01955944 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2013-10-25 20:48 - 2013-10-25 20:48 - 00000000 ____D C:\FRST
2013-10-25 20:45 - 2013-10-25 20:46 - 00003354 _____ C:\Users\Markus\Desktop\Result.txt
2013-10-25 20:44 - 2013-10-25 20:44 - 00868491 _____ (Farbar) C:\Users\Markus\Desktop\ListParts64.exe
2013-10-25 20:37 - 2013-10-25 20:37 - 04101145 _____ C:\Users\Markus\Downloads\tdsskiller.zip
2013-10-25 20:30 - 2013-10-25 20:30 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-25 20:29 - 2013-10-25 20:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-25 20:28 - 2013-10-25 20:29 - 00000000 ____D C:\ProgramData\Adobe
2013-10-25 20:22 - 2013-10-25 20:23 - 23280480 _____ C:\Users\Markus\Downloads\vlc-2.1.0-win64.exe
2013-10-25 20:19 - 2013-10-25 20:19 - 00000000 ____D C:\Users\Markus\AppData\Local\Macromedia
2013-10-25 20:18 - 2013-10-25 20:33 - 00000000 ____D C:\Users\Markus\AppData\Local\Adobe
2013-10-25 20:18 - 2013-10-25 20:18 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-25 20:18 - 2013-10-25 20:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 20:01 - 2013-10-25 20:01 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Users\Markus\AppData\Local\Google
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 19:57 - 2013-10-25 19:57 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Avira
2013-10-25 19:53 - 2013-10-25 19:53 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-25 19:52 - 2013-10-10 19:14 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-25 19:52 - 2013-10-10 19:14 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-25 19:52 - 2013-10-10 19:14 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-25 19:52 - 2013-10-10 19:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-25 19:46 - 2013-10-25 19:46 - 25474984 _____ C:\Users\Markus\Downloads\GoogleEarthWin_2019.exe
2013-10-25 19:45 - 2013-10-25 20:46 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-658232560-3260347316-3776188219-1001
2013-10-25 19:44 - 2013-10-25 19:46 - 123853152 _____ C:\Users\Markus\Downloads\avira_free_antivirus_de_14b411.exe
2013-10-25 19:42 - 2013-10-25 19:42 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Local\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-25 19:41 - 2013-10-25 19:41 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Macromedia
2013-10-25 19:37 - 2013-10-25 19:37 - 00001430 _____ C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Adobe
2013-10-25 19:35 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus\AppData\Local\Packages
2013-10-25 19:35 - 2013-10-25 19:37 - 00000000 ____D C:\ProgramData\PRICache
2013-10-25 19:35 - 2013-10-25 19:35 - 00000000 ____D C:\Users\Markus\AppData\Local\VirtualStore
2013-10-25 19:34 - 2013-10-25 20:12 - 13503756 _____ C:\Windows\WindowsUpdate.log
2013-10-25 19:34 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus
2013-10-25 19:34 - 2013-10-25 19:34 - 00000020 ___SH C:\Users\Markus\ntuser.ini
2013-10-25 19:34 - 2013-10-25 19:34 - 00000000 ____D C:\Windows\CSC
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-25 19:32 - 2013-10-25 19:32 - 00001138 _____ C:\Windows\system32\netcfg--3234399.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3240467.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3230436.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3222652.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3218627.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00001136 _____ C:\Windows\system32\netcfg--3500817.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00001134 _____ C:\Windows\system32\netcfg--3518461.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000197 _____ C:\Windows\system32\netcfg--3499679.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000185 _____ C:\Windows\system32\netcfg--3507525.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000164 _____ C:\Windows\system32\netcfg--3515715.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000161 _____ C:\Windows\system32\netcfg--3508586.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3514171.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3511644.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3509444.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000159 _____ C:\Windows\system32\netcfg--3512658.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3520224.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3510879.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000150 _____ C:\Windows\system32\netcfg--3513391.txt
2013-10-25 19:22 - 2013-10-25 19:22 - 00000436 _____ C:\Windows\PFRO.log
2013-10-15 15:37 - 2013-10-25 20:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Markus\Desktop\TDSSKiller.exe

==================== One Month Modified Files and Folders =======

2013-10-26 05:21 - 2012-07-26 08:47 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-10-25 20:48 - 2013-10-25 20:48 - 01955944 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2013-10-25 20:48 - 2013-10-25 20:48 - 00000000 ____D C:\FRST
2013-10-25 20:46 - 2013-10-25 20:45 - 00003354 _____ C:\Users\Markus\Desktop\Result.txt
2013-10-25 20:46 - 2013-10-25 19:45 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-658232560-3260347316-3776188219-1001
2013-10-25 20:44 - 2013-10-25 20:44 - 00868491 _____ (Farbar) C:\Users\Markus\Desktop\ListParts64.exe
2013-10-25 20:37 - 2013-10-25 20:37 - 04101145 _____ C:\Users\Markus\Downloads\tdsskiller.zip
2013-10-25 20:37 - 2013-10-15 15:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Markus\Desktop\TDSSKiller.exe
2013-10-25 20:33 - 2013-10-25 20:18 - 00000000 ____D C:\Users\Markus\AppData\Local\Adobe
2013-10-25 20:30 - 2013-10-25 20:30 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-25 20:29 - 2013-10-25 20:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-25 20:29 - 2013-10-25 20:28 - 00000000 ____D C:\ProgramData\Adobe
2013-10-25 20:23 - 2013-10-25 20:22 - 23280480 _____ C:\Users\Markus\Downloads\vlc-2.1.0-win64.exe
2013-10-25 20:19 - 2013-10-25 20:19 - 00000000 ____D C:\Users\Markus\AppData\Local\Macromedia
2013-10-25 20:18 - 2013-10-25 20:18 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-25 20:18 - 2013-10-25 20:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 20:12 - 2013-10-25 19:34 - 13503756 _____ C:\Windows\WindowsUpdate.log
2013-10-25 20:02 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\system32\sru
2013-10-25 20:01 - 2013-10-25 20:01 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Users\Markus\AppData\Local\Google
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 20:00 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\system32\restore
2013-10-25 19:57 - 2013-10-25 19:57 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Avira
2013-10-25 19:53 - 2013-10-25 19:53 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-25 19:46 - 2013-10-25 19:46 - 25474984 _____ C:\Users\Markus\Downloads\GoogleEarthWin_2019.exe
2013-10-25 19:46 - 2013-10-25 19:44 - 123853152 _____ C:\Users\Markus\Downloads\avira_free_antivirus_de_14b411.exe
2013-10-25 19:42 - 2013-10-25 19:42 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Local\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-25 19:41 - 2013-10-25 19:41 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Macromedia
2013-10-25 19:39 - 2012-07-26 08:13 - 00803370 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-25 19:37 - 2013-10-25 19:37 - 00001430 _____ C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Adobe
2013-10-25 19:37 - 2013-10-25 19:35 - 00000000 ____D C:\Users\Markus\AppData\Local\Packages
2013-10-25 19:37 - 2013-10-25 19:35 - 00000000 ____D C:\ProgramData\PRICache
2013-10-25 19:37 - 2013-10-25 19:34 - 00000000 ____D C:\Users\Markus
2013-10-25 19:35 - 2013-10-26 05:21 - 00000000 ____D C:\Windows\Panther
2013-10-25 19:35 - 2013-10-25 19:35 - 00000000 ____D C:\Users\Markus\AppData\Local\VirtualStore
2013-10-25 19:35 - 2012-07-26 08:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-10-25 19:35 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\WinStore
2013-10-25 19:34 - 2013-10-25 19:34 - 00000020 ___SH C:\Users\Markus\ntuser.ini
2013-10-25 19:34 - 2013-10-25 19:34 - 00000000 ____D C:\Windows\CSC
2013-10-25 19:32 - 2013-10-25 19:32 - 00001138 _____ C:\Windows\system32\netcfg--3234399.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3240467.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3230436.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3222652.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3218627.txt
2013-10-25 19:27 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\system32\Recovery
2013-10-25 19:27 - 2012-07-26 08:06 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 19:26 - 2012-07-26 08:02 - 00281248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-25 19:25 - 2012-07-26 08:49 - 00001720 _____ C:\Windows\DtcInstall.log
2013-10-25 19:25 - 2012-07-26 08:05 - 00003803 _____ C:\Windows\mmciCo.log
2013-10-25 19:25 - 2012-07-26 05:33 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-25 19:24 - 2012-07-26 08:05 - 00014275 _____ C:\Windows\setupact.log
2013-10-25 19:23 - 2013-10-25 19:23 - 00001136 _____ C:\Windows\system32\netcfg--3500817.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00001134 _____ C:\Windows\system32\netcfg--3518461.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000197 _____ C:\Windows\system32\netcfg--3499679.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000185 _____ C:\Windows\system32\netcfg--3507525.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000164 _____ C:\Windows\system32\netcfg--3515715.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000161 _____ C:\Windows\system32\netcfg--3508586.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3514171.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3511644.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3509444.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000159 _____ C:\Windows\system32\netcfg--3512658.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3520224.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3510879.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000150 _____ C:\Windows\system32\netcfg--3513391.txt
2013-10-25 19:22 - 2013-10-25 19:22 - 00000436 _____ C:\Windows\PFRO.log
2013-10-10 19:14 - 2013-10-25 19:52 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-10 19:14 - 2013-10-25 19:52 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-10 19:14 - 2013-10-25 19:52 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-10 19:14 - 2013-10-25 19:52 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-07-26 01:35] - [2012-07-26 04:06] - 0581120 ____A (Microsoft Corporation) E69AD48020B6410E3E693314C75EC7EC

C:\Windows\System32\wininit.exe
[2012-07-26 01:39] - [2012-07-26 04:06] - 0133120 ____A (Microsoft Corporation) 5150B63AEBF4049F1D188FC715556DF5

C:\Windows\explorer.exe
[2012-07-26 01:10] - [2012-07-26 04:14] - 2529192 ____A (Microsoft Corporation) 4D00F8FEBE9F86E7A34038C40C41F8C1

C:\Windows\SysWOW64\explorer.exe
[2012-07-26 01:01] - [2012-07-26 03:51] - 2274544 ____A (Microsoft Corporation) 38D4A5276A69B3A24D937FF9A4C3EC0B

C:\Windows\System32\svchost.exe
[2012-07-26 01:37] - [2012-07-26 04:05] - 0032768 ____A (Microsoft Corporation) 842D6B4BC250A6E43061F660AE02AE45

C:\Windows\SysWOW64\svchost.exe
[2012-07-26 01:26] - [2012-07-26 03:39] - 0028160 ____A (Microsoft Corporation) FF15D4B1BAFC79F3D7EE1FF5CC8660CB

C:\Windows\System32\services.exe
[2012-07-26 05:33] - [2012-07-26 05:33] - 0356864 ____A (Microsoft Corporation) 0D9642ECA426AB06234E41161BCC9628

C:\Windows\System32\User32.dll
[2012-07-26 01:37] - [2012-07-26 04:04] - 1317376 ____A (Microsoft Corporation) AD2AD3172CB24C178511836182340F2B

C:\Windows\SysWOW64\User32.dll
[2012-07-26 01:26] - [2012-07-26 01:26] - 1221120 ____A (Microsoft Corporation) CBD429F6FA5C534EF942F62E1EDBB7F5

C:\Windows\System32\userinit.exe
[2012-07-26 01:41] - [2012-07-26 04:06] - 0027648 ____A (Microsoft Corporation) FA6BF75254E0C7897DF944C6DBB5736A

C:\Windows\SysWOW64\userinit.exe
[2012-07-26 01:29] - [2012-07-26 03:39] - 0024064 ____A (Microsoft Corporation) 0DA6CAE9E266EA56CFED1CE5D297DE3B

C:\Windows\System32\Drivers\volsnap.sys
[2012-07-26 03:32] - [2012-07-26 05:10] - 0311536 ____A (Microsoft Corporation) ED7880AB1743BEB09A8549B6E88E7FF5



LastRegBack: 2013-10-25 19:22

==================== End Of Log ============================
--- --- ---



Additional:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-10-2013
Ran by Markus at 2013-10-25 20:49:58
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Avira Free Antivirus (x32 Version: 14.0.0.411)
Google Earth (x32 Version: 7.1.2.2019)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)

==================== Restore Points  =========================

25-10-2013 18:00:19 Installed Google Earth.

==================== Hosts content: ==========================

2012-07-26 05:33 - 2012-07-26 05:33 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {13425470-DE1E-40A1-84C8-34441AF9A033} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-25] (Adobe Systems Incorporated)
Task: {5DD98C08-CF5A-4ED2-B471-1504DBBB6D78} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {8ECE74E8-FAC6-43CD-94AE-6B365A882154} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-10-25 19:53 - 2013-10-10 19:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-25 19:42 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2013 08:35:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000d29c
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5

Error: (10/25/2013 08:35:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000d292
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5

Error: (10/25/2013 08:24:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: install_reader11_de_mssd_aaa_aih.exe, version: 3.3.9.0, time stamp: 0x51c7f3cd
Faulting module name: MSHTML.dll, version: 10.0.9200.16384, time stamp: 0x501081e1
Exception code: 0xc0000420
Fault offset: 0x00f36e76
Faulting process id: 0x1174
Faulting application start time: 0xinstall_reader11_de_mssd_aaa_aih.exe0
Faulting application path: install_reader11_de_mssd_aaa_aih.exe1
Faulting module path: install_reader11_de_mssd_aaa_aih.exe2
Report Id: install_reader11_de_mssd_aaa_aih.exe3
Faulting package full name: install_reader11_de_mssd_aaa_aih.exe4
Faulting package-relative application ID: install_reader11_de_mssd_aaa_aih.exe5

Error: (10/25/2013 08:19:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000ec46
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5

Error: (10/25/2013 08:19:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000ec62
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5

Error: (10/25/2013 08:19:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000ec11
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5

Error: (10/25/2013 08:18:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: install_flashplayer11x32_mssd_aaa_aih.exe, version: 3.3.9.0, time stamp: 0x51c7f3cd
Faulting module name: MSHTML.dll, version: 10.0.9200.16384, time stamp: 0x501081e1
Exception code: 0xc0000420
Fault offset: 0x00f36e76
Faulting process id: 0xf8c
Faulting application start time: 0xinstall_flashplayer11x32_mssd_aaa_aih.exe0
Faulting application path: install_flashplayer11x32_mssd_aaa_aih.exe1
Faulting module path: install_flashplayer11x32_mssd_aaa_aih.exe2
Report Id: install_flashplayer11x32_mssd_aaa_aih.exe3
Faulting package full name: install_flashplayer11x32_mssd_aaa_aih.exe4
Faulting package-relative application ID: install_flashplayer11x32_mssd_aaa_aih.exe5

Error: (10/25/2013 07:54:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: avgnt.exe, version: 14.0.0.383, time stamp: 0x52492d6c
Faulting module name: gdiplus.dll, version: 6.2.9200.16384, time stamp: 0x50107fd1
Exception code: 0xc0000420
Fault offset: 0x00084f72
Faulting process id: 0x13f4
Faulting application start time: 0xavgnt.exe0
Faulting application path: avgnt.exe1
Faulting module path: avgnt.exe2
Report Id: avgnt.exe3
Faulting package full name: avgnt.exe4
Faulting package-relative application ID: avgnt.exe5

Error: (10/25/2013 07:49:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: avira_free_antivirus_de_14b411.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: SHLWAPI.dll, version: 6.2.9200.16384, time stamp: 0x50107c95
Exception code: 0xc0000420
Fault offset: 0x0002085d
Faulting process id: 0xbac
Faulting application start time: 0xavira_free_antivirus_de_14b411.exe0
Faulting application path: avira_free_antivirus_de_14b411.exe1
Faulting module path: avira_free_antivirus_de_14b411.exe2
Report Id: avira_free_antivirus_de_14b411.exe3
Faulting package full name: avira_free_antivirus_de_14b411.exe4
Faulting package-relative application ID: avira_free_antivirus_de_14b411.exe5

Error: (10/25/2013 07:40:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16384, time stamp: 0x50107b11
Faulting module name: MSHTML.dll, version: 10.0.9200.16384, time stamp: 0x501081e1
Exception code: 0xc0000420
Fault offset: 0x01161cc4
Faulting process id: 0x6dc
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5


System errors:
=============
Error: (10/25/2013 08:19:07 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (10/25/2013 08:19:07 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (10/25/2013 07:48:34 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

Error: (10/25/2013 07:48:34 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x1000000000000.  The name of the file is "<unable to determine file name>".

Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x1000000000000.  The name of the file is "<unable to determine file name>".

Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x1000000000000.  The name of the file is "<unable to determine file name>".

Error: (10/25/2013 07:47:28 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The exact nature of the corruption is unknown.  The file system structures need to be scanned online.

Error: (10/25/2013 07:47:28 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x1000000000000.  The name of the file is "<unable to determine file name>".


Microsoft Office Sessions:
=========================
Error: (10/25/2013 08:35:25 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000d29c13ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll36447a20-3da4-11e3-b368-60eb696d1c85

Error: (10/25/2013 08:35:23 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000d29213ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll35351c9d-3da4-11e3-b368-60eb696d1c85

Error: (10/25/2013 08:24:02 PM) (Source: Application Error)(User: )
Description: install_reader11_de_mssd_aaa_aih.exe3.3.9.051c7f3cdMSHTML.dll10.0.9200.16384501081e1c000042000f36e76117401ced1af5e3fcdb0C:\Users\Markus\AppData\Local\Temp\install_reader11_de_mssd_aaa_aih.exeC:\Windows\SYSTEM32\MSHTML.dll9eeb423d-3da2-11e3-b368-60eb696d1c85

Error: (10/25/2013 08:19:43 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000ec4613ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll0496f7bc-3da2-11e3-b368-60eb696d1c85

Error: (10/25/2013 08:19:41 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000ec6213ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll03748e63-3da2-11e3-b368-60eb696d1c85

Error: (10/25/2013 08:19:39 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000ec1113ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll02332e47-3da2-11e3-b368-60eb696d1c85

Error: (10/25/2013 08:18:06 PM) (Source: Application Error)(User: )
Description: install_flashplayer11x32_mssd_aaa_aih.exe3.3.9.051c7f3cdMSHTML.dll10.0.9200.16384501081e1c000042000f36e76f8c01ced1ae8a011a66C:\Users\Markus\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exeC:\Windows\SYSTEM32\MSHTML.dllcb0fadf7-3da1-11e3-b368-60eb696d1c85

Error: (10/25/2013 07:54:26 PM) (Source: Application Error)(User: )
Description: avgnt.exe14.0.0.38352492d6cgdiplus.dll6.2.9200.1638450107fd1c000042000084f7213f401ced1ab3978187cC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9200.16384_none_ba245425e0986353\gdiplus.dll7cc305f0-3d9e-11e3-b368-60eb696d1c85

Error: (10/25/2013 07:49:12 PM) (Source: Application Error)(User: )
Description: avira_free_antivirus_de_14b411.exe0.0.0.000000000SHLWAPI.dll6.2.9200.1638450107c95c00004200002085dbac01ced1aa82f0f9f7C:\Users\Markus\Downloads\avira_free_antivirus_de_14b411.exeC:\Windows\SYSTEM32\SHLWAPI.dllc135dd4c-3d9d-11e3-b368-60eb696d1c85

Error: (10/25/2013 07:40:52 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1638450107b11MSHTML.dll10.0.9200.16384501081e1c000042001161cc46dc01ced1a9468a11bcC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\MSHTML.dll979fad3f-3d9c-11e3-b368-60eb696d1c85


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 4060.93 MB
Available physical RAM: 2699.61 MB
Total Pagefile: 7644.93 MB
Available Pagefile: 6051.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.99 GB) (Free:267.53 GB) NTFS
Drive d: (HRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.46 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

==================== End Of Log ============================

aharonov 25.10.2013 20:14
Hallo Markus,

es ist genau wie angenommen.


