| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Delta Search und Babylon search - Malware durch Freeware, Windows VistaWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.07.2013, 15:07
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Delta Search und Babylon search - Malware durch Freeware, Windows Vista reboot tut gut
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.07.2013, 15:41
| #17 |
 | Delta Search und Babylon search - Malware durch Freeware, Windows Vista So okay geschafft !
__________________nach dem letzten Neustart hat sich wieder delta-search geöffnet ! Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-03 15:45:26
Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\0000004f Hitachi_ rev.JPGO 596,17GB
Running: gmer_2.1.19163 (2).exe; Driver: C:\Users\HP\AppData\Local\Temp\pgldipoc.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960001af600 3 bytes [00, 83, 02]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 4 fffff960001af604 3 bytes [81, C3, FA]
.text ... * 126
.text C:\Windows\System32\win32k.sys!EngGetProcessHandle + 400 fffff9600025879c 6 bytes {JMP QWORD [RIP+0x4fe16]}
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[620] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\winlogon.exe[788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[208] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\Ati2evxx.exe[520] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[576] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[736] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[636] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[1316] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001000601f8
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001000603fc
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 5 bytes JMP 0000000100060600
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 5 bytes JMP 0000000100060804
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 5 bytes JMP 0000000100060c0c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 5 bytes JMP 0000000100060e10
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 5 bytes JMP 0000000100060a08
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001000803fc
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 0000000100080600
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 0000000100081014
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 0000000100080804
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 0000000100080a08
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 0000000100080c0c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 0000000100080e10
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001000801f8
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001000601f8
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001000603fc
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 5 bytes JMP 0000000100060600
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 5 bytes JMP 0000000100060804
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 5 bytes JMP 0000000100060c0c
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 5 bytes JMP 0000000100060e10
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 5 bytes JMP 0000000100060a08
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001000703fc
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 0000000100070600
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 0000000100071014
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 0000000100070804
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 0000000100070a08
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 0000000100070c0c
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 0000000100070e10
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001000701f8
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 0000000100080a08
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 0000000100080804
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 0000000100080600
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001000803fc
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001000801f8
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010019075c
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001903a4
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100190b14
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100190ecc
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010019163c
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001919f4
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100191284
.text C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010018075c
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001803a4
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100180b14
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100180ecc
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010018163c
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001819f4
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100181284
.text C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010025075c
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001002503a4
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100250b14
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100250ecc
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010025163c
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001002519f4
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100251284
.text C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 0000000100b4075c
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 0000000100b403a4
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100b40b14
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100b40ecc
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 0000000100b4163c
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 0000000100b419f4
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100b41284
.text C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010019075c
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001903a4
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100190b14
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100190ecc
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010019163c
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001919f4
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100191284
.text C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010011075c
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001103a4
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100110b14
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100110ecc
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010011163c
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001119f4
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100111284
.text C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 00000001002d075c
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001002d03a4
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 00000001002d0b14
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 00000001002d0ecc
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 00000001002d163c
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001002d19f4
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 00000001002d1284
.text C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 00000001000d075c
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001000d03a4
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 00000001000d0b14
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 00000001000d0ecc
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 00000001000d163c
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001000d19f4
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 00000001000d1284
.text C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 00000001001e075c
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001e03a4
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 00000001001e0b14
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 00000001001e0ecc
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 00000001001e163c
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001e19f4
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 00000001001e1284
.text C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 00000001001e075c
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001e03a4
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 00000001001e0b14
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 00000001001e0ecc
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 00000001001e163c
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001e19f4
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 00000001001e1284
.text C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe[2592] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001004301f8
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001004303fc
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 5 bytes JMP 0000000100430600
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 5 bytes JMP 0000000100430804
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 5 bytes JMP 0000000100430c0c
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 5 bytes JMP 0000000100430e10
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 5 bytes JMP 0000000100430a08
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 0000000100590a08
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 0000000100590804
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 0000000100590600
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001005903fc
.text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001005901f8
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001000601f8
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001000603fc
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 5 bytes JMP 0000000100060600
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 5 bytes JMP 0000000100060804
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 5 bytes JMP 0000000100060c0c
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 5 bytes JMP 0000000100060e10
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 5 bytes JMP 0000000100060a08
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 0000000100120a08
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 0000000100120804
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 0000000100120600
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001001203fc
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001001201f8
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001000f03fc
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 00000001000f0600
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 00000001000f1014
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 00000001000f0804
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 00000001000f0a08
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 00000001000f0c0c
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 00000001000f0e10
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001000f01f8
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010027075c
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001002703a4
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100270b14
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100270ecc
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010027163c
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001002719f4
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100271284
.text C:\Windows\system32\conime.exe[3144] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001001a01f8
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001a03fc
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 3 bytes JMP 00000001001a0600
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4 000000007719957c 1 byte [89]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 3 bytes JMP 00000001001a0804
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4 000000007719960c 1 byte [89]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 3 bytes JMP 00000001001a0c0c
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 000000007719975c 1 byte [89]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 3 bytes JMP 00000001001a0e10
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 0000000077199a2c 1 byte [89]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 3 bytes JMP 00000001001a0a08
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4 0000000077199abc 1 byte [89]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 00000001001b0a08
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 00000001001b0804
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 00000001001b0600
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001001b03fc
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001001b01f8
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001002503fc
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 0000000100250600
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 0000000100251014
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 0000000100250804
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 0000000100250a08
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 0000000100250c0c
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 0000000100250e10
.text C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001002501f8
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001001a01f8
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001a03fc
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 3 bytes JMP 00000001001a0600
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4 000000007719957c 1 byte [89]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 3 bytes JMP 00000001001a0804
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4 000000007719960c 1 byte [89]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 3 bytes JMP 00000001001a0c0c
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 000000007719975c 1 byte [89]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 3 bytes JMP 00000001001a0e10
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 0000000077199a2c 1 byte [89]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 3 bytes JMP 00000001001a0a08
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4 0000000077199abc 1 byte [89]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001001b03fc
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 00000001001b0600
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 00000001001b1014
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 00000001001b0804
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 00000001001b0a08
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 00000001001b0c0c
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 00000001001b0e10
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001001b01f8
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 00000001002c0a08
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 00000001002c0804
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 00000001002c0600
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001002c03fc
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001002c01f8
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001001a01f8
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001a03fc
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 3 bytes JMP 00000001001a0600
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4 000000007719957c 1 byte [89]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 3 bytes JMP 00000001001a0804
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4 000000007719960c 1 byte [89]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 3 bytes JMP 00000001001a0c0c
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 000000007719975c 1 byte [89]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 3 bytes JMP 00000001001a0e10
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 0000000077199a2c 1 byte [89]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 3 bytes JMP 00000001001a0a08
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4 0000000077199abc 1 byte [89]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 00000001001b0a08
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 00000001001b0804
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 00000001001b0600
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001001b03fc
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001001b01f8
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001001c03fc
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 00000001001c0600
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 00000001001c1014
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 00000001001c0804
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 00000001001c0a08
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 00000001001c0c0c
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 00000001001c0e10
.text C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001001c01f8
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[3304] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001000601f8
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001000603fc
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 5 bytes JMP 0000000100060600
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 5 bytes JMP 0000000100060804
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 5 bytes JMP 0000000100060c0c
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 5 bytes JMP 0000000100060e10
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 5 bytes JMP 0000000100060a08
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001000703fc
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 0000000100070600
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 0000000100071014
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 0000000100070804
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 0000000100070a08
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 0000000100070c0c
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 0000000100070e10
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001000701f8
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 0000000100080a08
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 0000000100080804
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 0000000100080600
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001000803fc
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001000801f8
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001001a01f8
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001a03fc
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 3 bytes JMP 00000001001a0600
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4 000000007719957c 1 byte [89]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 3 bytes JMP 00000001001a0804
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4 000000007719960c 1 byte [89]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 3 bytes JMP 00000001001a0c0c
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 000000007719975c 1 byte [89]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 3 bytes JMP 00000001001a0e10
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 0000000077199a2c 1 byte [89]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 3 bytes JMP 00000001001a0a08
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4 0000000077199abc 1 byte [89]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 00000001001b0a08
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 00000001001b0804
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 00000001001b0600
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001001b03fc
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001001b01f8
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001001c03fc
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 00000001001c0600
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 00000001001c1014
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 00000001001c0804
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 00000001001c0a08
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 00000001001c0c0c
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 00000001001c0e10
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001001c01f8
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 00000001000c075c
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001000c03a4
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 00000001000c0b14
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 00000001000c0ecc
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 00000001000c163c
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001000c19f4
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 00000001000c1284
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!SetServiceObjectSecurity 000007fefe008250 5 bytes JMP 000007ff7e091dac
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfigA 000007fefe0089a0 5 bytes JMP 000007ff7e090ecc
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfigW 000007fefe008cc0 5 bytes JMP 000007ff7e091284
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfig2A 000007fefe008e58 5 bytes JMP 000007ff7e09163c
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfig2W 000007fefe009010 5 bytes JMP 000007ff7e0919f4
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!CreateServiceA 000007fefe0090d8 5 bytes JMP 000007ff7e0903a4
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!CreateServiceW 000007fefe009420 5 bytes JMP 000007ff7e09075c
.text C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!DeleteService 000007fefe0095e8 5 bytes JMP 000007ff7e090b14
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsThemeBackgroundPartiallyTransparent 000007fefc502090 5 bytes JMP 000007ff43019ddc
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeColor 000007fefc502d50 5 bytes JMP 000007ff4303462c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemePartSize 000007fefc502df0 5 bytes JMP 000007ff43019e68
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeText 000007fefc504ec0 5 bytes JMP 000007ff4304c5d0
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeTextExtent 000007fefc505828 5 bytes JMP 000007ff430261ac
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeParentBackground 000007fefc5061a4 5 bytes JMP 000007ff43047e70
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBackgroundContentRect 000007fefc506518 5 bytes JMP 000007ff43019cc8
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBackgroundExtent 000007fefc506810 5 bytes JMP 000007ff43025fe4
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeTextMetrics 000007fefc506a08 5 bytes JMP 000007ff4300daa4
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!CloseThemeData 000007fefc506ff0 5 bytes JMP 000007ff4300dde8
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeMargins 000007fefc508ef8 5 bytes JMP 000007ff4301a3fc
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!OpenThemeData 000007fefc5090e0 5 bytes JMP 000007ff43041298
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBool 000007fefc5091e4 5 bytes JMP 000007ff4300e2a8
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsThemePartDefined 000007fefc50c7d0 5 bytes JMP 000007ff4300dd7c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeFont 000007fefc50ea30 5 bytes JMP 000007ff4300d7c4
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeBackgroundEx 000007fefc50ef30 5 bytes JMP 000007ff43046b60
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBackgroundRegion 000007fefc50ff4c 5 bytes JMP 000007ff43046ef0
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetCurrentThemeName 000007fefc5106b0 5 bytes JMP 000007ff4300e128
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsThemeActive 000007fefc5107e8 5 bytes JMP 000007ff4301848c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsAppThemed 000007fefc5108c4 5 bytes JMP 000007ff4301848c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeAppProperties 000007fefc510920 5 bytes JMP 000007ff4300ddf8
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeMetric 000007fefc51d330 5 bytes JMP 000007ff4300d8c4
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeRect 000007fefc51d510 5 bytes JMP 000007ff4300d794
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!HitTestThemeBackground 000007fefc51d890 5 bytes JMP 000007ff4300d8e4
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemePropertyOrigin 000007fefc51f320 5 bytes JMP 000007ff4300d61c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetWindowTheme 000007fefc51f420 5 bytes JMP 000007ff4300dce8
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeEdge 000007fefc521eec 5 bytes JMP 000007ff4300d710
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!OpenThemeDataEx 000007fefc522170 5 bytes JMP 000007ff430414d4
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeString 000007fefc534a68 5 bytes JMP 000007ff4300d63c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeIntList 000007fefc534be0 5 bytes JMP 000007ff4300d63c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeFilename 000007fefc534c80 5 bytes JMP 000007ff4300d63c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeIcon 000007fefc53582c 5 bytes JMP 000007ff4300d650
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeDocumentationProperty 000007fefc535cd8 5 bytes JMP 000007ff4300d63c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysFont 000007fefc535d94 5 bytes JMP 000007ff4300d5f0
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysString 000007fefc535f60 5 bytes JMP 000007ff4300d63c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysInt 000007fefc536034 5 bytes JMP 000007ff4300d5b0
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysColorBrush 000007fefc5366a4 5 bytes JMP 000007ff430183dc
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysBool 000007fefc536858 5 bytes JMP 000007ff430183c0
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysColor 000007fefc536964 5 bytes JMP 000007ff4304115c
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysSize 000007fefc536a18 5 bytes JMP 000007ff4300d774
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010015075c
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001503a4
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100150b14
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100150ecc
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010015163c
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001519f4
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100151284
.text C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 000000010027075c
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001002703a4
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100270b14
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100270ecc
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 000000010027163c
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001002719f4
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100271284
.text C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[4840] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe[3008] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 3 bytes JMP 00000001001901f8
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll + 4 00000000771817db 1 byte [89]
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001903fc
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 5 bytes JMP 0000000100190600
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 5 bytes JMP 0000000100190804
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 5 bytes JMP 0000000100190c0c
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 5 bytes JMP 0000000100190e10
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 5 bytes JMP 0000000100190a08
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 00000001001a0a08
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 00000001001a0804
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 00000001001a0600
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001001a03fc
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001001a01f8
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001001b03fc
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 00000001001b0600
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 00000001001b1014
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 00000001001b0804
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 00000001001b0a08
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 00000001001b0c0c
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 00000001001b0e10
.text C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001001b01f8
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 0000000100cd075c
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 0000000100cd03a4
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 0000000100cd0b14
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 0000000100cd0ecc
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 0000000100cd163c
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 0000000100cd19f4
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 0000000100cd1284
.text C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!LdrUnloadDll 0000000076fa6d20 5 bytes JMP 00000001001d075c
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!LdrLoadDll 0000000076fc3bd0 5 bytes JMP 00000001001d03a4
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory 0000000076fd6ff0 5 bytes JMP 00000001001d0b14
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory 0000000076fd7050 5 bytes JMP 00000001001d0ecc
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtTerminateProcess 0000000076fd7130 5 bytes JMP 00000001001d163c
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtCreateSection 0000000076fd7310 5 bytes JMP 00000001001d19f4
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory 0000000076fd7370 5 bytes JMP 00000001001d1284
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194 0000000076c22c52 1 byte [62]
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!SetWindowsHookExA 0000000076ae20f4 5 bytes JMP 0000000100b60b14
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!SetWindowsHookExW 0000000076ae86b0 5 bytes JMP 0000000100b60ecc
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!SetWinEventHook 0000000076aea308 5 bytes JMP 0000000100b603a4
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!UnhookWinEvent 0000000076aef4c0 5 bytes JMP 0000000100b6075c
.text C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!UnhookWindowsHookEx 0000000076b04700 5 bytes JMP 0000000100b61284
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001001a01f8
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001a03fc
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 3 bytes JMP 00000001001a0600
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4 000000007719957c 1 byte [89]
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 3 bytes JMP 00000001001a0804
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4 000000007719960c 1 byte [89]
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 3 bytes JMP 00000001001a0c0c
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 000000007719975c 1 byte [89]
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 3 bytes JMP 00000001001a0e10
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 0000000077199a2c 1 byte [89]
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 3 bytes JMP 00000001001a0a08
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4 0000000077199abc 1 byte [89]
.text C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 00000000771817d7 5 bytes JMP 00000001001a01f8
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077183221 5 bytes JMP 00000001001a03fc
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 0000000077199578 3 bytes JMP 00000001001a0600
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4 000000007719957c 1 byte [89]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 0000000077199608 3 bytes JMP 00000001001a0804
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4 000000007719960c 1 byte [89]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077199758 3 bytes JMP 00000001001a0c0c
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 000000007719975c 1 byte [89]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 0000000077199a28 3 bytes JMP 00000001001a0e10
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 0000000077199a2c 1 byte [89]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077199ab8 3 bytes JMP 00000001001a0a08
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4 0000000077199abc 1 byte [89]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130 0000000075b44228 1 byte [62]
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW 00000000751f9eb4 5 bytes JMP 00000001002d03fc
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!DeleteService 00000000751fa07e 5 bytes JMP 00000001002d0600
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity 0000000075236cd9 5 bytes JMP 00000001002d1014
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA 0000000075236dd9 5 bytes JMP 00000001002d0804
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW 0000000075236f81 5 bytes JMP 00000001002d0a08
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A 0000000075237099 5 bytes JMP 00000001002d0c0c
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W 00000000752371e1 5 bytes JMP 00000001002d0e10
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA 00000000752372a1 5 bytes JMP 00000001002d01f8
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075c7010d 5 bytes JMP 00000001002e0a08
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075c703d2 5 bytes JMP 00000001002e0804
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 0000000075c71b58 5 bytes JMP 00000001002e0600
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!UnhookWinEvent 0000000075c76530 5 bytes JMP 00000001002e03fc
.text C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!SetWinEventHook 0000000075c8653e 5 bytes JMP 00000001002e01f8
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
---- Processes - GMER 2.1 ----
Library C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064] 0000000140000000
Library C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064] 0000000180000000
Library C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064] 000007fef87e0000
Library C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064] 000007fef8d30000
Library C:\Program Files\Enigma Software Group\SpyHunter\Common.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064] 00000000009d0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
03.07.2013, 15:45
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Was ist mit MBAR?
