| |
| |||||||
Log-Analyse und Auswertung: GVU Trojaner Windows 7 64 BitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.10.2013, 20:18
| #16 |
| /// TB-Ausbilder   |  GVU Trojaner Windows 7 64 Bit Ja lass ihn updaten. 
__________________ cheers, Leo |
|
10.10.2013, 20:25
| #17 |
 | GVU Trojaner Windows 7 64 Bit Da gibts bei "Additional options" ein Feld mehr als in der Anleitung.
__________________Also neben -Verify file digital signatures -Detect TDLFS file system ist da noch -Use KSN to scan objects (ist serienmäßig ein Häkchen gesetzt) Soll ich das auch lassen? |
|
10.10.2013, 20:56
| #18 |
| /// TB-Ausbilder | GVU Trojaner Windows 7 64 Bit Ja lass den Haken dort stehen und starte den Scan.
__________________
__________________ |
|
10.10.2013, 21:00
| #19 |
| | GVU Trojaner Windows 7 64 Bit Super, danke. Wollte nichts falsch machen, da hab' ich lieber mal auf deine Antwort gewartet bevor ich was klicke  .Hier die Logdatei: Code:
ATTFilter 21:20:34.0181 0x1234 TDSS rootkit removing tool 3.0.0.12 Oct 9 2013 14:59:22
21:20:34.0467 0x1234 ============================================================
21:20:34.0467 0x1234 Current date / time: 2013/10/10 21:20:34.0467
21:20:34.0467 0x1234 SystemInfo:
21:20:34.0467 0x1234
21:20:34.0467 0x1234 OS Version: 6.1.7601 ServicePack: 1.0
21:20:34.0467 0x1234 Product type: Workstation
21:20:34.0467 0x1234 ComputerName: *****-PC
21:20:34.0468 0x1234 UserName: *****
21:20:34.0468 0x1234 Windows directory: C:\Windows
21:20:34.0468 0x1234 System windows directory: C:\Windows
21:20:34.0468 0x1234 Running under WOW64
21:20:34.0468 0x1234 Processor architecture: Intel x64
21:20:34.0468 0x1234 Number of processors: 8
21:20:34.0468 0x1234 Page size: 0x1000
21:20:34.0468 0x1234 Boot type: Normal boot
21:20:34.0468 0x1234 ============================================================
21:20:35.0518 0x1234 System UUID: {438E91DF-0BCC-791E-3945-FA16759C1496}
21:20:35.0838 0x1234 Drive \Device\Harddisk2\DR2 - Size: 0x4453C00000 (273.31 Gb), SectorSize: 0x200, Cylinders: 0x8B5E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
21:20:35.0857 0x1234 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:20:35.0858 0x1234 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:20:35.0866 0x1234 Drive \Device\Harddisk3\DR3 - Size: 0x1D1A00000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:20:35.0869 0x1234 ============================================================
21:20:35.0869 0x1234 \Device\Harddisk2\DR2:
21:20:35.0869 0x1234 MBR partitions:
21:20:35.0869 0x1234 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37000
21:20:35.0869 0x1234 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x37800, BlocksNum 0x22266800
21:20:35.0869 0x1234 \Device\Harddisk0\DR0:
21:20:35.0869 0x1234 MBR partitions:
21:20:35.0869 0x1234 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:20:35.0869 0x1234 \Device\Harddisk1\DR1:
21:20:35.0870 0x1234 MBR partitions:
21:20:35.0870 0x1234 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:20:35.0870 0x1234 \Device\Harddisk3\DR3:
21:20:35.0871 0x1234 MBR partitions:
21:20:35.0871 0x1234 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0xB88, BlocksNum 0xE8C478
21:20:35.0871 0x1234 ============================================================
21:20:35.0890 0x1234 C: <-> \Device\Harddisk2\DR2\Partition2
21:20:35.0921 0x1234 E: <-> \Device\Harddisk0\DR0\Partition1
21:20:35.0939 0x1234 D: <-> \Device\Harddisk1\DR1\Partition1
21:20:35.0939 0x1234 ============================================================
21:20:35.0939 0x1234 Initialize success
21:20:35.0939 0x1234 ============================================================
21:57:09.0819 0x0968 ============================================================
21:57:09.0819 0x0968 Scan started
21:57:09.0819 0x0968 Mode: Manual; SigCheck; TDLFS;
21:57:09.0819 0x0968 ============================================================
21:57:09.0819 0x0968 KSN ping started
21:57:12.0572 0x0968 KSN ping finished: true
21:57:12.0984 0x0968 ================ Scan system memory ========================
21:57:12.0984 0x0968 System memory - ok
21:57:12.0985 0x0968 ================ Scan services =============================
21:57:13.0108 0x0968 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:57:13.0163 0x0968 1394ohci - ok
21:57:13.0181 0x0968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:57:13.0202 0x0968 ACPI - ok
21:57:13.0214 0x0968 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:57:13.0237 0x0968 AcpiPmi - ok
21:57:13.0300 0x0968 [ 1FE7229F34038D1ABE837688EC0EF15B, BEDCCCC47285DC7B8D43A6F8B69347E53E4165E30C684503D6A8FDAE191D0ABF ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
21:57:13.0335 0x0968 AcrSch2Svc - ok
21:57:13.0362 0x0968 [ 1C090E86AFD15231377AD37436C3C719, 7C8C679ADB7AF0A965508012C4F3F2FA68D0BFE0E04941B94693D94DB0931B53 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
21:57:13.0395 0x0968 ADIHdAudAddService - ok
21:57:13.0429 0x0968 [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:57:13.0437 0x0968 AdobeARMservice - ok
21:57:13.0512 0x0968 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:57:13.0528 0x0968 AdobeFlashPlayerUpdateSvc - ok
21:57:13.0556 0x0968 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:57:13.0579 0x0968 adp94xx - ok
21:57:13.0597 0x0968 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:57:13.0616 0x0968 adpahci - ok
21:57:13.0628 0x0968 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:57:13.0641 0x0968 adpu320 - ok
21:57:13.0653 0x0968 [ 3BDB13C79CC8C06E2F8182595903ED69, 9E00D6649E862DE6812718B091C350E05A2C5C4D28DE8E05E3DD1F789A04EE96 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
21:57:13.0676 0x0968 AEADIFilters - ok
21:57:13.0690 0x0968 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:57:13.0723 0x0968 AeLookupSvc - ok
21:57:13.0744 0x0968 [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
21:57:13.0762 0x0968 afcdp - ok
21:57:13.0846 0x0968 [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
21:57:13.0936 0x0968 afcdpsrv - ok
21:57:13.0972 0x0968 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
21:57:14.0001 0x0968 AFD - ok
21:57:14.0009 0x0968 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:57:14.0021 0x0968 agp440 - ok
21:57:14.0039 0x0968 ajlvsasx - ok
21:57:14.0052 0x0968 [ 44F360B65C37A42EB5B71C2E5179FDD5, A7E65515FEE1698C96F647111F5C7D009C5FAC9A1F62D027802861A699AF1F93 ] aksdf C:\Windows\system32\drivers\aksdf.sys
21:57:14.0077 0x0968 aksdf - ok
21:57:14.0119 0x0968 [ BC61697103C9EFC3DBA83777CEA8E76B, 15F55C9E4ACB695A5A9BEF52D69AFE9D8D50F8307B81349FB4300368B52493D3 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
21:57:14.0131 0x0968 aksfridge - ok
21:57:14.0148 0x0968 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:57:14.0172 0x0968 ALG - ok
21:57:14.0193 0x0968 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:57:14.0203 0x0968 aliide - ok
21:57:14.0229 0x0968 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:57:14.0260 0x0968 AMD External Events Utility - ok
21:57:14.0275 0x0968 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:57:14.0285 0x0968 amdide - ok
21:57:14.0301 0x0968 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:57:14.0325 0x0968 AmdK8 - ok
21:57:14.0586 0x0968 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:57:14.0941 0x0968 amdkmdag - ok
21:57:14.0975 0x0968 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:57:15.0020 0x0968 amdkmdap - ok
21:57:15.0033 0x0968 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:57:15.0051 0x0968 AmdPPM - ok
21:57:15.0074 0x0968 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:57:15.0086 0x0968 amdsata - ok
21:57:15.0100 0x0968 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:57:15.0115 0x0968 amdsbs - ok
21:57:15.0123 0x0968 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:57:15.0132 0x0968 amdxata - ok
21:57:15.0149 0x0968 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:57:15.0182 0x0968 AppID - ok
21:57:15.0191 0x0968 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:57:15.0228 0x0968 AppIDSvc - ok
21:57:15.0239 0x0968 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:57:15.0259 0x0968 Appinfo - ok
21:57:15.0268 0x0968 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:57:15.0289 0x0968 AppMgmt - ok
21:57:15.0297 0x0968 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:57:15.0308 0x0968 arc - ok
21:57:15.0316 0x0968 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:57:15.0328 0x0968 arcsas - ok
21:57:15.0369 0x0968 aspnet_state - ok
21:57:15.0383 0x0968 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:57:15.0416 0x0968 AsyncMac - ok
21:57:15.0439 0x0968 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:57:15.0449 0x0968 atapi - ok