Schritt 1

Starte bitte TDSSkiller.exe.
Vista und Win7 User mit Rechtsklick "als Administrator ausführen".
  • Setze wieder die gleichen Einstellungen wie zuvor.
  • Drücke dann auf Start Scan.
    Mache während des Scans nichts am Rechner!
  • Gehe sicher, dass bei TDSS File System die Option Cure (default) oder Delete angehakt ist.
  • Drücke Continue --> Reboot.
  • TDSSKiller wird ein Logfile auf deinem Systemlaufwerk speichern (C:\TDSSKiller.<version_date_time>log.txt).
  • Poste bitte den Inhalt dieses Logfiles in deinen Thread.



Schritt 2

Drücke die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und schreibe "notepad" in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument:
Code:
Disk=0 Partition=4 delete
Speichere dieses dann bitte unter dem Dateinamen Fix.txt ebenfalls auf deinen Desktop neben ListParts.
  • Starte nun ListParts und klicke den Fix Button.
  • Nachdem der Fix durchgelaufen ist, drücke den Scan Button.
  • Das Tool erstellt eine neue Result.txt auf dem Desktop.
    Poste deren Inhalt bitte hier.

Markus100 25.10.2013 20:57
Vielen Dank!

Hier das log des TDSSkiller:

Code:
21:44:57.0195 0x0b58  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
21:45:02.0924 0x0b58  ============================================================
21:45:02.0924 0x0b58  Current date / time: 2013/10/25 21:45:02.0924
21:45:02.0924 0x0b58  SystemInfo:
21:45:02.0924 0x0b58 
21:45:02.0924 0x0b58  OS Version: 6.2.9200 ServicePack: 0.0
21:45:02.0924 0x0b58  Product type: Workstation
21:45:02.0924 0x0b58  ComputerName: Markus
21:45:02.0924 0x0b58  UserName: Markus
21:45:02.0924 0x0b58  Windows directory: C:\Windows
21:45:02.0924 0x0b58  System windows directory: C:\Windows
21:45:02.0924 0x0b58  Running under WOW64
21:45:02.0924 0x0b58  Processor architecture: Intel x64
21:45:02.0924 0x0b58  Number of processors: 2
21:45:02.0924 0x0b58  Page size: 0x1000
21:45:02.0924 0x0b58  Boot type: Normal boot
21:45:02.0924 0x0b58  ============================================================
21:45:04.0628 0x0b58  System UUID: {58548BA2-E657-B406-5EE4-5F1A1E10BEA6}
21:45:05.0423 0x0b58  !crdlk
21:45:05.0454 0x0b58  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
21:45:05.0532 0x0b58  ============================================================
21:45:05.0532 0x0b58  \Device\Harddisk0\DR0:
21:45:05.0532 0x0b58  MBR partitions:
21:45:05.0532 0x0b58  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:45:05.0532 0x0b58  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
21:45:05.0532 0x0b58  ============================================================
21:45:05.0595 0x0b58  C: <-> \Device\Harddisk0\DR0\Partition2
21:45:05.0595 0x0b58  ============================================================
21:45:05.0595 0x0b58  Initialize success
21:45:05.0595 0x0b58  ============================================================
21:45:53.0724 0x0474  ============================================================
21:45:53.0724 0x0474  Scan started
21:45:53.0724 0x0474  Mode: Manual; SigCheck; TDLFS;
21:45:53.0724 0x0474  ============================================================
21:45:53.0724 0x0474  KSN ping started
21:45:56.0205 0x0474  KSN ping finished: true
21:45:56.0864 0x0474  ================ Scan system memory ========================
21:45:56.0864 0x0474  System memory - ok
21:45:56.0864 0x0474  ================ Scan services =============================
21:45:57.0426 0x0474  [ 17495C8F96D57904C2E9630CF77F5B02, 426E1F92585D922EE40E63DD8FDF8213E3ABA3A2FD6FAF869ACE1AA01E281258 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
21:45:57.0535 0x0474  1394ohci - ok
21:45:57.0613 0x0474  [ 20EE62BA8318B249EE4C5A208A645E7E, 3868B926461B15226068E23BBC61BE9FAFDE5C4D043EA62CDC11C027762731E2 ] 3ware          C:\Windows\system32\drivers\3ware.sys
21:45:57.0644 0x0474  3ware - ok
21:45:57.0691 0x0474  [ 5165287A849B6DEB83D5B1E167FD31A3, D6CFDA90F28A89E5B55B22D6AAD42C99927FE345A01CDFC168CDEA1058998B63 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:45:57.0753 0x0474  ACPI - ok
21:45:57.0784 0x0474  [ 64F237B2C6EF0111BB870C8B64861CAD, 164304BC71165AF7D1D7E157A00DD63AD4CD2219BBB042CB30E4FF9A9C5C1F4F ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
21:45:57.0800 0x0474  acpiex - ok
21:45:57.0816 0x0474  [ A11500807F1877BD2ADBA1023E42F784, F059143C84EF34054BCF7DFD3155C366B2A2BF866DCF1953C0F1F16490159841 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
21:45:57.0831 0x0474  acpipagr - ok
21:45:57.0847 0x0474  [ 13C3D41BE36FE2027FB3FFCE2CD2CCF0, D524FB36FC33528F43ECBB0607D239037A8A01E506F3E4A5711A766C45C83C6C ] AcpiPmi        C:\Windows\System32\drivers\acpipmi.sys
21:45:57.0878 0x0474  AcpiPmi - ok
21:45:57.0894 0x0474  [ 3EE3093708B2DCA60323B0AA14DF359F, BD11A04AC1025CC941EF15A0517283C9234657DDC1D3BBD1794EF7266B6AA85A ] acpitime        C:\Windows\System32\drivers\acpitime.sys
21:45:57.0925 0x0474  acpitime - ok
21:45:58.0018 0x0474  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:45:58.0034 0x0474  AdobeARMservice - ok
21:45:58.0371 0x0474  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:45:58.0434 0x0474  AdobeFlashPlayerUpdateSvc - ok
21:45:58.0512 0x0474  [ 764584A0AD1BD3FF198135AD2D7692B8, DFFF1AF774AFE5CFF55F5BF4F0BE6271ACB80D6685FBF77BE0A6288F8F99C2C4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
21:45:58.0559 0x0474  adp94xx - ok
21:45:58.0605 0x0474  [ 5C82D0A150CB633A54751A3111C06398, 64EA04F87F0A1CC0A72296C0E6C13A8407F0E0635A4674B412CD7DE591826C75 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
21:45:58.0652 0x0474  adpahci - ok
21:45:58.0683 0x0474  [ DB4E3210CE6A79ECAAD1C09AE2922322, F8D96243DADB980620310BF272449900FF996F1D000F5D2FD5456CE7A7712F6C ] adpu320        C:\Windows\system32\drivers\adpu320.sys
21:45:58.0715 0x0474  adpu320 - ok
21:45:58.0761 0x0474  [ 8889F910936A68EEB448177DA135656F, 8281DFBBEFC111C708B7716CED7523D7DBC00CDDAB0C5A5E633C1D9BDA7B7984 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
21:45:58.0793 0x0474  AeLookupSvc - ok
21:45:58.0871 0x0474  [ D3C1DE857B2CC4DCC9805AA460E95375, 5432BE91B8D0B24E756A3228946D4C036F343D631B8B137EE701206E872F27A1 ] AFD            C:\Windows\system32\drivers\afd.sys
21:45:58.0933 0x0474  AFD - ok
21:45:58.0995 0x0474  [ EE103CB9714AF259CE02E05B802443AE, 36B1BF40266CA6BA51F620E156455EB8AB4C4BD204AD604CF02195CEE354B7BC ] agp440          C:\Windows\system32\drivers\agp440.sys
21:45:59.0027 0x0474  agp440 - ok
21:45:59.0042 0x0474  [ 22A49960013C51651E5C6C0D896819FE, B6A1ECE260719F88291BB245CE667A524C75AA3C8B22ACB52920E7B1FD8E5775 ] ALG            C:\Windows\System32\alg.exe
21:45:59.0073 0x0474  ALG - ok
21:45:59.0120 0x0474  [ 0210340186C19D133BCE3F31914BE63D, 57DCAC6D13B1BA389DA96AC9BDA350672E103CFDA0030343FE5645A6ABE7B3CE ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:45:59.0151 0x0474  AllUserInstallAgent - ok
21:45:59.0183 0x0474  [ 9AC4C8659A13D9CACBB9387A92DF4299, FFB8D82E59204AA7A4C071CC2D51862482B3A296D97E75D5CC72AAD1380C81FE ] AmdK8          C:\Windows\System32\drivers\amdk8.sys
21:45:59.0214 0x0474  AmdK8 - ok
21:45:59.0261 0x0474  [ 9E2B8A93C6BAC8AD6B62853FE134E666, 66360C2DD0D2B8CB35B9605A51B60E4F719DA98967308C1914A0A7C61B851EA3 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
21:45:59.0276 0x0474  AmdPPM - ok
21:45:59.0307 0x0474  [ 87C7DAC076B22EE0817AA6393573770D, 22A85C5D859615236C3552794968852AE98B78811829C24C8611A314018FC846 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
21:45:59.0323 0x0474  amdsata - ok
21:45:59.0354 0x0474  [ 6BDD088E9002743EB7721998876239F4, 9D741B9B9D2A9D01C75AB244346DAFAA2F9038BA762014DF561257C7AB3E40D3 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:45:59.0401 0x0474  amdsbs - ok
21:45:59.0417 0x0474  [ 2EFF0617F34D7B61DDF80980EEF01D24, CE78CE21D34A185F0F798E2C4F675A866ADE9F540331CD2DEA153AECC3EC048A ] amdxata        C:\Windows\system32\drivers\amdxata.sys
21:45:59.0432 0x0474  amdxata - ok
21:45:59.0619 0x0474  [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:45:59.0666 0x0474  AntiVirSchedulerService - ok
21:45:59.0699 0x0474  [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:45:59.0730 0x0474  AntiVirService - ok
21:45:59.0808 0x0474  [ 59A16E5DEA0EDBEF76EA40C4E6FE597D, 4777D703E79B79673FBA9EDD44BC01D39B77E91E2336A604156DD6F5F495C257 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
21:45:59.0886 0x0474  AntiVirWebService - ok
21:45:59.0948 0x0474  [ 97BCBD4C0257A469D8E55A41C2DF29C7, 4D8980370729E731E302E7F272F7C472BEBA2115AB2DBEC5AFA790919535B724 ] AppID          C:\Windows\system32\drivers\appid.sys
21:45:59.0995 0x0474  AppID - ok
21:46:00.0057 0x0474  [ 45E046FA37ADF4B738B9C8AEC97C81D9, FB35AEED64A82F277396AD159F36D1E025EAC76578B831B157237F5C394A3BB1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:46:00.0089 0x0474  AppIDSvc - ok
21:46:00.0104 0x0474  [ F8EC4211BED681F86848EC2D516BADEC, 654B81C62DFB596D08696FCF52CABCF0F670D0D45EE99189F1FBB7601A2F78CC ] Appinfo        C:\Windows\System32\appinfo.dll
21:46:00.0135 0x0474  Appinfo - ok
21:46:00.0151 0x0474  [ 7A575C64548A630B6BF06D014D774750, 5C4F79AF927EC71F9F46FE6D6032E594344B54F822F0A30F4996C7F7B441FA9C ] AppMgmt        C:\Windows\System32\appmgmts.dll
21:46:00.0182 0x0474  AppMgmt - ok
21:46:00.0213 0x0474  [ 3242E9F093CEC59A891AF84B664D728C, 51A21D425D4746B910101E80781F8811B14DE9EAD26F7CFBB1E4C67C750F78E4 ] arc            C:\Windows\system32\drivers\arc.sys
21:46:00.0245 0x0474  arc - ok
21:46:00.0307 0x0474  [ 1DF0B7A719F4A29F51C22E58D4383629, BE68C5A47B465AE0E30857287E0BD17D18158F37DD408E857FA4641EE500A702 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:46:00.0323 0x0474  arcsas - ok
21:46:00.0354 0x0474  [ 9D20D357E10498AA3DA5DFAAC7E4A598, C1FC676CFF0CA998A3C14B67ABD034C1B64D71961DAC35D0E8FB75853B5C5196 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:46:00.0385 0x0474  AsyncMac - ok
21:46:00.0401 0x0474  [ 04E65143EE20BAD768389C61718F116A, 98C2549DB1BC8772E99CB9C895A0A71BB27C4529D33F26B9CB0322AC8718E511 ] atapi          C:\Windows\system32\drivers\atapi.sys
21:46:00.0416 0x0474  atapi - ok
21:46:00.0447 0x0474  [ 70A96EB82AE095554D7A2928FD0FB099, 412F46B64A90B541CD6A9BAF2DB6FC4F05E1CA5FEA9632C25899C871AA2AC861 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:46:00.0479 0x0474  AudioEndpointBuilder - ok
21:46:00.0541 0x0474  [ A3499B83F027D7EF549190D6FCF283F1, F82AB55EDAC14BC9FF8E62DDE084FA0012D163072A7951E80AD4A8A4A2686710 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:46:00.0603 0x0474  Audiosrv - ok
21:46:00.0666 0x0474  [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:46:00.0697 0x0474  avgntflt - ok
21:46:00.0728 0x0474  [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:46:00.0744 0x0474  avipbb - ok
21:46:00.0759 0x0474  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:46:00.0775 0x0474  avkmgr - ok
21:46:00.0806 0x0474  [ D1D40E04F258917863F8F6AE3D49DC33, D620C721686F7A5161781119E94B5B21B757384A40B1115F68CD97475638FCED ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
21:46:00.0822 0x0474  avnetflt - ok
21:46:00.0853 0x0474  [ CF4E5D4F4CA70859A9B8C2FC2E231AD7, F6B2FEBA3808BDFCB9D084EB73F3B9FFA24D24D7F5273B6E31215ECBFA4B6B42 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:46:00.0869 0x0474  AxInstSV - ok
21:46:00.0931 0x0474  [ EABCCC87C98C4A87C792E8D7E0E2A4DA, 3B54971FBFB6AC90CEB2E9A9A8B08BBFD26FEB870A3D767192A310EB1292DC80 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
21:46:00.0978 0x0474  b06bdrv - ok
21:46:01.0009 0x0474  [ 70C6C26CD374699D6DBB6D681B8A972E, 808AD40C5E239D657024A208FCB63BF76309F5A3921D07B6353F2DE4B5DE5D18 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
21:46:01.0025 0x0474  BasicDisplay - ok
21:46:01.0040 0x0474  [ 9FC9F32E41B9BACBF721A6BE64B45A21, A7E58F27110B37A493383817B28B305CE1C9CEC61146ADE9A7EDDB9026DE41C3 ] BasicRender    C:\Windows\System32\drivers\BasicRender.sys
21:46:01.0071 0x0474  BasicRender - ok
21:46:01.0352 0x0474  [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl63a.sys
21:46:01.0680 0x0474  BCM43XX - ok
21:46:01.0851 0x0474  [ 1A61CBA65EAD2EEB3E54C4346BF19BBB, 4F1CF764E487623F7E650CC152EE3ABCA8C9B73C2BD16195DA8D386F3D6C8F57 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:46:01.0898 0x0474  BDESVC - ok
21:46:01.0914 0x0474  [ 9CA7506575641FA017C69649A6CA0EFF, D0DADD656B3EB40AC2E30C65ED7F65BF653EEA543F37FB251BE897E7A698379D ] Beep            C:\Windows\system32\drivers\Beep.sys
21:46:01.0929 0x0474  Beep - ok
21:46:01.0992 0x0474  [ 0C85BC19619931FBDEFF48830F95D5AE, BC30F4F2709FAB7040D06CB3CB130001684D59D57B451E9350DC0A6E83C8DFCB ] BFE            C:\Windows\System32\bfe.dll
21:46:02.0054 0x0474  BFE - ok
21:46:02.0163 0x0474  [ B94800B76A324834796BC68246DD3E31, 3D3BA07324605D5B01FB45D8F7A160130ACD7FAA5E181F163A78AD128B6DB987 ] BITS            C:\Windows\System32\qmgr.dll
21:46:02.0257 0x0474  BITS - ok
21:46:02.0319 0x0474  [ 199FCFF2B289F66111B7770D8CAF341C, 03B5B0EA168BA336354EE032CD0EFA7C8A1CC4A87954B913B1BCBA022C5F20A2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:46:02.0351 0x0474  bowser - ok
21:46:02.0382 0x0474  [ F79B65F8B44DA6735CF0FE6DD5D50BB2, 4867B9BE4ABCDCE237FBC05322E5E1CA5708FBC98D0037CA63FDC75ECAE7D6A8 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:46:02.0429 0x0474  BrokerInfrastructure - ok
21:46:02.0460 0x0474  [ 44C16C5F3CD2E85E341B4758E391A6B3, B8CE78813BE06D18B753970E19EF3078B3E659D14C424B2505592E1FB4F14FF3 ] Browser        C:\Windows\System32\browser.dll
21:46:02.0507 0x0474  Browser - ok
21:46:02.0538 0x0474  [ F92BBA7BBF29C991CBEB9C79F8456BED, 717E4F75F83F7DECEE627BDE04583F6F9AECBEF49602B8783CA7D0CB973E6C31 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
21:46:02.0585 0x0474  BthAvrcpTg - ok
21:46:02.0600 0x0474  [ 8DA65E6D5C2BBEC9F1DF8E46995540BD, D73208F756F762D4DE9990B18A0227EC9420496E244073FB6DCD853FA5422C15 ] BthHFEnum      C:\Windows\System32\drivers\bthhfenum.sys
21:46:02.0694 0x0474  BthHFEnum - ok
21:46:02.0709 0x0474  [ 0375B8756A92CA4F53C8058C6BD75082, 3480500D449165A779347D08482354377470E9B10FC2D16393D7420B55BB2CF4 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
21:46:02.0756 0x0474  bthhfhid - ok
21:46:02.0772 0x0474  [ 4373A04575405AAE159AFB2EA857D586, F6A72BD8BF6E0CBA6BE608B0E0338B346AB576715D985EDB0306E1F1669847BA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
21:46:02.0819 0x0474  BTHMODEM - ok
21:46:02.0850 0x0474  [ 097E028F506D68D198A86E8EA342A297, 19B58C6D7955320EEA96C392EA7034BFD813FC58F4815D1F41B72B0118A79CFF ] bthserv        C:\Windows\system32\bthserv.dll
21:46:02.0881 0x0474  bthserv - ok
21:46:02.0897 0x0474  [ 9FDF55B0486D9A59C979645FBC3F132B, 696668AE62F2BD2CB3ABA226D517E80504CD982AB770DF865A6EE396D648B2CD ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:46:02.0928 0x0474  cdfs - ok
21:46:02.0943 0x0474  [ 40B7C9B1593614385B9C2F3B8D89CE8D, B3ED39281AE6FCFCD8B421B934BDA5B433FA4DC174A820AE2C3573F6610C56EA ] cdrom          C:\Windows\System32\drivers\cdrom.sys
21:46:02.0975 0x0474  cdrom - ok
21:46:03.0006 0x0474  [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] CertPropSvc    C:\Windows\System32\certprop.dll
21:46:03.0037 0x0474  CertPropSvc - ok
21:46:03.0068 0x0474  [ 60B681FF66540A7E9F00D2073030BF29, A92F041420FAD05F9CE1B29F33ECC6AC7C38934111FAC1B221E756F90EB8FE1A ] circlass        C:\Windows\System32\drivers\circlass.sys
21:46:03.0115 0x0474  circlass - ok
21:46:03.0146 0x0474  [ 705B02F6B765BDEF2EF8BB37D5D371EC, E5CDA3854E38F1AA5C7CF51336F8C4F3961AB3B8EFC852FB4C46108BDDE44E1F ] CLFS            C:\Windows\system32\drivers\CLFS.sys
21:46:03.0193 0x0474  CLFS - ok