__________________
__________________ |
|
03.07.2013, 16:08
| #19 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Mbar hat kein Logfile erstellt und da steht jetzt nur : ''congratulations, no clean up is required" und '' Scan finished ! No malware found !" |
|
03.07.2013, 16:33
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Bitte das Log trotzdem immer posten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.07.2013, 16:37
| #21 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista In dem Ordner ist leider weit und breit kein Log zu sehen .. |
|
03.07.2013, 16:37
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista => Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier. Da muss ein Log sien
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.07.2013, 16:42
| #23 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows VistaCode:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_29
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, K:\ DRIVE_FIXED
CPU speed: 2.310000 GHz
Memory total: 4292427776, free: 2371284992
Downloaded database version: v2013.07.03.06
Initializing...
------------ Kernel report ------------
07/03/2013 16:51:31
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor64.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\processr.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\PS2.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmfdx64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8007ad8060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000060\
Lower Device Object: 0xfffffa8007aa44a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8007aae060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005f\
Lower Device Object: 0xfffffa8007a9f060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8007aac060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005e\
Lower Device Object: 0xfffffa8007aa0b70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007aaf790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005d\
Lower Device Object: 0xfffffa8007aa0060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80079cd060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005b\
Lower Device Object: 0xfffffa80079cdb70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80049ac790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000004e\
Lower Device Object: 0xfffffa80045ef060
Lower Device Driver Name: \Driver\nvstor64\
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80049ac790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80049ac2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80049ac790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8004693c90, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80045ef060, DeviceName: \Device\0000004e\, DriverName: \Driver\nvstor64\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C834D28F
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 1221952032
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 1221952095 Numsec = 28306530
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 640135028736 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-1250243728-1250263728)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80079cd060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007a367e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80079cd060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80079cdb70, DeviceName: \Device\0000005b\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E064DE9B
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aab960, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0060, DeviceName: \Device\0000005d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aacb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0b70, DeviceName: \Device\0000005e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xfffffa8007aae060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aaab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aae060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007a9f060, DeviceName: \Device\0000005f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0
Partition information:
Partition 0 type is Other (0x6)
Partition is NOT ACTIVE.
Partition starts at LBA: 253 Numsec = 3934979
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 2015363072 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aaeb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa44a0, DeviceName: \Device\00000060\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8007ad8060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000060\
Lower Device Object: 0xfffffa8007aa44a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8007aae060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005f\
Lower Device Object: 0xfffffa8007a9f060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8007aac060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005e\
Lower Device Object: 0xfffffa8007aa0b70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007aaf790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005d\
Lower Device Object: 0xfffffa8007aa0060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80079cd060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005b\
Lower Device Object: 0xfffffa80079cdb70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80049ac790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000004e\
Lower Device Object: 0xfffffa80045ef060
Lower Device Driver Name: \Driver\nvstor64\
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C834D28F
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 1221952032
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 1221952095 Numsec = 28306530
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 640135028736 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-1250243728-1250263728)...
Done!
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E064DE9B
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aab960, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0060, DeviceName: \Device\0000005d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aacb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0b70, DeviceName: \Device\0000005e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0
Partition information:
Partition 0 type is Other (0x6)
Partition is NOT ACTIVE.
Partition starts at LBA: 253 Numsec = 3934979
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 2015363072 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aaeb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa44a0, DeviceName: \Device\00000060\, DriverName: \Driver\USBSTOR\
------------ End ----------
=======================================
Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_r.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_4_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_4_r.mbam...
Removal finished
|
|
03.07.2013, 22:43
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Ist das falsche Log 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 10:02
| #25 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista dann muss es dieses sein ...?!  Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
Database version: v2013.07.03.06
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
HP :: HP-PC [administrator]
03.07.2013 16:51:37
mbar-log-2013-07-03 (16-51-37).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 246273
Time elapsed: 11 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
04.07.2013, 11:30
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 12:17
| #27 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 20:11:22
-----------------------------
20:11:22.685 OS Version: Windows x64 6.0.6002 Service Pack 2
20:11:22.685 Number of processors: 4 586 0x203
20:11:22.687 ComputerName: HP-PC UserName: HP
20:11:24.362 Initialize success
20:11:24.687 AVAST engine defs: 13070200
20:11:27.179 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004e
20:11:27.179 Disk 0 Vendor: Hitachi_ JPGO Size: 610480MB BusType: 8
20:11:27.279 Disk 0 MBR read successfully
20:11:27.283 Disk 0 MBR scan
20:11:27.288 Disk 0 unknown MBR code
20:11:27.293 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 596656 MB offset 63
20:11:27.325 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13821 MB offset 1221952095
20:11:27.366 Disk 0 scanning C:\Windows\system32\drivers
20:11:39.226 Service scanning
20:11:59.109 Modules scanning
20:11:59.120 Disk 0 trace - called modules:
20:11:59.161 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys
20:11:59.168 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004aca790]
20:11:59.523 3 CLASSPNP.SYS[fffffa600098dc33] -> nt!IofCallDriver -> [0xfffffa80046adb10]
20:11:59.531 5 acpi.sys[fffffa6000821fde] -> nt!IofCallDriver -> \Device\0000004e[0xfffffa8004613060]
20:12:00.686 AVAST engine scan C:\Windows
20:12:10.127 AVAST engine scan C:\Windows\system32
20:15:01.484 AVAST engine scan C:\Windows\system32\drivers
20:15:14.518 AVAST engine scan C:\Users\HP
20:16:26.142 Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
20:16:26.143 The log file has been saved successfully to "C:\Users\HP\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-04 12:36:53
-----------------------------
12:36:53.090 OS Version: Windows x64 6.0.6002 Service Pack 2
12:36:53.090 Number of processors: 4 586 0x203
12:36:53.091 ComputerName: HP-PC UserName: HP
12:36:55.964 Initialize success
12:36:56.222 AVAST engine defs: 13070301
12:38:47.560 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004f
12:38:47.575 Disk 0 Vendor: Hitachi_ JPGO Size: 610480MB BusType: 8
12:38:47.748 Disk 0 MBR read successfully
12:38:47.764 Disk 0 MBR scan
12:38:47.764 Disk 0 unknown MBR code
12:38:47.764 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 596656 MB offset 63
12:38:47.795 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13821 MB offset 1221952095
12:38:47.873 Disk 0 scanning C:\Windows\system32\drivers
12:39:00.667 Service scanning
12:39:17.423 Modules scanning
12:39:17.423 Disk 0 trace - called modules:
12:39:17.454 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys
12:39:17.454 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004acd260]
12:39:17.470 3 CLASSPNP.SYS[fffffa600098dc33] -> nt!IofCallDriver -> [0xfffffa80046b1e40]
12:39:17.470 5 acpi.sys[fffffa6000821fde] -> nt!IofCallDriver -> \Device\0000004f[0xfffffa8004611060]
12:39:19.031 AVAST engine scan C:\Windows
12:39:25.740 AVAST engine scan C:\Windows\system32
12:45:05.531 AVAST engine scan C:\Windows\system32\drivers
12:45:43.509 AVAST engine scan C:\Users\HP
12:56:58.752 AVAST engine scan C:\ProgramData
13:03:20.892 Scan finished successfully
13:10:00.410 Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
13:10:00.441 The log file has been saved successfully to "C:\Users\HP\Desktop\aswMBR.txt"
TDSS: Code:
ATTFilter 13:13:03.0221 5064 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:13:03.0439 5064 ============================================================
13:13:03.0439 5064 Current date / time: 2013/07/04 13:13:03.0439
13:13:03.0439 5064 SystemInfo:
13:13:03.0439 5064
13:13:03.0439 5064 OS Version: 6.0.6002 ServicePack: 2.0
13:13:03.0439 5064 Product type: Workstation
13:13:03.0439 5064 ComputerName: HP-PC
13:13:03.0439 5064 UserName: HP
13:13:03.0439 5064 Windows directory: C:\Windows
13:13:03.0439 5064 System windows directory: C:\Windows
13:13:03.0439 5064 Running under WOW64
13:13:03.0439 5064 Processor architecture: Intel x64
13:13:03.0439 5064 Number of processors: 4
13:13:03.0439 5064 Page size: 0x1000
13:13:03.0439 5064 Boot type: Normal boot
13:13:03.0439 5064 ============================================================
13:13:04.0094 5064 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:13:04.0094 5064 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:04.0094 5064 Drive \Device\Harddisk4\DR4 - Size: 0x78200000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:04.0110 5064 ============================================================
13:13:04.0110 5064 \Device\Harddisk0\DR0:
13:13:04.0110 5064 MBR partitions:
13:13:04.0110 5064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48D58220
13:13:04.0110 5064 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48D5825F, BlocksNum 0x1AFEC62
13:13:04.0110 5064 \Device\Harddisk1\DR1:
13:13:04.0110 5064 MBR partitions:
13:13:04.0110 5064 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
13:13:04.0110 5064 \Device\Harddisk4\DR4:
13:13:04.0110 5064 MBR partitions:
13:13:04.0110 5064 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0xFD, BlocksNum 0x3C0B03
13:13:04.0110 5064 ============================================================
13:13:04.0126 5064 C: <-> \Device\Harddisk0\DR0\Partition1
13:13:04.0172 5064 D: <-> \Device\Harddisk0\DR0\Partition2
13:13:04.0204 5064 K: <-> \Device\Harddisk1\DR1\Partition1
13:13:04.0204 5064 ============================================================
13:13:04.0204 5064 Initialize success
13:13:04.0204 5064 ============================================================
13:13:07.0403 4820 ============================================================
13:13:07.0403 4820 Scan started
13:13:07.0403 4820 Mode: Manual;
13:13:07.0403 4820 ============================================================
13:13:07.0980 4820 ================ Scan system memory ========================
13:13:07.0980 4820 System memory - ok
13:13:07.0980 4820 ================ Scan services =============================
13:13:08.0463 4820 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:13:08.0479 4820 ACPI - ok
13:13:08.0682 4820 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:13:08.0682 4820 AdobeARMservice - ok
13:13:09.0212 4820 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:13:09.0212 4820 AdobeFlashPlayerUpdateSvc - ok
13:13:09.0368 4820 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:13:09.0368 4820 adp94xx - ok
13:13:09.0399 4820 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:13:09.0399 4820 adpahci - ok
13:13:09.0415 4820 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:13:09.0415 4820 adpu160m - ok
13:13:09.0415 4820 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:13:09.0431 4820 adpu320 - ok
13:13:09.0462 4820 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:13:09.0477 4820 AeLookupSvc - ok
13:13:09.0493 4820 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
13:13:09.0509 4820 AFD - ok
13:13:09.0540 4820 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:13:09.0540 4820 agp440 - ok
13:13:09.0555 4820 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:13:09.0555 4820 aic78xx - ok
13:13:09.0571 4820 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
13:13:09.0571 4820 ALG - ok
13:13:09.0602 4820 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
13:13:09.0602 4820 aliide - ok
13:13:09.0618 4820 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
13:13:09.0618 4820 amdide - ok
13:13:09.0633 4820 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:13:09.0633 4820 AmdK8 - ok
13:13:09.0665 4820 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
13:13:09.0680 4820 Appinfo - ok
13:13:09.0774 4820 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:13:09.0789 4820 Apple Mobile Device - ok
13:13:09.0805 4820 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
13:13:09.0805 4820 arc - ok
13:13:09.0836 4820 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:13:09.0836 4820 arcsas - ok
13:13:09.0883 4820 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
13:13:09.0883 4820 aswFsBlk - ok
13:13:09.0914 4820 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:13:09.0914 4820 aswMonFlt - ok
13:13:09.0930 4820 [ 2CF56F9848BF7841FF420E9DD95029EE ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
13:13:09.0930 4820 aswRdr - ok
13:13:09.0961 4820 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:13:09.0977 4820 aswSnx - ok
13:13:10.0008 4820 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:13:10.0008 4820 aswSP - ok
13:13:10.0039 4820 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:13:10.0039 4820 aswTdi - ok
13:13:10.0086 4820 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:13:10.0086 4820 AsyncMac - ok
13:13:10.0101 4820 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
13:13:10.0101 4820 atapi - ok
13:13:10.0164 4820 [ 0EB0A49C55D0C9102499353B80BDB021 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:13:10.0179 4820 Ati External Event Utility - ok
13:13:10.0351 4820 [ 6F677A4B26E88AC10F72F1614FDA470A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:13:10.0429 4820 atikmdag - ok
13:13:10.0507 4820 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:13:10.0507 4820 AudioEndpointBuilder - ok
13:13:10.0523 4820 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:13:10.0523 4820 AudioSrv - ok
13:13:10.0585 4820 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:13:10.0585 4820 avast! Antivirus - ok
13:13:10.0647 4820 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
13:13:10.0647 4820 BFE - ok
13:13:10.0710 4820 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
13:13:10.0741 4820 BITS - ok
13:13:10.0772 4820 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:13:10.0772 4820 blbdrive - ok
13:13:10.0803 4820 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:13:10.0819 4820 Bonjour Service - ok
13:13:10.0850 4820 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:13:10.0850 4820 bowser - ok
13:13:10.0881 4820 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:13:10.0881 4820 BrFiltLo - ok
13:13:10.0897 4820 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:13:10.0897 4820 BrFiltUp - ok
13:13:10.0928 4820 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
13:13:10.0944 4820 Browser - ok
13:13:10.0959 4820 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
13:13:10.0959 4820 Brserid - ok
13:13:10.0975 4820 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:13:10.0975 4820 BrSerWdm - ok
13:13:10.0975 4820 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:13:10.0975 4820 BrUsbMdm - ok
13:13:10.0991 4820 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:13:10.0991 4820 BrUsbSer - ok
13:13:11.0006 4820 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:13:11.0006 4820 BTHMODEM - ok
13:13:11.0053 4820 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:13:11.0069 4820 cdfs - ok
13:13:11.0084 4820 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:13:11.0084 4820 cdrom - ok
13:13:11.0162 4820 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
13:13:11.0162 4820 CertPropSvc - ok
13:13:11.0178 4820 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
13:13:11.0178 4820 circlass - ok
13:13:11.0240 4820 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
13:13:11.0256 4820 CLFS - ok
13:13:11.0287 4820 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:13:11.0287 4820 clr_optimization_v2.0.50727_32 - ok
13:13:11.0349 4820 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:13:11.0349 4820 clr_optimization_v2.0.50727_64 - ok
13:13:11.0412 4820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:13:11.0412 4820 clr_optimization_v4.0.30319_32 - ok
13:13:11.0460 4820 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:13:11.0460 4820 clr_optimization_v4.0.30319_64 - ok
13:13:11.0491 4820 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:13:11.0491 4820 cmdide - ok
13:13:11.0491 4820 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:13:11.0506 4820 Compbatt - ok
13:13:11.0506 4820 COMSysApp - ok
13:13:11.0522 4820 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:13:11.0522 4820 crcdisk - ok
13:13:11.0569 4820 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:13:11.0569 4820 CryptSvc - ok
13:13:11.0647 4820 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:13:11.0662 4820 DcomLaunch - ok
13:13:11.0709 4820 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:13:11.0709 4820 DfsC - ok