21:57:15.0473 0x0968 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:57:15.0496 0x0968 AtiHDAudioService - ok
21:57:15.0523 0x0968 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:57:15.0577 0x0968 AudioEndpointBuilder - ok
21:57:15.0594 0x0968 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:57:15.0635 0x0968 AudioSrv - ok
21:57:15.0669 0x0968 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:57:15.0690 0x0968 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
21:57:18.0107 0x0968 Detect skipped due to KSN trusted
21:57:18.0107 0x0968 AVM WLAN Connection Service - ok
21:57:18.0123 0x0968 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:57:18.0133 0x0968 avmeject - ok
21:57:18.0148 0x0968 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:57:18.0172 0x0968 AxInstSV - ok
21:57:18.0190 0x0968 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:57:18.0220 0x0968 b06bdrv - ok
21:57:18.0233 0x0968 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:57:18.0261 0x0968 b57nd60a - ok
21:57:18.0270 0x0968 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:57:18.0285 0x0968 BDESVC - ok
21:57:18.0289 0x0968 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:57:18.0322 0x0968 Beep - ok
21:57:18.0352 0x0968 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:57:18.0400 0x0968 BFE - ok
21:57:18.0426 0x0968 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
21:57:18.0479 0x0968 BITS - ok
21:57:18.0487 0x0968 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:57:18.0506 0x0968 blbdrive - ok
21:57:18.0520 0x0968 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:57:18.0539 0x0968 bowser - ok
21:57:18.0546 0x0968 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:57:18.0564 0x0968 BrFiltLo - ok
21:57:18.0571 0x0968 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:57:18.0584 0x0968 BrFiltUp - ok
21:57:18.0595 0x0968 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:57:18.0625 0x0968 BridgeMP - ok
21:57:18.0640 0x0968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:57:18.0659 0x0968 Browser - ok
21:57:18.0703 0x0968 [ 21FA3E51618FF8E2F4B29964ABC5884F, AB6E5ACEBC426354C7CD7D297D8D2CA086755F0E410320CA15B989E8963ECC78 ] Browser Defender Update Service C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
21:57:18.0713 0x0968 Browser Defender Update Service - ok
21:57:18.0725 0x0968 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:57:18.0755 0x0968 Brserid - ok
21:57:18.0761 0x0968 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:57:18.0780 0x0968 BrSerWdm - ok
21:57:18.0787 0x0968 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:57:18.0809 0x0968 BrUsbMdm - ok
21:57:18.0816 0x0968 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:57:18.0834 0x0968 BrUsbSer - ok
21:57:18.0843 0x0968 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:57:18.0863 0x0968 BTHMODEM - ok
21:57:18.0874 0x0968 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:57:18.0903 0x0968 bthserv - ok
21:57:18.0913 0x0968 catchme - ok
21:57:18.0932 0x0968 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:57:18.0973 0x0968 cdfs - ok
21:57:18.0983 0x0968 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:57:19.0000 0x0968 cdrom - ok
21:57:19.0009 0x0968 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:57:19.0047 0x0968 CertPropSvc - ok
21:57:19.0055 0x0968 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:57:19.0073 0x0968 circlass - ok
21:57:19.0091 0x0968 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:57:19.0112 0x0968 CLFS - ok
21:57:19.0135 0x0968 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:57:19.0145 0x0968 clr_optimization_v2.0.50727_32 - ok
21:57:19.0180 0x0968 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:57:19.0190 0x0968 clr_optimization_v2.0.50727_64 - ok
21:57:19.0245 0x0968 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:57:19.0256 0x0968 clr_optimization_v4.0.30319_32 - ok
21:57:19.0305 0x0968 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:57:19.0318 0x0968 clr_optimization_v4.0.30319_64 - ok
21:57:19.0345 0x0968 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:57:19.0380 0x0968 CmBatt - ok
21:57:19.0390 0x0968 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:57:19.0401 0x0968 cmdide - ok
21:57:19.0422 0x0968 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
21:57:19.0456 0x0968 CNG - ok
21:57:19.0463 0x0968 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:57:19.0473 0x0968 Compbatt - ok
21:57:19.0481 0x0968 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:57:19.0503 0x0968 CompositeBus - ok
21:57:19.0506 0x0968 COMSysApp - ok
21:57:19.0517 0x0968 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:57:19.0531 0x0968 crcdisk - ok
21:57:19.0538 0x0968 crtjnuyc - ok
21:57:19.0560 0x0968 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:57:19.0584 0x0968 CryptSvc - ok
21:57:19.0602 0x0968 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:57:19.0634 0x0968 CSC - ok
21:57:19.0657 0x0968 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:57:19.0695 0x0968 CscService - ok
21:57:19.0713 0x0968 [ 8EC96B753727B380089D66D4AB5869DF, F8E36B68EED9680291610C83E7DF16A04D278E3E7BC807CF8A870D01C4E5A95E ] CYUSB C:\Windows\system32\Drivers\CYUSB.sys
21:57:19.0728 0x0968 CYUSB - ok
21:57:19.0742 0x0968 [ 003626F7CA17C204F16CD5047AF0703A, BA9063D77A60AF1107A1A6B3C1DD6F1EF3D9DCE7616BAC67DF13AEDD67B683F3 ] danewFltr C:\Windows\system32\drivers\danew.sys
21:57:19.0757 0x0968 danewFltr - ok
21:57:19.0778 0x0968 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:57:19.0826 0x0968 DcomLaunch - ok
21:57:19.0842 0x0968 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:57:19.0878 0x0968 defragsvc - ok
21:57:19.0890 0x0968 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:57:19.0925 0x0968 DfsC - ok
21:57:19.0941 0x0968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:57:19.0970 0x0968 Dhcp - ok
21:57:19.0981 0x0968 DigiRefresh - ok
21:57:19.0989 0x0968 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:57:20.0022 0x0968 discache - ok
21:57:20.0034 0x0968 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:57:20.0045 0x0968 Disk - ok
21:57:20.0055 0x0968 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:57:20.0074 0x0968 dmvsc - ok
21:57:20.0087 0x0968 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:57:20.0109 0x0968 Dnscache - ok
21:57:20.0122 0x0968 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:57:20.0158 0x0968 dot3svc - ok
21:57:20.0173 0x0968 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:57:20.0209 0x0968 DPS - ok
21:57:20.0217 0x0968 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:57:20.0230 0x0968 drmkaud - ok
21:57:20.0265 0x0968 [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:57:20.0292 0x0968 DXGKrnl - ok
21:57:20.0296 0x0968 eaarkkjg - ok
21:57:20.0314 0x0968 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:57:20.0345 0x0968 EapHost - ok
21:57:20.0424 0x0968 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:57:20.0530 0x0968 ebdrv - ok
21:57:20.0542 0x0968 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
21:57:20.0559 0x0968 EFS - ok
21:57:20.0599 0x0968 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:57:20.0635 0x0968 ehRecvr - ok
21:57:20.0648 0x0968 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:57:20.0668 0x0968 ehSched - ok
21:57:20.0693 0x0968 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
21:57:20.0703 0x0968 ElbyCDIO - ok
21:57:20.0721 0x0968 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:57:20.0747 0x0968 elxstor - ok
21:57:20.0756 0x0968 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:57:20.0771 0x0968 ErrDev - ok
21:57:20.0796 0x0968 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:57:20.0837 0x0968 EventSystem - ok
21:57:20.0848 0x0968 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:57:20.0880 0x0968 exfat - ok
21:57:20.0893 0x0968 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:57:20.0935 0x0968 fastfat - ok
21:57:20.0956 0x0968 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:57:20.0992 0x0968 Fax - ok
21:57:20.0999 0x0968 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:57:21.0014 0x0968 fdc - ok
21:57:21.0022 0x0968 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:57:21.0055 0x0968 fdPHost - ok
21:57:21.0065 0x0968 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:57:21.0098 0x0968 FDResPub - ok
21:57:21.0105 0x0968 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:57:21.0116 0x0968 FileInfo - ok
21:57:21.0123 0x0968 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:57:21.0156 0x0968 Filetrace - ok
21:57:21.0161 0x0968 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:57:21.0173 0x0968 flpydisk - ok