21:46:03.0209 0x0474  [ D8993E1CEB237DB41A18F14D2D873B6F, 772D50D538214B2F0B2F5FAFD264C29BC05BDCCB1D51439E18FF7CCD18660091 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
21:46:03.0255 0x0474  CmBatt - ok
21:46:03.0302 0x0474  [ C0BF8F5D780CFE07A9690E5B6F5FCB32, 8D9154D0C7E7487B594E9E2262E998C98D278AAFB957028127EFC86EDFEB609C ] CNG            C:\Windows\system32\Drivers\cng.sys
21:46:03.0365 0x0474  CNG - ok
21:46:03.0380 0x0474  [ C850B672E78BB45A4F980FFA2197EEFB, FC8ACE717D7872E5269071808CBD2D77CE129027604A1339E8958FC37AFB8A5F ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
21:46:03.0427 0x0474  CompositeBus - ok
21:46:03.0443 0x0474  COMSysApp - ok
21:46:03.0458 0x0474  [ 587F4752B4892ECCB1FF14F478BE7396, 9598738EC0C8C4B3E94029EE0ED0875721450A25A0C37DDB014F32F37AEC286A ] condrv          C:\Windows\system32\drivers\condrv.sys
21:46:03.0489 0x0474  condrv - ok
21:46:03.0536 0x0474  [ F25BBEFB14A75AA154417991BAD98967, 3447AA3F44028A836529F494483CDAEAB5BEEFA48240E8E07512409A6EF31264 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:46:03.0552 0x0474  CryptSvc - ok
21:46:03.0614 0x0474  [ 0F67E05737A49D43B0A50A6482F57B1A, 2A12C10121A01FB1337A88E12791BE4782AD42778AAC83986E9BACD11967208D ] CSC            C:\Windows\system32\drivers\csc.sys
21:46:03.0692 0x0474  CSC - ok
21:46:03.0770 0x0474  [ 09DEA2ADC74E46CA5CC66AC26F13A7AF, 04F133B880848429F9B0896F84796680974EED07F2249A19EEDD97EBD63FBC17 ] CscService      C:\Windows\System32\cscsvc.dll
21:46:03.0848 0x0474  CscService - ok
21:46:03.0879 0x0474  [ 7B08F79034E4EEF9E10BB77939D2C72F, 0FABEA070805052798788C45C563BAF139D7E348B02C00C99E214BA0075A6161 ] dam            C:\Windows\system32\drivers\dam.sys
21:46:03.0911 0x0474  dam - ok
21:46:03.0973 0x0474  [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:46:04.0051 0x0474  DcomLaunch - ok
21:46:04.0113 0x0474  [ FA7AC7454EBBA1AD402E32B399BC9CE5, C7C12728E80DADFAF3187B829FCE71D4098BB491EC4DEF6E5992BD73922419EC ] defragsvc      C:\Windows\System32\defragsvc.dll
21:46:04.0160 0x0474  defragsvc - ok
21:46:04.0207 0x0474  [ 565B3ABEF0B54B0731BEFA4DEF9EE845, F379ADCB5B6DF257883B0908A4B780A706A8955E30D1745E91048BBA47109949 ] DeviceAssociationService C:\Windows\system32\das.dll
21:46:04.0254 0x0474  DeviceAssociationService - ok
21:46:04.0316 0x0474  [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] DeviceInstall  C:\Windows\system32\umpnpmgr.dll
21:46:04.0347 0x0474  DeviceInstall - ok
21:46:04.0410 0x0474  [ 91E1FD9887DF6CAD9AAB3796AFB0D87C, 819014D6C15D354D25EF08C553C3D40E77E0A0DFEAFD3FE9DB3E99BF2593D874 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
21:46:04.0425 0x0474  Dfsc - ok
21:46:04.0472 0x0474  [ E628016CC8982BEE0D7190DEBC4A34F4, DDE032D514C2237836F645BFC963EE91A47DA2CB780B9115B6C2679EE5F3A41F ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:46:04.0535 0x0474  Dhcp - ok
21:46:04.0550 0x0474  [ 9B6F6E3153D1C05CFF3D2A6EBA8B371C, 3907B9D879973738B520F46C27E56257F4A8BF7CA72E91CEACD5B2F4F70D4F60 ] discache        C:\Windows\system32\drivers\discache.sys
21:46:04.0581 0x0474  discache - ok
21:46:04.0613 0x0474  [ 387792EA19C374A785ADBC385EDE3D4E, 2987941D8C437C2B81C4870C0D725464E5FC6DF0190EF2B3404C180BE2A1BF16 ] disk            C:\Windows\system32\drivers\disk.sys
21:46:04.0628 0x0474  disk - ok
21:46:04.0665 0x0474  [ 666B3B00C02B0D1D7D186EDBE0815092, A9DB43170472A13473AB9EF0E3FB6583485276C5EA0CD9372C2382B4AD3D503E ] dmvsc          C:\Windows\System32\drivers\dmvsc.sys
21:46:04.0699 0x0474  dmvsc - ok
21:46:04.0730 0x0474  [ E627748CC6DF1A0E32CF62125701972F, 71191820754C2C64036B393175E5A2067CE42B981D6092CEF17B0E716A5A162B ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:46:04.0761 0x0474  Dnscache - ok
21:46:04.0792 0x0474  [ A7C7A276FA35BC09723F754756616363, D777587A6919A944AAE2C5DF8EC8B39ECE53CD549D9848FE94A035B1F199E82C ] dot3svc        C:\Windows\System32\dot3svc.dll
21:46:04.0839 0x0474  dot3svc - ok
21:46:04.0870 0x0474  [ 58BECDD07D2C142B5B885CFCE2417E37, B40985E4DEA06F96B1B00E951209FB50BAE35BDDE4D5CA5C0C1AC7C772C1B64E ] DPS            C:\Windows\system32\dps.dll
21:46:04.0901 0x0474  DPS - ok
21:46:04.0933 0x0474  [ 66E92FA5752E142145E4713129B839A0, 267BEA7B69C8A92031762474534967588305658A747BEB0D1308C976417D5886 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
21:46:04.0979 0x0474  drmkaud - ok
21:46:05.0026 0x0474  [ 95B29527993D6CF37A793F3A021A27C3, 5502765548AC728E2FB043BA3AF8182675597F8EAE8F5AEC1F0978A0C3398685 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
21:46:05.0057 0x0474  DsmSvc - ok
21:46:05.0151 0x0474  [ 87CB29AC7973AEFEF9A3C8F8A37E68A4, EF2F34976D0D62C48CDBC5DDB48C2AE6C982D5661DDD905017558CB0809D6BA4 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
21:46:05.0260 0x0474  DXGKrnl - ok
21:46:05.0401 0x0474  [ 2DA79F8979B3B4915C061B7940072411, 207065F040FCD49A50F8978D8DA9AE9E670AC2C8CC8B8B3760E3319CD29D261B ] Eaphost        C:\Windows\System32\eapsvc.dll
21:46:05.0447 0x0474  Eaphost - ok
21:46:05.0635 0x0474  [ 06265D21ACA4359D6F950BB0B5D77A8A, 81B5DE840DC6FE6D86BC2FAAB065812C9C699AE40A543BE933DFF6361DB832F8 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
21:46:05.0915 0x0474  ebdrv - ok
21:46:05.0993 0x0474  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] EFS            C:\Windows\System32\lsass.exe
21:46:06.0040 0x0474  EFS - ok
21:46:06.0087 0x0474  [ 3F654C1AD8AE56F5C8D2B10AE6367FB4, 930BF850BC10A3143EBEB133099044F1C2C3A0A11213C9B8B833EACD0CB185C4 ] EhStorClass    C:\Windows\system32\drivers\EhStorClass.sys
21:46:06.0103 0x0474  EhStorClass - ok
21:46:06.0118 0x0474  [ 589EB959679725E43F36843E56100240, 612515D8DE32FA16763C9BA815141877212B84A06F396C04C9FB26CF44FB7C09 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:46:06.0149 0x0474  EhStorTcgDrv - ok
21:46:06.0181 0x0474  [ 194D8325063BB5EA1DD93F7C014E85B4, B64CCC4D786ADDC433595327E8F9B24236D96C8BA34760643380E965692CB8F3 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
21:46:06.0196 0x0474  ErrDev - ok
21:46:06.0274 0x0474  [ A6EC6E7D226DDF8A9B7179AA67E21BB9, 1B45B908E6BE479CDCD5831EAB4E4E853D81FF8EB668277A673E2C66BB6F1F29 ] EventSystem    C:\Windows\system32\es.dll
21:46:06.0321 0x0474  EventSystem - ok
21:46:06.0352 0x0474  [ 09BE68D402EFABB9EA1C41391A1980C9, C55659AAEBC51A6025521C814A4CE46D9A9245FBE8A7E20CCE56A82B1B44CBC1 ] exfat          C:\Windows\system32\drivers\exfat.sys
21:46:06.0399 0x0474  exfat - ok
21:46:06.0415 0x0474  [ F9EFFB914427E904FE9A34055C8343BE, 4028620B55F1E22AA02FF9309024AA8EA9C45CD8C11972F9500F19E34C53B62D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
21:46:06.0446 0x0474  fastfat - ok
21:46:06.0524 0x0474  [ 00CF8E60010A9941EB6CE04E65953589, C09D08BAB67DC358A09CEB00EA2E92569BF387B4DE6016B63DC5EF62E259E4D4 ] Fax            C:\Windows\system32\fxssvc.exe
21:46:06.0633 0x0474  Fax - ok
21:46:06.0680 0x0474  [ E7887664718A3EBE0B2C5CB530DD66E8, 13622929175390F6E061B5429019B10D5C96304E698331BEEE194AB1F0E53F91 ] fdc            C:\Windows\System32\drivers\fdc.sys
21:46:06.0711 0x0474  fdc - ok
21:46:06.0727 0x0474  [ 1F8564FA6576322F4F4CE3193D62AEC2, 302676FAF062269A2D255324D55C00A5AF730D1E64F9D0310208C78EDECA1DE6 ] fdPHost        C:\Windows\system32\fdPHost.dll
21:46:06.0820 0x0474  fdPHost - ok
21:46:06.0851 0x0474  [ B4130625D12F80C116CE41E1854C8B2D, 9FA3F8C4FAD7A6F209C5B07F0E79AC6D351B03091E12693DF3F8E2DE968D857C ] FDResPub        C:\Windows\system32\fdrespub.dll
21:46:06.0883 0x0474  FDResPub - ok
21:46:06.0976 0x0474  [ 2CFA5D87BC7062D82F188915B1C0906E, 6C3613350EE6E2AFB9318D4D2C32C850AB9B61FE573109277D67EC01D65859BC ] fhsvc          C:\Windows\system32\fhsvc.dll
21:46:07.0023 0x0474  fhsvc - ok
21:46:07.0054 0x0474  [ 8C857A0D3923AC7781C9B46960A58C1E, AA976D74BF27E7B87FBA6586127204FCA2F7004258A6F1F7208618F8C2D395EE ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:46:07.0070 0x0474  FileInfo - ok
21:46:07.0085 0x0474  [ 7F209B1C0E011FD01EDC4B73D045B39A, 61FECACB1ECEB8D5866ADBAAB98A360F9E403372D10F6E79F82C686999B124AE ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
21:46:07.0132 0x0474  Filetrace - ok
21:46:07.0132 0x0474  [ BDC556E08AC280E4FDD493653DB636E5, 52E2DE40B80E046D84533AC5B6DD76047DE8CCE4C1A3477AD7112B2D63203491 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
21:46:07.0163 0x0474  flpydisk - ok
21:46:07.0195 0x0474  [ EE84ACFE47C3B47D3F6B2B037F09BDB9, B74964DE47E93432F5C489BD10674C6F6DA691B7F9B48EC9643968C06B03080A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:46:07.0241 0x0474  FltMgr - ok
21:46:07.0342 0x0474  [ 9405DC324331FA918F0F6B4ECE22B16A, 73C537B95A7E8A5D0EE26C6409C86EBA9DBCD5DB03127B1770ACFFF8B8DD42E1 ] FontCache      C:\Windows\system32\FntCache.dll
21:46:07.0466 0x0474  FontCache - ok
21:46:07.0513 0x0474  [ C44DF89B95173F08E392CB16697AB736, 7E8AB7BBFA29D5615D369BED615EE3C1C43A68BAA0936121F2430380DA5C371B ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
21:46:07.0544 0x0474  FsDepends - ok
21:46:07.0560 0x0474  [ AE804E1B405A79197F27FEAF73E1B1D9, 247235B2C70F1EF57EBD1D63D045E9AE8F2E41730066E1BB03C0BCDFB0EA72C5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:46:07.0576 0x0474  Fs_Rec - ok
21:46:07.0622 0x0474  [ CFCA5826E2B8430848FF9D28A4B103F6, A3D1AFA3CE3FC03998A984F53A876BDC4440F10DF4DE74365F59699EDC6D91D8 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:46:07.0685 0x0474  fvevol - ok
21:46:07.0716 0x0474  [ E8FC085A40148801EA66745D1247C379, 37C74FABF1E5D78517F03FD5A6810ACCF484D03A79F6BC4B31BAAD888DB58478 ] FxPPM          C:\Windows\System32\drivers\fxppm.sys
21:46:07.0747 0x0474  FxPPM - ok
21:46:07.0763 0x0474  [ F3A74355FE0F38D599DC30A31E6F47DD, 8B8E97714682C7C1034FBEB2DCEFB7AFDE4FE4990EEC4EFD0C90E15E95CD3856 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:46:07.0778 0x0474  gagp30kx - ok
21:46:07.0810 0x0474  [ E818CF36D8FCB46AF9726490B9285683, 3770E186752C87E7799C48033CB0457152AA3064E8CE9E9AEEDEAE7BE37DBBB1 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
21:46:07.0825 0x0474  gencounter - ok
21:46:07.0856 0x0474  [ 80756BE0B7DB1880CAB1D8169F500521, B136980DE9A0CF6D7114FD4D36730D1E5953190893103AE56152C1B977E679AB ] GPIOClx0101    C:\Windows\system32\Drivers\msgpioclx.sys
21:46:07.0888 0x0474  GPIOClx0101 - ok
21:46:07.0981 0x0474  [ BAE87B5D00CF637430E0DC64752BC890, 0E9C015F956C7FA8B47AA307BB0C5B8217A56C46B851ED6D1BE589F3902A9BD7 ] gpsvc          C:\Windows\System32\gpsvc.dll
21:46:08.0075 0x0474  gpsvc - ok
21:46:08.0153 0x0474  [ D954548CA876D33FA87992EAC3A907E9, 7A182533F24C5B35D8B421D0FA07C151879D9B53FCC9FB9A71086F30979D3902 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:46:08.0231 0x0474  HdAudAddService - ok
21:46:08.0262 0x0474  [ 5EEBB5F5F86DF444B144D8FC0586164E, 433000F4CCD2468B371E62ACE5E4022E2EEFFF64ABA9C52B66807F22AA07278A ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
21:46:08.0309 0x0474  HDAudBus - ok
21:46:08.0340 0x0474  [ 90229C967C2D75DA5A0825E1473875F6, DE3762BA83EC2210B5251C8C6E6B3B1E80C2B9AD9F75AB32F9CE4231561400C2 ] HidBatt        C:\Windows\System32\drivers\HidBatt.sys
21:46:08.0371 0x0474  HidBatt - ok
21:46:08.0387 0x0474  [ B70CD61C1B2F282463A32E0C41481148, 8CBEA39C5B4CEF6746997B1E1E4C538888A28F9B5D4ED17A7F457748A1094716 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
21:46:08.0418 0x0474  HidBth - ok
21:46:08.0434 0x0474  [ 33609592291468A3C494B44DEE1FCF79, 79AC4E2A7DC07124FDBAC2B7CBF5BAA7C38790BF094AA4E2C51B8638DF46AF20 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
21:46:08.0480 0x0474  hidi2c - ok
21:46:08.0496 0x0474  [ D6850FA3EE1ECD7457F8E53726250CD1, 0FEF80F2C1BF0B8C89C0574C4183E8977D8C7631C49F7646BF08C1879D0B8500 ] HidIr          C:\Windows\System32\drivers\hidir.sys
21:46:08.0543 0x0474  HidIr - ok
21:46:08.0574 0x0474  [ A52EF1D6B8F4B9ED040B909009349DCE, 27CA5D923F2C05E82F0522420F50A7884C6A4E7E6DF2B13E00D793A7823EB90E ] hidserv        C:\Windows\system32\hidserv.dll
21:46:08.0605 0x0474  hidserv - ok
21:46:08.0621 0x0474  [ 8FADE4B0D0AAFFE4187E2D940A694D1F, B54441365E606925902A4A088DD8E52A3E1156143BF698C995C09FB3E376FA4D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
21:46:08.0652 0x0474  HidUsb - ok
21:46:08.0683 0x0474  [ 9BD84DF296F61203EA4B90A4C38C966E, BC33075557A5961ADE2DD4C624C21997E46AF135B49517CE9AE90A5681BC2205 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:46:08.0714 0x0474  hkmsvc - ok
21:46:08.0761 0x0474  [ 9A63274C72E567B06F0674ED51AF6430, B5ABAB89B7C35C97098B02DD6AA741836D4254DD5C3073B56E6E7F3D9C069F8E ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:46:08.0824 0x0474  HomeGroupListener - ok
21:46:08.0870 0x0474  [ C42B7A6216465AEDACE06E71DAB01E00, 02EA72B87D9D49624C8293082A6CEF34BDABADFAD9A2BC45F13F4A0FE62E88E9 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:46:08.0917 0x0474  HomeGroupProvider - ok
21:46:08.0964 0x0474  [ AE3BF8D78963AAAB2F8E5B1D4DB48DB6, F655723A914EFD8F276F3ACB0B0E6873BDC7C86720B54F7C0C436BC5EE09CA5D ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:46:08.0995 0x0474  HpSAMD - ok
21:46:09.0058 0x0474  [ 5FBC36B5A11DDED4BA7CA0F373E089F7, 97511B98CDECC7AA4CC6BB1E4236715CEE22FFEE07B765968915200AD465DAFE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:46:09.0182 0x0474  HTTP - ok
21:46:09.0214 0x0474  [ 8EBD3CDD8BEBA39CAF6F83D7EBAB950D, 5450E3D1674BF453AC74E3FD2E480C0B9A0981F3FC1188479BA5954874BBB773 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:46:09.0229 0x0474  hwpolicy - ok
21:46:09.0245 0x0474  [ B4D8CFAA814300E7604C634F5C5B25DB, EC60DE2E23569BAE162714A2560DD9D7903094D0176A38B3E7D2811094E6A2A4 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
21:46:09.0276 0x0474  hyperkbd - ok
21:46:09.0276 0x0474  [ CD657365669B52CCA07B20F07E53CA4B, CF20832504B266EBB477EB125A76EC1CE4425BC57A8113897442BA8F8752A35C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
21:46:09.0307 0x0474  HyperVideo - ok
21:46:09.0323 0x0474  [ 7F2D02F109F427BB79B09026BFD4497C, 2F37E0C63AD3BFE2478DB7689C6349683C1B3452486E2374AAAAB83FFD8F444F ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
21:46:09.0354 0x0474  i8042prt - ok
21:46:09.0416 0x0474  [ 6B031913FA9387744A70099E8CACB568, DADB1C38636F14AF7BD7F6B7FB104E7B8CD3D1F395A870AAD9FDB1DB75DFE646 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
21:46:09.0510 0x0474  iaStorV - ok
21:46:09.0541 0x0474  [ D789021B5ED044A82242895017F40E94, 13BAA853E5D04C0C417BB876B359DA8396B77130931DF2979A7CD4F65A754948 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
21:46:09.0557 0x0474  iirsp - ok
21:46:09.0619 0x0474  [ 634C6D286178700BDE9122C55175F654, A67B44C93AD26219C41C80FEAC8107FCA10AC02CAF7E626DA2A5D174562F9C4C ] IKEEXT          C:\Windows\System32\ikeext.dll
21:46:09.0697 0x0474  IKEEXT - ok
21:46:09.0728 0x0474  [ BFE2E1129284CEB8A4C1771AE6A6595B, BDA34DF3A378B75E70E2FDD3A2D2BC67E3939CE56919D256A34B3B8358613841 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:46:09.0744 0x0474  intelide - ok
21:46:09.0760 0x0474  [ 40C0816BF04741CCD3D0DE04172FB2A9, CA062A1FF9963168EB782C37870F32620402461C4F423F894A1EE655921FCE9C ] intelppm        C:\Windows\System32\drivers\intelppm.sys
21:46:09.0791 0x0474  intelppm - ok
21:46:09.0806 0x0474  [ F9C5A1592AC4F5432ED09C1D26041A57, E54B3F06479701E83C8ADF91ADD5B68238AB876DAFEFF738E292AACBAE12E101 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:46:09.0838 0x0474  IpFilterDriver - ok
21:46:09.0989 0x0474  [ D40C8D59F2BDB7CF6D4A0CE08042640E, 4D378CE22E2A3C089D4A333B6DC00B19465759438C4E0D5CDC5B2EB91DFAC49B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:46:10.0067 0x0474  iphlpsvc - ok
21:46:10.0098 0x0474  [ 46F807A9C6EE8C4CA477BC037F37D154, 70E8B9FB0675212DE8C57599975DC0D28110206DCD37879B9523053845351919 ] IPMIDRV        C:\Windows\System32\drivers\IPMIDrv.sys