13:13:12.0006 4820 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
13:13:12.0084 4820 DFSR - ok
13:13:12.0177 4820 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:13:12.0193 4820 Dhcp - ok
13:13:12.0224 4820 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
13:13:12.0224 4820 disk - ok
13:13:12.0271 4820 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:13:12.0271 4820 Dnscache - ok
13:13:12.0333 4820 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
13:13:12.0349 4820 dot3svc - ok
13:13:12.0380 4820 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
13:13:12.0380 4820 DPS - ok
13:13:12.0411 4820 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:13:12.0411 4820 drmkaud - ok
13:13:12.0458 4820 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:13:12.0474 4820 DXGKrnl - ok
13:13:12.0505 4820 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
13:13:12.0505 4820 E1G60 - ok
13:13:12.0536 4820 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
13:13:12.0552 4820 EapHost - ok
13:13:12.0552 4820 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
13:13:12.0567 4820 Ecache - ok
13:13:12.0598 4820 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:13:12.0598 4820 ehRecvr - ok
13:13:12.0614 4820 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
13:13:12.0614 4820 ehSched - ok
13:13:12.0645 4820 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
13:13:12.0645 4820 ehstart - ok
13:13:12.0661 4820 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:13:12.0676 4820 elxstor - ok
13:13:12.0801 4820 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:13:12.0832 4820 EMDMgmt - ok
13:13:12.0832 4820 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:13:12.0848 4820 ErrDev - ok
13:13:12.0910 4820 esgiguard - ok
13:13:12.0957 4820 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
13:13:12.0973 4820 EventSystem - ok
13:13:13.0020 4820 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
13:13:13.0020 4820 exfat - ok
13:13:13.0035 4820 ezSharedSvc - ok
13:13:13.0113 4820 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:13:13.0144 4820 fastfat - ok
13:13:13.0176 4820 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:13:13.0176 4820 fdc - ok
13:13:13.0191 4820 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
13:13:13.0191 4820 fdPHost - ok
13:13:13.0238 4820 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
13:13:13.0254 4820 FDResPub - ok
13:13:13.0285 4820 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:13:13.0285 4820 FileInfo - ok
13:13:13.0300 4820 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:13:13.0300 4820 Filetrace - ok
13:13:13.0316 4820 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:13:13.0332 4820 flpydisk - ok
13:13:13.0394 4820 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:13:13.0394 4820 FltMgr - ok
13:13:13.0659 4820 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
13:13:13.0675 4820 FontCache - ok
13:13:13.0784 4820 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:13:13.0784 4820 FontCache3.0.0.0 - ok
13:13:13.0831 4820 [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:13:13.0831 4820 fssfltr - ok
13:13:13.0893 4820 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:13:13.0893 4820 fsssvc - ok
13:13:13.0940 4820 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:13:13.0940 4820 Fs_Rec - ok
13:13:13.0971 4820 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:13:13.0971 4820 gagp30kx - ok
13:13:14.0002 4820 [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
13:13:14.0034 4820 GameConsoleService - ok
13:13:14.0065 4820 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:13:14.0065 4820 GEARAspiWDM - ok
13:13:14.0143 4820 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
13:13:14.0174 4820 gpsvc - ok
13:13:14.0221 4820 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:13:14.0236 4820 HdAudAddService - ok
13:13:14.0268 4820 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:13:14.0283 4820 HDAudBus - ok
13:13:14.0299 4820 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:13:14.0299 4820 HidBth - ok
13:13:14.0314 4820 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:13:14.0314 4820 HidIr - ok
13:13:14.0361 4820 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
13:13:14.0377 4820 hidserv - ok
13:13:14.0392 4820 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:13:14.0392 4820 HidUsb - ok
13:13:14.0408 4820 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
13:13:14.0424 4820 hkmsvc - ok
13:13:14.0470 4820 [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:13:14.0470 4820 HP Health Check Service - ok
13:13:14.0517 4820 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:13:14.0517 4820 HpCISSs - ok
13:13:14.0580 4820 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:13:14.0595 4820 HTTP - ok
13:13:14.0642 4820 [ 4B7423FCC37664954460AC3E71752B62 ] hxctlflt C:\Windows\system32\DRIVERS\hxctlflt.sys
13:13:14.0642 4820 hxctlflt - ok
13:13:14.0658 4820 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:13:14.0658 4820 i2omp - ok
13:13:14.0673 4820 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:13:14.0673 4820 i8042prt - ok
13:13:14.0704 4820 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:13:14.0704 4820 iaStorV - ok
13:13:14.0798 4820 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:13:14.0798 4820 IDriverT - ok
13:13:14.0860 4820 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:13:14.0876 4820 idsvc - ok
13:13:14.0923 4820 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:13:14.0923 4820 iirsp - ok
13:13:14.0970 4820 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
13:13:14.0985 4820 IKEEXT - ok
13:13:15.0063 4820 [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:13:15.0110 4820 IntcAzAudAddService - ok
13:13:15.0157 4820 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
13:13:15.0157 4820 intelide - ok
13:13:15.0172 4820 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:13:15.0172 4820 intelppm - ok
13:13:15.0204 4820 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:13:15.0204 4820 IPBusEnum - ok
13:13:15.0219 4820 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:13:15.0219 4820 IpFilterDriver - ok
13:13:15.0250 4820 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:13:15.0250 4820 iphlpsvc - ok
13:13:15.0266 4820 IpInIp - ok
13:13:15.0297 4820 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:13:15.0297 4820 IPMIDRV - ok
13:13:15.0297 4820 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:13:15.0313 4820 IPNAT - ok
13:13:15.0360 4820 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:13:15.0375 4820 iPod Service - ok
13:13:15.0375 4820 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:13:15.0375 4820 IRENUM - ok
13:13:15.0422 4820 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:13:15.0422 4820 isapnp - ok
13:13:15.0469 4820 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:13:15.0469 4820 iScsiPrt - ok
13:13:15.0484 4820 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:13:15.0484 4820 iteatapi - ok
13:13:15.0500 4820 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:13:15.0500 4820 iteraid - ok
13:13:15.0516 4820 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:13:15.0516 4820 kbdclass - ok
13:13:15.0531 4820 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:13:15.0531 4820 kbdhid - ok
13:13:15.0594 4820 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
13:13:15.0609 4820 KeyIso - ok
13:13:15.0656 4820 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:13:15.0656 4820 KSecDD - ok
13:13:15.0687 4820 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:13:15.0687 4820 ksthunk - ok
13:13:15.0734 4820 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
13:13:15.0734 4820 KtmRm - ok
13:13:15.0765 4820 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:13:15.0781 4820 LanmanServer - ok
13:13:15.0796 4820 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:13:15.0796 4820 LanmanWorkstation - ok
13:13:15.0828 4820 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:13:15.0828 4820 lltdio - ok
13:13:15.0843 4820 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:13:15.0859 4820 lltdsvc - ok
13:13:15.0874 4820 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:13:15.0874 4820 lmhosts - ok
13:13:15.0890 4820 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:13:15.0890 4820 LSI_FC - ok
13:13:15.0906 4820 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:13:15.0906 4820 LSI_SAS - ok
13:13:15.0952 4820 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:13:15.0952 4820 LSI_SCSI - ok
13:13:15.0984 4820 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
13:13:15.0984 4820 luafv - ok
13:13:16.0015 4820 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:13:16.0015 4820 Mcx2Svc - ok
13:13:16.0046 4820 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
13:13:16.0046 4820 megasas - ok
13:13:16.0093 4820 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:13:16.0093 4820 MegaSR - ok
13:13:16.0108 4820 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
13:13:16.0124 4820 MMCSS - ok
13:13:16.0140 4820 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
13:13:16.0140 4820 Modem - ok
13:13:16.0171 4820 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:13:16.0171 4820 monitor - ok
13:13:16.0186 4820 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:13:16.0186 4820 mouclass - ok
13:13:16.0218 4820 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:13:16.0218 4820 mouhid - ok
13:13:16.0233 4820 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:13:16.0233 4820 MountMgr - ok
13:13:16.0249 4820 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
13:13:16.0249 4820 mpio - ok
13:13:16.0264 4820 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:13:16.0264 4820 mpsdrv - ok
13:13:16.0327 4820 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
13:13:16.0342 4820 MpsSvc - ok
13:13:16.0358 4820 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:13:16.0358 4820 Mraid35x - ok
13:13:16.0358 4820 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:13:16.0374 4820 MRxDAV - ok
13:13:16.0389 4820 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:13:16.0405 4820 mrxsmb - ok
13:13:16.0420 4820 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:13:16.0436 4820 mrxsmb10 - ok
13:13:16.0436 4820 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:13:16.0436 4820 mrxsmb20 - ok
13:13:16.0452 4820 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
13:13:16.0467 4820 msahci - ok
13:13:16.0467 4820 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:13:16.0467 4820 msdsm - ok
13:13:16.0498 4820 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
13:13:16.0498 4820 MSDTC - ok
13:13:16.0530 4820 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:13:16.0530 4820 Msfs - ok
13:13:16.0561 4820 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:13:16.0561 4820 msisadrv - ok
13:13:16.0592 4820 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:13:16.0592 4820 MSiSCSI - ok
13:13:16.0592 4820 msiserver - ok
13:13:16.0639 4820 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:13:16.0639 4820 MSKSSRV - ok
13:13:16.0654 4820 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:13:16.0654 4820 MSPCLOCK - ok
13:13:16.0670 4820 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:13:16.0670 4820 MSPQM - ok
13:13:16.0717 4820 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:13:16.0732 4820 MsRPC - ok
13:13:16.0748 4820 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:13:16.0748 4820 mssmbios - ok
13:13:16.0748 4820 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:13:16.0748 4820 MSTEE - ok
13:13:16.0764 4820 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
13:13:16.0764 4820 Mup - ok
13:13:16.0810 4820 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
13:13:16.0842 4820 napagent - ok
13:13:16.0888 4820 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:13:16.0888 4820 NativeWifiP - ok
13:13:16.0966 4820 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:13:16.0998 4820 NDIS - ok
13:13:17.0029 4820 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:13:17.0029 4820 NdisTapi - ok
13:13:17.0044 4820 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:13:17.0044 4820 Ndisuio - ok
13:13:17.0107 4820 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:13:17.0107 4820 NdisWan - ok
13:13:17.0122 4820 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:13:17.0122 4820 NDProxy - ok
13:13:17.0138 4820 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:13:17.0138 4820 NetBIOS - ok
13:13:17.0200 4820 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:13:17.0200 4820 netbt - ok
13:13:17.0200 4820 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
13:13:17.0216 4820 Netlogon - ok
13:13:17.0247 4820 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
13:13:17.0247 4820 Netman - ok
13:13:17.0263 4820 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
13:13:17.0278 4820 netprofm - ok
13:13:17.0325 4820 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:13:17.0341 4820 NetTcpPortSharing - ok
13:13:17.0372 4820 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:13:17.0372 4820 nfrd960 - ok
13:13:17.0902 4820 [ 29BC5B7C7C981FB8CD7A781A9E067AF7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
13:13:18.0027 4820 NIHardwareService - ok
13:13:18.0058 4820 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
13:13:18.0058 4820 NlaSvc - ok
13:13:18.0105 4820 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:13:18.0105 4820 Npfs - ok
13:13:18.0136 4820 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
13:13:18.0152 4820 nsi - ok
13:13:18.0168 4820 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:13:18.0168 4820 nsiproxy - ok
13:13:18.0448 4820 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:13:18.0495 4820 Ntfs - ok
13:13:18.0511 4820 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
13:13:18.0511 4820 Null - ok
13:13:18.0573 4820 [ 13EC5B8A4B82B6DEB739FC577B4217A7 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
13:13:18.0604 4820 NVENETFD - ok
13:13:18.0604 4820 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:13:18.0604 4820 nvraid - ok
13:13:18.0636 4820 [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
13:13:18.0636 4820 nvrd64 - ok
13:13:18.0667 4820 [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
13:13:18.0667 4820 nvsmu - ok
13:13:18.0682 4820 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:13:18.0682 4820 nvstor - ok
13:13:18.0714 4820 [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
13:13:18.0714 4820 nvstor64 - ok
13:13:18.0760 4820 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:13:18.0760 4820 nv_agp - ok
13:13:18.0760 4820 NwlnkFlt - ok
13:13:18.0776 4820 NwlnkFwd - ok
13:13:18.0854 4820 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:13:18.0870 4820 odserv - ok
13:13:18.0916 4820 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:13:18.0916 4820 ohci1394 - ok
13:13:18.0948 4820 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:13:18.0948 4820 ose - ok
13:13:18.0994 4820 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:13:19.0010 4820 p2pimsvc - ok
13:13:19.0041 4820 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
13:13:19.0057 4820 p2psvc - ok
13:13:19.0057 4820 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
13:13:19.0072 4820 Parport - ok
13:13:19.0088 4820 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:13:19.0104 4820 partmgr - ok
13:13:19.0119 4820 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
13:13:19.0119 4820 PcaSvc - ok
13:13:19.0150 4820 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
13:13:19.0150 4820 pci - ok
13:13:19.0197 4820 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
13:13:19.0197 4820 pciide - ok
13:13:19.0275 4820 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:13:19.0306 4820 pcmcia - ok
13:13:19.0322 4820 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:13:19.0338 4820 PEAUTH - ok
13:13:19.0400 4820 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:13:19.0400 4820 PerfHost - ok
13:13:19.0478 4820 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
13:13:19.0509 4820 pla - ok
13:13:19.0572 4820 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:13:19.0587 4820 PlugPlay - ok
13:13:19.0618 4820 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:13:19.0634 4820 PNRPAutoReg - ok
13:13:19.0650 4820 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:13:19.0665 4820 PNRPsvc - ok
13:13:19.0728 4820 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:13:19.0743 4820 PolicyAgent - ok
13:13:19.0806 4820 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:13:19.0806 4820 PptpMiniport - ok
13:13:19.0821 4820 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:13:19.0821 4820 Processor - ok
13:13:19.0884 4820 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
13:13:19.0899 4820 ProfSvc - ok
13:13:19.0930 4820 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:13:19.0930 4820 ProtectedStorage - ok
13:13:19.0977 4820 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
13:13:19.0977 4820 Ps2 - ok
13:13:20.0024 4820 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:13:20.0024 4820 PSched - ok
13:13:20.0071 4820 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:13:20.0102 4820 ql2300 - ok
13:13:20.0118 4820 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:13:20.0118 4820 ql40xx - ok
13:13:20.0164 4820 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
13:13:20.0164 4820 QWAVE - ok
13:13:20.0180 4820 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:13:20.0180 4820 QWAVEdrv - ok
13:13:20.0180 4820 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:13:20.0196 4820 RasAcd - ok
13:13:20.0196 4820 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
13:13:20.0227 4820 RasAuto - ok
13:13:20.0274 4820 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:13:20.0274 4820 Rasl2tp - ok
13:13:20.0320 4820 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
13:13:20.0336 4820 RasMan - ok
13:13:20.0383 4820 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:13:20.0383 4820 RasPppoe - ok
13:13:20.0414 4820 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:13:20.0414 4820 RasSstp - ok
13:13:20.0461 4820 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:13:20.0461 4820 rdbss - ok
13:13:20.0492 4820 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:13:20.0492 4820 RDPCDD - ok
13:13:20.0523 4820 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:13:20.0539 4820 rdpdr - ok
13:13:20.0539 4820 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:13:20.0554 4820 RDPENCDD - ok
13:13:20.0586 4820 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:13:20.0586 4820 RDPWD - ok
13:13:20.0617 4820 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:13:20.0617 4820 RemoteAccess - ok
13:13:20.0632 4820 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:13:20.0648 4820 RemoteRegistry - ok
13:13:20.0648 4820 RimUsb - ok
13:13:20.0710 4820 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:13:20.0710 4820 RimVSerPort - ok
13:13:20.0710 4820 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
13:13:20.0710 4820 ROOTMODEM - ok
13:13:20.0726 4820 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
13:13:20.0742 4820 RpcLocator - ok
13:13:20.0757 4820 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
13:13:20.0773 4820 RpcSs - ok
13:13:20.0773 4820 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:13:20.0788 4820 rspndr - ok
13:13:20.0804 4820 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
13:13:20.0804 4820 SamSs - ok
13:13:20.0820 4820 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:13:20.0820 4820 sbp2port - ok
13:13:20.0866 4820 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:13:20.0882 4820 SCardSvr - ok