21:57:21.0190 0x0968 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:57:21.0208 0x0968 FltMgr - ok
21:57:21.0243 0x0968 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
21:57:21.0296 0x0968 FontCache - ok
21:57:21.0324 0x0968 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:57:21.0334 0x0968 FontCache3.0.0.0 - ok
21:57:21.0345 0x0968 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:57:21.0357 0x0968 FsDepends - ok
21:57:21.0367 0x0968 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:57:21.0378 0x0968 Fs_Rec - ok
21:57:21.0390 0x0968 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:57:21.0408 0x0968 fvevol - ok
21:57:21.0428 0x0968 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
21:57:21.0453 0x0968 FWLANUSB - ok
21:57:21.0461 0x0968 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:57:21.0473 0x0968 gagp30kx - ok
21:57:21.0495 0x0968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:57:21.0545 0x0968 gpsvc - ok
21:57:21.0587 0x0968 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:57:21.0597 0x0968 gupdate - ok
21:57:21.0612 0x0968 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:57:21.0621 0x0968 gupdatem - ok
21:57:21.0657 0x0968 [ D619BA1712B83D14149850E758B835AD, AD18807EC4DA6FA8C6846C1A0D914071FD59BD3273AFC103E5F2A7141F18C5F4 ] hardlock C:\Windows\system32\drivers\hardlock.sys
21:57:21.0684 0x0968 hardlock - ok
21:57:21.0690 0x0968 hasplms - ok
21:57:21.0707 0x0968 [ D5FA01185A7D5A65724FD87B34E53F5B, 4951DC34E0E0EA598C3599B619D5DEEF527D0B5D2C2C6392469865C6420B31C0 ] hcmon C:\Windows\system32\drivers\hcmon.sys
21:57:21.0716 0x0968 hcmon - ok
21:57:21.0724 0x0968 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:57:21.0742 0x0968 hcw85cir - ok
21:57:21.0762 0x0968 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:57:21.0794 0x0968 HdAudAddService - ok
21:57:21.0805 0x0968 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:57:21.0827 0x0968 HDAudBus - ok
21:57:21.0835 0x0968 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:57:21.0851 0x0968 HidBatt - ok
21:57:21.0862 0x0968 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:57:21.0882 0x0968 HidBth - ok
21:57:21.0895 0x0968 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:57:21.0910 0x0968 HidIr - ok
21:57:21.0918 0x0968 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
21:57:21.0952 0x0968 hidserv - ok
21:57:21.0962 0x0968 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:57:21.0975 0x0968 HidUsb - ok
21:57:21.0986 0x0968 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:57:22.0020 0x0968 hkmsvc - ok
21:57:22.0040 0x0968 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:57:22.0064 0x0968 HomeGroupListener - ok
21:57:22.0077 0x0968 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:57:22.0099 0x0968 HomeGroupProvider - ok
21:57:22.0108 0x0968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:57:22.0119 0x0968 HpSAMD - ok
21:57:22.0145 0x0968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:57:22.0201 0x0968 HTTP - ok
21:57:22.0209 0x0968 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:57:22.0218 0x0968 hwpolicy - ok
21:57:22.0229 0x0968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:57:22.0243 0x0968 i8042prt - ok
21:57:22.0283 0x0968 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:57:22.0300 0x0968 IAANTMON - ok
21:57:22.0321 0x0968 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:57:22.0337 0x0968 iaStor - ok
21:57:22.0356 0x0968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:57:22.0378 0x0968 iaStorV - ok
21:57:22.0419 0x0968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:57:22.0449 0x0968 idsvc - ok
21:57:22.0460 0x0968 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:57:22.0471 0x0968 iirsp - ok
21:57:22.0498 0x0968 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
21:57:22.0552 0x0968 IKEEXT - ok
21:57:22.0567 0x0968 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:57:22.0577 0x0968 intelide - ok
21:57:22.0590 0x0968 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:57:22.0608 0x0968 intelppm - ok
21:57:22.0617 0x0968 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:57:22.0650 0x0968 IPBusEnum - ok
21:57:22.0660 0x0968 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:57:22.0689 0x0968 IpFilterDriver - ok
21:57:22.0711 0x0968 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:57:22.0745 0x0968 iphlpsvc - ok
21:57:22.0754 0x0968 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:57:22.0774 0x0968 IPMIDRV - ok
21:57:22.0783 0x0968 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:57:22.0831 0x0968 IPNAT - ok
21:57:22.0838 0x0968 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:57:22.0859 0x0968 IRENUM - ok
21:57:22.0867 0x0968 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:57:22.0877 0x0968 isapnp - ok
21:57:22.0895 0x0968 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:57:22.0913 0x0968 iScsiPrt - ok
21:57:22.0924 0x0968 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:57:22.0934 0x0968 kbdclass - ok
21:57:22.0946 0x0968 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:57:22.0964 0x0968 kbdhid - ok
21:57:22.0971 0x0968 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
21:57:22.0984 0x0968 KeyIso - ok
21:57:22.0994 0x0968 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:57:23.0006 0x0968 KSecDD - ok
21:57:23.0019 0x0968 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:57:23.0032 0x0968 KSecPkg - ok
21:57:23.0043 0x0968 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:57:23.0077 0x0968 ksthunk - ok
21:57:23.0095 0x0968 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:57:23.0135 0x0968 KtmRm - ok
21:57:23.0148 0x0968 ktmujbzd - ok
21:57:23.0167 0x0968 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:57:23.0206 0x0968 LanmanServer - ok
21:57:23.0219 0x0968 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:57:23.0255 0x0968 LanmanWorkstation - ok
21:57:23.0279 0x0968 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:57:23.0288 0x0968 LGBusEnum - ok
21:57:23.0311 0x0968 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:57:23.0318 0x0968 LGVirHid - ok
21:57:23.0327 0x0968 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:57:23.0356 0x0968 lltdio - ok
21:57:23.0373 0x0968 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:57:23.0415 0x0968 lltdsvc - ok
21:57:23.0423 0x0968 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:57:23.0455 0x0968 lmhosts - ok
21:57:23.0469 0x0968 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:57:23.0482 0x0968 LSI_FC - ok
21:57:23.0494 0x0968 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:57:23.0506 0x0968 LSI_SAS - ok
21:57:23.0515 0x0968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:57:23.0526 0x0968 LSI_SAS2 - ok
21:57:23.0535 0x0968 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:57:23.0547 0x0968 LSI_SCSI - ok
21:57:23.0556 0x0968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:57:23.0591 0x0968 luafv - ok
21:57:23.0617 0x0968 [ E2C6A3F80C1979B911408C17E3893371, 56FD7B743303BDC751C031372D7242C5CD25DAF927942D2D90F71033E7DE625C ] MAUSBFASTTRACK C:\Windows\system32\DRIVERS\MAudioFastTrack.sys
21:57:23.0628 0x0968 MAUSBFASTTRACK - ok
21:57:23.0642 0x0968 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:57:23.0661 0x0968 Mcx2Svc - ok
21:57:23.0668 0x0968 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:57:23.0679 0x0968 megasas - ok
21:57:23.0689 0x0968 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:57:23.0707 0x0968 MegaSR - ok
21:57:23.0722 0x0968 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:57:23.0758 0x0968 MMCSS - ok
21:57:23.0764 0x0968 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:57:23.0794 0x0968 Modem - ok
21:57:23.0808 0x0968 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:57:23.0827 0x0968 monitor - ok
21:57:23.0836 0x0968 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:57:23.0846 0x0968 mouclass - ok
21:57:23.0855 0x0968 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:57:23.0871 0x0968 mouhid - ok
21:57:23.0881 0x0968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:57:23.0893 0x0968 mountmgr - ok
21:57:23.0910 0x0968 [ F8A10560B35C66F9DE212F03DAD5BFA7, 3ADCBC309A55494326EE8D152F92DFD11E1F97C897C8019BAB547E75D735FE92 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:57:23.0927 0x0968 MpFilter - ok
21:57:23.0935 0x0968 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:57:23.0948 0x0968 mpio - ok
21:57:23.0960 0x0968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:57:23.0990 0x0968 mpsdrv - ok
21:57:24.0017 0x0968 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:57:24.0066 0x0968 MpsSvc - ok
21:57:24.0077 0x0968 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:57:24.0096 0x0968 MRxDAV - ok