21:46:10.0129 0x0474  IPMIDRV - ok
21:46:10.0168 0x0474  [ CECF7E60DEF1A500673BF299A8B99E25, EEB10A4B137DE48C160D1191A390E047BA36B12C4B22145F16A3273BD2ED3328 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
21:46:10.0193 0x0474  IPNAT - ok
21:46:10.0208 0x0474  [ B5F2900361C7747E6F831824759482A2, B6D1DDE654202563C2A24461F3D03733E80D1F9D4D224B3CAD8BE837D8EF11C6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:46:10.0240 0x0474  IRENUM - ok
21:46:10.0255 0x0474  [ 023C558E997F09BAB91B736A1714095F, 241D280F62248FC270BCE8EF8DDCE240813858A5A8AEE8A97855045657876388 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:46:10.0271 0x0474  isapnp - ok
21:46:10.0302 0x0474  [ 1CB65E4C55B135FDCFB41B53C03C0E86, 57FF4D6E6F1E05EDF2A1885937F88F20960E4BC7BA229D23FB8F68D07BE0A174 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
21:46:10.0349 0x0474  iScsiPrt - ok
21:46:10.0364 0x0474  [ 2C8AB975DEA711046AF8D7B6FEF790F2, A65AE55265A0E15D063AA311AC44D5768D7FA253901FCCBF328FD5AF4C95C74A ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
21:46:10.0396 0x0474  kbdclass - ok
21:46:10.0411 0x0474  [ 8A0FBD022B316E7CDB8072E33C4A348A, CFC5E705874ACA4F75601B56A5EE34903F7360184D4F814451EF1C5F1A108B54 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
21:46:10.0427 0x0474  kbdhid - ok
21:46:10.0442 0x0474  [ 7108512F89511DB5B4AA4B4988C48984, 11BA6D744FD0FFF2EBA3DC90BFE82ED6EECB312D56CCFF70063F166F236DCF93 ] kdnic          C:\Windows\system32\DRIVERS\kdnic.sys
21:46:10.0474 0x0474  kdnic - ok
21:46:10.0505 0x0474  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] KeyIso          C:\Windows\system32\lsass.exe
21:46:10.0520 0x0474  KeyIso - ok
21:46:10.0552 0x0474  [ D154BEE5E0A8E8576DFB243632B08D4C, 004366D5DA831D9B08A943BC9B9EAE51D4A4F233FBDBDD7466C522A38D5299D1 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:46:10.0583 0x0474  KSecDD - ok
21:46:10.0614 0x0474  [ 77080A55782B0FB515969E28CA7A3E17, 983B9AC21809C34680F62BF0995FEE874A4977F0F94A1E6CA5968B7D8F3A301F ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
21:46:10.0630 0x0474  KSecPkg - ok
21:46:10.0661 0x0474  [ E2BDD62776D1EA24FF2CB9EE995BA05F, 8328142485F1F5104FE62CA9B51A4145CC788A1D31CD402A6E5BB76D63804518 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
21:46:10.0692 0x0474  ksthunk - ok
21:46:10.0739 0x0474  [ 959BB9C502B0EB11F10E60AC83E302DC, D2275C54271B77ADF3EE71E066C33B2272EF03BDC926FC828C3D5106F16B61B2 ] KtmRm          C:\Windows\system32\msdtckrm.dll
21:46:10.0786 0x0474  KtmRm - ok
21:46:10.0832 0x0474  [ 8412D334F6B18F655BFF430E9DB1ABC6, 1F38AA06B3F0437393884479DC4B63109672C557FC118AF0D005BB188DEF2636 ] L1C            C:\Windows\system32\DRIVERS\L1C63x64.sys
21:46:10.0848 0x0474  L1C - ok
21:46:10.0910 0x0474  [ B98C14ADDAB35C842A6E6C7569319BD8, D5EAC5B7537D876B10F3024AF56A775BD7DADC55134EF498F16C5BE998B0E7D5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:46:10.0957 0x0474  LanmanServer - ok
21:46:11.0004 0x0474  [ 1485CF3F698BA2B09BEDBAEF13EBD45F, D34C642E2E4C9E8CC3A63B630A7EB9E53F9D40D295D4F435B05C6E9C97CBC8A3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:46:11.0035 0x0474  LanmanWorkstation - ok
21:46:11.0051 0x0474  [ FAC973039530C50FECCAF7E72FFA3524, CDE0837E37D3ADE152FC7077C16758A0BEAD0B7CA3B89E81C1EAF2091996C063 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:46:11.0082 0x0474  lltdio - ok
21:46:11.0129 0x0474  [ EB320128404659367A50774094B72210, D331E970FCF4E37C31CE591BD59D0D2B27F85F42435DCFE8F5D85C4ED58C6971 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
21:46:11.0176 0x0474  lltdsvc - ok
21:46:11.0207 0x0474  [ 04FB978A11E7BBBAB90909B222675337, B5865689B9CAC15EB724C5E097527CDDB148D49A5DA9E4BC6D428D06A265BB13 ] lmhosts        C:\Windows\System32\lmhsvc.dll
21:46:11.0238 0x0474  lmhosts - ok
21:46:11.0269 0x0474  [ 8FDBE4BA532047F678E39F6770941ED2, FD6FD8B718E44A2D023B1A4554FB56D6F56AD01CAD652CE9660CC4E8CDFC8327 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
21:46:11.0300 0x0474  LSI_SAS - ok
21:46:11.0332 0x0474  [ C06811E17E37F5EEC06D90535801424A, 77F11ED1BAD6FC1B53B1A9C1D4DE6D83E1D01040DB88C8F6691AB0C16D72DC55 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:46:11.0347 0x0474  LSI_SAS2 - ok
21:46:11.0378 0x0474  [ 6F2C426DF48334BB2F0B74C76985FE2A, F26C0C08302B95D4CA9D328B9717EBF1AB7E07DF0901107BB60365BE61F1372E ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:46:11.0410 0x0474  LSI_SCSI - ok
21:46:11.0425 0x0474  [ D01AE7845DE31EA30887FAEC6E8DCB65, 854C500B707E874BC6D7683E0A6135F3A702CCCC0FD1305A07A036615CA46E01 ] LSI_SSS        C:\Windows\system32\drivers\lsi_sss.sys
21:46:11.0456 0x0474  LSI_SSS - ok
21:46:11.0503 0x0474  [ B7809CBCF86839FE5C2DADD412666787, EE16B035B9874E5C0D072413DC85F9DCC660168B0DCB475C5256CCB5436B7402 ] LSM            C:\Windows\System32\lsm.dll
21:46:11.0566 0x0474  LSM - ok
21:46:11.0612 0x0474  [ 588AB727594A6778FB1FBEC4280C62C6, 5ADB8841D321C9FC9AFC3F39E31F2C5842627628BA1A56193A078CD6700139F7 ] luafv          C:\Windows\system32\drivers\luafv.sys
21:46:11.0644 0x0474  luafv - ok
21:46:11.0675 0x0474  [ 7E052CF6115C9CD8FBDDE37569C0426C, 467F112AAC27CA1DA56A304C2A08A2745C2B5B008C7981049745301348A1CDBA ] megasas        C:\Windows\system32\drivers\megasas.sys
21:46:11.0690 0x0474  megasas - ok
21:46:11.0737 0x0474  [ 6D808A6597FB161729E2EF050A9D76E4, 12159A0AF27120A037A073454DDD58A2628D8543A245EB8107E30A68ADE45496 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:46:11.0800 0x0474  MegaSR - ok
21:46:11.0846 0x0474  [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] MMCSS          C:\Windows\system32\mmcss.dll
21:46:11.0878 0x0474  MMCSS - ok
21:46:11.0893 0x0474  [ 1D9717FA1195CB9F8A7B92F4BF2FDCDB, 868798DDE2D55D1E2F95436B13F671C4EA46419EEBBBBA9CEDA8B31838C1D242 ] Modem          C:\Windows\system32\drivers\modem.sys
21:46:11.0924 0x0474  Modem - ok
21:46:11.0940 0x0474  [ 7E237CA07779A30EDFC7B2AD21172019, 8FBA4DFC0A9A67F81E119816D75023AAF0DAEF3863B33233B4AE7A0A240B5DE4 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
21:46:11.0987 0x0474  monitor - ok
21:46:11.0987 0x0474  [ 9F029A7247126ACE95BF3BFB2305DBB6, 54C5F36D6E1806ECAF50604950FBFDDF964167A3D132000523D43AFC926F4839 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
21:46:12.0018 0x0474  mouclass - ok
21:46:12.0034 0x0474  [ 7F557A4CDF0838B1251A35304B1FD4BD, 0DBB52F0A2360175D0521DA306D93722E391E468F6AEE503F725F7AEE2A893D1 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
21:46:12.0065 0x0474  mouhid - ok
21:46:12.0080 0x0474  [ BFBB08994C56B5FACDDE64858FA766CD, 982E31528770DE1D7BE556BA045C2124C84863685544E27B911CB174662CF35B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:46:12.0096 0x0474  mountmgr - ok
21:46:12.0236 0x0474  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:46:12.0283 0x0474  MozillaMaintenance - ok
21:46:12.0314 0x0474  [ B15DC7D5DBFDC0C7E49877EA51E7B6D3, 7AFD66E6447771344C0A20E4E4C708673D8651C8B88714B1A709A0F978CDDF25 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:46:12.0346 0x0474  mpsdrv - ok
21:46:12.0439 0x0474  [ 94B5D3B01A4A6E6BDD59ED001D650A6C, C602819159C11083444A7C9A4C2010546D2D519D498DA515EEC980145E33B134 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:46:12.0548 0x0474  MpsSvc - ok
21:46:12.0673 0x0474  [ 0154E2CF4E6C13189150081D26BBADCF, 0BE62D6E8DC459CDA08767E1915A94EA2F8143161768670318CC88B398DD0261 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:46:12.0704 0x0474  MRxDAV - ok
21:46:12.0751 0x0474  [ BD43E075C75A0DA06E16BEAB997919E1, 85F7185CCD59E5851F6D5D593CDE6B95FC8CFF66790A12123D6CB0D98E4D063E ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:46:12.0798 0x0474  mrxsmb - ok
21:46:12.0845 0x0474  [ E2E3BB261B69B41EB8FCB4BA9B08CDA5, F414C6AB4115917339F6609027F5B025D7B4798A9088DAF6C184F9AB60E2FFD2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:46:12.0892 0x0474  mrxsmb10 - ok
21:46:12.0907 0x0474  [ 15C9E57A7D3347F985486F9A09E67538, 2E4B133C2D7DE02E5BD760512E3EDB2424A0A413517062D1A33FFE1853C2051A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:46:12.0938 0x0474  mrxsmb20 - ok
21:46:12.0970 0x0474  [ 5D95E6DD5E8AE8F1D1BBF9B15AC1C29B, 4874B0FF974AD8C598891E2974BA1E75268EDF8C1D26F512BBF2FDED651343FE ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
21:46:13.0016 0x0474  MsBridge - ok
21:46:13.0048 0x0474  [ 0C13FCA740312536BF89AF4214E02803, EDCC63607789DC9F26C977D19D6546EF1F07D7031879DB4AEEA38466982FC269 ] MSDTC          C:\Windows\System32\msdtc.exe
21:46:13.0079 0x0474  MSDTC - ok
21:46:13.0141 0x0474  [ 6196FF7C20AEA729A8E0A344D04CEE48, C96126E6F0FE67A8283E9EF4CDB8EB14EB8729B67E6784E00CBA0C332F7FD467 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:46:13.0172 0x0474  Msfs - ok
21:46:13.0204 0x0474  [ 3E60AB00CB326348AA75165F428B4453, BBEFE2A5E897F46B089C5B7CFF4C6B48533BB6EA49FF626D5DF5DB209936CEAB ] msgpiowin32    C:\Windows\System32\drivers\msgpiowin32.sys
21:46:13.0219 0x0474  msgpiowin32 - ok
21:46:13.0235 0x0474  [ A12249F2C8A15A34239625E8CA857CF2, E6DC4A1FA4D9D182196E3D7522EA8A199025AB78AD0C708B564B2AC6AD4AAEAB ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
21:46:13.0266 0x0474  mshidkmdf - ok
21:46:13.0282 0x0474  [ D516EE4A6B5DDED62673C4A49A808CF9, E8D99F76D4686F82204A16C311CFF142A9F396CB3F6FD35BADBDF2CE9EA9E849 ] mshidumdf      C:\Windows\System32\drivers\mshidumdf.sys
21:46:13.0297 0x0474  mshidumdf - ok
21:46:13.0313 0x0474  [ C8FC57640D9AE3856AEFBB48F9C246E3, C6FE1C477CDBC8169B14564D960225C2F48333E2D01E4A5FF858529EC371C839 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:46:13.0344 0x0474  msisadrv - ok
21:46:13.0422 0x0474  [ 8A1589AD1F0D4BB5417BA4E0A143DFCC, 1748AE142C48A5524321E1F0BC248E570AAC39E1A433FCDB3C1FDC45865C20F7 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
21:46:13.0500 0x0474  MSiSCSI - ok
21:46:13.0516 0x0474  msiserver - ok
21:46:13.0578 0x0474  [ 81FD1141F6843053D045099EF1E9FFF4, 9E7091C38F81ED920D2E40E0687DC378CC8323367E4E490BA0E7E866FF275472 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
21:46:13.0609 0x0474  MSKSSRV - ok
21:46:13.0640 0x0474  [ 56D27E5B5D5FCF993058426B73701C26, 7711FFD113EE4A6304A40E2C69805A12B127791489FBD7EB88C4FB1E24A40C3C ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
21:46:13.0656 0x0474  MsLldp - ok
21:46:13.0672 0x0474  [ 05E5204D25C6EB88D870D82E73DFA6A6, 153E3ABFD19DACE8F80F08925AFCC2F8ED9067EE308C837226129F092B2E38CA ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:46:13.0703 0x0474  MSPCLOCK - ok
21:46:13.0718 0x0474  [ 59789052F097F995C53C4F1A751961BA, 26BDF9D09F7FC2A35F8CA72ADDFE1774FC6A25CF92FDFDFECC5DBF3D43D43F93 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
21:46:13.0734 0x0474  MSPQM - ok
21:46:13.0812 0x0474  [ 573528C6A0753B72F86B765D5B607E0E, CD6343DF6F044ABC65058379E3E41040B3DFDEAA8A44E1B3C3487B1345AE71AB ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
21:46:13.0859 0x0474  MsRPC - ok
21:46:13.0906 0x0474  [ 417AFCB41E395182A911431B039DEBB9, 9482B98110D9DF3A83544DAF3D582B5AF37BBBF7AB491BEA2728F45F2976C283 ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
21:46:13.0921 0x0474  mssmbios - ok
21:46:13.0952 0x0474  [ 0AAA0930A7FDFA71B5808E5DCC313C17, 7F6ECF8BC7545BC3642C2F04012AA41944A846BA754B52C9BC4E0CBC1E18B6E2 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
21:46:13.0984 0x0474  MSTEE - ok
21:46:13.0999 0x0474  [ C8C114A691B4B5EA4093064E2C942DCD, 7B78C0DB7CA08897B58246F77B87FBDDEEA0EECE203A5E4F3773D27FA2C6F6BF ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
21:46:14.0030 0x0474  MTConfig - ok
21:46:14.0046 0x0474  [ 6F9A0DC60178D403AFF77370FC046B7E, 9310B420C02192AFC271D6DC42AE55AA20382D19610EB2171CE03AC0208CBE7F ] Mup            C:\Windows\system32\Drivers\mup.sys
21:46:14.0077 0x0474  Mup - ok
21:46:14.0108 0x0474  [ 3094B508C7C40544A60D9EF5C62A9D5F, 934B859749844CC8EE7244393783EA35DB466E3C1A4816A42D8C9765171BE4DE ] mvumis          C:\Windows\system32\drivers\mvumis.sys
21:46:14.0124 0x0474  mvumis - ok
21:46:14.0202 0x0474  [ 7FC8E15AAB7FF630EACCFB977195452D, CCF4846D62BA619DDEE3C3612139A14C8C6F9C4D11C2D82E653799BDFDA791BA ] napagent        C:\Windows\system32\qagentRT.dll
21:46:14.0264 0x0474  napagent - ok
21:46:14.0374 0x0474  [ 153B849C9692E6BAE7666A6361B8B65C, 65D315A4E6C950C9C70AA6DE8E486D32871EDA267B2AAEDD628532132D187178 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
21:46:14.0420 0x0474  NativeWifiP - ok
21:46:14.0483 0x0474  [ E5001E5C5C766B095971F6EF07C93DE3, 38AB58AE4391317BC1661A17809146AB481B2BFA8A2772A116EE10834332E924 ] NcaSvc          C:\Windows\System32\ncasvc.dll
21:46:14.0514 0x0474  NcaSvc - ok
21:46:14.0545 0x0474  [ 392B0E0CB50218037CEDE5588FFAD1AB, E7CBAEB55AF64D2F087BAE7FC0BEE3CCECB12B6FA120586E10B75EF33100898E ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
21:46:14.0576 0x0474  NcdAutoSetup - ok
21:46:14.0639 0x0474  [ BB639DE49430EE053F6FCD61B57041C2, 79369DE6068D19AE575C4DA1B1ACDA5A2EE5DE8AD7CF08B6572E2DFCC8BA4AE6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:46:14.0717 0x0474  NDIS - ok
21:46:14.0795 0x0474  [ D461CFB366F933840C8B37C4E39A9B4D, 95EAA8F222BBF8146CE836B7BE04DB95289A2A4A323FE123824C24BA9F79F334 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
21:46:14.0826 0x0474  NdisCap - ok
21:46:14.0842 0x0474  [ EE813CA43B87655DFF7C2D5406CC0379, B6A5DE024AF7F1097E22B51046E86CE84529F4DD5D4DD4891427A00A36DBC864 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:46:14.0873 0x0474  NdisImPlatform - ok
21:46:14.0888 0x0474  [ 097107F94AFFCF749A051B6443C130A7, 07C43E2C15E087F707634D8564C6562390DD6AD53E4FCCAAF452E32A377E9686 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:46:14.0920 0x0474  NdisTapi - ok
21:46:14.0951 0x0474  [ 048DCECEB6EF091D92947CF96ADB1CAF, 1FE96D6E8662526578BA328CE231FC4F589DCF47A716508715F4F2462BB06546 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
21:46:14.0982 0x0474  Ndisuio - ok
21:46:14.0998 0x0474  [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:15.0044 0x0474  NdisWan - ok
21:46:15.0060 0x0474  [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NDISWANLEGACY  C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:15.0091 0x0474  NDISWANLEGACY - ok
21:46:15.0107 0x0474  [ 670C782064DE46493E468C1606A9ABE7, 09791767D210C422C75617B488BADFC20E27AED6F2EB52A9A173ADA3CE7FD800 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
21:46:15.0138 0x0474  NDProxy - ok
21:46:15.0154 0x0474  [ CC8B7A1AFEBE219F5BB2A2A172B385FF, 8B5DFBCA1DC89CEFF0EC01C6C0D7DB0FAD44AC61D9FADE569C59CDC9DD4AE857 ] Ndu            C:\Windows\system32\drivers\Ndu.sys
21:46:15.0185 0x0474  Ndu - ok
21:46:15.0200 0x0474  [ 35FFEC755452F8DFE59538815FA95136, D455BBA416315F1ACAEA4CE6CEA207E2650A6069E5AA4DD71C782BCBEC86A5EF ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
21:46:15.0232 0x0474  NetBIOS - ok
21:46:15.0269 0x0474  [ 70CA93D2D94F5EDD2B634F5A39E5713C, BDDA39C4A99D2BA7490AB538B569A0DA949E18D55E63A65739C636F1ADE4C6F1 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
21:46:15.0332 0x0474  NetBT - ok
21:46:15.0363 0x0474  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] Netlogon        C:\Windows\system32\lsass.exe
21:46:15.0394 0x0474  Netlogon - ok
21:46:15.0441 0x0474  [ 43EA14A7DC7AF57E5C12F1974C43E467, 36B2E0C1667CBDD92423649F92271DF05A271C6C5CB0E3FB74D5905D1DA2912A ] Netman          C:\Windows\System32\netman.dll
21:46:15.0488 0x0474  Netman - ok
21:46:15.0519 0x0474  [ 60AD109DD43E1F86A9BFCF2B6E8B885F, B4597EC4CF20ABAF571C15E2E1D828C35715283F7CD7C4FE036C401D59CA365B ] netprofm        C:\Windows\System32\netprofmsvc.dll
21:46:15.0581 0x0474  netprofm - ok
21:46:15.0737 0x0474  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:46:15.0768 0x0474  NetTcpPortSharing - ok