13:13:20.0944 4820 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
13:13:20.0976 4820 Schedule - ok
13:13:21.0022 4820 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:13:21.0022 4820 SCPolicySvc - ok
13:13:21.0069 4820 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:13:21.0100 4820 ScreamBAudioSvc - ok
13:13:21.0132 4820 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:13:21.0147 4820 SDRSVC - ok
13:13:21.0194 4820 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:13:21.0194 4820 secdrv - ok
13:13:21.0210 4820 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
13:13:21.0210 4820 seclogon - ok
13:13:21.0225 4820 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
13:13:21.0241 4820 SENS - ok
13:13:21.0241 4820 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:13:21.0241 4820 Serenum - ok
13:13:21.0272 4820 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
13:13:21.0272 4820 Serial - ok
13:13:21.0272 4820 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:13:21.0272 4820 sermouse - ok
13:13:21.0303 4820 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
13:13:21.0319 4820 SessionEnv - ok
13:13:21.0334 4820 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:13:21.0334 4820 sffdisk - ok
13:13:21.0334 4820 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:13:21.0334 4820 sffp_mmc - ok
13:13:21.0350 4820 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:13:21.0366 4820 sffp_sd - ok
13:13:21.0397 4820 [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:13:21.0397 4820 sfloppy - ok
13:13:21.0428 4820 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:13:21.0428 4820 SharedAccess - ok
13:13:21.0459 4820 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:13:21.0475 4820 ShellHWDetection - ok
13:13:21.0490 4820 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:13:21.0490 4820 SiSRaid2 - ok
13:13:21.0506 4820 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:13:21.0506 4820 SiSRaid4 - ok
13:13:21.0554 4820 [ E0211E7E0D9CF5672174014BC6524E79 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:13:21.0554 4820 SkypeUpdate - ok
13:13:21.0866 4820 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
13:13:21.0944 4820 slsvc - ok
13:13:22.0006 4820 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:13:22.0006 4820 SLUINotify - ok
13:13:22.0084 4820 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:13:22.0084 4820 Smb - ok
13:13:22.0115 4820 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:13:22.0131 4820 SNMPTRAP - ok
13:13:22.0381 4820 [ 56B69DE178E12F4C2A25AC18E1D0BFB0 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
13:13:22.0568 4820 SNPSTD3 - ok
13:13:22.0615 4820 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
13:13:22.0615 4820 spldr - ok
13:13:22.0646 4820 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
13:13:22.0661 4820 Spooler - ok
13:13:22.0693 4820 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
13:13:22.0693 4820 srv - ok
13:13:22.0708 4820 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:13:22.0708 4820 srv2 - ok
13:13:22.0724 4820 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:13:22.0739 4820 srvnet - ok
13:13:22.0755 4820 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:13:22.0771 4820 SSDPSRV - ok
13:13:22.0802 4820 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:13:22.0817 4820 SstpSvc - ok
13:13:22.0864 4820 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
13:13:22.0880 4820 stisvc - ok
13:13:22.0895 4820 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:13:22.0895 4820 swenum - ok
13:13:22.0958 4820 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
13:13:22.0973 4820 swprv - ok
13:13:22.0973 4820 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:13:22.0973 4820 Symc8xx - ok
13:13:22.0989 4820 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:13:22.0989 4820 Sym_hi - ok
13:13:23.0005 4820 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:13:23.0005 4820 Sym_u3 - ok
13:13:23.0083 4820 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
13:13:23.0098 4820 SysMain - ok
13:13:23.0129 4820 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:13:23.0129 4820 TabletInputService - ok
13:13:23.0192 4820 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:13:23.0192 4820 TapiSrv - ok
13:13:23.0207 4820 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
13:13:23.0223 4820 TBS - ok
13:13:23.0270 4820 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:13:23.0301 4820 Tcpip - ok
13:13:23.0317 4820 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:13:23.0348 4820 Tcpip6 - ok
13:13:23.0363 4820 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:13:23.0363 4820 tcpipreg - ok
13:13:23.0395 4820 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:13:23.0395 4820 TDPIPE - ok
13:13:23.0410 4820 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:13:23.0410 4820 TDTCP - ok
13:13:23.0410 4820 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:13:23.0426 4820 tdx - ok
13:13:23.0441 4820 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:13:23.0441 4820 TermDD - ok
13:13:23.0519 4820 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
13:13:23.0551 4820 TermService - ok
13:13:23.0566 4820 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
13:13:23.0566 4820 Themes - ok
13:13:23.0582 4820 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
13:13:23.0597 4820 THREADORDER - ok
13:13:23.0613 4820 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
13:13:23.0613 4820 TrkWks - ok
13:13:23.0660 4820 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:13:23.0675 4820 TrustedInstaller - ok
13:13:23.0707 4820 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:13:23.0707 4820 tssecsrv - ok
13:13:23.0738 4820 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:13:23.0738 4820 tunmp - ok
13:13:23.0785 4820 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:13:23.0785 4820 tunnel - ok
13:13:23.0800 4820 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:13:23.0816 4820 uagp35 - ok
13:13:23.0831 4820 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:13:23.0831 4820 udfs - ok
13:13:23.0863 4820 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:13:23.0863 4820 UI0Detect - ok
13:13:23.0878 4820 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:13:23.0878 4820 uliagpkx - ok
13:13:23.0894 4820 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:13:23.0894 4820 uliahci - ok
13:13:23.0909 4820 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:13:23.0909 4820 UlSata - ok
13:13:23.0925 4820 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:13:23.0925 4820 ulsata2 - ok
13:13:23.0956 4820 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:13:23.0956 4820 umbus - ok
13:13:23.0987 4820 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
13:13:24.0003 4820 upnphost - ok
13:13:24.0019 4820 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:13:24.0034 4820 USBAAPL64 - ok
13:13:24.0065 4820 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:13:24.0065 4820 usbaudio - ok
13:13:24.0128 4820 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:13:24.0128 4820 usbccgp - ok
13:13:24.0143 4820 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:13:24.0143 4820 usbcir - ok
13:13:24.0159 4820 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:13:24.0159 4820 usbehci - ok
13:13:24.0206 4820 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:13:24.0206 4820 usbhub - ok
13:13:24.0221 4820 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:13:24.0221 4820 usbohci - ok
13:13:24.0253 4820 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:13:24.0253 4820 usbprint - ok
13:13:24.0299 4820 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:13:24.0299 4820 usbscan - ok
13:13:24.0315 4820 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:13:24.0315 4820 USBSTOR - ok
13:13:24.0346 4820 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:13:24.0346 4820 usbuhci - ok
13:13:24.0393 4820 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
13:13:24.0393 4820 UxSms - ok
13:13:24.0440 4820 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
13:13:24.0455 4820 vds - ok
13:13:24.0487 4820 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:13:24.0487 4820 vga - ok
13:13:24.0502 4820 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:13:24.0502 4820 VgaSave - ok
13:13:24.0502 4820 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
13:13:24.0502 4820 viaide - ok
13:13:24.0518 4820 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:13:24.0518 4820 volmgr - ok
13:13:24.0565 4820 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:13:24.0565 4820 volmgrx - ok
13:13:24.0611 4820 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:13:24.0611 4820 volsnap - ok
13:13:24.0627 4820 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:13:24.0627 4820 vsmraid - ok
13:13:24.0705 4820 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
13:13:24.0721 4820 VSS - ok
13:13:24.0783 4820 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
13:13:24.0799 4820 W32Time - ok
13:13:24.0830 4820 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:13:24.0830 4820 WacomPen - ok
13:13:24.0861 4820 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:13:24.0861 4820 Wanarp - ok
13:13:24.0861 4820 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:13:24.0877 4820 Wanarpv6 - ok
13:13:24.0908 4820 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:13:24.0908 4820 wcncsvc - ok
13:13:24.0939 4820 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:13:24.0939 4820 WcsPlugInService - ok
13:13:24.0955 4820 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
13:13:24.0955 4820 Wd - ok
13:13:25.0001 4820 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:13:25.0017 4820 Wdf01000 - ok
13:13:25.0033 4820 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:13:25.0033 4820 WdiServiceHost - ok
13:13:25.0033 4820 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:13:25.0048 4820 WdiSystemHost - ok
13:13:25.0064 4820 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
13:13:25.0064 4820 WebClient - ok
13:13:25.0095 4820 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:13:25.0111 4820 Wecsvc - ok
13:13:25.0126 4820 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:13:25.0126 4820 wercplsupport - ok
13:13:25.0142 4820 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
13:13:25.0142 4820 WerSvc - ok
13:13:25.0173 4820 WinDefend - ok
13:13:25.0173 4820 WinHttpAutoProxySvc - ok
13:13:25.0267 4820 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:13:25.0282 4820 Winmgmt - ok
13:13:25.0345 4820 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
13:13:25.0391 4820 WinRM - ok
13:13:25.0438 4820 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
13:13:25.0454 4820 WinUSB - ok
13:13:25.0485 4820 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:13:25.0501 4820 Wlansvc - ok
13:13:25.0516 4820 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:13:25.0516 4820 WmiAcpi - ok
13:13:25.0579 4820 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:13:25.0579 4820 wmiApSrv - ok
13:13:25.0594 4820 WMPNetworkSvc - ok
13:13:25.0625 4820 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:13:25.0625 4820 WPCSvc - ok
13:13:25.0672 4820 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:13:25.0688 4820 WPDBusEnum - ok
13:13:25.0719 4820 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:13:25.0719 4820 WpdUsb - ok
13:13:25.0797 4820 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:13:25.0828 4820 WPFFontCache_v0400 - ok
13:13:25.0844 4820 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:13:25.0844 4820 ws2ifsl - ok
13:13:25.0891 4820 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
13:13:25.0906 4820 wscsvc - ok
13:13:25.0906 4820 WSearch - ok
13:13:25.0984 4820 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:13:26.0031 4820 wuauserv - ok
13:13:26.0078 4820 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:13:26.0078 4820 WudfPf - ok
13:13:26.0125 4820 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:13:26.0125 4820 WUDFRd - ok
13:13:26.0140 4820 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:13:26.0140 4820 wudfsvc - ok
13:13:26.0156 4820 ================ Scan global ===============================
13:13:26.0171 4820 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:13:26.0218 4820 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:13:26.0234 4820 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:13:26.0343 4820 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
13:13:26.0359 4820 [Global] - ok
13:13:26.0359 4820 ================ Scan MBR ==================================
13:13:26.0390 4820 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
13:13:27.0795 4820 \Device\Harddisk0\DR0 - ok
13:13:27.0795 4820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:13:27.0795 4820 \Device\Harddisk1\DR1 - ok
13:13:27.0810 4820 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
13:13:27.0842 4820 \Device\Harddisk4\DR4 - ok
13:13:27.0842 4820 ================ Scan VBR ==================================
13:13:27.0873 4820 [ B7F665ADAB27EA8A68B47C61FF02D011 ] \Device\Harddisk0\DR0\Partition1
13:13:27.0920 4820 \Device\Harddisk0\DR0\Partition1 - ok
13:13:27.0982 4820 [ 4B79F7981523E0B791605B829695078F ] \Device\Harddisk0\DR0\Partition2
13:13:28.0013 4820 \Device\Harddisk0\DR0\Partition2 - ok
13:13:28.0029 4820 [ 0D38F8AF2BCDCDB9D7E39FE65F4F46A8 ] \Device\Harddisk1\DR1\Partition1
13:13:28.0029 4820 \Device\Harddisk1\DR1\Partition1 - ok
13:13:28.0029 4820 [ 486D6BD2369767511B3A906A244D8E84 ] \Device\Harddisk4\DR4\Partition1
13:13:28.0029 4820 \Device\Harddisk4\DR4\Partition1 - ok
13:13:28.0029 4820 ============================================================
13:13:28.0029 4820 Scan finished
13:13:28.0029 4820 ============================================================
13:13:28.0044 5540 Detected object count: 0
13:13:28.0044 5540 Actual detected object count: 0
13:15:02.0072 4692 ============================================================
13:15:02.0072 4692 Scan started
13:15:02.0072 4692 Mode: Manual;
13:15:02.0072 4692 ============================================================
13:15:02.0477 4692 ================ Scan system memory ========================
13:15:02.0477 4692 System memory - ok
13:15:02.0477 4692 ================ Scan services =============================
13:15:02.0603 4692 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:15:02.0619 4692 ACPI - ok
13:15:02.0681 4692 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:15:02.0681 4692 AdobeARMservice - ok
13:15:02.0759 4692 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:15:02.0759 4692 AdobeFlashPlayerUpdateSvc - ok
13:15:02.0790 4692 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:15:02.0790 4692 adp94xx - ok
13:15:02.0821 4692 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:15:02.0821 4692 adpahci - ok
13:15:02.0837 4692 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:15:02.0837 4692 adpu160m - ok
13:15:02.0853 4692 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:15:02.0853 4692 adpu320 - ok
13:15:02.0884 4692 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:15:02.0884 4692 AeLookupSvc - ok
13:15:02.0915 4692 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
13:15:02.0915 4692 AFD - ok
13:15:02.0931 4692 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:15:02.0931 4692 agp440 - ok
13:15:02.0946 4692 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:15:02.0946 4692 aic78xx - ok
13:15:02.0962 4692 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
13:15:02.0962 4692 ALG - ok
13:15:02.0977 4692 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
13:15:02.0977 4692 aliide - ok
13:15:02.0993 4692 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
13:15:02.0993 4692 amdide - ok
13:15:03.0009 4692 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:15:03.0009 4692 AmdK8 - ok
13:15:03.0009 4692 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
13:15:03.0009 4692 Appinfo - ok
13:15:03.0071 4692 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:15:03.0071 4692 Apple Mobile Device - ok
13:15:03.0102 4692 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
13:15:03.0102 4692 arc - ok
13:15:03.0102 4692 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:15:03.0102 4692 arcsas - ok
13:15:03.0133 4692 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
13:15:03.0133 4692 aswFsBlk - ok
13:15:03.0149 4692 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:15:03.0149 4692 aswMonFlt - ok
13:15:03.0165 4692 [ 2CF56F9848BF7841FF420E9DD95029EE ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
13:15:03.0165 4692 aswRdr - ok
13:15:03.0196 4692 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:15:03.0211 4692 aswSnx - ok
13:15:03.0227 4692 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:15:03.0227 4692 aswSP - ok
13:15:03.0243 4692 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:15:03.0243 4692 aswTdi - ok
13:15:03.0258 4692 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:15:03.0258 4692 AsyncMac - ok
13:15:03.0289 4692 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
13:15:03.0289 4692 atapi - ok
13:15:03.0321 4692 [ 0EB0A49C55D0C9102499353B80BDB021 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:15:03.0336 4692 Ati External Event Utility - ok
13:15:03.0445 4692 [ 6F677A4B26E88AC10F72F1614FDA470A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:15:03.0492 4692 atikmdag - ok
13:15:03.0555 4692 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:15:03.0555 4692 AudioEndpointBuilder - ok
13:15:03.0555 4692 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:15:03.0570 4692 AudioSrv - ok
13:15:03.0601 4692 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:15:03.0601 4692 avast! Antivirus - ok
13:15:03.0664 4692 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
13:15:03.0664 4692 BFE - ok
13:15:03.0695 4692 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
13:15:03.0695 4692 BITS - ok
13:15:03.0726 4692 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:15:03.0726 4692 blbdrive - ok
13:15:03.0757 4692 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:15:03.0757 4692 Bonjour Service - ok
13:15:03.0789 4692 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:15:03.0804 4692 bowser - ok
13:15:03.0804 4692 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:15:03.0804 4692 BrFiltLo - ok
13:15:03.0820 4692 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:15:03.0820 4692 BrFiltUp - ok
13:15:03.0851 4692 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
13:15:03.0851 4692 Browser - ok
13:15:03.0867 4692 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
13:15:03.0867 4692 Brserid - ok
13:15:03.0882 4692 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:15:03.0882 4692 BrSerWdm - ok
13:15:03.0882 4692 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:15:03.0882 4692 BrUsbMdm - ok
13:15:03.0898 4692 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:15:03.0898 4692 BrUsbSer - ok
13:15:03.0913 4692 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:15:03.0913 4692 BTHMODEM - ok
13:15:03.0929 4692 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:15:03.0945 4692 cdfs - ok
13:15:03.0960 4692 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:15:03.0960 4692 cdrom - ok
13:15:04.0007 4692 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
13:15:04.0023 4692 CertPropSvc - ok
13:15:04.0038 4692 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
13:15:04.0038 4692 circlass - ok
13:15:04.0101 4692 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
13:15:04.0101 4692 CLFS - ok
13:15:04.0179 4692 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:15:04.0179 4692 clr_optimization_v2.0.50727_32 - ok