21:57:24.0109 0x0968 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:57:24.0125 0x0968 mrxsmb - ok
21:57:24.0141 0x0968 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:57:24.0160 0x0968 mrxsmb10 - ok
21:57:24.0173 0x0968 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:57:24.0187 0x0968 mrxsmb20 - ok
21:57:24.0194 0x0968 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:57:24.0204 0x0968 msahci - ok
21:57:24.0214 0x0968 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:57:24.0227 0x0968 msdsm - ok
21:57:24.0238 0x0968 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:57:24.0254 0x0968 MSDTC - ok
21:57:24.0262 0x0968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:57:24.0296 0x0968 Msfs - ok
21:57:24.0305 0x0968 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:57:24.0337 0x0968 mshidkmdf - ok
21:57:24.0345 0x0968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:57:24.0355 0x0968 msisadrv - ok
21:57:24.0380 0x0968 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:57:24.0422 0x0968 MSiSCSI - ok
21:57:24.0425 0x0968 msiserver - ok
21:57:24.0438 0x0968 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:57:24.0475 0x0968 MSKSSRV - ok
21:57:24.0506 0x0968 [ E07DEC52FF801841BA9B6878A60304FB, A57A999F411559EA97C830C9FE0234578E2E98EDAF72F9949891F901B83B22A4 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:57:24.0518 0x0968 MsMpSvc - ok
21:57:24.0528 0x0968 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:57:24.0559 0x0968 MSPCLOCK - ok
21:57:24.0572 0x0968 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:57:24.0603 0x0968 MSPQM - ok
21:57:24.0617 0x0968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:57:24.0639 0x0968 MsRPC - ok
21:57:24.0648 0x0968 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:57:24.0658 0x0968 mssmbios - ok
21:57:24.0667 0x0968 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:57:24.0698 0x0968 MSTEE - ok
21:57:24.0705 0x0968 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:57:24.0722 0x0968 MTConfig - ok
21:57:24.0735 0x0968 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:57:24.0751 0x0968 MTsensor - ok
21:57:24.0760 0x0968 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:57:24.0770 0x0968 Mup - ok
21:57:24.0789 0x0968 [ 1CA758BC0DEAF35D21ECAACC30427527, DAC9839E2602365C9B867C602A739450CF7F2C5F65A6539F310B55F9D3C8447E ] mv64xx C:\Windows\system32\DRIVERS\mv64xx.sys
21:57:24.0803 0x0968 mv64xx - ok
21:57:24.0822 0x0968 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:57:24.0870 0x0968 napagent - ok
21:57:24.0887 0x0968 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:57:24.0917 0x0968 NativeWifiP - ok
21:57:24.0958 0x0968 [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:57:24.0984 0x0968 NAUpdate - ok
21:57:25.0051 0x0968 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:57:25.0093 0x0968 NDIS - ok
21:57:25.0108 0x0968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:57:25.0143 0x0968 NdisCap - ok
21:57:25.0152 0x0968 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:57:25.0180 0x0968 NdisTapi - ok
21:57:25.0189 0x0968 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:57:25.0219 0x0968 Ndisuio - ok
21:57:25.0230 0x0968 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:57:25.0266 0x0968 NdisWan - ok
21:57:25.0275 0x0968 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:57:25.0303 0x0968 NDProxy - ok
21:57:25.0312 0x0968 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:57:25.0344 0x0968 NetBIOS - ok
21:57:25.0352 0x0968 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:57:25.0386 0x0968 NetBT - ok
21:57:25.0393 0x0968 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
21:57:25.0404 0x0968 Netlogon - ok
21:57:25.0422 0x0968 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:57:25.0467 0x0968 Netman - ok
21:57:25.0482 0x0968 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:25.0493 0x0968 NetMsmqActivator - ok
21:57:25.0498 0x0968 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:25.0507 0x0968 NetPipeActivator - ok
21:57:25.0530 0x0968 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:57:25.0574 0x0968 netprofm - ok
21:57:25.0584 0x0968 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:25.0594 0x0968 NetTcpActivator - ok
21:57:25.0598 0x0968 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:25.0608 0x0968 NetTcpPortSharing - ok
21:57:25.0614 0x0968 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:57:25.0625 0x0968 nfrd960 - ok
21:57:25.0648 0x0968 [ 162100E0BC8377710F9D170631921C03, B4FC4F6BCCA5A61EC86F9D10F4FE284E9393CE4599CE64BC8360202F0108B499 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:57:25.0662 0x0968 NisDrv - ok
21:57:25.0683 0x0968 [ C6E15F2F95F9C0A6098D43510B604E52, 7B621846EC4DD066657536755455ADB016207A45D49FC5E5F1D50EAD2CCB6B13 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:57:25.0707 0x0968 NisSrv - ok
21:57:25.0718 0x0968 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:57:25.0744 0x0968 NlaSvc - ok
21:57:25.0751 0x0968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:57:25.0781 0x0968 Npfs - ok
21:57:25.0790 0x0968 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:57:25.0822 0x0968 nsi - ok
21:57:25.0830 0x0968 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:57:25.0862 0x0968 nsiproxy - ok
21:57:25.0909 0x0968 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:57:25.0960 0x0968 Ntfs - ok
21:57:25.0967 0x0968 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:57:25.0999 0x0968 Null - ok
21:57:26.0014 0x0968 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:57:26.0027 0x0968 nvraid - ok
21:57:26.0045 0x0968 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:57:26.0058 0x0968 nvstor - ok
21:57:26.0068 0x0968 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:57:26.0081 0x0968 nv_agp - ok
21:57:26.0089 0x0968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:57:26.0110 0x0968 ohci1394 - ok
21:57:26.0145 0x0968 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:26.0156 0x0968 ose - ok
21:57:26.0282 0x0968 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:57:26.0417 0x0968 osppsvc - ok
21:57:26.0446 0x0968 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:57:26.0473 0x0968 p2pimsvc - ok
21:57:26.0491 0x0968 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:57:26.0514 0x0968 p2psvc - ok
21:57:26.0523 0x0968 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:57:26.0540 0x0968 Parport - ok
21:57:26.0551 0x0968 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:57:26.0563 0x0968 partmgr - ok
21:57:26.0577 0x0968 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:57:26.0601 0x0968 PcaSvc - ok
21:57:26.0612 0x0968 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:57:26.0626 0x0968 pci - ok
21:57:26.0636 0x0968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:57:26.0646 0x0968 pciide - ok
21:57:26.0656 0x0968 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:57:26.0672 0x0968 pcmcia - ok
21:57:26.0687 0x0968 [ 3A68080572B81577791A7B19BB880DA9, 9F64FAB46BF6B5AB46EF77A7077295587F4A6C4851D5EB04D9EC8ECC4C7C67D1 ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
21:57:26.0701 0x0968 PCTCore - ok
21:57:26.0708 0x0968 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:57:26.0719 0x0968 pcw - ok
21:57:26.0738 0x0968 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:57:26.0791 0x0968 PEAUTH - ok
21:57:26.0828 0x0968 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:57:26.0882 0x0968 PeerDistSvc - ok
21:57:26.0933 0x0968 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:57:26.0953 0x0968 PerfHost - ok
21:57:26.0996 0x0968 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:57:27.0067 0x0968 pla - ok
21:57:27.0088 0x0968 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:57:27.0114 0x0968 PlugPlay - ok
21:57:27.0134 0x0968 PnkBstrA - ok
21:57:27.0146 0x0968 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:57:27.0163 0x0968 PNRPAutoReg - ok
21:57:27.0174 0x0968 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:57:27.0192 0x0968 PNRPsvc - ok
21:57:27.0212 0x0968 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:57:27.0259 0x0968 PolicyAgent - ok
21:57:27.0275 0x0968 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:57:27.0309 0x0968 Power - ok
21:57:27.0322 0x0968 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:57:27.0356 0x0968 PptpMiniport - ok
21:57:27.0366 0x0968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:57:27.0383 0x0968 Processor - ok
21:57:27.0403 0x0968 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:57:27.0426 0x0968 ProfSvc - ok
21:57:27.0432 0x0968 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:57:27.0443 0x0968 ProtectedStorage - ok