21:46:15.0800 0x0474  [ 021B9AB328E5757520A88AA3D8379C3A, 1E1195FA28BF8E1CE2AF8EED2395600A51B45179FE7C82274627AD8553FD7016 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
21:46:15.0815 0x0474  nfrd960 - ok
21:46:15.0893 0x0474  [ 95C3BEB611D0F63AD26C31F0D23123DF, D30F13D571A60D8E4F27812CB48957EF77FEA703EE1C611DBC691D5674F82314 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:46:15.0940 0x0474  NlaSvc - ok
21:46:15.0956 0x0474  [ 41ED6F90DF31F85F9682EA715402D085, 55AFBF779DCAD0F1B54DA2320CEDBFEA90125F729AF07F469DEA4603D1964FBD ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:46:15.0987 0x0474  Npfs - ok
21:46:16.0002 0x0474  [ 41BF79B2371A3821F41A4C060E067961, 0A7AA24CD65AA5D0689D3B800FE639FD1B050A3742835ED8379EBFCCA67383E0 ] npsvctrig      C:\Windows\System32\drivers\npsvctrig.sys
21:46:16.0034 0x0474  npsvctrig - ok
21:46:16.0065 0x0474  [ FE4741AC4331724ACE78EA1D95B86705, 28DF7AD69BA78D53EA6A6E33FE11C91BF503EF87EF2BC71AD136AB9C21B00079 ] nsi            C:\Windows\system32\nsisvc.dll
21:46:16.0096 0x0474  nsi - ok
21:46:16.0112 0x0474  [ 71343C73520814808B8F11A77DBAB939, 8B153F5D90F90557B385B3CF973AC95ED80A3C1906C1957175FECC3B67619923 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:46:16.0143 0x0474  nsiproxy - ok
21:46:16.0252 0x0474  [ C0B3937287DB54B104F209A0B8322E04, F8E8387574EA4C6BDFAEFB4F73CF035E3F670ADA37E5A8FC110C837388E458B9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:46:16.0393 0x0474  Ntfs - ok
21:46:16.0455 0x0474  [ 29B1334BD9E24648F54C373DC99E7D70, 1CC13AE6250DBD4F9647C473071C02B05C38910F534BE6EFD887F2A803BBD9F7 ] Null            C:\Windows\system32\drivers\Null.sys
21:46:16.0486 0x0474  Null - ok
21:46:17.0158 0x0474  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:46:17.0953 0x0474  nvlddmkm - ok
21:46:18.0156 0x0474  [ 0D63F22609BAB3886F0230B941391805, D1A85903B574D182AB623A8AE017D54A03F971FACF40FFF6648B9E07C822B1CA ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:46:18.0172 0x0474  nvraid - ok
21:46:18.0203 0x0474  [ F55FAE2A40129EFD3D0A1BE46AF8989E, 3157F349ACA0E1F2AB6AF4D7643973C2B2C9562E78CE8809D02CB632A1F66DDD ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:46:18.0234 0x0474  nvstor - ok
21:46:18.0250 0x0474  [ 268326902900187FFF45C30111FB6597, 11D447F9E9DE1D8FA5EB97F8D43B47DED526A168DE39C5DA779CBC072D0BA4FF ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:46:18.0281 0x0474  nv_agp - ok
21:46:18.0336 0x0474  [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:46:18.0383 0x0474  p2pimsvc - ok
21:46:18.0446 0x0474  [ C6B277E5590ED43C097D9B34A70EBC96, 104532EAD79B103AE3D000EA04E32EBC165E493A0C814E98BA98D9F6AB2621A3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:46:18.0492 0x0474  p2psvc - ok
21:46:18.0524 0x0474  [ 7952733956DEDC283BB670CC8507B82F, 9D416D506C25C4B80EF86665246C032A169E71406E2888C7A41A1BE4D4B7CF76 ] Parport        C:\Windows\System32\drivers\parport.sys
21:46:18.0555 0x0474  Parport - ok
21:46:18.0586 0x0474  [ 7B07B33ACAA1EFF76B234CF5AD290B60, F259EBDEC14ED953D500A891248532A75526BB97A5C1CB4CDAFD87F9C2E778BB ] partmgr        C:\Windows\system32\drivers\partmgr.sys
21:46:18.0602 0x0474  partmgr - ok
21:46:18.0648 0x0474  [ 4120E1D48D03CEE451C57E3F7E4BF98E, D15CDF0E6E55A9EDBB005165F0047A6CB054FA498F5E06CC85B98ABA7123CA1E ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:46:18.0695 0x0474  PcaSvc - ok
21:46:18.0758 0x0474  [ 448054F3715D27C57A5F9D0AEEB75B4F, 84268A713B2C3585F90D74F21BCB5E7BAF4693DF122E0CC0A81885BBD47E2E6C ] pci            C:\Windows\system32\drivers\pci.sys
21:46:18.0789 0x0474  pci - ok
21:46:18.0836 0x0474  [ 33575A8402F4F99853E6C82E36D896BB, 24AFF39052FCBDE35DD16E7737BE35769A134570971E6FDA4E89392F3C14E768 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:46:18.0867 0x0474  pciide - ok
21:46:18.0898 0x0474  [ BB66139986C93CEBAC93B93753F554A1, 3DEB701A962497C133C560DA3CA73AD6535E1ACA67CC8255F43CAB496A769940 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:46:18.0929 0x0474  pcmcia - ok
21:46:18.0960 0x0474  [ C4DD119D342C2257B18235AB845780F9, E0A5C0712F68F846ECC2FACDFEB34DA4A18AE2428F7AC97E056246FFE3623E34 ] pcw            C:\Windows\system32\drivers\pcw.sys
21:46:18.0976 0x0474  pcw - ok
21:46:18.0992 0x0474  [ 7460CEEC923A65870400ED44C9B64B35, 164D3430C1B836D01D2B51574FE593FA0801C80E68CB82507EF852697D2A50BC ] pdc            C:\Windows\system32\drivers\pdc.sys
21:46:19.0007 0x0474  pdc - ok
21:46:19.0070 0x0474  [ AC865A94D9E72EBE57D1857FEF153B7E, 726A4F0C482837EF4B9A2C43971798B43EBC4C2CD27605962B28BCE9C9DBD659 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:46:19.0148 0x0474  PEAUTH - ok
21:46:19.0304 0x0474  [ 9FFDA8D2F8B53F1CB3B2F5767CE93D36, 1BE581A49B92107FD57E1B151E03BBA26C02BC51AF60430EE2D32BB636802FF1 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
21:46:19.0538 0x0474  PeerDistSvc - ok
21:46:19.0838 0x0474  [ D05073358971569CE89D3207826C3AF6, A78060F5157C3ECC7D70FBC225F891A31BE300D74FF850436FF29F2EA71C451C ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:46:19.0947 0x0474  PerfHost - ok
21:46:20.0056 0x0474  [ 7D901118FFE2798DB7EBD2C3D58464F5, F72C3E444F9E302224B6419ED456CE70E72A8178E82310F16062EE28A58D3E34 ] pla            C:\Windows\system32\pla.dll
21:46:20.0181 0x0474  pla - ok
21:46:20.0306 0x0474  [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:46:20.0368 0x0474  PlugPlay - ok
21:46:20.0384 0x0474  [ 792ED24914C5950602631EE5A2CF27DE, 6BC03D5A05C17E6E7264929DFF918DB3F2C67E596FDBC5D4C881A4A514007C54 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
21:46:20.0415 0x0474  PNRPAutoReg - ok
21:46:20.0462 0x0474  [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
21:46:20.0509 0x0474  PNRPsvc - ok
21:46:20.0587 0x0474  [ 210022F2576232F658F4E51B94E0C007, 4B7A03EE44347520AC4493B652EE7831D1818822B3EB08C19F591B507C01EEF9 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
21:46:20.0665 0x0474  PolicyAgent - ok
21:46:20.0727 0x0474  [ EE13ADD1EC56499137DA684A62F862DB, B84551B1100D6243B1B6472C25572594F0CCA81B8B3D7A2AE74A5548C196C0BF ] Power          C:\Windows\system32\umpo.dll
21:46:20.0758 0x0474  Power - ok
21:46:20.0810 0x0474  [ 2EFA11495641A7699DB0994C59F83F49, 147874AD73ABD547BC33BF09307B6E46A5D34EE846A9F2C623A3EA0EFAC11769 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:46:20.0841 0x0474  PptpMiniport - ok
21:46:21.0045 0x0474  [ 3453D93F6E1615A95A1E07B21E93C975, B2E9B05C6135D39E83C252EDE419699202FC2940EBB3C4E2D724DAED8C1717EC ] PrintNotify    C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:46:21.0232 0x0474  PrintNotify - ok
21:46:21.0295 0x0474  [ 4A80590E3BBA28BD74DC44AD6CFC048C, 0B0B879C3A017779E0A14FFA149C8A66A9DA43369C97FA863A88C30D39BFECF7 ] Processor      C:\Windows\System32\drivers\processr.sys
21:46:21.0326 0x0474  Processor - ok
21:46:21.0373 0x0474  [ 07CBE151F9071CFCB13758E13C15DD3F, B6E4D51938859EC86DA53D88FF9FEDD46F3F253C151F4229104BF4D945B8AD89 ] ProfSvc        C:\Windows\system32\profsvc.dll
21:46:21.0404 0x0474  ProfSvc - ok
21:46:21.0435 0x0474  [ DE85A3DDF540AB318789B55537D14975, BB7C87C750E3370CE85F26FF69FD6C23034A034F5D93A3648019C65E28F82759 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:46:21.0466 0x0474  Psched - ok
21:46:21.0513 0x0474  [ D1BC31AFF3071E8E2088011846A0B7C3, 7AD87D0CA8F7952652A24876695C09C1587B7AB4A880310DF375BE20640D2FDA ] QWAVE          C:\Windows\system32\qwave.dll
21:46:21.0560 0x0474  QWAVE - ok
21:46:21.0591 0x0474  [ A65A4F0072C2CD763D5B053DFF164597, 1E3D7B3E8AA117E0D106D68726F5E56A2E906995E235087CB8EBA1FB614DDF75 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:46:21.0622 0x0474  QWAVEdrv - ok
21:46:21.0638 0x0474  [ A4E18A22432A27142EF3F6CC388F77E6, B02771E0075BD1778F3D1D3FE91189E436CCBD9EF3EB081D8CA3D899EDFA1CA3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:46:21.0654 0x0474  RasAcd - ok
21:46:21.0700 0x0474  [ 929B76FA637DCC5214ABB2B80345AE5B, C6D469161BE64541236E228494094275B03033ACFC786D8BA71C716EB0592664 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
21:46:21.0732 0x0474  RasAgileVpn - ok
21:46:21.0747 0x0474  [ 51FF61A349DC465B1671885039D1BDD6, E9E7F7924CDDBB826955C4028209192EF31E7128C3D1FE980BFE16BF54D587EA ] RasAuto        C:\Windows\System32\rasauto.dll
21:46:21.0778 0x0474  RasAuto - ok
21:46:21.0825 0x0474  [ 5C1A0389769C8C15BB7DA0A0F3C7FF6F, F7CC42E9A56DE3C99EFA4F2A253B6CE8C59F03588CF081D4B8AF1372847E4551 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
21:46:21.0856 0x0474  Rasl2tp - ok
21:46:21.0903 0x0474  [ 2D6D75A0CEF355094F0291E4779B8EEA, CD43F75368C06EFB404E8CE8F9424CBAA54B126A1E31E2A6C348BE3AF070F301 ] RasMan          C:\Windows\System32\rasmans.dll
21:46:21.0950 0x0474  RasMan - ok
21:46:21.0981 0x0474  [ C0FCBE1C9EC14B076C43721AD87B0217, 3D6962B411BD8FB89D001B88692E656A0A78C59AD101B8337B79A5622E0420BE ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:46:22.0012 0x0474  RasPppoe - ok
21:46:22.0028 0x0474  [ 29B17662D3130B0040B4666CBB5B15BF, 853425B37065172137AD13A7A8A61B962336D5BB2C853452417BA55332FB57E8 ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
21:46:22.0059 0x0474  RasSstp - ok
21:46:22.0090 0x0474  [ 84A2C0A8429AC708C567483F2253C47B, B6B1618E4DDE04027EADFF9CD55FC02C7A82E253D868C9567B32668F7128C63D ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
21:46:22.0137 0x0474  rdbss - ok
21:46:22.0168 0x0474  [ 1CA9376CA1C0D2E55CE50C755F6DC483, EB3C52662201C9C0E7BA416C2D90E88F57C220772136098585E757BBF8C197E6 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
21:46:22.0200 0x0474  rdpbus - ok
21:46:22.0231 0x0474  [ 09C2F1E1AACEB431C645F8C708E7DD02, 00E3A151DB8EEFE3518E5A30C6F61564F67512855BD91AB41C4C64F8517F26C6 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
21:46:22.0278 0x0474  RDPDR - ok
21:46:22.0293 0x0474  [ 666C31466EC8E91A8BBB623F7F32A93E, FFF243455835343A84C1977822A5223ECD2E5C7869EFC69F5D04DE0390B8F3ED ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:46:22.0324 0x0474  RdpVideoMiniport - ok
21:46:22.0356 0x0474  [ 5AC07890A77E42729B674366E508F569, 04161C573BA24F470CA4A5CE66EF619AE2775E3254AD6AC2582595214134D7E3 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
21:46:22.0402 0x0474  RDPWD - ok
21:46:22.0434 0x0474  [ DD9EB082A1839271AC6D251CEE6DF765, 1B213F27419A367217A99B51C0709736205E7EEB35EFD25F8002242DD13984A6 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:46:22.0465 0x0474  rdyboost - ok
21:46:22.0512 0x0474  [ 671C1F8FEFD5C3C9A2BF472EC566822E, 7654DEBAD8E5DE130AE764AADF7D8E7B6F5DE8393EE82B65D6CB8A773126650D ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:46:22.0543 0x0474  RemoteAccess - ok
21:46:22.0590 0x0474  [ 44B42C98A2A51717EECF8F58F2275B34, 162B2C4CA7C6D5B234A99D38360A9C248AC051C6720EFD2AE7CBA5897D2D36A7 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:46:22.0636 0x0474  RemoteRegistry - ok
21:46:22.0652 0x0474  [ 1C6B8B9452A03BF2C046F534E5D7309B, CDBB5BF186E19883B353212D16AB78199BC5B6B72946623E23377B2534DA4C57 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:46:22.0683 0x0474  RpcEptMapper - ok
21:46:22.0730 0x0474  [ 7D3DFAC8C2A12A2B155701856423D988, F96F285DAF068ECECE25F3695C57E5310CAA62226B85FA85AC2F13D8ED4F3D34 ] RpcLocator      C:\Windows\system32\locator.exe
21:46:22.0746 0x0474  RpcLocator - ok
21:46:22.0808 0x0474  [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] RpcSs          C:\Windows\system32\rpcss.dll
21:46:22.0870 0x0474  RpcSs - ok
21:46:22.0905 0x0474  [ E0431BEBB118507797C66114616E760B, DEBC75F9A2AB366A43FDD9B558815AE7AC73458D51A9CD7FE3163FF63710D9E5 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:46:22.0936 0x0474  rspndr - ok
21:46:22.0967 0x0474  [ 868E3F54FA9B213545548CE3DD317C2B, 02C9260FDEA53C5F1607D3573F87759ADA2AD087613E7511DB25F0F32F8EC42D ] s3cap          C:\Windows\System32\drivers\vms3cap.sys
21:46:22.0999 0x0474  s3cap - ok
21:46:23.0061 0x0474  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] SamSs          C:\Windows\system32\lsass.exe
21:46:23.0077 0x0474  SamSs - ok
21:46:23.0108 0x0474  [ 65B271C79076149F4330F6E1EC5FEA89, 8F4ED4826C8273C10009AB7A7A9A6C3A49A93A27A56EBA2394EC8C7266EB1FB6 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:46:23.0139 0x0474  sbp2port - ok
21:46:23.0186 0x0474  [ F226ADCCDF951B5E6C6AEC4C5BF6E5AD, B6E5C63160D8B7D482FDA35706DC8B15E196289CB4FFCCE6396626E9F4178425 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:46:23.0233 0x0474  SCardSvr - ok
21:46:23.0233 0x0474  [ A02331E45B378E2E2E8B3F9054F91B28, 3C32B2B7A74A853BF0F3D851B55BA9737AA7B4CD431B7264F6347373A1E766AB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:46:23.0279 0x0474  scfilter - ok
21:46:23.0342 0x0474  [ BBB5F9F353106E1FFD6636EF52F9B21A, D0EFA2183A18ECACB95BDCFD99BC2C1B017327E500E247E6C07A0BBDA866F4BF ] Schedule        C:\Windows\system32\schedsvc.dll
21:46:23.0451 0x0474  Schedule - ok
21:46:23.0513 0x0474  [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] SCPolicySvc    C:\Windows\System32\certprop.dll
21:46:23.0545 0x0474  SCPolicySvc - ok
21:46:23.0576 0x0474  [ A6426111F4AC173F98D9615C3A384EE0, FCD66C13584FE5A66743EB8E0571358A29CA009DC6D39C4E1FD15AF64279F2E3 ] sdbus          C:\Windows\System32\drivers\sdbus.sys
21:46:23.0607 0x0474  sdbus - ok
21:46:23.0654 0x0474  [ C56B0F3E2F27E1A43F9CD9F46586D1AF, 3559AF03656038A45931F2B534EB56F5AFC504EAA502776916A8DBCCBA1C1419 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:46:23.0701 0x0474  SDRSVC - ok
21:46:23.0732 0x0474  [ 6E4C20D038664B4D19D866919BA740C2, 05EEE9AAACDD79E4A523E4D03696368E26FD49980827A11C63CECC709230E814 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
21:46:23.0763 0x0474  sdstor - ok
21:46:23.0779 0x0474  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:46:23.0794 0x0474  secdrv - ok
21:46:23.0841 0x0474  [ 7DFA8291BE7FB33DECE217307A75D2FD, 0A7C22F8606A9185851A336117FA65811D1499F89F8D3D23F74B26F200EA4656 ] seclogon        C:\Windows\system32\seclogon.dll
21:46:23.0872 0x0474  seclogon - ok
21:46:23.0888 0x0474  [ 27B770C28CFBD80E60516DA112E0C8F3, E125DC9C93D657094E440C809C0CC4CB2C5113246B7FA0CF8DEE4F5707C0212B ] SENS            C:\Windows\System32\sens.dll
21:46:23.0935 0x0474  SENS - ok
21:46:23.0950 0x0474  [ F8CDB64F6DA38D8812DE211362B98A12, FFF7EEC31E2C623F63C84F096EBB241D50BBAF7D1BCDE31DDF6314C1468B6367 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:46:23.0997 0x0474  SensrSvc - ok
21:46:24.0044 0x0474  [ 000BD3414CFFF5B38F8374D620C8F43E, 997E512B3DE024E35059DDBD6552567417E480CEDF3F2B954FA3F45A3C76295E ] SerCx          C:\Windows\system32\drivers\SerCx.sys
21:46:24.0059 0x0474  SerCx - ok
21:46:24.0091 0x0474  [ B79AA351309FB7AF95B2E1634F4C0F89, 55BCB89BC03721FFB7B5A03E954117399F80CC490CA1A7D41362516A602A326C ] Serenum        C:\Windows\System32\drivers\serenum.sys
21:46:24.0106 0x0474  Serenum - ok
21:46:24.0122 0x0474  [ E0DAA18F4694579C7D66D0FFD42C3B4B, 1B3728BB621B91DB0C448C22C582B5CF14424F2995DC8057235FF04F7F456A0B ] Serial          C:\Windows\System32\drivers\serial.sys
21:46:24.0153 0x0474  Serial - ok
21:46:24.0169 0x0474  [ 96FE02C72242D4AD5EFC610DC37DA107, 42EAF2DE69332462EDD76B4506D35954C3E97CE8A90356AD59B30F46598C38A2 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
21:46:24.0200 0x0474  sermouse - ok
21:46:24.0247 0x0474  [ 63CC3E3F5CEF3D3BD22ACB670B1D9154, 0FAA9C2B7899127385C14B246EA3E777AE6C9DC0259CEECBF1272004CE3396A3 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:46:24.0293 0x0474  SessionEnv - ok
21:46:24.0309 0x0474  [ 18F2EEA5A661E1B808D84EA7D2CB3E5E, FA544AFE3DE4B8838462399C0658F649D38AF99D73A399E70F9EE707C48E5BC7 ] sfloppy        C:\Windows\System32\drivers\sfloppy.sys
21:46:24.0340 0x0474  sfloppy - ok