13:15:04.0241 4692 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:15:04.0241 4692 clr_optimization_v2.0.50727_64 - ok
13:15:04.0272 4692 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:15:04.0272 4692 clr_optimization_v4.0.30319_32 - ok
13:15:04.0319 4692 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:15:04.0319 4692 clr_optimization_v4.0.30319_64 - ok
13:15:04.0335 4692 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:15:04.0335 4692 cmdide - ok
13:15:04.0350 4692 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:15:04.0350 4692 Compbatt - ok
13:15:04.0350 4692 COMSysApp - ok
13:15:04.0366 4692 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:15:04.0366 4692 crcdisk - ok
13:15:04.0397 4692 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:15:04.0397 4692 CryptSvc - ok
13:15:04.0475 4692 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:15:04.0475 4692 DcomLaunch - ok
13:15:04.0506 4692 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:15:04.0506 4692 DfsC - ok
13:15:04.0631 4692 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
13:15:04.0662 4692 DFSR - ok
13:15:04.0725 4692 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:15:04.0725 4692 Dhcp - ok
13:15:04.0756 4692 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
13:15:04.0756 4692 disk - ok
13:15:04.0787 4692 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:15:04.0787 4692 Dnscache - ok
13:15:04.0834 4692 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
13:15:04.0849 4692 dot3svc - ok
13:15:04.0865 4692 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
13:15:04.0865 4692 DPS - ok
13:15:04.0896 4692 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:15:04.0896 4692 drmkaud - ok
13:15:04.0943 4692 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:15:04.0943 4692 DXGKrnl - ok
13:15:04.0974 4692 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
13:15:04.0974 4692 E1G60 - ok
13:15:04.0990 4692 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
13:15:04.0990 4692 EapHost - ok
13:15:05.0005 4692 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
13:15:05.0005 4692 Ecache - ok
13:15:05.0068 4692 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:15:05.0068 4692 ehRecvr - ok
13:15:05.0083 4692 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
13:15:05.0083 4692 ehSched - ok
13:15:05.0099 4692 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
13:15:05.0115 4692 ehstart - ok
13:15:05.0130 4692 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:15:05.0130 4692 elxstor - ok
13:15:05.0193 4692 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:15:05.0208 4692 EMDMgmt - ok
13:15:05.0208 4692 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:15:05.0208 4692 ErrDev - ok
13:15:05.0224 4692 esgiguard - ok
13:15:05.0255 4692 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
13:15:05.0255 4692 EventSystem - ok
13:15:05.0317 4692 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
13:15:05.0317 4692 exfat - ok
13:15:05.0317 4692 ezSharedSvc - ok
13:15:05.0364 4692 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:15:05.0380 4692 fastfat - ok
13:15:05.0395 4692 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:15:05.0395 4692 fdc - ok
13:15:05.0411 4692 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
13:15:05.0411 4692 fdPHost - ok
13:15:05.0427 4692 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
13:15:05.0442 4692 FDResPub - ok
13:15:05.0458 4692 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:15:05.0458 4692 FileInfo - ok
13:15:05.0473 4692 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:15:05.0473 4692 Filetrace - ok
13:15:05.0473 4692 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:15:05.0473 4692 flpydisk - ok
13:15:05.0520 4692 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:15:05.0536 4692 FltMgr - ok
13:15:05.0583 4692 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
13:15:05.0598 4692 FontCache - ok
13:15:05.0661 4692 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:15:05.0661 4692 FontCache3.0.0.0 - ok
13:15:05.0692 4692 [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:15:05.0692 4692 fssfltr - ok
13:15:05.0770 4692 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:15:05.0770 4692 fsssvc - ok
13:15:05.0785 4692 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:15:05.0785 4692 Fs_Rec - ok
13:15:05.0817 4692 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:15:05.0817 4692 gagp30kx - ok
13:15:05.0848 4692 [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
13:15:05.0848 4692 GameConsoleService - ok
13:15:05.0879 4692 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:15:05.0879 4692 GEARAspiWDM - ok
13:15:05.0926 4692 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
13:15:05.0941 4692 gpsvc - ok
13:15:05.0973 4692 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:15:05.0973 4692 HdAudAddService - ok
13:15:06.0019 4692 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:15:06.0035 4692 HDAudBus - ok
13:15:06.0035 4692 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:15:06.0051 4692 HidBth - ok
13:15:06.0066 4692 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:15:06.0082 4692 HidIr - ok
13:15:06.0113 4692 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
13:15:06.0129 4692 hidserv - ok
13:15:06.0129 4692 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:15:06.0129 4692 HidUsb - ok
13:15:06.0160 4692 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
13:15:06.0160 4692 hkmsvc - ok
13:15:06.0207 4692 [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:15:06.0207 4692 HP Health Check Service - ok
13:15:06.0207 4692 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:15:06.0222 4692 HpCISSs - ok
13:15:06.0285 4692 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:15:06.0285 4692 HTTP - ok
13:15:06.0316 4692 [ 4B7423FCC37664954460AC3E71752B62 ] hxctlflt C:\Windows\system32\DRIVERS\hxctlflt.sys
13:15:06.0316 4692 hxctlflt - ok
13:15:06.0331 4692 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:15:06.0347 4692 i2omp - ok
13:15:06.0363 4692 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:15:06.0363 4692 i8042prt - ok
13:15:06.0378 4692 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:15:06.0394 4692 iaStorV - ok
13:15:06.0456 4692 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:15:06.0456 4692 IDriverT - ok
13:15:06.0519 4692 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:15:06.0534 4692 idsvc - ok
13:15:06.0550 4692 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:15:06.0550 4692 iirsp - ok
13:15:06.0597 4692 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
13:15:06.0612 4692 IKEEXT - ok
13:15:06.0675 4692 [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:15:06.0690 4692 IntcAzAudAddService - ok
13:15:06.0721 4692 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
13:15:06.0721 4692 intelide - ok
13:15:06.0737 4692 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:15:06.0737 4692 intelppm - ok
13:15:06.0753 4692 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:15:06.0768 4692 IPBusEnum - ok
13:15:06.0784 4692 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:15:06.0784 4692 IpFilterDriver - ok
13:15:06.0815 4692 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:15:06.0815 4692 iphlpsvc - ok
13:15:06.0815 4692 IpInIp - ok
13:15:06.0846 4692 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:15:06.0846 4692 IPMIDRV - ok
13:15:06.0862 4692 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:15:06.0862 4692 IPNAT - ok
13:15:06.0893 4692 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:15:06.0909 4692 iPod Service - ok
13:15:06.0924 4692 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:15:06.0924 4692 IRENUM - ok
13:15:06.0924 4692 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:15:06.0924 4692 isapnp - ok
13:15:06.0955 4692 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:15:06.0971 4692 iScsiPrt - ok
13:15:06.0987 4692 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:15:06.0987 4692 iteatapi - ok
13:15:07.0002 4692 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:15:07.0002 4692 iteraid - ok
13:15:07.0018 4692 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:15:07.0018 4692 kbdclass - ok
13:15:07.0033 4692 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:15:07.0033 4692 kbdhid - ok
13:15:07.0065 4692 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
13:15:07.0065 4692 KeyIso - ok
13:15:07.0127 4692 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:15:07.0143 4692 KSecDD - ok
13:15:07.0158 4692 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:15:07.0158 4692 ksthunk - ok
13:15:07.0189 4692 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
13:15:07.0189 4692 KtmRm - ok
13:15:07.0221 4692 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:15:07.0236 4692 LanmanServer - ok
13:15:07.0252 4692 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:15:07.0267 4692 LanmanWorkstation - ok
13:15:07.0283 4692 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:15:07.0283 4692 lltdio - ok
13:15:07.0299 4692 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:15:07.0314 4692 lltdsvc - ok
13:15:07.0330 4692 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:15:07.0330 4692 lmhosts - ok
13:15:07.0377 4692 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:15:07.0377 4692 LSI_FC - ok
13:15:07.0377 4692 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:15:07.0377 4692 LSI_SAS - ok
13:15:07.0392 4692 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:15:07.0392 4692 LSI_SCSI - ok
13:15:07.0408 4692 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
13:15:07.0408 4692 luafv - ok
13:15:07.0439 4692 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:15:07.0439 4692 Mcx2Svc - ok
13:15:07.0455 4692 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
13:15:07.0455 4692 megasas - ok
13:15:07.0486 4692 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:15:07.0501 4692 MegaSR - ok
13:15:07.0517 4692 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
13:15:07.0517 4692 MMCSS - ok
13:15:07.0533 4692 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
13:15:07.0533 4692 Modem - ok
13:15:07.0548 4692 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:15:07.0548 4692 monitor - ok
13:15:07.0579 4692 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:15:07.0579 4692 mouclass - ok
13:15:07.0595 4692 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:15:07.0595 4692 mouhid - ok
13:15:07.0611 4692 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:15:07.0611 4692 MountMgr - ok
13:15:07.0611 4692 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
13:15:07.0626 4692 mpio - ok
13:15:07.0642 4692 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:15:07.0642 4692 mpsdrv - ok
13:15:07.0690 4692 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
13:15:07.0705 4692 MpsSvc - ok
13:15:07.0705 4692 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:15:07.0721 4692 Mraid35x - ok
13:15:07.0736 4692 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:15:07.0736 4692 MRxDAV - ok
13:15:07.0768 4692 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:15:07.0768 4692 mrxsmb - ok
13:15:07.0799 4692 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:15:07.0799 4692 mrxsmb10 - ok
13:15:07.0814 4692 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:15:07.0814 4692 mrxsmb20 - ok
13:15:07.0814 4692 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
13:15:07.0814 4692 msahci - ok
13:15:07.0830 4692 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:15:07.0830 4692 msdsm - ok
13:15:07.0846 4692 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
13:15:07.0846 4692 MSDTC - ok
13:15:07.0877 4692 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:15:07.0877 4692 Msfs - ok
13:15:07.0892 4692 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:15:07.0892 4692 msisadrv - ok
13:15:07.0908 4692 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:15:07.0908 4692 MSiSCSI - ok
13:15:07.0924 4692 msiserver - ok
13:15:07.0924 4692 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:15:07.0939 4692 MSKSSRV - ok
13:15:07.0939 4692 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:15:07.0939 4692 MSPCLOCK - ok
13:15:07.0955 4692 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:15:07.0955 4692 MSPQM - ok
13:15:08.0002 4692 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:15:08.0002 4692 MsRPC - ok
13:15:08.0017 4692 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:15:08.0017 4692 mssmbios - ok
13:15:08.0033 4692 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:15:08.0033 4692 MSTEE - ok
13:15:08.0033 4692 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
13:15:08.0033 4692 Mup - ok
13:15:08.0095 4692 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
13:15:08.0111 4692 napagent - ok
13:15:08.0158 4692 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:15:08.0158 4692 NativeWifiP - ok
13:15:08.0220 4692 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:15:08.0236 4692 NDIS - ok
13:15:08.0267 4692 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:15:08.0267 4692 NdisTapi - ok
13:15:08.0282 4692 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:15:08.0282 4692 Ndisuio - ok
13:15:08.0329 4692 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:15:08.0345 4692 NdisWan - ok
13:15:08.0345 4692 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:15:08.0360 4692 NDProxy - ok
13:15:08.0360 4692 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:15:08.0376 4692 NetBIOS - ok
13:15:08.0423 4692 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:15:08.0438 4692 netbt - ok
13:15:08.0438 4692 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
13:15:08.0438 4692 Netlogon - ok
13:15:08.0470 4692 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
13:15:08.0485 4692 Netman - ok
13:15:08.0501 4692 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
13:15:08.0516 4692 netprofm - ok
13:15:08.0532 4692 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:15:08.0532 4692 NetTcpPortSharing - ok
13:15:08.0563 4692 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:15:08.0563 4692 nfrd960 - ok
13:15:08.0735 4692 [ 29BC5B7C7C981FB8CD7A781A9E067AF7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
13:15:08.0813 4692 NIHardwareService - ok
13:15:08.0828 4692 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
13:15:08.0844 4692 NlaSvc - ok
13:15:08.0891 4692 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:15:08.0891 4692 Npfs - ok
13:15:08.0906 4692 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
13:15:08.0906 4692 nsi - ok
13:15:08.0922 4692 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:15:08.0922 4692 nsiproxy - ok
13:15:08.0984 4692 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:15:09.0000 4692 Ntfs - ok
13:15:09.0016 4692 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
13:15:09.0016 4692 Null - ok
13:15:09.0062 4692 [ 13EC5B8A4B82B6DEB739FC577B4217A7 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
13:15:09.0078 4692 NVENETFD - ok
13:15:09.0078 4692 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:15:09.0078 4692 nvraid - ok
13:15:09.0125 4692 [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
13:15:09.0125 4692 nvrd64 - ok
13:15:09.0140 4692 [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
13:15:09.0140 4692 nvsmu - ok
13:15:09.0156 4692 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:15:09.0156 4692 nvstor - ok
13:15:09.0187 4692 [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
13:15:09.0187 4692 nvstor64 - ok
13:15:09.0218 4692 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:15:09.0218 4692 nv_agp - ok
13:15:09.0218 4692 NwlnkFlt - ok
13:15:09.0234 4692 NwlnkFwd - ok
13:15:09.0281 4692 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:15:09.0281 4692 odserv - ok
13:15:09.0312 4692 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:15:09.0312 4692 ohci1394 - ok
13:15:09.0343 4692 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:15:09.0343 4692 ose - ok
13:15:09.0390 4692 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:15:09.0406 4692 p2pimsvc - ok
13:15:09.0421 4692 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
13:15:09.0437 4692 p2psvc - ok
13:15:09.0437 4692 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
13:15:09.0437 4692 Parport - ok
13:15:09.0468 4692 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:15:09.0468 4692 partmgr - ok
13:15:09.0484 4692 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
13:15:09.0484 4692 PcaSvc - ok
13:15:09.0499 4692 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
13:15:09.0515 4692 pci - ok
13:15:09.0515 4692 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
13:15:09.0515 4692 pciide - ok
13:15:09.0530 4692 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:15:09.0546 4692 pcmcia - ok
13:15:09.0562 4692 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:15:09.0577 4692 PEAUTH - ok
13:15:09.0640 4692 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:15:09.0640 4692 PerfHost - ok
13:15:09.0671 4692 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
13:15:09.0702 4692 pla - ok
13:15:09.0749 4692 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:15:09.0749 4692 PlugPlay - ok
13:15:09.0764 4692 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:15:09.0780 4692 PNRPAutoReg - ok
13:15:09.0796 4692 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:15:09.0796 4692 PNRPsvc - ok
13:15:09.0858 4692 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:15:09.0858 4692 PolicyAgent - ok
13:15:09.0905 4692 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:15:09.0905 4692 PptpMiniport - ok
13:15:09.0920 4692 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:15:09.0920 4692 Processor - ok
13:15:09.0967 4692 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
13:15:09.0967 4692 ProfSvc - ok
13:15:09.0983 4692 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:15:09.0983 4692 ProtectedStorage - ok
13:15:10.0014 4692 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
13:15:10.0014 4692 Ps2 - ok
13:15:10.0061 4692 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:15:10.0061 4692 PSched - ok
13:15:10.0108 4692 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:15:10.0139 4692 ql2300 - ok
13:15:10.0170 4692 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:15:10.0170 4692 ql40xx - ok
13:15:10.0201 4692 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
13:15:10.0201 4692 QWAVE - ok
13:15:10.0217 4692 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:15:10.0217 4692 QWAVEdrv - ok
13:15:10.0232 4692 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:15:10.0232 4692 RasAcd - ok
13:15:10.0248 4692 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
13:15:10.0248 4692 RasAuto - ok
13:15:10.0310 4692 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:15:10.0310 4692 Rasl2tp - ok
13:15:10.0326 4692 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
13:15:10.0342 4692 RasMan - ok
13:15:10.0388 4692 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:15:10.0388 4692 RasPppoe - ok
13:15:10.0420 4692 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:15:10.0420 4692 RasSstp - ok
13:15:10.0451 4692 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:15:10.0466 4692 rdbss - ok
13:15:10.0498 4692 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:15:10.0498 4692 RDPCDD - ok
13:15:10.0513 4692 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:15:10.0529 4692 rdpdr - ok
13:15:10.0529 4692 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:15:10.0529 4692 RDPENCDD - ok
13:15:10.0560 4692 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:15:10.0560 4692 RDPWD - ok
13:15:10.0576 4692 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:15:10.0591 4692 RemoteAccess - ok