21:57:27.0458 0x0968 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:57:27.0494 0x0968 Psched - ok
21:57:27.0497 0x0968 ptqllcii - ok
21:57:27.0538 0x0968 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:57:27.0587 0x0968 ql2300 - ok
21:57:27.0602 0x0968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:57:27.0614 0x0968 ql40xx - ok
21:57:27.0631 0x0968 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:57:27.0654 0x0968 QWAVE - ok
21:57:27.0661 0x0968 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:57:27.0682 0x0968 QWAVEdrv - ok
21:57:27.0688 0x0968 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:57:27.0715 0x0968 RasAcd - ok
21:57:27.0732 0x0968 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:57:27.0761 0x0968 RasAgileVpn - ok
21:57:27.0772 0x0968 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:57:27.0805 0x0968 RasAuto - ok
21:57:27.0815 0x0968 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:57:27.0849 0x0968 Rasl2tp - ok
21:57:27.0866 0x0968 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:57:27.0905 0x0968 RasMan - ok
21:57:27.0919 0x0968 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:57:27.0952 0x0968 RasPppoe - ok
21:57:27.0960 0x0968 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:57:27.0997 0x0968 RasSstp - ok
21:57:28.0013 0x0968 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:57:28.0062 0x0968 rdbss - ok
21:57:28.0070 0x0968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:57:28.0089 0x0968 rdpbus - ok
21:57:28.0095 0x0968 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:57:28.0125 0x0968 RDPCDD - ok
21:57:28.0136 0x0968 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:57:28.0152 0x0968 RDPDR - ok
21:57:28.0163 0x0968 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:57:28.0194 0x0968 RDPENCDD - ok
21:57:28.0202 0x0968 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:57:28.0236 0x0968 RDPREFMP - ok
21:57:28.0251 0x0968 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:57:28.0276 0x0968 RDPWD - ok
21:57:28.0288 0x0968 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:57:28.0303 0x0968 rdyboost - ok
21:57:28.0311 0x0968 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:57:28.0348 0x0968 RemoteAccess - ok
21:57:28.0362 0x0968 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:57:28.0399 0x0968 RemoteRegistry - ok
21:57:28.0401 0x0968 rlffuili - ok
21:57:28.0409 0x0968 rmtofanc - ok
21:57:28.0425 0x0968 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:57:28.0463 0x0968 RpcEptMapper - ok
21:57:28.0471 0x0968 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:57:28.0491 0x0968 RpcLocator - ok
21:57:28.0513 0x0968 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:57:28.0554 0x0968 RpcSs - ok
21:57:28.0567 0x0968 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:57:28.0598 0x0968 rspndr - ok
21:57:28.0626 0x0968 [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:57:28.0648 0x0968 RTL8167 - ok
21:57:28.0661 0x0968 [ AE4FDA46C0A644DC9FB2545BDF4CB496, 35C911D94B887E64395EC3F493971E5D36176A3632D2F9FB7B4D5A886E9464F1 ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
21:57:28.0678 0x0968 rzdaendpt - ok
21:57:28.0695 0x0968 [ D28AB8D41CA4633EA69F2897F0B45565, B8FF66583530787419D04EEA75A49B61FB184523E652C720B1EF1F1695864F0A ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
21:57:28.0715 0x0968 rzudd - ok
21:57:28.0738 0x0968 [ 4CE040A51CFA6614F46419CB5F5B7BB6, 91DD7B91287800E96EF0DB9DD69B3315629BFA690592C2D0A3E596386A84CD95 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
21:57:28.0753 0x0968 rzvkeyboard - ok
21:57:28.0758 0x0968 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:57:28.0773 0x0968 s3cap - ok
21:57:28.0776 0x0968 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
21:57:28.0789 0x0968 SamSs - ok
21:57:28.0798 0x0968 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:57:28.0811 0x0968 sbp2port - ok
21:57:28.0874 0x0968 [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:57:28.0912 0x0968 SBSDWSCService - ok
21:57:28.0925 0x0968 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:57:28.0961 0x0968 SCardSvr - ok
21:57:28.0968 0x0968 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:57:29.0001 0x0968 scfilter - ok
21:57:29.0033 0x0968 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:57:29.0096 0x0968 Schedule - ok
21:57:29.0106 0x0968 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:57:29.0134 0x0968 SCPolicySvc - ok
21:57:29.0164 0x0968 [ EE088B31F5EB673A62E7E0D09B0007B0, 686B697F554E02ACADD5E44F707EF1E7DD87539FF8156F4FF67533E5D26BC160 ] sdAuxService C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
21:57:29.0184 0x0968 sdAuxService - ok
21:57:29.0222 0x0968 [ 747FFE0A5A34C349A363BE97C632B7C4, 7AC092581CCED5080DA8ED3B7243B0DC99B648493ACDE7EB02461DB0DDB1C0B0 ] sdCoreService C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
21:57:29.0259 0x0968 sdCoreService - ok
21:57:29.0277 0x0968 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:57:29.0293 0x0968 SDRSVC - ok
21:57:29.0304 0x0968 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:57:29.0338 0x0968 secdrv - ok
21:57:29.0350 0x0968 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:57:29.0380 0x0968 seclogon - ok
21:57:29.0388 0x0968 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
21:57:29.0422 0x0968 SENS - ok
21:57:29.0427 0x0968 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:57:29.0440 0x0968 SensrSvc - ok
21:57:29.0448 0x0968 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:57:29.0466 0x0968 Serenum - ok
21:57:29.0479 0x0968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
21:57:29.0499 0x0968 Serial - ok
21:57:29.0515 0x0968 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:57:29.0534 0x0968 sermouse - ok
21:57:29.0547 0x0968 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:57:29.0584 0x0968 SessionEnv - ok
21:57:29.0591 0x0968 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:57:29.0604 0x0968 sffdisk - ok
21:57:29.0607 0x0968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:57:29.0624 0x0968 sffp_mmc - ok
21:57:29.0629 0x0968 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:57:29.0646 0x0968 sffp_sd - ok
21:57:29.0653 0x0968 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:57:29.0670 0x0968 sfloppy - ok
21:57:29.0707 0x0968 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:57:29.0750 0x0968 SharedAccess - ok
21:57:29.0769 0x0968 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:57:29.0814 0x0968 ShellHWDetection - ok
21:57:29.0823 0x0968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:57:29.0834 0x0968 SiSRaid2 - ok
21:57:29.0843 0x0968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:57:29.0854 0x0968 SiSRaid4 - ok
21:57:29.0873 0x0968 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:57:29.0884 0x0968 SkypeUpdate - ok
21:57:29.0895 0x0968 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:57:29.0931 0x0968 Smb - ok
21:57:29.0956 0x0968 [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
21:57:29.0974 0x0968 snapman - ok
21:57:29.0987 0x0968 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:57:30.0007 0x0968 SNMPTRAP - ok
21:57:30.0013 0x0968 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:57:30.0023 0x0968 spldr - ok
21:57:30.0044 0x0968 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:57:30.0074 0x0968 Spooler - ok
21:57:30.0155 0x0968 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:57:30.0285 0x0968 sppsvc - ok
21:57:30.0297 0x0968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:57:30.0328 0x0968 sppuinotify - ok
21:57:30.0347 0x0968 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:57:30.0378 0x0968 srv - ok
21:57:30.0393 0x0968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:57:30.0425 0x0968 srv2 - ok
21:57:30.0438 0x0968 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:57:30.0455 0x0968 srvnet - ok
21:57:30.0465 0x0968 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:57:30.0500 0x0968 SSDPSRV - ok
21:57:30.0507 0x0968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:57:30.0539 0x0968 SstpSvc - ok
21:57:30.0562 0x0968 Steam Client Service - ok
21:57:30.0567 0x0968 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:57:30.0577 0x0968 stexstor - ok
21:57:30.0601 0x0968 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:57:30.0640 0x0968 stisvc - ok
21:57:30.0653 0x0968 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:57:30.0662 0x0968 storflt - ok
21:57:30.0668 0x0968 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:57:30.0683 0x0968 StorSvc - ok
21:57:30.0694 0x0968 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:57:30.0705 0x0968 storvsc - ok
21:57:30.0710 0x0968 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:57:30.0720 0x0968 swenum - ok