21:46:24.0403 0x0474  [ 05CA53E25BBD45CE0022AD966638A19B, EDD24EA163F53743BC1813C393E05EF3181EDA512BCFED069DA2C80676E4BF79 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:46:24.0465 0x0474  SharedAccess - ok
21:46:24.0527 0x0474  [ FA431599A1631AD4D110D0ADDE9D333C, D1725648FFA9E6C4E65FB784986598A0B07367EA7B1762456B1D1CD6D9611FFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:46:24.0605 0x0474  ShellHWDetection - ok
21:46:24.0668 0x0474  [ EE13C9F22485DADEB864F3D93DB30F29, 9F7CF8031AE387BF24CBC51554A51A9E665D7382EEB6388B867DAC23E41D955F ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:46:24.0683 0x0474  SiSRaid2 - ok
21:46:24.0699 0x0474  [ 456FD58EE194BC7F289B8D9F2A2BC000, 9835F2A50A88A134B0E7D4CBDA9C70B797F32E5D4C39D324EB6BD29DC98F0C03 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:46:24.0730 0x0474  SiSRaid4 - ok
21:46:24.0777 0x0474  [ 2D0CC4CDC4E5805800A9615A4AE2E826, 32AC81A21135B1F2C9460C4A3C10DA0791DAE3EDC707EFFB49B4EA372295D702 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:46:24.0808 0x0474  SNMPTRAP - ok
21:46:24.0839 0x0474  [ 0312EE5B88383F9C8C69C4B3611BBCDF, 27A8A4938233B047EDDC1A61C3577278A940A01E949B44904340EAC1386908CB ] spaceport      C:\Windows\system32\drivers\spaceport.sys
21:46:24.0871 0x0474  spaceport - ok
21:46:24.0886 0x0474  [ AE81DC8F9EC833A2578DD5F195B091BA, ABD2135462148B26BF40E2240D048499BC899EE13E3F01F91A39C15FF61C20F0 ] SpbCx          C:\Windows\system32\drivers\SpbCx.sys
21:46:24.0917 0x0474  SpbCx - ok
21:46:24.0964 0x0474  [ C65FEFCD539B1ACAE87FB8DA7014C320, 064E6112CB02E71AB7BF508352D4CB3931716C662BE236209CACE20284ADD342 ] Spooler        C:\Windows\System32\spoolsv.exe
21:46:25.0042 0x0474  Spooler - ok
21:46:25.0292 0x0474  [ CE5998B0CE281A8EB15CC6B4BACB50CB, C271C240DD1865B3EC4D291800AAF22D5FE1DA4346A42FB9836C8D0BA1FD74B0 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:46:25.0619 0x0474  sppsvc - ok
21:46:25.0729 0x0474  [ 5848941CEEAFB81EA975465CA7F95980, 955C593A46E7FDAB2E0E0C3B01A10DD17315881CEEF11E1A3FF09951DAC45373 ] srv            C:\Windows\system32\DRIVERS\srv.sys
21:46:25.0775 0x0474  srv - ok
21:46:25.0822 0x0474  [ A83F32595367896B32523A3124A652C3, BD2AA5B19DFDE1EA08972A47FB1B3E9E85D6C3D0D86EBF3B50C5F90409324EC2 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:46:25.0885 0x0474  srv2 - ok
21:46:25.0916 0x0474  [ EC101EB41762E038CAE4D630998C9351, 921A930B6FA5F1CE218B745C5797FB78829621A5E9F627D8EA3C7DBFA97738F2 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:46:25.0947 0x0474  srvnet - ok
21:46:25.0994 0x0474  [ 82F694259060F222CA079FC2BA7A8A47, E717D83D48B370A2B20FDFCF887228AE17B6F70B0AC52D848208F1E244D255EC ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
21:46:26.0025 0x0474  SSDPSRV - ok
21:46:26.0041 0x0474  [ 21D742D8259AA4FD94411F5738841DFD, 50B2075AA79DD01C8B69C94439EA299B5B2399CBC7EA934D1F5BAD2C345A02FF ] SstpSvc        C:\Windows\system32\sstpsvc.dll
21:46:26.0087 0x0474  SstpSvc - ok
21:46:26.0103 0x0474  [ C0A03E9D1DF7671B0CAED016EEB67074, 5795129A70B9A702B0332EAA9A2F56E4CEFF5EB839CB7605504292BABAF2AF2D ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:46:26.0134 0x0474  stexstor - ok
21:46:26.0181 0x0474  [ 4D400620DCD449E1E22639C7585B8E3C, F68CC58C4D0BA85BFBBD4AF5DE6B3952B9467652E552AF8F447F45CE24AC6C38 ] stisvc          C:\Windows\System32\wiaservc.dll
21:46:26.0259 0x0474  stisvc - ok
21:46:26.0306 0x0474  [ 383821D628B9843D8BA7501FD8C6D4D3, E0AD4FA5AF8DB20CD42C45FCF162BA812AA8A5132428CA78512CF00F372C1D18 ] storahci        C:\Windows\system32\drivers\storahci.sys
21:46:26.0321 0x0474  storahci - ok
21:46:26.0353 0x0474  [ 844F73085E49A0B46ECCDD16CAFC1C1E, 7AD84AF4DC2BA8D84EA962AE4EB903D13123FBAEBA881674620383B6FC57BA74 ] storflt        C:\Windows\system32\DRIVERS\vmstorfl.sys
21:46:26.0384 0x0474  storflt - ok
21:46:26.0415 0x0474  [ 29AD38D45DB2161CE60812E99402CFF6, 2ED09732186E8A754D900324B0E1EA5854CDDE1764B08E04C253E8B885585A7C ] StorSvc        C:\Windows\system32\storsvc.dll
21:46:26.0462 0x0474  StorSvc - ok
21:46:26.0493 0x0474  [ 799E1DD1D72CC320E2CC0B9202F2A899, 1A5AD40ED5ED597FC52177444AF073F35D8D66030B94906123BE94BB81421FCB ] storvsc        C:\Windows\system32\drivers\storvsc.sys
21:46:26.0509 0x0474  storvsc - ok
21:46:26.0540 0x0474  [ 3AF3BC53DCF91DC3D1D2A6A30AD051CF, 3495FF296378714B922D8C624AA527B78D850A17D7D94CE5D3259F3C5AEB44FE ] storvsp        C:\Windows\System32\drivers\storvsp.sys
21:46:26.0571 0x0474  storvsp - ok
21:46:26.0618 0x0474  [ B25224A4EDF64737F4300968BC45AB9C, 63ACC8AD3E5C861EDA4144D63760286D7C190F494CBC1E09B6AFEAA82819281F ] svsvc          C:\Windows\system32\svsvc.dll
21:46:26.0649 0x0474  svsvc - ok
21:46:26.0665 0x0474  [ 53C4A8832F1A0C01ED2A47998CA68070, E36E1BC361C4E468508D1536D63FFCB9FF9FB7ED5DE3CA4CA73C0BE6BA812BCA ] swenum          C:\Windows\System32\drivers\swenum.sys
21:46:26.0680 0x0474  swenum - ok
21:46:26.0727 0x0474  [ 3DA2D680BC7CFB4F832DD8C402045DDE, 6ED5E646FF59E185F3BF1234C14166828064A12CDDB4018C12C601F9515EC7C9 ] swprv          C:\Windows\System32\swprv.dll
21:46:26.0805 0x0474  swprv - ok
21:46:26.0899 0x0474  [ B63ADA5B8CA26A7D56B782B7ECE495CF, 31C89C69CF27EE1FDA907501A77882D24F278782CB117740BCD17C71E3F061DB ] SysMain        C:\Windows\system32\sysmain.dll
21:46:27.0039 0x0474  SysMain - ok
21:46:27.0086 0x0474  [ AA1C13A4153AB9D839ECF3F626CA0FDA, FA41DD96A2927A69E942FBFE01370E73E0655A688DE8487E2B0CA7250E700884 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:46:27.0133 0x0474  SystemEventsBroker - ok
21:46:27.0148 0x0474  [ A1878EF21CC43AB0C20E9E226C61CF8F, F92EAA45340F3A1CBF98C745D9C67EBE50EF03865AC2863922F6AD44833A50A9 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:46:27.0195 0x0474  TabletInputService - ok
21:46:27.0226 0x0474  [ 23D9550BCFB35E2EAFEA65EACB4E447D, 4446E0A29C4C085D743743050FAD3BADBAAEFB3F7CEE7BC03A7DFF04AD33B3D2 ] TapiSrv        C:\Windows\System32\tapisrv.dll
21:46:27.0273 0x0474  TapiSrv - ok
21:46:27.0398 0x0474  [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
21:46:27.0554 0x0474  Tcpip - ok
21:46:27.0710 0x0474  [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:46:27.0866 0x0474  TCPIP6 - ok
21:46:27.0928 0x0474  [ AA231BA5CD8A6769099FA1E01D5CF8F4, 30E20C1B3EEDACD866352C6B06D38023FAB111909396E1D32BFA61B94B694E5A ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:46:27.0959 0x0474  tcpipreg - ok
21:46:27.0975 0x0474  [ 82944280D22410A0A5CA7133EC81AA92, 039F30E39C39E6312654C442D22601DFD9216707BB78FD1F381F2205FE707DF0 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
21:46:28.0006 0x0474  tdx - ok
21:46:28.0053 0x0474  [ FD64257C5F21CD800AFBC98443ED2410, 9B32D7662B7735E74609A87BC9088816C7CE9C15068B4494BC5416A740DD67E7 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
21:46:28.0069 0x0474  terminpt - ok
21:46:28.0147 0x0474  [ 771564E254793B33E51D62303480BE97, 83D4B5E987B4B75027C8984FF5C244C7FA3C2FD8261B1C7D085A3F96F170E371 ] TermService    C:\Windows\System32\termsrv.dll
21:46:28.0225 0x0474  TermService - ok
21:46:28.0271 0x0474  [ 99CD7A3F21958E4386B853AE7CDF1149, 44FAFA81AEA271AED3EDE82A408B0ED045524A30640E7A934E82292404F7C0D8 ] Themes          C:\Windows\system32\themeservice.dll
21:46:28.0318 0x0474  Themes - ok
21:46:28.0349 0x0474  [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] THREADORDER    C:\Windows\system32\mmcss.dll
21:46:28.0381 0x0474  THREADORDER - ok
21:46:28.0412 0x0474  [ 969E681262181C4D3786C1F038594FF0, 5868FDE6F5E407B49A6AA356345C1D173FF5DB4B9705A7B425A1E8623EBE5BDD ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
21:46:28.0443 0x0474  TimeBroker - ok
21:46:28.0490 0x0474  [ C595E59E47AE16286A84EFDE9B8E394B, 1587019150D9C44318ACE6398425401948D7DBD05AA583578CBB2209A3D225FB ] TPM            C:\Windows\system32\drivers\tpm.sys
21:46:28.0521 0x0474  TPM - ok
21:46:28.0552 0x0474  [ D1D9A607FBCD1493F3E48F7EF4274DA7, D33D869BD2C0317AE1ED779A2AEDEA2965F5DD92A056875A6163D25F1482C770 ] TrkWks          C:\Windows\System32\trkwks.dll
21:46:28.0599 0x0474  TrkWks - ok
21:46:28.0630 0x0474  [ 9FE0BE086B89218187E02435FC3356B7, 6C2F02B948513460568BCB21DD18ADAE8ABFB2E5F7B992B0CDC7A341DEF12BAD ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:46:28.0661 0x0474  TrustedInstaller - ok
21:46:28.0708 0x0474  [ C1B8409E6A4BA28CFB3C874AAB60A2EC, 8BE9B5B9DCBEBE677CABE09101725D898F4CB3DEFBC00002F0CBF75B9193EFE2 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:46:28.0755 0x0474  TsUsbFlt - ok
21:46:28.0777 0x0474  [ 403C610E2EDD0523803951BC648B74C3, 9579819505D8D546B845BE02923890D1870C1B9683E9897C46F364E0D87B0431 ] TsUsbGD        C:\Windows\System32\drivers\TsUsbGD.sys
21:46:28.0793 0x0474  TsUsbGD - ok
21:46:28.0855 0x0474  [ 880F87B7A75F39E6A41508DA43C966A8, 1B7954BC814DF8847EDD6A86AF9BBC9981385020A830AD3BE00E8DA5280D6F00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:46:28.0886 0x0474  tunnel - ok
21:46:28.0902 0x0474  [ 6300E896D59730C8E30998B0C546E189, 5B3F8FA1A7C57BF8AC467285B446394480E30D4CC7AD5ECF88A952CC76753B42 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:46:28.0917 0x0474  uagp35 - ok
21:46:28.0933 0x0474  [ BD1EE7A81DBD00797F22CA8785F53C26, A118F1B72CF3AC6A98E876B1D7946C8025149EDEFD31749667135E2E7DD96897 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
21:46:28.0964 0x0474  UASPStor - ok
21:46:28.0995 0x0474  [ C56348B01CF40F04BC0A37DC3ABAFD33, 7D1F5E8A2286FF73BE0489823317BCCA3FB2AE59D0682B41ED148D082870E697 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
21:46:29.0027 0x0474  UCX01000 - ok
21:46:29.0058 0x0474  [ F9E7170D13E0222F74435614D06669C4, E86449EDAF30CE975227F26920936593834E5EF87AF01A938AEBA0099CAEF38C ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:46:29.0105 0x0474  udfs - ok
21:46:29.0167 0x0474  [ DC38F7BDA9CB58A3974DE16E5B92B373, C79FC7AAF603F3996FE036F4DC464B09F402F3C2F33F24F3342D5B903EA46D89 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
21:46:29.0198 0x0474  UI0Detect - ok
21:46:29.0229 0x0474  [ FF40F051E4587B23D42324BB41E6AC3D, 6A0AD3C53434CA0009D1CAEE60B50EF992A371339B4A594CE18A0EB2505C0F58 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:46:29.0261 0x0474  uliagpkx - ok
21:46:29.0276 0x0474  [ E50E55AFADD4BA807EFAE884820F631C, 3DE18E6A89E77783077F445198DD842A0C1FCAB9E554ADFD91E5C31C354E6E1D ] umbus          C:\Windows\System32\drivers\umbus.sys
21:46:29.0307 0x0474  umbus - ok
21:46:29.0323 0x0474  [ C8B523CFCC5AA060CC019ED9E54E1D1A, 0035BAF0F7A935440F4CC0578D495269D474EE58A4A0B342AE06F35312B1B1F9 ] UmPass          C:\Windows\System32\drivers\umpass.sys
21:46:29.0354 0x0474  UmPass - ok
21:46:29.0385 0x0474  [ E7E4E3F0EF460D07E4A3642CF220893C, 60B869451C0E13D1DF47C6D819226DE6E7855198BD1316044DB3A9FED94E093F ] UmRdpService    C:\Windows\System32\umrdp.dll
21:46:29.0432 0x0474  UmRdpService - ok
21:46:29.0463 0x0474  [ F04BE595430D590F2788966890B54DAD, 372F49E3DACA44A4113C13B9416A4669BFA18B4EBBB23E9C28062C32AAF54B07 ] upnphost        C:\Windows\System32\upnphost.dll
21:46:29.0526 0x0474  upnphost - ok
21:46:29.0541 0x0474  [ 72EA2F0611459449E30014EBFB0548BE, A88FE762B207D7FE96495C9976C8C31E8977D3D6E47792C09001CF2F6DBFD787 ] usbccgp        C:\Windows\System32\drivers\usbccgp.sys
21:46:29.0573 0x0474  usbccgp - ok
21:46:29.0588 0x0474  [ A11C6D32F0942D3301EF159AF73ABC1D, 14F891D873BB5BA56708F80EB4CAE2E20BAE3ACB95092AFD56BBDC34C619683A ] usbcir          C:\Windows\System32\drivers\usbcir.sys
21:46:29.0635 0x0474  usbcir - ok
21:46:29.0651 0x0474  [ A35CA67BD41E5F5D4DCB7BFCCC3490B0, 6176768493E2D36F52B9DE7644681E8FB91B9B5D32921236B20031FBED73281C ] usbehci        C:\Windows\System32\drivers\usbehci.sys
21:46:29.0666 0x0474  usbehci - ok
21:46:29.0697 0x0474  [ E5789E9E8D771CF55D90E897487C06F0, 0AA71E05A003AB0C32AF24CD0B9FC0F20779CCE22DF3FCC40C9115FD200D2049 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
21:46:29.0744 0x0474  usbhub - ok
21:46:29.0775 0x0474  [ 68F582D743424837C082A46AAD7F5C2A, A292EB81D612C092559F737DCDF42D50F805E074752F9492FAF43481410C9B71 ] USBHUB3        C:\Windows\System32\drivers\UsbHub3.sys
21:46:29.0822 0x0474  USBHUB3 - ok
21:46:29.0869 0x0474  [ 0F04142FF6103B898F8BAA04EC626FC4, 8925F76E8249BD809B0B53F954C1CB4A087F0E04358118FF8698F23E40BB074E ] usbohci        C:\Windows\System32\drivers\usbohci.sys
21:46:29.0885 0x0474  usbohci - ok
21:46:29.0900 0x0474  [ F3CDD4A88125BD7B91D6847170E06B96, 60C1D8E5E6C2DF6D7412A6B20C5B5CB6AEFEB72A79538A1FCB75AC75ED6CFF1E ] usbprint        C:\Windows\System32\drivers\usbprint.sys
21:46:29.0931 0x0474  usbprint - ok
21:46:29.0947 0x0474  [ D68B7268CA888C06447FB8ADC8E0ACF7, 67580E237B7D7D9862A537EE11EBE3BB9AB029E522EAB94EC9A41642A8466019 ] USBSTOR        C:\Windows\System32\drivers\USBSTOR.SYS
21:46:29.0963 0x0474  USBSTOR - ok
21:46:29.0978 0x0474  [ B1FC6C75482078C324A2470CBA5CD737, E687204FF0FE22CAAAFD05285FA07229668B737DABEC2A63697D0A48B0BCF9FE ] usbuhci        C:\Windows\System32\drivers\usbuhci.sys
21:46:30.0009 0x0474  usbuhci - ok
21:46:30.0056 0x0474  [ 99F8D02C629F6EA68AC057647A7A4A5E, 2A76EB8A58D94DA1B4CD93894671F9E9505BEAF23CA3C0A5B07872A3FF7C2486 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:46:30.0103 0x0474  usbvideo - ok
21:46:30.0150 0x0474  [ FCCCCFE107E17D834B9B132DAE965B25, F6F80EEF47FC3C975C9E68135372E16CF913DC40DF111F0C6E72D11CACCD0065 ] USBXHCI        C:\Windows\System32\drivers\USBXHCI.SYS
21:46:30.0181 0x0474  USBXHCI - ok
21:46:30.0212 0x0474  [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] VaultSvc        C:\Windows\system32\lsass.exe
21:46:30.0244 0x0474  VaultSvc - ok
21:46:30.0259 0x0474  [ CC402B1ED2921B39BB972913422219BB, 3037CCC6EB07CCFBD72D7C772486FB4DCC8560CF577EB65C65BC06C0BA532437 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:46:30.0275 0x0474  vdrvroot - ok
21:46:30.0353 0x0474  [ 5A57E3FBB73FF8B503FFDBBBE06C7F73, 7346212BFAC8AE404B231DC1E6D4B5934ED2EBC12511E19931FF137F0FA6B0B3 ] vds            C:\Windows\System32\vds.exe
21:46:30.0431 0x0474  vds - ok
21:46:30.0462 0x0474  [ 5BD4FBB9E65CDC70C029612D1DE26356, E4E79FA2ED32AC3EC8240C007ABD9255EBCFD7E9B5C7B5408AC6990E070B68F3 ] VerifierExt    C:\Windows\system32\drivers\VerifierExt.sys
21:46:30.0493 0x0474  VerifierExt - ok
21:46:30.0571 0x0474  [ 5FE0329F82B1AD8F95A155231E2AAE37, BFFBF7D4AE3C33985A225206491C25E0F8B6438AC2B7069E0E258DAE86EB1708 ] vhdmp          C:\Windows\System32\drivers\vhdmp.sys
21:46:30.0634 0x0474  vhdmp - ok
21:46:30.0712 0x0474  [ 51A2636F86F50484FB35E14AB2AA764C, 6273D9E68F5E7401817D95B53999A5B71D3870BFAA97C2733551DCB8AFC4AA2F ] viaide          C:\Windows\system32\drivers\viaide.sys
21:46:30.0727 0x0474  viaide - ok
21:46:30.0758 0x0474  [ 684A0454B2C377DCBE138159F5F1E102, 55E93778D92C1E7452179C847679030AC7F0672C4F8750931B64FA1F8A2B4C50 ] Vid            C:\Windows\System32\drivers\Vid.sys
21:46:30.0790 0x0474  Vid - ok
21:46:30.0805 0x0474  [ 1E5B68D3A799EFC803942801D14EB1D9, 0B8548C589C0EE4A4BB08C4D1B88B9B58A623B55FBC6DBF23C16C4DFCF82D66D ] vmbus          C:\Windows\system32\drivers\vmbus.sys
21:46:30.0836 0x0474  vmbus - ok
21:46:30.0852 0x0474  [ 2B69692D7A89A55A91657D070B265C51, 2F85D625E53A5393E7C19EF247864BC0619EFBD13365F9F76C5EF53F3C01D582 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
21:46:30.0868 0x0474  VMBusHID - ok
21:46:30.0899 0x0474  [ 273477B3331983A356E132700288FF2D, 883450DED09363F5614699B702773B2100B9EED269F4E43116C6578D6B6938D8 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
21:46:30.0930 0x0474  vmbusr - ok
21:46:30.0992 0x0474  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicheartbeat  C:\Windows\System32\ICSvc.dll
21:46:31.0039 0x0474  vmicheartbeat - ok
21:46:31.0055 0x0474  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:46:31.0102 0x0474  vmickvpexchange - ok