13:15:10.0607 4692 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:15:10.0607 4692 RemoteRegistry - ok
13:15:10.0607 4692 RimUsb - ok
13:15:10.0638 4692 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:15:10.0638 4692 RimVSerPort - ok
13:15:10.0654 4692 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
13:15:10.0654 4692 ROOTMODEM - ok
13:15:10.0685 4692 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
13:15:10.0685 4692 RpcLocator - ok
13:15:10.0716 4692 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
13:15:10.0716 4692 RpcSs - ok
13:15:10.0732 4692 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:15:10.0747 4692 rspndr - ok
13:15:10.0747 4692 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
13:15:10.0747 4692 SamSs - ok
13:15:10.0763 4692 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:15:10.0763 4692 sbp2port - ok
13:15:10.0810 4692 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:15:10.0825 4692 SCardSvr - ok
13:15:10.0888 4692 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
13:15:10.0903 4692 Schedule - ok
13:15:10.0950 4692 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:15:10.0950 4692 SCPolicySvc - ok
13:15:10.0981 4692 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:15:10.0981 4692 ScreamBAudioSvc - ok
13:15:11.0012 4692 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:15:11.0028 4692 SDRSVC - ok
13:15:11.0044 4692 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:15:11.0044 4692 secdrv - ok
13:15:11.0059 4692 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
13:15:11.0059 4692 seclogon - ok
13:15:11.0075 4692 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
13:15:11.0090 4692 SENS - ok
13:15:11.0090 4692 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:15:11.0090 4692 Serenum - ok
13:15:11.0122 4692 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
13:15:11.0122 4692 Serial - ok
13:15:11.0122 4692 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:15:11.0122 4692 sermouse - ok
13:15:11.0168 4692 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
13:15:11.0168 4692 SessionEnv - ok
13:15:11.0184 4692 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:15:11.0184 4692 sffdisk - ok
13:15:11.0184 4692 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:15:11.0184 4692 sffp_mmc - ok
13:15:11.0184 4692 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:15:11.0184 4692 sffp_sd - ok
13:15:11.0215 4692 [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:15:11.0215 4692 sfloppy - ok
13:15:11.0246 4692 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:15:11.0246 4692 SharedAccess - ok
13:15:11.0278 4692 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:15:11.0293 4692 ShellHWDetection - ok
13:15:11.0309 4692 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:15:11.0309 4692 SiSRaid2 - ok
13:15:11.0324 4692 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:15:11.0324 4692 SiSRaid4 - ok
13:15:11.0371 4692 [ E0211E7E0D9CF5672174014BC6524E79 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:15:11.0371 4692 SkypeUpdate - ok
13:15:11.0465 4692 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
13:15:11.0512 4692 slsvc - ok
13:15:11.0558 4692 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:15:11.0558 4692 SLUINotify - ok
13:15:11.0605 4692 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:15:11.0605 4692 Smb - ok
13:15:11.0636 4692 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:15:11.0652 4692 SNMPTRAP - ok
13:15:11.0886 4692 [ 56B69DE178E12F4C2A25AC18E1D0BFB0 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
13:15:12.0042 4692 SNPSTD3 - ok
13:15:12.0089 4692 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
13:15:12.0089 4692 spldr - ok
13:15:12.0136 4692 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
13:15:12.0136 4692 Spooler - ok
13:15:12.0167 4692 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
13:15:12.0182 4692 srv - ok
13:15:12.0198 4692 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:15:12.0198 4692 srv2 - ok
13:15:12.0214 4692 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:15:12.0214 4692 srvnet - ok
13:15:12.0245 4692 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:15:12.0245 4692 SSDPSRV - ok
13:15:12.0260 4692 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:15:12.0260 4692 SstpSvc - ok
13:15:12.0323 4692 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
13:15:12.0323 4692 stisvc - ok
13:15:12.0354 4692 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:15:12.0354 4692 swenum - ok
13:15:12.0416 4692 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
13:15:12.0416 4692 swprv - ok
13:15:12.0432 4692 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:15:12.0432 4692 Symc8xx - ok
13:15:12.0448 4692 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:15:12.0448 4692 Sym_hi - ok
13:15:12.0448 4692 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:15:12.0448 4692 Sym_u3 - ok
13:15:12.0510 4692 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
13:15:12.0526 4692 SysMain - ok
13:15:12.0557 4692 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:15:12.0557 4692 TabletInputService - ok
13:15:12.0619 4692 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:15:12.0619 4692 TapiSrv - ok
13:15:12.0635 4692 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
13:15:12.0650 4692 TBS - ok
13:15:12.0697 4692 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:15:12.0713 4692 Tcpip - ok
13:15:12.0745 4692 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:15:12.0761 4692 Tcpip6 - ok
13:15:12.0776 4692 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:15:12.0776 4692 tcpipreg - ok
13:15:12.0807 4692 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:15:12.0807 4692 TDPIPE - ok
13:15:12.0807 4692 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:15:12.0807 4692 TDTCP - ok
13:15:12.0823 4692 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:15:12.0823 4692 tdx - ok
13:15:12.0854 4692 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:15:12.0854 4692 TermDD - ok
13:15:12.0901 4692 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
13:15:12.0917 4692 TermService - ok
13:15:12.0932 4692 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
13:15:12.0932 4692 Themes - ok
13:15:12.0948 4692 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
13:15:12.0948 4692 THREADORDER - ok
13:15:12.0963 4692 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
13:15:12.0979 4692 TrkWks - ok
13:15:13.0010 4692 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:15:13.0010 4692 TrustedInstaller - ok
13:15:13.0026 4692 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:15:13.0026 4692 tssecsrv - ok
13:15:13.0057 4692 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:15:13.0057 4692 tunmp - ok
13:15:13.0073 4692 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:15:13.0088 4692 tunnel - ok
13:15:13.0104 4692 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:15:13.0104 4692 uagp35 - ok
13:15:13.0119 4692 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:15:13.0135 4692 udfs - ok
13:15:13.0151 4692 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:15:13.0151 4692 UI0Detect - ok
13:15:13.0166 4692 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:15:13.0166 4692 uliagpkx - ok
13:15:13.0197 4692 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:15:13.0197 4692 uliahci - ok
13:15:13.0213 4692 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:15:13.0213 4692 UlSata - ok
13:15:13.0229 4692 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:15:13.0229 4692 ulsata2 - ok
13:15:13.0244 4692 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:15:13.0244 4692 umbus - ok
13:15:13.0275 4692 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
13:15:13.0275 4692 upnphost - ok
13:15:13.0322 4692 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:15:13.0322 4692 USBAAPL64 - ok
13:15:13.0338 4692 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:15:13.0338 4692 usbaudio - ok
13:15:13.0369 4692 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:15:13.0369 4692 usbccgp - ok
13:15:13.0385 4692 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:15:13.0400 4692 usbcir - ok
13:15:13.0416 4692 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:15:13.0416 4692 usbehci - ok
13:15:13.0447 4692 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:15:13.0447 4692 usbhub - ok
13:15:13.0463 4692 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:15:13.0463 4692 usbohci - ok
13:15:13.0494 4692 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:15:13.0494 4692 usbprint - ok
13:15:13.0509 4692 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:15:13.0509 4692 usbscan - ok
13:15:13.0525 4692 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:15:13.0525 4692 USBSTOR - ok
13:15:13.0541 4692 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:15:13.0541 4692 usbuhci - ok
13:15:13.0603 4692 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
13:15:13.0603 4692 UxSms - ok
13:15:13.0650 4692 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
13:15:13.0665 4692 vds - ok
13:15:13.0697 4692 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:15:13.0697 4692 vga - ok
13:15:13.0697 4692 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:15:13.0697 4692 VgaSave - ok
13:15:13.0712 4692 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
13:15:13.0712 4692 viaide - ok
13:15:13.0712 4692 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:15:13.0728 4692 volmgr - ok
13:15:13.0775 4692 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:15:13.0790 4692 volmgrx - ok
13:15:13.0806 4692 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:15:13.0821 4692 volsnap - ok
13:15:13.0837 4692 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:15:13.0837 4692 vsmraid - ok
13:15:13.0899 4692 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
13:15:13.0931 4692 VSS - ok
13:15:13.0977 4692 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
13:15:13.0993 4692 W32Time - ok
13:15:14.0024 4692 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:15:14.0024 4692 WacomPen - ok
13:15:14.0055 4692 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:15:14.0055 4692 Wanarp - ok
13:15:14.0055 4692 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:15:14.0071 4692 Wanarpv6 - ok
13:15:14.0102 4692 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:15:14.0118 4692 wcncsvc - ok
13:15:14.0133 4692 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:15:14.0149 4692 WcsPlugInService - ok
13:15:14.0165 4692 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
13:15:14.0165 4692 Wd - ok
13:15:14.0211 4692 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:15:14.0227 4692 Wdf01000 - ok
13:15:14.0243 4692 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:15:14.0243 4692 WdiServiceHost - ok
13:15:14.0243 4692 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:15:14.0258 4692 WdiSystemHost - ok
13:15:14.0274 4692 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
13:15:14.0289 4692 WebClient - ok
13:15:14.0321 4692 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:15:14.0321 4692 Wecsvc - ok
13:15:14.0336 4692 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:15:14.0352 4692 wercplsupport - ok
13:15:14.0352 4692 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
13:15:14.0367 4692 WerSvc - ok
13:15:14.0383 4692 WinDefend - ok
13:15:14.0399 4692 WinHttpAutoProxySvc - ok
13:15:14.0477 4692 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:15:14.0477 4692 Winmgmt - ok
13:15:14.0539 4692 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
13:15:14.0586 4692 WinRM - ok
13:15:14.0617 4692 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
13:15:14.0617 4692 WinUSB - ok
13:15:14.0648 4692 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:15:14.0664 4692 Wlansvc - ok
13:15:14.0679 4692 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:15:14.0679 4692 WmiAcpi - ok
13:15:14.0711 4692 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:15:14.0711 4692 wmiApSrv - ok
13:15:14.0726 4692 WMPNetworkSvc - ok
13:15:14.0757 4692 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:15:14.0757 4692 WPCSvc - ok
13:15:14.0789 4692 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:15:14.0804 4692 WPDBusEnum - ok
13:15:14.0835 4692 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:15:14.0835 4692 WpdUsb - ok
13:15:14.0913 4692 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:15:14.0929 4692 WPFFontCache_v0400 - ok
13:15:14.0945 4692 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:15:14.0945 4692 ws2ifsl - ok
13:15:14.0991 4692 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
13:15:14.0991 4692 wscsvc - ok
13:15:15.0007 4692 WSearch - ok
13:15:15.0085 4692 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:15:15.0132 4692 wuauserv - ok
13:15:15.0147 4692 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:15:15.0147 4692 WudfPf - ok
13:15:15.0163 4692 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:15:15.0163 4692 WUDFRd - ok
13:15:15.0179 4692 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:15:15.0179 4692 wudfsvc - ok
13:15:15.0194 4692 ================ Scan global ===============================
13:15:15.0225 4692 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:15:15.0257 4692 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:15:15.0272 4692 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:15:15.0335 4692 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
13:15:15.0350 4692 [Global] - ok
13:15:15.0350 4692 ================ Scan MBR ==================================
13:15:15.0366 4692 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
13:15:15.0834 4692 \Device\Harddisk0\DR0 - ok
13:15:15.0849 4692 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:15:15.0849 4692 \Device\Harddisk1\DR1 - ok
13:15:15.0865 4692 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
13:15:15.0896 4692 \Device\Harddisk4\DR4 - ok
13:15:15.0896 4692 ================ Scan VBR ==================================
13:15:15.0896 4692 [ B7F665ADAB27EA8A68B47C61FF02D011 ] \Device\Harddisk0\DR0\Partition1
13:15:15.0912 4692 \Device\Harddisk0\DR0\Partition1 - ok
13:15:15.0912 4692 [ 4B79F7981523E0B791605B829695078F ] \Device\Harddisk0\DR0\Partition2
13:15:15.0912 4692 \Device\Harddisk0\DR0\Partition2 - ok
13:15:15.0927 4692 [ 0D38F8AF2BCDCDB9D7E39FE65F4F46A8 ] \Device\Harddisk1\DR1\Partition1
13:15:15.0927 4692 \Device\Harddisk1\DR1\Partition1 - ok
13:15:15.0927 4692 [ 486D6BD2369767511B3A906A244D8E84 ] \Device\Harddisk4\DR4\Partition1
13:15:15.0927 4692 \Device\Harddisk4\DR4\Partition1 - ok
13:15:15.0943 4692 ============================================================
13:15:15.0943 4692 Scan finished
13:15:15.0943 4692 ============================================================
13:15:15.0943 5484 Detected object count: 0
13:15:15.0943 5484 Actual detected object count: 0
|
|
04.07.2013, 13:20
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows VistaZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.07.2013, 14:30
| #29 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista sorry ..jetzt noch mal : Code:
ATTFilter 15:26:16.0342 4036 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:26:16.0636 4036 ============================================================
15:26:16.0636 4036 Current date / time: 2013/07/06 15:26:16.0636
15:26:16.0636 4036 SystemInfo:
15:26:16.0636 4036
15:26:16.0636 4036 OS Version: 6.0.6002 ServicePack: 2.0
15:26:16.0636 4036 Product type: Workstation
15:26:16.0636 4036 ComputerName: HP-PC
15:26:16.0637 4036 UserName: HP
15:26:16.0637 4036 Windows directory: C:\Windows
15:26:16.0637 4036 System windows directory: C:\Windows
15:26:16.0637 4036 Running under WOW64
15:26:16.0637 4036 Processor architecture: Intel x64
15:26:16.0637 4036 Number of processors: 4
15:26:16.0637 4036 Page size: 0x1000
15:26:16.0637 4036 Boot type: Normal boot
15:26:16.0637 4036 ============================================================
15:26:17.0441 4036 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:26:17.0474 4036 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:26:17.0486 4036 Drive \Device\Harddisk4\DR4 - Size: 0x78200000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:26:17.0493 4036 ============================================================
15:26:17.0493 4036 \Device\Harddisk0\DR0:
15:26:17.0493 4036 MBR partitions:
15:26:17.0493 4036 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48D58220
15:26:17.0493 4036 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48D5825F, BlocksNum 0x1AFEC62
15:26:17.0493 4036 \Device\Harddisk1\DR1:
15:26:17.0494 4036 MBR partitions:
15:26:17.0494 4036 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:26:17.0494 4036 \Device\Harddisk4\DR4:
15:26:17.0496 4036 MBR partitions:
15:26:17.0496 4036 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0xFD, BlocksNum 0x3C0B03
15:26:17.0496 4036 ============================================================
15:26:17.0591 4036 C: <-> \Device\Harddisk0\DR0\Partition1
15:26:17.0793 4036 D: <-> \Device\Harddisk0\DR0\Partition2
15:26:17.0829 4036 K: <-> \Device\Harddisk1\DR1\Partition1
15:26:17.0829 4036 ============================================================
15:26:17.0829 4036 Initialize success
15:26:17.0829 4036 ============================================================
15:27:30.0577 1784 ============================================================
15:27:30.0577 1784 Scan started
15:27:30.0577 1784 Mode: Manual; SigCheck; TDLFS;
15:27:30.0577 1784 ============================================================
15:27:31.0206 1784 ================ Scan system memory ========================
15:27:31.0206 1784 System memory - ok
15:27:31.0207 1784 ================ Scan services =============================
15:27:31.0393 1784 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:27:31.0594 1784 ACPI - ok
15:27:31.0887 1784 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:27:31.0917 1784 AdobeARMservice - ok
15:27:32.0092 1784 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:27:32.0157 1784 AdobeFlashPlayerUpdateSvc - ok
15:27:32.0216 1784 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:27:32.0281 1784 adp94xx - ok
15:27:32.0318 1784 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:27:32.0432 1784 adpahci - ok
15:27:32.0457 1784 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:27:32.0485 1784 adpu160m - ok
15:27:32.0546 1784 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:27:32.0608 1784 adpu320 - ok
15:27:32.0689 1784 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:27:32.0974 1784 AeLookupSvc - ok
15:27:33.0055 1784 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
15:27:33.0142 1784 AFD - ok
15:27:33.0215 1784 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:27:33.0252 1784 agp440 - ok
15:27:33.0290 1784 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:27:33.0324 1784 aic78xx - ok
15:27:33.0350 1784 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
15:27:33.0440 1784 ALG - ok
15:27:33.0486 1784 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
15:27:33.0509 1784 aliide - ok
15:27:33.0516 1784 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
15:27:33.0539 1784 amdide - ok
15:27:33.0623 1784 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:27:33.0757 1784 AmdK8 - ok
15:27:33.0883 1784 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
15:27:33.0973 1784 Appinfo - ok
15:27:34.0055 1784 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:34.0081 1784 Apple Mobile Device - ok
15:27:34.0157 1784 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
15:27:34.0186 1784 arc - ok
15:27:34.0237 1784 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:27:34.0265 1784 arcsas - ok