21:57:30.0737 0x0968 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:57:30.0782 0x0968 swprv - ok
21:57:30.0823 0x0968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:57:30.0897 0x0968 SysMain - ok
21:57:30.0907 0x0968 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:57:30.0929 0x0968 TabletInputService - ok
21:57:30.0939 0x0968 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:57:30.0981 0x0968 TapiSrv - ok
21:57:30.0990 0x0968 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:57:31.0024 0x0968 TBS - ok
21:57:31.0075 0x0968 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:57:31.0136 0x0968 Tcpip - ok
21:57:31.0206 0x0968 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:57:31.0250 0x0968 TCPIP6 - ok
21:57:31.0270 0x0968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:57:31.0282 0x0968 tcpipreg - ok
21:57:31.0292 0x0968 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:57:31.0306 0x0968 TDPIPE - ok
21:57:31.0344 0x0968 [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
21:57:31.0383 0x0968 tdrpman273 - ok
21:57:31.0393 0x0968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:57:31.0408 0x0968 TDTCP - ok
21:57:31.0421 0x0968 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:57:31.0452 0x0968 tdx - ok
21:57:31.0460 0x0968 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:57:31.0471 0x0968 TermDD - ok
21:57:31.0492 0x0968 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
21:57:31.0549 0x0968 TermService - ok
21:57:31.0556 0x0968 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:57:31.0574 0x0968 Themes - ok
21:57:31.0585 0x0968 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:57:31.0615 0x0968 THREADORDER - ok
21:57:31.0647 0x0968 [ 2C1CAF5563548A15515EAB07D2A069C6, 863405BAC725C7DC6CC86613365A099A2370781018996DD3E74981565AD0DDF5 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
21:57:31.0680 0x0968 timounter - ok
21:57:31.0695 0x0968 [ C676B0F52F2B6483AFB88F79CABB011E, 8F10C7C91B47F87C3E29785BDACA49831857849F688C34A1F097C9D6593003AA ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
21:57:31.0706 0x0968 Tpkd - ok
21:57:31.0722 0x0968 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:57:31.0759 0x0968 TrkWks - ok
21:57:31.0778 0x0968 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:57:31.0809 0x0968 TrustedInstaller - ok
21:57:31.0820 0x0968 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:57:31.0837 0x0968 tssecsrv - ok
21:57:31.0848 0x0968 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:57:31.0868 0x0968 TsUsbFlt - ok
21:57:31.0875 0x0968 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:57:31.0891 0x0968 TsUsbGD - ok
21:57:31.0903 0x0968 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:57:31.0938 0x0968 tunnel - ok
21:57:31.0946 0x0968 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:57:31.0957 0x0968 uagp35 - ok
21:57:31.0959 0x0968 ubqgdokm - ok
21:57:31.0975 0x0968 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:57:32.0017 0x0968 udfs - ok
21:57:32.0054 0x0968 [ 215462AE7E6A897D675E84DD1E3B3B56, 7F45E77F971E9AC3E1402663EF5F6A2D496F9BB758C8E50D2D329E834E20B7D8 ] ufad-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
21:57:32.0067 0x0968 ufad-ws60 - ok
21:57:32.0074 0x0968 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:57:32.0093 0x0968 UI0Detect - ok
21:57:32.0110 0x0968 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:57:32.0121 0x0968 uliagpkx - ok
21:57:32.0133 0x0968 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:57:32.0150 0x0968 umbus - ok
21:57:32.0163 0x0968 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:57:32.0178 0x0968 UmPass - ok
21:57:32.0188 0x0968 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:57:32.0212 0x0968 UmRdpService - ok
21:57:32.0226 0x0968 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:57:32.0269 0x0968 upnphost - ok
21:57:32.0287 0x0968 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:57:32.0310 0x0968 usbaudio - ok
21:57:32.0324 0x0968 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:57:32.0339 0x0968 usbccgp - ok
21:57:32.0357 0x0968 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:57:32.0374 0x0968 usbcir - ok
21:57:32.0392 0x0968 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:57:32.0407 0x0968 usbehci - ok
21:57:32.0425 0x0968 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:57:32.0449 0x0968 usbhub - ok
21:57:32.0457 0x0968 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:57:32.0473 0x0968 usbohci - ok
21:57:32.0481 0x0968 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:57:32.0498 0x0968 usbprint - ok
21:57:32.0509 0x0968 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:57:32.0527 0x0968 USBSTOR - ok
21:57:32.0540 0x0968 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:57:32.0559 0x0968 usbuhci - ok
21:57:32.0565 0x0968 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:57:32.0600 0x0968 UxSms - ok
21:57:32.0611 0x0968 varehocl - ok
21:57:32.0618 0x0968 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
21:57:32.0630 0x0968 VaultSvc - ok
21:57:32.0639 0x0968 [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
21:57:32.0654 0x0968 VClone - ok
21:57:32.0666 0x0968 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:57:32.0676 0x0968 vdrvroot - ok
21:57:32.0693 0x0968 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:57:32.0743 0x0968 vds - ok
21:57:32.0754 0x0968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:57:32.0768 0x0968 vga - ok
21:57:32.0774 0x0968 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:57:32.0807 0x0968 VgaSave - ok
21:57:32.0817 0x0968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:57:32.0835 0x0968 vhdmp - ok
21:57:32.0846 0x0968 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:57:32.0856 0x0968 viaide - ok
21:57:32.0870 0x0968 [ 3B59BB6D10CF969DBE4DB93D9EAD7FB4, 8BD4648AAD460F276C79AF81D1479E781E62D292F3318D39B53703403E57E52F ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
21:57:32.0885 0x0968 VKbms - ok
21:57:32.0904 0x0968 [ 7AC6239C65DADE55DEFD573B98616C3F, 39EC745BFA38C70DA80DC121CB24C12ED9AF9AFDCFE38FCD853CFA53D6E538A8 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
21:57:32.0914 0x0968 VMAuthdService - ok
21:57:32.0924 0x0968 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:57:32.0938 0x0968 vmbus - ok
21:57:32.0946 0x0968 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:57:32.0962 0x0968 VMBusHID - ok
21:57:32.0974 0x0968 [ 312AEC23A85424543AF898A59209B479, 7423643ACA900824CCC44B6347AD81E027A9C2A42C12C7F7FD9B89F3D5B5F654 ] vmci C:\Windows\system32\drivers\vmci.sys
21:57:32.0983 0x0968 vmci - ok
21:57:33.0002 0x0968 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED, 56DA6F766906A160C326AAA901E0B50E5CA8B054BDE1B95DD6EA14BBB5286E65 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
21:57:33.0010 0x0968 vmkbd - ok
21:57:33.0022 0x0968 [ 9D54F1339E78C95BF3D9939EBCB66378, 99E29225443049B35E633BB7E709AC89B555F6A1EC5FAE075825A74F088FDC9A ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:57:33.0029 0x0968 VMnetAdapter - ok
21:57:33.0043 0x0968 [ FB54EF3AA613D2832FD3812E7CB2FC75, 2D638EFE2E457C4F9B50AF49C7A0B0DA82A98FF10049C2E5DABE32B7E0BA2B23 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:57:33.0051 0x0968 VMnetBridge - ok
21:57:33.0057 0x0968 VMnetDHCP - ok
21:57:33.0066 0x0968 [ 56D547BFC3F1619FA82EC9EF5D24E802, D82DDC1E15F87E3E5809991CEFD81CE24BC8C9249108F36F7B854CEDBDB56FFC ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
21:57:33.0075 0x0968 VMnetuserif - ok
21:57:33.0115 0x0968 [ 19368F7C4DC6EF444B826249FC8A0E30, 6F26729EA0BD651FCCC8657BF7C40174AC06926373B467BC3BD3ED352421D2FA ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
21:57:33.0137 0x0968 VMUSBArbService - ok
21:57:33.0142 0x0968 VMware NAT Service - ok
21:57:33.0161 0x0968 [ 62CD5A87FDE14701506D4E0DD8F13D2E, C449E52039BAF7B262BEE4D1389239B196965A0A08E002441CE56B89EF6688E8 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
21:57:33.0171 0x0968 vmx86 - ok
21:57:33.0181 0x0968 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:57:33.0192 0x0968 volmgr - ok
21:57:33.0206 0x0968 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:57:33.0223 0x0968 volmgrx - ok
21:57:33.0234 0x0968 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:57:33.0251 0x0968 volsnap - ok
21:57:33.0261 0x0968 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:57:33.0275 0x0968 vsmraid - ok
21:57:33.0313 0x0968 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:57:33.0390 0x0968 VSS - ok
21:57:33.0407 0x0968 [ E61C910E2DDF4797C1B1F9239636E894, BEC555AB66BD0D33BBC9ABFF7F3955F7D0821383549C8BAC1944B63A85F897E8 ] vstor2-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