21:46:31.0117 0x0474  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicrdv        C:\Windows\System32\ICSvc.dll
21:46:31.0164 0x0474  vmicrdv - ok
21:46:31.0180 0x0474  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
21:46:31.0304 0x0474  vmicshutdown - ok
21:46:31.0320 0x0474  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmictimesync    C:\Windows\System32\ICSvc.dll
21:46:31.0367 0x0474  vmictimesync - ok
21:46:31.0382 0x0474  [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicvss        C:\Windows\System32\ICSvc.dll
21:46:31.0429 0x0474  vmicvss - ok
21:46:31.0445 0x0474  [ A6FD547C67E16300F880CFC29EB1180B, B6C4EDBC00A145C93184E63C8B5FB5A1647D93B12EB2A3259A72C6281678EB46 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:46:31.0476 0x0474  volmgr - ok
21:46:31.0507 0x0474  [ 4EC94AFA246E256460811D8CEBBC914A, FCF4C445B964F1BB26DE173737CE1C1E6CAED11E9E05CB67C32244C8090C5A28 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
21:46:31.0554 0x0474  volmgrx - ok
21:46:31.0570 0x0474  [ ED7880AB1743BEB09A8549B6E88E7FF5, 4938FC4FE246FC756CDF58262C092A439F00699172CC09B992EDA3AE9D76067D ] volsnap        C:\Windows\system32\drivers\volsnap.sys
21:46:31.0601 0x0474  volsnap - ok
21:46:31.0616 0x0474  [ 569755E8A09406F074764A9C72361969, 6E3E64390DD3CB0459BDD9AFFDFDE95493CA10D49CAE186CA4EE601BB12327C4 ] vpci            C:\Windows\System32\drivers\vpci.sys
21:46:31.0648 0x0474  vpci - ok
21:46:31.0663 0x0474  [ BD272A755B8D028CC558E3CD0330E286, 725A4900CD4981EB922B94CD3462322669BA46AC175C132B4C2EC16C7BCE1401 ] vpcivsp        C:\Windows\System32\drivers\vpcivsp.sys
21:46:31.0679 0x0474  vpcivsp - ok
21:46:31.0710 0x0474  [ 9EE2C503B3960AE8E43DDB85523428CA, CBC0A1FAF9861FACF3805CBEC24F40F9E4B8164A7CF01BF2A16F766EF18AD03A ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
21:46:31.0741 0x0474  vsmraid - ok
21:46:31.0882 0x0474  [ 9BD38DF6B2C7D020B2F29C0573B557C8, 621AE44A7E01F6294F4D690D6D6C1E11FB56C96BBEE241D34B4155252B620798 ] VSS            C:\Windows\system32\vssvc.exe
21:46:32.0334 0x0474  VSS - ok
21:46:32.0708 0x0474  [ 4ACE469E3FD59CB605D680124938DD06, D7C0BC0DEFD75C30F94FDC840FEF53D48DA44D28B101DA0ED8EA4DE5A11FA091 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
21:46:32.0786 0x0474  VSTXRAID - ok
21:46:32.0833 0x0474  [ 3C84A039E2796EECA1997902F5D635E7, A503051F5820E61EE15221AF1BA7A7C04CDB3760487D287743D0FAA0A167B59C ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:46:32.0880 0x0474  vwifibus - ok
21:46:32.0927 0x0474  [ C6BB1AD6603A83B0B00C344DE2BA652D, 869EFD4EBC4F19C7C82DBC12CF59CAB71946F242401B59D23AE8BF6C91DCA499 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:46:32.0958 0x0474  vwififlt - ok
21:46:32.0989 0x0474  [ C78819ED0FF21EFFA23465267E507441, E9FBA09783DC516FB66465960CC793BF0BE348665E28A21C79534DC3D856BC0D ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
21:46:33.0005 0x0474  vwifimp - ok
21:46:33.0067 0x0474  [ 9192AECDDAB77DB096AF1557EF58EF07, 56B6B14B6873522270F257BCA382773DE2B33D89DBE53EC012F67A6551A86855 ] W32Time        C:\Windows\system32\w32time.dll
21:46:33.0114 0x0474  W32Time - ok
21:46:33.0130 0x0474  [ 142617854B09099C9F32FB4A3B96CB83, 3A90636E00D01EAFF559F2C9BB0EE7C803E381EB738D825D7D68F1245BEFE146 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
21:46:33.0161 0x0474  WacomPen - ok
21:46:33.0176 0x0474  [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:46:33.0223 0x0474  Wanarp - ok
21:46:33.0223 0x0474  [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:46:33.0270 0x0474  Wanarpv6 - ok
21:46:33.0354 0x0474  [ 1B7B06CF9206E129D03BE3011E35C6E5, 653545F4C709ABE8292C7CBD948E5300F7CFE91003D236280138A9C116E5006A ] wbengine        C:\Windows\system32\wbengine.exe
21:46:33.0495 0x0474  wbengine - ok
21:46:33.0557 0x0474  [ 06212EE0E6FFE33E40CB519EFA2E055D, 4381248FE810284114FAE659A160CE1FA612A8B2F70B3F98E3FD97753D4D2815 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:46:33.0588 0x0474  WbioSrvc - ok
21:46:33.0635 0x0474  [ DC45A1C14D36A4FB1E581D69602306A5, E33EC9182A1525E59C039E5060C65C6930768A739FC6B8E410B83F790A359968 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
21:46:33.0666 0x0474  Wcmsvc - ok
21:46:33.0698 0x0474  [ 7C86BF53418BAE01483853E129B1FCB7, DEE1568020702F10F72EEE35E3195922478E1AA19948EC5A12A9DE6578576637 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
21:46:33.0760 0x0474  wcncsvc - ok
21:46:33.0791 0x0474  [ B6B3F1A5BCEC66B1E08A8A96B67161E1, 2E4269DC1820DDB22A7C4FC866746F0057F3E3DBDDFDEBAAFAB5EE00502E5654 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:46:33.0822 0x0474  WcsPlugInService - ok
21:46:33.0854 0x0474  [ 80915B11341BD6A0653A2E2DC73A1A87, 6F45B16662F7606CA7AAC43A31E8392BC3BC7CDF925B11478ABD7CBC4B2D4F24 ] Wd              C:\Windows\system32\drivers\wd.sys
21:46:33.0869 0x0474  Wd - ok
21:46:33.0885 0x0474  [ 664BDB2F6B12FE9B07538B5BF443F403, BAAE3A784D5FBB5E68BD5FFE9F3984E71362DFFFADDFC8D1CC618A23672ECEA4 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
21:46:33.0916 0x0474  WdBoot - ok
21:46:33.0987 0x0474  [ 7F2978DE8DDF0145DEF9EA8FB1E3D019, 7C4129C045CE82440FFA0582F184647B67A8E197AE206CF23B70627640E31540 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:46:34.0049 0x0474  Wdf01000 - ok
21:46:34.0127 0x0474  [ C22973DD5DA19664C51583D30E5DE3B3, C535A32DB10600510F2682BC049FD182B40AD3E4B2B5340619D80469CACABEE0 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
21:46:34.0174 0x0474  WdFilter - ok
21:46:34.0190 0x0474  [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:46:34.0237 0x0474  WdiServiceHost - ok
21:46:34.0237 0x0474  [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiSystemHost  C:\Windows\system32\wdi.dll
21:46:34.0283 0x0474  WdiSystemHost - ok
21:46:34.0330 0x0474  [ 950D8382A389844DED765834A796EEDC, B1E1AF2D9F0048C51A5E32DA0B273021F26AD88037209371255411367594643D ] WebClient      C:\Windows\System32\webclnt.dll
21:46:34.0377 0x0474  WebClient - ok
21:46:34.0408 0x0474  [ 02D478D6142E0FF303C53D9FB8D34A53, 657A34E9A23DA4317D53447AAEFA1904DA46BA974C9F39AC94CB8BF07A8A8249 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:46:34.0439 0x0474  Wecsvc - ok
21:46:34.0455 0x0474  [ F2F427F3C188877E0754C4D0D9D7321D, FBC6ED0EE41D13D170B36476297211EDA200621EDD0F7341012C3D4D667761BF ] wercplsupport  C:\Windows\System32\wercplsupport.dll
21:46:34.0517 0x0474  wercplsupport - ok
21:46:34.0533 0x0474  [ 158AB68C9761845EB6B240CD273D667F, 11D0291F04632DDF6EAD266214011125405B32326CB48C50BCD97024C8BDE893 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:46:34.0595 0x0474  WerSvc - ok
21:46:34.0642 0x0474  [ 01353FA4F412E1CFEBD049B604208A90, 860F06EE231771E2021B400B7D6931A9601562CA8EBEE52F79865F8B8EEB9250 ] WFPLWFS        C:\Windows\system32\DRIVERS\wfplwfs.sys
21:46:34.0658 0x0474  WFPLWFS - ok
21:46:34.0689 0x0474  [ D16E5C1F2E4680C7263784B45916EE52, 156BE46EF6B61A732CFB112E18099F70D72F32C841FBCF87F2DA4B827FD89A6D ] WiaRpc          C:\Windows\System32\wiarpc.dll
21:46:34.0720 0x0474  WiaRpc - ok
21:46:34.0736 0x0474  [ 1B6DA2B0F0ED2FCF77BC64E33513A329, 25854A6E7D3384123E62BF954FEED9596D1BB28A8EB134C5FFF63F0D51B56683 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:46:34.0767 0x0474  WIMMount - ok
21:46:34.0798 0x0474  WinDefend - ok
21:46:34.0861 0x0474  [ E9A19812C75CC074B20088C714AEB690, 47546E381D72AE9D2F5330B982582199E2E6D2DE66ADE3C5DEE6FAC831631D72 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:46:34.0923 0x0474  WinHttpAutoProxySvc - ok
21:46:35.0079 0x0474  [ 4C5FD622294D2F81F6F06F741E895F70, 258E56A01B2CD29A754D6CDF7FCF103883AB7088B4E262DB46DAA93F885747BD ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
21:46:35.0126 0x0474  Winmgmt - ok
21:46:35.0282 0x0474  [ 4083852CC0E31D32B3B16AC9E18F0B3F, 055A2C9340CEDBFE2F9D6617A2D75A05AB03B0F6714E982AD41C4260359115CE ] WinRM          C:\Windows\system32\WsmSvc.dll
21:46:35.0485 0x0474  WinRM - ok
21:46:35.0625 0x0474  [ AE5D57594A2F1A6A6C34DD47066201E8, 69773BEB53F43255613472886C27A2FAE9387127821A7361A34CE3848993809D ] WlanSvc        C:\Windows\System32\wlansvc.dll
21:46:35.0750 0x0474  WlanSvc - ok
21:46:35.0984 0x0474  [ C347251ACD04EA68E62BCE707B42E756, 603C408792541B441A3FB27C51EE0FED598CE97832205F596BE093510F339A73 ] wlidsvc        C:\Windows\system32\wlidsvc.dll
21:46:36.0124 0x0474  wlidsvc - ok
21:46:36.0187 0x0474  [ F274B2E40D94B41098AB82F2EEE07898, C55B80FCAAE218C375169DA821EDD5BD36DCCC6105AD8BCECCD890FE99C61C23 ] WmiAcpi        C:\Windows\System32\drivers\wmiacpi.sys
21:46:36.0218 0x0474  WmiAcpi - ok
21:46:36.0285 0x0474  [ F8FD8BF814C83FEAAA3110477D49C57E, 82FE4325EF8BF56A94C2D4E28B7E3E6CAFB060985A850380E3C6C2647E997D77 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:46:36.0328 0x0474  wmiApSrv - ok
21:46:36.0359 0x0474  WMPNetworkSvc - ok
21:46:36.0406 0x0474  [ 4E8429A8E3873D99581B76F4BB2E2BCD, 7B6EA55C1DF3C12B6108D6F7E6C1BFC71B54BCA65199ADD685B9133092ECFAEE ] wpcfltr        C:\Windows\system32\DRIVERS\wpcfltr.sys
21:46:36.0452 0x0474  wpcfltr - ok
21:46:36.0487 0x0474  [ 247140C51FE0424C54AA85412CDFB26D, 36B61FA1794FC8580AC2A2679C3ED00AA0A11E4520A77611660E21672CE15947 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:46:36.0518 0x0474  WPCSvc - ok
21:46:36.0533 0x0474  [ AA429F7C7B9E18FF66FE3504B80FAB9A, A676B24F0A7519066404DE6C9598F9DCDF676E50ECBFE1CB736468162D272B82 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:46:36.0565 0x0474  WPDBusEnum - ok
21:46:36.0580 0x0474  [ FA4024915B947A7A4C33F6F18454B32A, 9BF9A3FC1099A9472EFF2B54D36F64D009A683535EF102D1172D2385C9DEFEBC ] WpdUpFltr      C:\Windows\system32\drivers\WpdUpFltr.sys
21:46:36.0611 0x0474  WpdUpFltr - ok
21:46:36.0627 0x0474  [ B4E48459933B8C48F388BCC3EB1F58D1, 23DE611C880E60B8A4E81F8A44541119D86B15E1718D5E3ADE4E600DE1D0A515 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
21:46:36.0658 0x0474  ws2ifsl - ok
21:46:36.0689 0x0474  [ C3A047C10C2B4C6A1C081F04EFBCE1E3, 3AC760E742CE4357FEE5E8E33344586D5D38D495733B9829866CADFAB7071B4D ] wscsvc          C:\Windows\System32\wscsvc.dll
21:46:36.0705 0x0474  wscsvc - ok
21:46:36.0721 0x0474  WSearch - ok
21:46:36.0877 0x0474  [ 8760CCDABD00942F32DD02B8F04D7EA8, AF00539CE9312CEB624664F66E8834D086807CD6ED6BFD76DCAD457D1D22FC4E ] WSService      C:\Windows\System32\WSService.dll
21:46:37.0064 0x0474  WSService - ok
21:46:37.0289 0x0474  [ 3E8C4507F587C7151F0755DAA1FDB997, E2F9630CC777A76F10788DD146AE4CADC6CE4EBD419DF3EB78F71DA57D7F08E1 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:46:37.0632 0x0474  wuauserv - ok
21:46:37.0741 0x0474  [ A599942A2C8DED90CB73C28A86F56EF3, C5F7103ADBB7DBAF10CC39C4D02264222EA08719829BEB6924AA6F2295102430 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:46:37.0757 0x0474  WudfPf - ok
21:46:37.0788 0x0474  [ EB155EDD2256E626368796F4B7CBE013, D049298AD903C967A336596CAF030DDA1B66AACADC4A2E9ECD7E15082B4EA0BC ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
21:46:37.0819 0x0474  WUDFRd - ok
21:46:37.0866 0x0474  [ C4B15954BFF994889DEB6A2AFE9E8985, EA55A7CD5C4B718C2693AA39B151D7A0F8D1272E47DD13F1136F9146C938A7BC ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
21:46:37.0897 0x0474  wudfsvc - ok
21:46:37.0929 0x0474  [ DD9797B5157EF2CAB24454D0F5A08837, 5F25EA5C5B75E45212D463C59B36A79202DE77DE56B6C63FAF1487860A219CF9 ] WwanSvc        C:\Windows\System32\wwansvc.dll
21:46:37.0975 0x0474  WwanSvc - ok
21:46:38.0007 0x0474  ================ Scan global ===============================
21:46:38.0069 0x0474  [ 26E0369D73B00093D046562F22676D70, 96CE28CCD5DF70EEACE9223A9939F8845B93B3F71EAF3215C167A1E8B1FB593E ] C:\Windows\system32\basesrv.dll
21:46:38.0116 0x0474  [ E84549406F758028C87FB4C404AD582B, B512E562763D6E85D17BDDC73213CC292F41134588295B47B1F732B14544776E ] C:\Windows\system32\winsrv.dll
21:46:38.0169 0x0474  [ E1F689E799E6BF3EE078A228E01E6DAB, B51ACDE3A47E02F3D8C7988B21E7B277535C0C102497FBB2C54B8B644DF37EF0 ] C:\Windows\system32\sxssrv.dll
21:46:38.0216 0x0474  [ 0D9642ECA426AB06234E41161BCC9628, DAB7EB1321B7F246878720DD5011D90D57CE5C9F22E4EAA6B450E0F5EE88B0A1 ] C:\Windows\system32\services.exe
21:46:38.0232 0x0474  [ Global ] - ok
21:46:38.0232 0x0474  ================ Scan MBR ==================================
21:46:38.0247 0x0474  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:46:39.0202 0x0474  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
21:46:39.0202 0x0474  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:46:41.0699 0x0474  ================ Scan VBR ==================================
21:46:41.0699 0x0474  [ ACF4FFFBB302AD629A0DF9B0851E0D8E ] \Device\Harddisk0\DR0\Partition1
21:46:41.0699 0x0474  \Device\Harddisk0\DR0\Partition1 - ok
21:46:41.0746 0x0474  [ 74D9421ADA4FD2181D471B391C4D34F6 ] \Device\Harddisk0\DR0\Partition2
21:46:41.0761 0x0474  \Device\Harddisk0\DR0\Partition2 - ok
21:46:41.0761 0x0474  Waiting for KSN requests completion. In queue: 85
21:46:42.0775 0x0474  Waiting for KSN requests completion. In queue: 85
21:46:43.0789 0x0474  Waiting for KSN requests completion. In queue: 85
21:46:44.0805 0x0474  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x60100 ( disabled : updated )
21:46:44.0805 0x0474  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
21:46:44.0821 0x0474  Win FW state via NFP2: enabled
21:46:47.0317 0x0474  ============================================================
21:46:47.0317 0x0474  Scan finished
21:46:47.0317 0x0474  ============================================================
21:46:47.0348 0x1104  Detected object count: 1
21:46:47.0348 0x1104  Actual detected object count: 1
21:47:07.0378 0x1104  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
21:47:07.0378 0x1104  \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
21:47:07.0378 0x1104  \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
21:47:07.0394 0x1104  \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
21:47:07.0643 0x1104  \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
21:47:07.0643 0x1104  \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
21:47:07.0659 0x1104  \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
21:47:07.0674 0x1104  \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
21:47:07.0690 0x1104  \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
21:47:07.0737 0x1104  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
21:47:07.0752 0x1104  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
21:47:07.0768 0x1104  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:47:07.0768 0x1104  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:47:07.0784 0x1104  \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
21:47:07.0784 0x1104  \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
21:47:07.0799 0x1104  \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
21:47:07.0830 0x1104  \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
21:47:07.0830 0x1104  \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
21:47:07.0862 0x1104  \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
21:47:07.0893 0x1104  \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
21:47:07.0986 0x1104  \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
21:47:08.0018 0x1104  \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
21:47:08.0049 0x1104  \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
21:47:08.0049 0x1104  \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
21:47:08.0049 0x1104  \Device\Harddisk0\DR0\TDLFS - deleted
21:47:08.0049 0x1104  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
21:47:40.0103 0x0020  Deinitialize success
Hier das log von ListParts:

Code:
ListParts by Farbar Version: 20-10-2013
Ran by Markus (administrator) on 25-10-2013 at 21:56:46
Windows 8 (X64)
Running From: C:\Users\Markus\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 29%
Total physical RAM: 4060.93 MB
Available physical RAM: 2877.73 MB
Total Pagefile: 7644.93 MB
Available Pagefile: 6305.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:284.99 GB) (Free:267.47 GB) NTFS
2 Drive d: (HRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.46 GB) (Free:0 GB) UDF


  Disk ###  Status        Size    Free    Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          298 GB      0 B       

Partitions of Disk 0:
===============

Disk ID: D5EB9B58

  Partition ###  Type              Size    Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery            13 GB  1024 KB
  Partition 2    Primary            100 MB    13 GB
  Partition 3    Primary            284 GB    13 GB

======================================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs    Type        Size    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3                      NTFS  Partition    13 GB  Healthy    Hidden 

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs    Type        Size    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1                      NTFS  Partition    100 MB  Healthy    System (partition with boot components) 

======================================================================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs    Type        Size    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2    C                NTFS  Partition    284 GB  Healthy    Boot   

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: D5EB9B58
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)


****** End Of Log ******

aharonov 25.10.2013 21:06
So das sollte somit erledigt sein.
Lass zur Kontrolle nochmals Avira scannen. Meldet es immer noch was?

Markus100 25.10.2013 21:41
Ich habe jetzt noch 9 Viren gefunden und mit Antivir in Quarantäne verschoben. Der Bootsektorvirus ist aber weg!

Ansonsten Vielen Dank für die Hilfe! Großes Lob ans Forum!

hier noch der Log von Antivir
Code:

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 25. Oktober 2013  22:12


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer  : Avira Free Antivirus
Seriennummer  : 0000149996-ADJIE-0000001
Plattform      : Windows 8 Pro
Windowsversion : (plain)  [6.2.9200]
Boot Modus    : Normal gebootet
Benutzername  : SYSTEM
Computername  : MARKUS

Versionsinformationen:
BUILD.DAT      : 14.0.0.411    55393 Bytes  10.10.2013 19:14:00
AVSCAN.EXE    : 14.0.0.383    968776 Bytes  10.10.2013 17:14:05
AVSCANRC.DLL  : 14.0.0.225    62024 Bytes  10.10.2013 17:14:05
LUKE.DLL      : 14.0.0.383    65096 Bytes  10.10.2013 17:14:07
AVSCPLR.DLL    : 14.0.0.383    92232 Bytes  10.10.2013 17:14:05
AVREG.DLL      : 14.0.0.383    250440 Bytes  10.10.2013 17:14:05
avlode.dll    : 14.0.0.383    512584 Bytes  10.10.2013 17:14:05
avlode.rdf    : 13.0.1.42      26846 Bytes  10.10.2013 17:14:05
VBASE000.VDF  : 7.11.70.0  66736640 Bytes  04.04.2013 17:14:08
VBASE001.VDF  : 7.11.74.226  2201600 Bytes  30.04.2013 17:14:08
VBASE002.VDF  : 7.11.80.60  2751488 Bytes  28.05.2013 17:14:08
VBASE003.VDF  : 7.11.85.214  2162688 Bytes  21.06.2013 17:14:08
VBASE004.VDF  : 7.11.91.176  3903488 Bytes  23.07.2013 17:14:08
VBASE005.VDF  : 7.11.98.186  6822912 Bytes  29.08.2013 17:14:08
VBASE006.VDF  : 7.11.103.230  2293248 Bytes  24.09.2013 17:14:08
VBASE007.VDF  : 7.11.103.231    2048 Bytes  24.09.2013 17:14:08
VBASE008.VDF  : 7.11.103.232    2048 Bytes  24.09.2013 17:14:08
VBASE009.VDF  : 7.11.103.233    2048 Bytes  24.09.2013 17:14:08
VBASE010.VDF  : 7.11.103.234    2048 Bytes  24.09.2013 17:14:08
VBASE011.VDF  : 7.11.103.235    2048 Bytes  24.09.2013 17:14:08
VBASE012.VDF  : 7.11.103.236    2048 Bytes  24.09.2013 17:14:08
VBASE013.VDF  : 7.11.103.237    2048 Bytes  24.09.2013 17:14:08
VBASE014.VDF  : 7.11.104.123  282112 Bytes  26.09.2013 17:14:08
VBASE015.VDF  : 7.11.104.237  359424 Bytes  28.09.2013 17:14:08
VBASE016.VDF  : 7.11.105.103  195072 Bytes  02.10.2013 17:14:08
VBASE017.VDF  : 7.11.105.243  571904 Bytes  07.10.2013 17:14:08
VBASE018.VDF  : 7.11.106.91  185856 Bytes  08.10.2013 17:14:08
VBASE019.VDF  : 7.11.106.167  183296 Bytes  09.10.2013 17:54:50
VBASE020.VDF  : 7.11.107.5    236544 Bytes  11.10.2013 17:54:50
VBASE021.VDF  : 7.11.107.85  178688 Bytes  13.10.2013 17:54:50
VBASE022.VDF  : 7.11.107.163  276992 Bytes  15.10.2013 17:54:50
VBASE023.VDF  : 7.11.108.15  308224 Bytes  17.10.2013 17:54:51
VBASE024.VDF  : 7.11.108.79  190464 Bytes  18.10.2013 17:54:51
VBASE025.VDF  : 7.11.108.159  245248 Bytes  20.10.2013 17:54:51
VBASE026.VDF  : 7.11.109.41  454144 Bytes  23.10.2013 17:54:51
VBASE027.VDF  : 7.11.109.42    2048 Bytes  23.10.2013 17:54:52
VBASE028.VDF  : 7.11.109.43    2048 Bytes  23.10.2013 17:54:52
VBASE029.VDF  : 7.11.109.44    2048 Bytes  23.10.2013 17:54:52
VBASE030.VDF  : 7.11.109.45    2048 Bytes  23.10.2013 17:54:52
VBASE031.VDF  : 7.11.109.114  296448 Bytes  25.10.2013 17:54:52
Engineversion  : 8.2.12.134
AEVDF.DLL      : 8.1.3.4      102774 Bytes  10.10.2013 17:14:02
AESCRIPT.DLL  : 8.1.4.160    516478 Bytes  25.10.2013 17:54:55
AESCN.DLL      : 8.1.10.4      131446 Bytes  10.10.2013 17:14:02
AESBX.DLL      : 8.2.16.26    1245560 Bytes  10.10.2013 17:14:02
AERDL.DLL      : 8.2.0.128    688504 Bytes  10.10.2013 17:14:02
AEPACK.DLL    : 8.3.3.4      758136 Bytes  25.10.2013 17:54:55
AEOFFICE.DLL  : 8.1.2.76      205181 Bytes  10.10.2013 17:14:02
AEHEUR.DLL    : 8.1.4.716    6209914 Bytes  25.10.2013 17:54:54
AEHELP.DLL    : 8.1.27.6      266617 Bytes  10.10.2013 17:14:02
AEGEN.DLL      : 8.1.7.14      446839 Bytes  10.10.2013 17:14:02
AEEXP.DLL      : 8.4.1.84      344439 Bytes  25.10.2013 17:54:55
AEEMU.DLL      : 8.1.3.2      393587 Bytes  10.10.2013 17:14:02
AECORE.DLL    : 8.1.32.0      201081 Bytes  10.10.2013 17:14:02
AEBB.DLL      : 8.1.1.4        53619 Bytes  10.10.2013 17:14:02
AVWINLL.DLL    : 14.0.0.225    23624 Bytes  10.10.2013 17:14:05
AVPREF.DLL    : 14.0.0.225    48712 Bytes  10.10.2013 17:14:05
AVREP.DLL      : 14.0.0.225    175688 Bytes  10.10.2013 17:14:05
AVARKT.DLL    : 14.0.0.225    257096 Bytes  10.10.2013 17:14:03
AVEVTLOG.DLL  : 14.0.0.383    165960 Bytes  10.10.2013 17:14:03
SQLITE3.DLL    : 3.7.0.1      394824 Bytes  10.10.2013 17:14:07
AVSMTP.DLL    : 14.0.0.225    60488 Bytes  10.10.2013 17:14:05
NETNT.DLL      : 14.0.0.225    13384 Bytes  10.10.2013 17:14:07
RCIMAGE.DLL    : 14.0.0.225  4786760 Bytes  10.10.2013 17:14:07
RCTEXT.DLL    : 14.0.0.225    67144 Bytes  10.10.2013 17:14:07

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Freitag, 25. Oktober 2013  22:12

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '177' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '199' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_9_900_117.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_9_900_117.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'TiWorker.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '59' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1117' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0005.dta
  [FUND]      Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0006.dta
  [FUND]      Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0007.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0008.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0009.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0010.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0011.dta
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0012.dta
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0016.dta
  [FUND]      Ist das Trojanische Pferd TR/Offend.6788456

Beginne mit der Desinfektion:
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0016.dta
  [FUND]      Ist das Trojanische Pferd TR/Offend.6788456
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '558d76a3.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0012.dta
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d1a5904.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0011.dta
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1f4503ec.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0010.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '79724c2e.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0009.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3cf66110.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0008.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '43ed5371.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0007.dta
  [FUND]      Ist das Trojanische Pferd TR/Rootkit.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0f557f3b.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0006.dta
  [FUND]      Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '734d3f6b.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0005.dta
  [FUND]      Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5e171026.qua' verschoben!


Ende des Suchlaufs: Freitag, 25. Oktober 2013  22:38
Benötigte Zeit: 25:15 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  19192 Verzeichnisse wurden überprüft
 117416 Dateien wurden geprüft
      9 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      9 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 117407 Dateien ohne Befall
    582 Archive wurden durchsucht
      0 Warnungen
      9 Hinweise
 424617 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden

aharonov 25.10.2013 23:34
Zitat:
Ich habe jetzt noch 9 Viren gefunden und mit Antivir in Quarantäne verschoben.
Diese Funde sind ja wie du siehst nur das TDSS Filesystem aus der TDSSKiller-Quarantäne, welches du zuvor bereits hast löschen lassen.

Die Malware hatte dein bootrec /fixmbr und anschliessende Neu-Installation nicht überlebt. Avira hat nur noch eine übriggebliebene kleine Malwarepartition gesehen und gemeldet, der Bootsektorvirus selbst war aber schon tot.

aharonov 17.11.2013 22:08
Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131