15:27:34.0331 1784 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:27:34.0364 1784 aswFsBlk - ok
15:27:34.0588 1784 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:27:34.0619 1784 aswMonFlt - ok
15:27:34.0697 1784 [ 2CF56F9848BF7841FF420E9DD95029EE ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
15:27:34.0729 1784 aswRdr - ok
15:27:34.0885 1784 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:27:34.0967 1784 aswSnx - ok
15:27:35.0059 1784 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:27:35.0080 1784 aswSP - ok
15:27:35.0128 1784 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:27:35.0142 1784 aswTdi - ok
15:27:35.0181 1784 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:35.0254 1784 AsyncMac - ok
15:27:35.0289 1784 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
15:27:35.0330 1784 atapi - ok
15:27:35.0389 1784 [ 0EB0A49C55D0C9102499353B80BDB021 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:27:35.0512 1784 Ati External Event Utility - ok
15:27:35.0676 1784 [ 6F677A4B26E88AC10F72F1614FDA470A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:27:35.0907 1784 atikmdag - ok
15:27:35.0978 1784 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:27:36.0103 1784 AudioEndpointBuilder - ok
15:27:36.0147 1784 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:27:36.0237 1784 AudioSrv - ok
15:27:36.0517 1784 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:27:36.0541 1784 avast! Antivirus - ok
15:27:36.0673 1784 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
15:27:36.0780 1784 BFE - ok
15:27:36.0950 1784 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
15:27:37.0098 1784 BITS - ok
15:27:37.0145 1784 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:27:37.0238 1784 blbdrive - ok
15:27:37.0314 1784 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:27:37.0352 1784 Bonjour Service - ok
15:27:37.0400 1784 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:27:37.0503 1784 bowser - ok
15:27:37.0538 1784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:27:37.0609 1784 BrFiltLo - ok
15:27:37.0688 1784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:27:37.0755 1784 BrFiltUp - ok
15:27:37.0809 1784 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
15:27:37.0909 1784 Browser - ok
15:27:37.0924 1784 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
15:27:38.0042 1784 Brserid - ok
15:27:38.0097 1784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:27:38.0240 1784 BrSerWdm - ok
15:27:38.0312 1784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:27:38.0410 1784 BrUsbMdm - ok
15:27:38.0416 1784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:27:38.0473 1784 BrUsbSer - ok
15:27:38.0512 1784 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:27:38.0628 1784 BTHMODEM - ok
15:27:38.0705 1784 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:27:38.0834 1784 cdfs - ok
15:27:38.0858 1784 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:27:38.0905 1784 cdrom - ok
15:27:38.0952 1784 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
15:27:38.0980 1784 CertPropSvc - ok
15:27:39.0010 1784 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
15:27:39.0113 1784 circlass - ok
15:27:39.0244 1784 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
15:27:39.0376 1784 CLFS - ok
15:27:39.0472 1784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:39.0506 1784 clr_optimization_v2.0.50727_32 - ok
15:27:39.0570 1784 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:39.0582 1784 clr_optimization_v2.0.50727_64 - ok
15:27:39.0806 1784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:27:39.0833 1784 clr_optimization_v4.0.30319_32 - ok
15:27:39.0961 1784 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:27:39.0987 1784 clr_optimization_v4.0.30319_64 - ok
15:27:40.0075 1784 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:27:40.0120 1784 cmdide - ok
15:27:40.0148 1784 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:27:40.0181 1784 Compbatt - ok
15:27:40.0188 1784 COMSysApp - ok
15:27:40.0237 1784 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:27:40.0268 1784 crcdisk - ok
15:27:40.0323 1784 [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:27:40.0420 1784 CryptSvc - ok
15:27:40.0588 1784 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:27:40.0683 1784 DcomLaunch - ok
15:27:40.0756 1784 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:27:40.0823 1784 DfsC - ok
15:27:40.0950 1784 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
15:27:41.0132 1784 DFSR - ok
15:27:41.0260 1784 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:27:41.0377 1784 Dhcp - ok
15:27:41.0420 1784 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
15:27:41.0448 1784 disk - ok
15:27:41.0546 1784 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:27:41.0657 1784 Dnscache - ok
15:27:41.0708 1784 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
15:27:41.0804 1784 dot3svc - ok
15:27:41.0912 1784 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
15:27:42.0027 1784 DPS - ok
15:27:42.0073 1784 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:27:42.0122 1784 drmkaud - ok
15:27:42.0242 1784 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:27:42.0323 1784 DXGKrnl - ok
15:27:42.0389 1784 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
15:27:42.0492 1784 E1G60 - ok
15:27:42.0637 1784 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
15:27:42.0742 1784 EapHost - ok
15:27:42.0858 1784 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
15:27:42.0887 1784 Ecache - ok
15:27:42.0986 1784 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:27:43.0071 1784 ehRecvr - ok
15:27:43.0127 1784 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
15:27:43.0225 1784 ehSched - ok
15:27:43.0269 1784 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
15:27:43.0379 1784 ehstart - ok
15:27:43.0518 1784 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:27:43.0594 1784 elxstor - ok
15:27:43.0758 1784 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:27:43.0909 1784 EMDMgmt - ok
15:27:43.0946 1784 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:27:44.0054 1784 ErrDev - ok
15:27:44.0135 1784 esgiguard - ok
15:27:44.0228 1784 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
15:27:44.0355 1784 EventSystem - ok
15:27:44.0419 1784 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
15:27:44.0522 1784 exfat - ok
15:27:44.0543 1784 ezSharedSvc - ok
15:27:44.0597 1784 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:27:44.0669 1784 fastfat - ok
15:27:44.0725 1784 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:27:44.0819 1784 fdc - ok
15:27:44.0869 1784 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
15:27:44.0978 1784 fdPHost - ok
15:27:45.0004 1784 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
15:27:45.0091 1784 FDResPub - ok
15:27:45.0131 1784 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:27:45.0190 1784 FileInfo - ok
15:27:45.0219 1784 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:27:45.0281 1784 Filetrace - ok
15:27:45.0309 1784 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:45.0351 1784 flpydisk - ok
15:27:45.0456 1784 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:27:45.0473 1784 FltMgr - ok
15:27:45.0681 1784 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
15:27:45.0828 1784 FontCache - ok
15:27:45.0977 1784 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:45.0999 1784 FontCache3.0.0.0 - ok
15:27:46.0130 1784 [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:27:46.0151 1784 fssfltr - ok
15:27:46.0355 1784 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:27:46.0422 1784 fsssvc - ok
15:27:46.0470 1784 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:27:46.0551 1784 Fs_Rec - ok
15:27:46.0627 1784 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:27:46.0702 1784 gagp30kx - ok
15:27:46.0810 1784 [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
15:27:46.0860 1784 GameConsoleService - ok
15:27:46.0913 1784 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:27:46.0933 1784 GEARAspiWDM - ok
15:27:47.0085 1784 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
15:27:47.0156 1784 gpsvc - ok
15:27:47.0210 1784 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:27:47.0260 1784 HdAudAddService - ok
15:27:47.0342 1784 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:27:47.0534 1784 HDAudBus - ok
15:27:47.0579 1784 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:27:47.0702 1784 HidBth - ok
15:27:47.0730 1784 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:27:47.0853 1784 HidIr - ok
15:27:47.0931 1784 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
15:27:48.0011 1784 hidserv - ok
15:27:48.0051 1784 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:27:48.0107 1784 HidUsb - ok
15:27:48.0165 1784 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
15:27:48.0266 1784 hkmsvc - ok
15:27:48.0330 1784 [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:27:48.0363 1784 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
15:27:48.0363 1784 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
15:27:48.0425 1784 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:27:48.0472 1784 HpCISSs - ok
15:27:48.0598 1784 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:27:48.0666 1784 HTTP - ok
15:27:48.0718 1784 [ 4B7423FCC37664954460AC3E71752B62 ] hxctlflt C:\Windows\system32\DRIVERS\hxctlflt.sys
15:27:48.0747 1784 hxctlflt ( UnsignedFile.Multi.Generic ) - warning
15:27:48.0747 1784 hxctlflt - detected UnsignedFile.Multi.Generic (1)
15:27:48.0776 1784 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:27:48.0802 1784 i2omp - ok
15:27:48.0820 1784 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:27:48.0870 1784 i8042prt - ok
15:27:48.0919 1784 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:27:48.0944 1784 iaStorV - ok
15:27:49.0077 1784 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:27:49.0138 1784 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:27:49.0138 1784 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:27:49.0330 1784 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:27:49.0406 1784 idsvc - ok
15:27:49.0497 1784 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:27:49.0524 1784 iirsp - ok
15:27:49.0653 1784 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
15:27:49.0774 1784 IKEEXT - ok
15:27:49.0914 1784 [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:27:50.0050 1784 IntcAzAudAddService - ok
15:27:50.0137 1784 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
15:27:50.0184 1784 intelide - ok
15:27:50.0229 1784 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:27:50.0328 1784 intelppm - ok
15:27:50.0462 1784 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:27:50.0565 1784 IPBusEnum - ok
15:27:50.0678 1784 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:27:50.0752 1784 IpFilterDriver - ok
15:27:50.0853 1784 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:27:50.0937 1784 iphlpsvc - ok
15:27:50.0944 1784 IpInIp - ok
15:27:51.0004 1784 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:27:51.0138 1784 IPMIDRV - ok
15:27:51.0165 1784 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:27:51.0317 1784 IPNAT - ok
15:27:51.0473 1784 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:27:51.0542 1784 iPod Service - ok
15:27:51.0581 1784 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:27:51.0683 1784 IRENUM - ok
15:27:51.0760 1784 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:27:51.0793 1784 isapnp - ok
15:27:51.0846 1784 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:27:51.0880 1784 iScsiPrt - ok
15:27:51.0898 1784 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:27:51.0935 1784 iteatapi - ok
15:27:51.0952 1784 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:27:51.0977 1784 iteraid - ok
15:27:51.0990 1784 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:27:52.0016 1784 kbdclass - ok
15:27:52.0065 1784 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:27:52.0169 1784 kbdhid - ok
15:27:52.0254 1784 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
15:27:52.0370 1784 KeyIso - ok
15:27:52.0462 1784 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:27:52.0558 1784 KSecDD - ok
15:27:52.0639 1784 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:27:52.0744 1784 ksthunk - ok
15:27:52.0918 1784 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
15:27:53.0104 1784 KtmRm - ok
15:27:53.0161 1784 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:27:53.0257 1784 LanmanServer - ok
15:27:53.0367 1784 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:27:53.0467 1784 LanmanWorkstation - ok
15:27:53.0502 1784 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:27:53.0575 1784 lltdio - ok
15:27:53.0607 1784 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:27:53.0678 1784 lltdsvc - ok
15:27:53.0710 1784 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:27:53.0793 1784 lmhosts - ok
15:27:53.0839 1784 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:27:53.0861 1784 LSI_FC - ok
15:27:53.0925 1784 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:27:53.0941 1784 LSI_SAS - ok
15:27:53.0971 1784 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:27:54.0017 1784 LSI_SCSI - ok
15:27:54.0040 1784 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
15:27:54.0135 1784 luafv - ok
15:27:54.0182 1784 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:27:54.0232 1784 Mcx2Svc - ok
15:27:54.0304 1784 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
15:27:54.0337 1784 megasas - ok
15:27:54.0440 1784 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
15:27:54.0485 1784 MegaSR - ok
15:27:54.0532 1784 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
15:27:54.0641 1784 MMCSS - ok
15:27:54.0662 1784 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
15:27:54.0735 1784 Modem - ok
15:27:54.0794 1784 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:27:54.0884 1784 monitor - ok
15:27:54.0939 1784 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:27:54.0968 1784 mouclass - ok
15:27:55.0006 1784 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:27:55.0088 1784 mouhid - ok
15:27:55.0124 1784 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:27:55.0159 1784 MountMgr - ok
15:27:55.0178 1784 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
15:27:55.0209 1784 mpio - ok
15:27:55.0221 1784 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:27:55.0307 1784 mpsdrv - ok
15:27:55.0419 1784 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
15:27:55.0554 1784 MpsSvc - ok
15:27:55.0624 1784 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:27:55.0658 1784 Mraid35x - ok
15:27:55.0694 1784 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:27:55.0785 1784 MRxDAV - ok
15:27:55.0841 1784 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:55.0930 1784 mrxsmb - ok
15:27:55.0991 1784 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:56.0041 1784 mrxsmb10 - ok
15:27:56.0069 1784 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:56.0102 1784 mrxsmb20 - ok
15:27:56.0137 1784 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
15:27:56.0197 1784 msahci - ok
15:27:56.0229 1784 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:27:56.0264 1784 msdsm - ok
15:27:56.0303 1784 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
15:27:56.0406 1784 MSDTC - ok
15:27:56.0471 1784 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:27:56.0555 1784 Msfs - ok
15:27:56.0614 1784 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:27:56.0640 1784 msisadrv - ok
15:27:56.0671 1784 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:27:56.0792 1784 MSiSCSI - ok
15:27:56.0798 1784 msiserver - ok
15:27:56.0883 1784 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:27:56.0986 1784 MSKSSRV - ok
15:27:57.0025 1784 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:57.0130 1784 MSPCLOCK - ok
15:27:57.0166 1784 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:27:57.0244 1784 MSPQM - ok
15:27:57.0326 1784 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:27:57.0364 1784 MsRPC - ok
15:27:57.0395 1784 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:27:57.0415 1784 mssmbios - ok
15:27:57.0422 1784 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:27:57.0480 1784 MSTEE - ok
15:27:57.0524 1784 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
15:27:57.0563 1784 Mup - ok
15:27:57.0649 1784 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
15:27:57.0743 1784 napagent - ok
15:27:57.0812 1784 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:27:57.0867 1784 NativeWifiP - ok
15:27:58.0000 1784 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:27:58.0072 1784 NDIS - ok
15:27:58.0113 1784 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:58.0182 1784 NdisTapi - ok
15:27:58.0222 1784 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:58.0331 1784 Ndisuio - ok
15:27:58.0407 1784 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:58.0509 1784 NdisWan - ok
15:27:58.0546 1784 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:27:58.0638 1784 NDProxy - ok
15:27:58.0663 1784 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:27:58.0765 1784 NetBIOS - ok
15:27:58.0848 1784 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:27:58.0902 1784 netbt - ok
15:27:58.0971 1784 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
15:27:58.0998 1784 Netlogon - ok
15:27:59.0086 1784 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
15:27:59.0239 1784 Netman - ok
15:27:59.0306 1784 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
15:27:59.0383 1784 netprofm - ok
15:27:59.0415 1784 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:59.0434 1784 NetTcpPortSharing - ok
15:27:59.0540 1784 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:27:59.0559 1784 nfrd960 - ok
15:27:59.0918 1784 [ 29BC5B7C7C981FB8CD7A781A9E067AF7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
15:28:00.0177 1784 NIHardwareService - ok
15:28:00.0270 1784 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
15:28:00.0429 1784 NlaSvc - ok
15:28:00.0507 1784 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:28:00.0615 1784 Npfs - ok
15:28:00.0644 1784 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
15:28:00.0689 1784 nsi - ok
15:28:00.0702 1784 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:28:00.0782 1784 nsiproxy - ok
15:28:00.0891 1784 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:28:00.0999 1784 Ntfs - ok
15:28:01.0036 1784 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
15:28:01.0137 1784 Null - ok
15:28:01.0300 1784 [ 13EC5B8A4B82B6DEB739FC577B4217A7 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:28:01.0399 1784 NVENETFD - ok
15:28:01.0524 1784 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:28:01.0553 1784 nvraid - ok
15:28:01.0608 1784 [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
15:28:01.0650 1784 nvrd64 - ok
15:28:01.0673 1784 [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
15:28:01.0710 1784 nvsmu - ok
15:28:01.0736 1784 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:28:01.0768 1784 nvstor - ok
15:28:01.0836 1784 [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
15:28:01.0860 1784 nvstor64 - ok
15:28:01.0957 1784 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:28:02.0008 1784 nv_agp - ok
15:28:02.0014 1784 NwlnkFlt - ok
15:28:02.0024 1784 NwlnkFwd - ok
15:28:02.0202 1784 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:28:02.0240 1784 odserv - ok
15:28:02.0296 1784 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:28:02.0367 1784 ohci1394 - ok
15:28:02.0419 1784 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:28:02.0451 1784 ose - ok
15:28:02.0605 1784 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:28:02.0761 1784 p2pimsvc - ok