21:57:33.0415 0x0968 vstor2-ws60 - ok
21:57:33.0423 0x0968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:57:33.0438 0x0968 vwifibus - ok
21:57:33.0453 0x0968 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:57:33.0496 0x0968 W32Time - ok
21:57:33.0507 0x0968 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:57:33.0522 0x0968 WacomPen - ok
21:57:33.0533 0x0968 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:57:33.0568 0x0968 WANARP - ok
21:57:33.0573 0x0968 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:57:33.0602 0x0968 Wanarpv6 - ok
21:57:33.0642 0x0968 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:57:33.0702 0x0968 wbengine - ok
21:57:33.0714 0x0968 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:57:33.0736 0x0968 WbioSrvc - ok
21:57:33.0750 0x0968 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:57:33.0784 0x0968 wcncsvc - ok
21:57:33.0792 0x0968 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:57:33.0810 0x0968 WcsPlugInService - ok
21:57:33.0820 0x0968 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:57:33.0830 0x0968 Wd - ok
21:57:33.0856 0x0968 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:57:33.0890 0x0968 Wdf01000 - ok
21:57:33.0898 0x0968 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:57:33.0923 0x0968 WdiServiceHost - ok
21:57:33.0927 0x0968 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:57:33.0945 0x0968 WdiSystemHost - ok
21:57:33.0957 0x0968 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
21:57:33.0986 0x0968 WebClient - ok
21:57:33.0998 0x0968 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:57:34.0044 0x0968 Wecsvc - ok
21:57:34.0052 0x0968 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:57:34.0085 0x0968 wercplsupport - ok
21:57:34.0097 0x0968 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:57:34.0130 0x0968 WerSvc - ok
21:57:34.0143 0x0968 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:57:34.0173 0x0968 WfpLwf - ok
21:57:34.0178 0x0968 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:57:34.0189 0x0968 WIMMount - ok
21:57:34.0195 0x0968 WinDefend - ok
21:57:34.0202 0x0968 WinHttpAutoProxySvc - ok
21:57:34.0233 0x0968 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:57:34.0267 0x0968 Winmgmt - ok
21:57:34.0313 0x0968 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:57:34.0396 0x0968 WinRM - ok
21:57:34.0428 0x0968 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:57:34.0447 0x0968 WinUsb - ok
21:57:34.0468 0x0968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:57:34.0512 0x0968 Wlansvc - ok
21:57:34.0596 0x0968 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:57:34.0662 0x0968 wlidsvc - ok
21:57:34.0677 0x0968 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:57:34.0693 0x0968 WmiAcpi - ok
21:57:34.0711 0x0968 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:57:34.0732 0x0968 wmiApSrv - ok
21:57:34.0747 0x0968 WMPNetworkSvc - ok
21:57:34.0759 0x0968 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:57:34.0771 0x0968 WPCSvc - ok
21:57:34.0779 0x0968 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:57:34.0795 0x0968 WPDBusEnum - ok
21:57:34.0802 0x0968 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:57:34.0831 0x0968 ws2ifsl - ok
21:57:34.0840 0x0968 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:57:34.0862 0x0968 wscsvc - ok
21:57:34.0864 0x0968 WSearch - ok
21:57:34.0932 0x0968 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
21:57:35.0007 0x0968 wuauserv - ok
21:57:35.0033 0x0968 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:57:35.0054 0x0968 WudfPf - ok
21:57:35.0076 0x0968 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:57:35.0106 0x0968 WUDFRd - ok
21:57:35.0119 0x0968 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:57:35.0138 0x0968 wudfsvc - ok
21:57:35.0153 0x0968 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:57:35.0177 0x0968 WwanSvc - ok
21:57:35.0196 0x0968 ================ Scan global ===============================
21:57:35.0208 0x0968 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:57:35.0224 0x0968 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:57:35.0236 0x0968 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:57:35.0250 0x0968 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:57:35.0266 0x0968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:57:35.0277 0x0968 [ Global ] - ok
21:57:35.0278 0x0968 ================ Scan MBR ==================================
21:57:35.0281 0x0968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:57:35.0411 0x0968 \Device\Harddisk2\DR2 - ok
21:57:35.0430 0x0968 [ 87D88FA4D3EFD4431866EA91949644BF ] \Device\Harddisk0\DR0
21:57:35.0432 0x0968 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a ( 0 )
21:57:35.0432 0x0968 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
21:57:38.0050 0x0968 [ 87D88FA4D3EFD4431866EA91949644BF ] \Device\Harddisk1\DR1
21:57:38.0068 0x0968 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Wistler.a ( 0 )
21:57:38.0068 0x0968 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - infected
21:57:40.0682 0x0968 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR3
21:57:41.0680 0x0968 \Device\Harddisk3\DR3 - ok
21:57:41.0681 0x0968 ================ Scan VBR ==================================
21:57:41.0688 0x0968 [ 648FC44956DAA6F6D2A8D210255768CC ] \Device\Harddisk2\DR2\Partition1
21:57:41.0689 0x0968 \Device\Harddisk2\DR2\Partition1 - ok
21:57:41.0693 0x0968 [ EE9BD2983364C91FDF0753BA7BC6215D ] \Device\Harddisk2\DR2\Partition2
21:57:41.0695 0x0968 \Device\Harddisk2\DR2\Partition2 - ok
21:57:41.0697 0x0968 [ 3541107D5B9039B36E7DAD4CDEDD327F ] \Device\Harddisk0\DR0\Partition1
21:57:41.0699 0x0968 \Device\Harddisk0\DR0\Partition1 - ok
21:57:41.0711 0x0968 [ A59F8BF144837A8162BE68CC117745D5 ] \Device\Harddisk1\DR1\Partition1
21:57:41.0714 0x0968 \Device\Harddisk1\DR1\Partition1 - ok
21:57:41.0724 0x0968 [ 4B1FF6B5531814D37FB80B561FA4672E ] \Device\Harddisk3\DR3\Partition1
21:57:41.0726 0x0968 \Device\Harddisk3\DR3\Partition1 - ok
21:57:41.0735 0x0968 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.2.223.0 ), 0x60000 ( disabled : updated )
21:57:41.0778 0x0968 Win FW state via NFP2: enabled
21:57:44.0280 0x0968 ============================================================
21:57:44.0280 0x0968 Scan finished
21:57:44.0280 0x0968 ============================================================
21:57:44.0286 0x142c Detected object count: 2
21:57:44.0286 0x142c Actual detected object count: 2
21:58:03.0872 0x142c \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
21:58:03.0872 0x142c \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Skip
21:58:03.0873 0x142c \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - skipped by user
21:58:03.0873 0x142c \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - User select action: Skip
Der Kandidat erhält im Übrigen 100 Punkte! Hast nen Volltreffer gelandet mit deiner Vermutung. Er hat tatsächlich Wistler drauf. Habe natürlich fein artig geskipped (: |
|
10.10.2013, 21:06
| #20 | |
| /// TB-Ausbilder | GVU Trojaner Windows 7 64 BitZitat:
 Schritt 1 Starte bitte TDSSkiller.exe. Vista und Win7 User mit Rechtsklick "als Administrator ausführen".
Schritt 2 Bringst du jetzt FRST zum Laufen, oder klappt das immer noch nicht? Lade dazu bitte eine Version von FRST herunter: Downloade dir bitte Farbar Recovery Scan Tool 64-Bit und speichere es auf den Desktop.
__________________ cheers, Leo |
|
10.10.2013, 21:11
| #21 |
| | GVU Trojaner Windows 7 64 Bit Cure (default) war angehakt, habe auf Continue geklickt, jetzt kommt ein Fenster: Warning Can't cure MBR. Write standard boot code? If you have installed custom bootloader (eg Acronis, Grub, Lilo), you will need to reinstall them after the treatment. EDIT: Wenn ich jetzt wüsste für was das Akronym "MBR" steht könnte ich auch selbst schlussfolgern ob "Yes" oder "No" zu klicken ist ... hmmm. Also ganz sicher steht es weder für "durch Menstruationskrämpfe bedingte Rückenbeschwerden", noch für "Mercedes Benz Rückrufaktion" ...  EDIT 2: Hier eine Hardcopy von der Meldung:  Geändert von Lou Schalter (10.10.2013 um 21:34 Uhr) |
|
10.10.2013, 21:47
| #22 | |
| /// TB-Ausbilder | GVU Trojaner Windows 7 64 BitZitat:
Es bleibt keine Alternative, als "Yes" zu drücken und den bösartigen Code durch einen Standard-Windows-MBR zu überschreiben.
__________________ cheers, Leo |
|
10.10.2013, 21:48
| #23 |
| | GVU Trojaner Windows 7 64 Bit O.k. Habe ich geklickt. Reboote jetzt. BRB. |
|
10.10.2013, 21:49
| #24 |
| /// TB-Ausbilder | GVU Trojaner Windows 7 64 Bit Ok. Ich verabschiede mich für heute und bin morgen wieder da. Poste dann noch das neue Log des TDSSKillers und versuche einen FRST-Scan wie beschrieben.