15:28:02.0780 1784 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
15:28:02.0831 1784 p2psvc - ok
15:28:02.0857 1784 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
15:28:02.0992 1784 Parport - ok
15:28:03.0031 1784 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:28:03.0059 1784 partmgr - ok
15:28:03.0141 1784 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
15:28:03.0198 1784 PcaSvc - ok
15:28:03.0219 1784 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
15:28:03.0250 1784 pci - ok
15:28:03.0311 1784 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
15:28:03.0328 1784 pciide - ok
15:28:03.0406 1784 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:28:03.0423 1784 pcmcia - ok
15:28:03.0584 1784 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:28:03.0721 1784 PEAUTH - ok
15:28:03.0955 1784 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:28:04.0058 1784 PerfHost - ok
15:28:04.0237 1784 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
15:28:04.0347 1784 pla - ok
15:28:04.0417 1784 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:28:04.0507 1784 PlugPlay - ok
15:28:04.0586 1784 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:28:04.0658 1784 PNRPAutoReg - ok
15:28:04.0764 1784 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:28:04.0835 1784 PNRPsvc - ok
15:28:04.0906 1784 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:28:04.0977 1784 PolicyAgent - ok
15:28:05.0044 1784 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:28:05.0087 1784 PptpMiniport - ok
15:28:05.0146 1784 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:28:05.0236 1784 Processor - ok
15:28:05.0325 1784 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
15:28:05.0419 1784 ProfSvc - ok
15:28:05.0454 1784 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:28:05.0482 1784 ProtectedStorage - ok
15:28:05.0594 1784 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
15:28:05.0648 1784 Ps2 - ok
15:28:05.0720 1784 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:28:05.0770 1784 PSched - ok
15:28:06.0056 1784 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:28:06.0170 1784 ql2300 - ok
15:28:06.0286 1784 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:28:06.0315 1784 ql40xx - ok
15:28:06.0449 1784 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
15:28:06.0531 1784 QWAVE - ok
15:28:06.0565 1784 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:28:06.0629 1784 QWAVEdrv - ok
15:28:06.0670 1784 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:28:06.0778 1784 RasAcd - ok
15:28:06.0855 1784 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
15:28:06.0965 1784 RasAuto - ok
15:28:07.0024 1784 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:28:07.0077 1784 Rasl2tp - ok
15:28:07.0170 1784 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
15:28:07.0260 1784 RasMan - ok
15:28:07.0326 1784 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:28:07.0428 1784 RasPppoe - ok
15:28:07.0527 1784 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:28:07.0555 1784 RasSstp - ok
15:28:07.0687 1784 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:28:07.0788 1784 rdbss - ok
15:28:07.0829 1784 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:28:07.0926 1784 RDPCDD - ok
15:28:08.0015 1784 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:28:08.0151 1784 rdpdr - ok
15:28:08.0430 1784 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:28:08.0528 1784 RDPENCDD - ok
15:28:09.0087 1784 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:28:09.0162 1784 RDPWD - ok
15:28:10.0258 1784 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:28:10.0367 1784 RemoteAccess - ok
15:28:11.0211 1784 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:28:11.0352 1784 RemoteRegistry - ok
15:28:11.0611 1784 RimUsb - ok
15:28:12.0472 1784 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:28:12.0586 1784 RimVSerPort - ok
15:28:13.0279 1784 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:28:13.0376 1784 ROOTMODEM - ok
15:28:14.0335 1784 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
15:28:14.0476 1784 RpcLocator - ok
15:28:15.0530 1784 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
15:28:15.0613 1784 RpcSs - ok
15:28:16.0116 1784 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:28:16.0217 1784 rspndr - ok
15:28:16.0237 1784 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
15:28:16.0265 1784 SamSs - ok
15:28:16.0310 1784 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:28:16.0336 1784 sbp2port - ok
15:28:16.0413 1784 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:28:16.0531 1784 SCardSvr - ok
15:28:16.0604 1784 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
15:28:16.0701 1784 Schedule - ok
15:28:16.0759 1784 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:28:16.0808 1784 SCPolicySvc - ok
15:28:16.0914 1784 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
15:28:16.0958 1784 ScreamBAudioSvc - ok
15:28:17.0021 1784 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:28:17.0106 1784 SDRSVC - ok
15:28:17.0168 1784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:28:17.0273 1784 secdrv - ok
15:28:17.0289 1784 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
15:28:17.0336 1784 seclogon - ok
15:28:17.0358 1784 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
15:28:17.0425 1784 SENS - ok
15:28:17.0458 1784 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:28:17.0569 1784 Serenum - ok
15:28:17.0585 1784 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
15:28:17.0694 1784 Serial - ok
15:28:17.0701 1784 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:28:17.0791 1784 sermouse - ok
15:28:17.0841 1784 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
15:28:17.0925 1784 SessionEnv - ok
15:28:17.0959 1784 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:28:18.0086 1784 sffdisk - ok
15:28:18.0118 1784 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:28:18.0207 1784 sffp_mmc - ok
15:28:18.0235 1784 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:28:18.0324 1784 sffp_sd - ok
15:28:18.0355 1784 [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:28:18.0446 1784 sfloppy - ok
15:28:18.0530 1784 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:28:18.0582 1784 SharedAccess - ok
15:28:18.0711 1784 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:28:18.0774 1784 ShellHWDetection - ok
15:28:18.0816 1784 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:28:18.0843 1784 SiSRaid2 - ok
15:28:18.0872 1784 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:28:18.0903 1784 SiSRaid4 - ok
15:28:18.0952 1784 [ E0211E7E0D9CF5672174014BC6524E79 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:28:18.0978 1784 SkypeUpdate - ok
15:28:19.0281 1784 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
15:28:19.0432 1784 slsvc - ok
15:28:19.0492 1784 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:28:19.0546 1784 SLUINotify - ok
15:28:19.0604 1784 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:28:19.0705 1784 Smb - ok
15:28:19.0737 1784 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:28:19.0810 1784 SNMPTRAP - ok
15:28:20.0653 1784 [ 56B69DE178E12F4C2A25AC18E1D0BFB0 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
15:28:20.0939 1784 SNPSTD3 ( UnsignedFile.Multi.Generic ) - warning
15:28:20.0939 1784 SNPSTD3 - detected UnsignedFile.Multi.Generic (1)
15:28:21.0021 1784 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
15:28:21.0077 1784 spldr - ok
15:28:21.0158 1784 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
15:28:21.0247 1784 Spooler - ok
15:28:21.0353 1784 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
15:28:21.0412 1784 srv - ok
15:28:21.0474 1784 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:28:21.0537 1784 srv2 - ok
15:28:21.0567 1784 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:28:21.0615 1784 srvnet - ok
15:28:21.0655 1784 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:28:21.0748 1784 SSDPSRV - ok
15:28:21.0858 1784 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:28:21.0891 1784 SstpSvc - ok
15:28:22.0030 1784 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
15:28:22.0172 1784 stisvc - ok
15:28:22.0242 1784 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:28:22.0279 1784 swenum - ok
15:28:22.0423 1784 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
15:28:22.0503 1784 swprv - ok
15:28:22.0541 1784 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:28:22.0566 1784 Symc8xx - ok
15:28:22.0596 1784 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:28:22.0630 1784 Sym_hi - ok
15:28:22.0665 1784 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:28:22.0694 1784 Sym_u3 - ok
15:28:22.0848 1784 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
15:28:22.0940 1784 SysMain - ok
15:28:22.0976 1784 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:28:23.0028 1784 TabletInputService - ok
15:28:23.0082 1784 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:28:23.0123 1784 TapiSrv - ok
15:28:23.0156 1784 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
15:28:23.0218 1784 TBS - ok
15:28:23.0419 1784 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:28:23.0499 1784 Tcpip - ok
15:28:23.0527 1784 [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:28:23.0620 1784 Tcpip6 - ok
15:28:23.0673 1784 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:28:23.0746 1784 tcpipreg - ok
15:28:23.0782 1784 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:28:23.0876 1784 TDPIPE - ok
15:28:23.0898 1784 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:28:24.0004 1784 TDTCP - ok
15:28:24.0061 1784 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:28:24.0116 1784 tdx - ok
15:28:24.0164 1784 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:28:24.0201 1784 TermDD - ok
15:28:24.0289 1784 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
15:28:24.0377 1784 TermService - ok
15:28:24.0404 1784 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
15:28:24.0424 1784 Themes - ok
15:28:24.0465 1784 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
15:28:24.0504 1784 THREADORDER - ok
15:28:24.0548 1784 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
15:28:24.0606 1784 TrkWks - ok
15:28:24.0679 1784 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:28:24.0747 1784 TrustedInstaller - ok
15:28:24.0800 1784 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:28:24.0877 1784 tssecsrv - ok
15:28:24.0910 1784 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:28:24.0925 1784 tunmp - ok
15:28:24.0967 1784 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:28:24.0992 1784 tunnel - ok
15:28:25.0044 1784 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:28:25.0074 1784 uagp35 - ok
15:28:25.0156 1784 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:28:25.0211 1784 udfs - ok
15:28:25.0308 1784 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:28:25.0421 1784 UI0Detect - ok
15:28:25.0494 1784 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:28:25.0530 1784 uliagpkx - ok
15:28:25.0614 1784 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:28:25.0661 1784 uliahci - ok
15:28:25.0754 1784 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:28:25.0783 1784 UlSata - ok
15:28:25.0823 1784 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:28:25.0864 1784 ulsata2 - ok
15:28:25.0936 1784 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:28:26.0033 1784 umbus - ok
15:28:26.0155 1784 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
15:28:26.0304 1784 upnphost - ok
15:28:26.0422 1784 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:28:26.0473 1784 USBAAPL64 - ok
15:28:26.0525 1784 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:28:26.0603 1784 usbaudio - ok
15:28:26.0678 1784 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:28:26.0759 1784 usbccgp - ok
15:28:26.0812 1784 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:28:26.0952 1784 usbcir - ok
15:28:26.0990 1784 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:28:27.0022 1784 usbehci - ok
15:28:27.0065 1784 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:28:27.0139 1784 usbhub - ok
15:28:27.0162 1784 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:28:27.0231 1784 usbohci - ok
15:28:27.0261 1784 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:28:27.0326 1784 usbprint - ok
15:28:27.0434 1784 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:28:27.0506 1784 usbscan - ok
15:28:27.0541 1784 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:28:27.0626 1784 USBSTOR - ok
15:28:27.0658 1784 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:28:27.0720 1784 usbuhci - ok
15:28:27.0758 1784 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
15:28:27.0821 1784 UxSms - ok
15:28:27.0899 1784 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
15:28:27.0959 1784 vds - ok
15:28:28.0007 1784 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:28:28.0074 1784 vga - ok
15:28:28.0101 1784 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:28:28.0168 1784 VgaSave - ok
15:28:28.0204 1784 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
15:28:28.0292 1784 viaide - ok
15:28:28.0299 1784 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:28:28.0314 1784 volmgr - ok
15:28:28.0394 1784 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:28:28.0417 1784 volmgrx - ok
15:28:28.0495 1784 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:28:28.0514 1784 volsnap - ok
15:28:28.0606 1784 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:28:28.0636 1784 vsmraid - ok
15:28:28.0801 1784 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
15:28:28.0898 1784 VSS - ok
15:28:28.0962 1784 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
15:28:29.0078 1784 W32Time - ok
15:28:29.0145 1784 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:28:29.0303 1784 WacomPen - ok
15:28:29.0390 1784 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:28:29.0504 1784 Wanarp - ok
15:28:29.0522 1784 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:28:29.0571 1784 Wanarpv6 - ok
15:28:29.0672 1784 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:28:29.0732 1784 wcncsvc - ok
15:28:29.0768 1784 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:28:29.0806 1784 WcsPlugInService - ok
15:28:29.0829 1784 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
15:28:29.0870 1784 Wd - ok
15:28:30.0062 1784 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:28:30.0120 1784 Wdf01000 - ok
15:28:30.0148 1784 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:28:30.0253 1784 WdiServiceHost - ok
15:28:30.0259 1784 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:28:30.0306 1784 WdiSystemHost - ok
15:28:30.0396 1784 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
15:28:30.0471 1784 WebClient - ok
15:28:30.0518 1784 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:28:30.0610 1784 Wecsvc - ok
15:28:30.0639 1784 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:28:30.0708 1784 wercplsupport - ok
15:28:30.0767 1784 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
15:28:30.0869 1784 WerSvc - ok
15:28:30.0920 1784 WinDefend - ok
15:28:30.0929 1784 WinHttpAutoProxySvc - ok
15:28:31.0090 1784 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:28:31.0166 1784 Winmgmt - ok
15:28:31.0239 1784 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
15:28:31.0369 1784 WinRM - ok
15:28:31.0522 1784 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
15:28:31.0554 1784 WinUSB - ok
15:28:31.0739 1784 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:28:31.0846 1784 Wlansvc - ok
15:28:31.0866 1784 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:28:31.0915 1784 WmiAcpi - ok
15:28:32.0051 1784 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:28:32.0136 1784 wmiApSrv - ok
15:28:32.0169 1784 WMPNetworkSvc - ok
15:28:32.0267 1784 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:28:32.0345 1784 WPCSvc - ok
15:28:32.0375 1784 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:28:32.0416 1784 WPDBusEnum - ok
15:28:32.0445 1784 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
15:28:32.0520 1784 WpdUsb - ok
15:28:32.0749 1784 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:28:32.0810 1784 WPFFontCache_v0400 - ok
15:28:32.0871 1784 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:28:32.0991 1784 ws2ifsl - ok
15:28:33.0061 1784 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
15:28:33.0120 1784 wscsvc - ok
15:28:33.0126 1784 WSearch - ok
15:28:33.0433 1784 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:28:33.0645 1784 wuauserv - ok
15:28:33.0757 1784 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:28:33.0819 1784 WudfPf - ok
15:28:33.0890 1784 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:28:33.0931 1784 WUDFRd - ok
15:28:33.0973 1784 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:28:34.0021 1784 wudfsvc - ok
15:28:34.0029 1784 ================ Scan global ===============================
15:28:34.0085 1784 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:28:34.0258 1784 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:28:34.0281 1784 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:28:34.0382 1784 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:28:34.0393 1784 [Global] - ok
15:28:34.0394 1784 ================ Scan MBR ==================================
15:28:34.0423 1784 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
15:28:35.0753 1784 \Device\Harddisk0\DR0 - ok
15:28:35.0760 1784 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:28:35.0911 1784 \Device\Harddisk1\DR1 - ok
15:28:35.0919 1784 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
15:28:36.0164 1784 \Device\Harddisk4\DR4 - ok
15:28:36.0165 1784 ================ Scan VBR ==================================
15:28:36.0170 1784 [ B7F665ADAB27EA8A68B47C61FF02D011 ] \Device\Harddisk0\DR0\Partition1
15:28:36.0173 1784 \Device\Harddisk0\DR0\Partition1 - ok
15:28:36.0204 1784 [ 4B79F7981523E0B791605B829695078F ] \Device\Harddisk0\DR0\Partition2
15:28:36.0276 1784 \Device\Harddisk0\DR0\Partition2 - ok
15:28:36.0282 1784 [ 0D38F8AF2BCDCDB9D7E39FE65F4F46A8 ] \Device\Harddisk1\DR1\Partition1
15:28:36.0285 1784 \Device\Harddisk1\DR1\Partition1 - ok
15:28:36.0293 1784 [ 486D6BD2369767511B3A906A244D8E84 ] \Device\Harddisk4\DR4\Partition1
15:28:36.0296 1784 \Device\Harddisk4\DR4\Partition1 - ok
15:28:36.0296 1784 ============================================================
15:28:36.0296 1784 Scan finished
15:28:36.0297 1784 ============================================================
15:28:36.0316 3252 Detected object count: 4
15:28:36.0316 3252 Actual detected object count: 4
15:28:55.0538 3252 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0538 3252 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:28:55.0541 3252 hxctlflt ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0541 3252 hxctlflt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:28:55.0543 3252 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0543 3252 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:28:55.0546 3252 SNPSTD3 ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0546 3252 SNPSTD3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
07.07.2013, 22:17
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Ok, ein Kontroll-Log mit FRST bitte Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Delta Search und Babylon search - Malware durch Freeware, Windows Vista |
| babylon search, delta, delta search, entfernen, erhalte, explorer, forum, freeware, gekauft, gen, gestartet, guter, immernoch, julia, lizenz, malware, malwarebytes, nichts, problem, programm, search, seite, startseite, vista, windows, windows vista, wirklich |
Linear-Darstellung