__________________ cheers, Leo |
|
10.10.2013, 21:53
| #25 |
| | GVU Trojaner Windows 7 64 Bit Hier der TDSS-Log: Code:
ATTFilter 22:08:47.0783 0x1780 TDSS rootkit removing tool 3.0.0.12 Oct 9 2013 14:59:22
22:08:48.0077 0x1780 ============================================================
22:08:48.0078 0x1780 Current date / time: 2013/10/10 22:08:48.0077
22:08:48.0078 0x1780 SystemInfo:
22:08:48.0078 0x1780
22:08:48.0078 0x1780 OS Version: 6.1.7601 ServicePack: 1.0
22:08:48.0078 0x1780 Product type: Workstation
22:08:48.0078 0x1780 ComputerName: *****-PC
22:08:48.0078 0x1780 UserName: *****
22:08:48.0078 0x1780 Windows directory: C:\Windows
22:08:48.0078 0x1780 System windows directory: C:\Windows
22:08:48.0078 0x1780 Running under WOW64
22:08:48.0078 0x1780 Processor architecture: Intel x64
22:08:48.0078 0x1780 Number of processors: 8
22:08:48.0078 0x1780 Page size: 0x1000
22:08:48.0078 0x1780 Boot type: Normal boot
22:08:48.0078 0x1780 ============================================================
22:08:48.0912 0x1780 System UUID: {438E91DF-0BCC-791E-3945-FA16759C1496}
22:08:49.0207 0x1780 Drive \Device\Harddisk2\DR2 - Size: 0x4453C00000 (273.31 Gb), SectorSize: 0x200, Cylinders: 0x8B5E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
22:08:49.0225 0x1780 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:08:49.0226 0x1780 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:08:49.0235 0x1780 Drive \Device\Harddisk3\DR3 - Size: 0x1D1A00000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:08:49.0238 0x1780 ============================================================
22:08:49.0238 0x1780 \Device\Harddisk2\DR2:
22:08:49.0238 0x1780 MBR partitions:
22:08:49.0238 0x1780 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37000
22:08:49.0238 0x1780 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x37800, BlocksNum 0x22266800
22:08:49.0238 0x1780 \Device\Harddisk0\DR0:
22:08:49.0242 0x1780 MBR partitions:
22:08:49.0242 0x1780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:08:49.0242 0x1780 \Device\Harddisk1\DR1:
22:08:49.0242 0x1780 MBR partitions:
22:08:49.0242 0x1780 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:08:49.0242 0x1780 \Device\Harddisk3\DR3:
22:08:49.0244 0x1780 MBR partitions:
22:08:49.0244 0x1780 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0xB88, BlocksNum 0xE8C478
22:08:49.0244 0x1780 ============================================================
22:08:49.0246 0x1780 C: <-> \Device\Harddisk2\DR2\Partition2
22:08:49.0273 0x1780 E: <-> \Device\Harddisk0\DR0\Partition1
22:08:49.0293 0x1780 D: <-> \Device\Harddisk1\DR1\Partition1
22:08:49.0293 0x1780 ============================================================
22:08:49.0294 0x1780 Initialize success
22:08:49.0294 0x1780 ============================================================
22:09:13.0690 0x15d0 ============================================================
22:09:13.0690 0x15d0 Scan started
22:09:13.0690 0x15d0 Mode: Manual; SigCheck; TDLFS;
22:09:13.0690 0x15d0 ============================================================
22:09:13.0690 0x15d0 KSN ping started
22:09:16.0088 0x15d0 KSN ping finished: true
22:09:16.0270 0x15d0 ================ Scan system memory ========================
22:09:16.0270 0x15d0 System memory - ok
22:09:16.0270 0x15d0 ================ Scan services =============================
22:09:16.0381 0x15d0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:09:16.0420 0x15d0 1394ohci - ok
22:09:16.0438 0x15d0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:09:16.0454 0x15d0 ACPI - ok
22:09:16.0463 0x15d0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:09:16.0477 0x15d0 AcpiPmi - ok
22:09:16.0549 0x15d0 [ 1FE7229F34038D1ABE837688EC0EF15B, BEDCCCC47285DC7B8D43A6F8B69347E53E4165E30C684503D6A8FDAE191D0ABF ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
22:09:16.0576 0x15d0 AcrSch2Svc - ok
22:09:16.0602 0x15d0 [ 1C090E86AFD15231377AD37436C3C719, 7C8C679ADB7AF0A965508012C4F3F2FA68D0BFE0E04941B94693D94DB0931B53 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
22:09:16.0623 0x15d0 ADIHdAudAddService - ok
22:09:16.0661 0x15d0 [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:09:16.0668 0x15d0 AdobeARMservice - ok
22:09:16.0747 0x15d0 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:09:16.0761 0x15d0 AdobeFlashPlayerUpdateSvc - ok
22:09:16.0781 0x15d0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:09:16.0801 0x15d0 adp94xx - ok
22:09:16.0819 0x15d0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:09:16.0835 0x15d0 adpahci - ok
22:09:16.0845 0x15d0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:09:16.0857 0x15d0 adpu320 - ok
22:09:16.0867 0x15d0 [ 3BDB13C79CC8C06E2F8182595903ED69, 9E00D6649E862DE6812718B091C350E05A2C5C4D28DE8E05E3DD1F789A04EE96 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
22:09:16.0879 0x15d0 AEADIFilters - ok
22:09:16.0890 0x15d0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:09:16.0919 0x15d0 AeLookupSvc - ok
22:09:16.0942 0x15d0 [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
22:09:16.0957 0x15d0 afcdp - ok
22:09:17.0038 0x15d0 [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
22:09:17.0105 0x15d0 afcdpsrv - ok
22:09:17.0134 0x15d0 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
22:09:17.0155 0x15d0 AFD - ok
22:09:17.0165 0x15d0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:09:17.0175 0x15d0 agp440 - ok
22:09:17.0192 0x15d0 ajlvsasx - ok
22:09:17.0205 0x15d0 [ 44F360B65C37A42EB5B71C2E5179FDD5, A7E65515FEE1698C96F647111F5C7D009C5FAC9A1F62D027802861A699AF1F93 ] aksdf C:\Windows\system32\drivers\aksdf.sys
22:09:17.0217 0x15d0 aksdf - ok
22:09:17.0250 0x15d0 [ BC61697103C9EFC3DBA83777CEA8E76B, 15F55C9E4ACB695A5A9BEF52D69AFE9D8D50F8307B81349FB4300368B52493D3 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
22:09:17.0261 0x15d0 aksfridge - ok
22:09:17.0280 0x15d0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:09:17.0293 0x15d0 ALG - ok
22:09:17.0306 0x15d0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:09:17.0315 0x15d0 aliide - ok
22:09:17.0338 0x15d0 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:09:17.0360 0x15d0 AMD External Events Utility - ok
22:09:17.0372 0x15d0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:09:17.0382 0x15d0 amdide - ok
22:09:17.0401 0x15d0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:09:17.0414 0x15d0 AmdK8 - ok
22:09:17.0682 0x15d0 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:09:17.0953 0x15d0 amdkmdag - ok
22:09:17.0992 0x15d0 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:09:18.0021 0x15d0 amdkmdap - ok
22:09:18.0041 0x15d0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:09:18.0053 0x15d0 AmdPPM - ok
22:09:18.0068 0x15d0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:09:18.0080 0x15d0 amdsata - ok
22:09:18.0097 0x15d0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:09:18.0109 0x15d0 amdsbs - ok
22:09:18.0116 0x15d0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:09:18.0125 0x15d0 amdxata - ok
22:09:18.0134 0x15d0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
22:09:18.0162 0x15d0 AppID - ok
22:09:18.0169 0x15d0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:09:18.0197 0x15d0 AppIDSvc - ok
22:09:18.0208 0x15d0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
22:09:18.0221 0x15d0 Appinfo - ok
22:09:18.0229 0x15d0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
22:09:18.0244 0x15d0 AppMgmt - ok
22:09:18.0252 0x15d0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
22:09:18.0263 0x15d0 arc - ok
22:09:18.0272 0x15d0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:09:18.0283 0x15d0 arcsas - ok
22:09:18.0326 0x15d0 aspnet_state - ok
22:09:18.0342 0x15d0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:09:18.0370 0x15d0 AsyncMac - ok
22:09:18.0384 0x15d0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:09:18.0394 0x15d0 atapi - ok
22:09:18.0418 0x15d0 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:09:18.0430 0x15d0 AtiHDAudioService - ok
22:09:18.0456 0x15d0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:09:18.0497 0x15d0 AudioEndpointBuilder - ok
22:09:18.0517 0x15d0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:09:18.0557 0x15d0 AudioSrv - ok
22:09:18.0589 0x15d0 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
22:09:18.0601 0x15d0 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
22:09:21.0012 0x15d0 Detect skipped due to KSN trusted
22:09:21.0012 0x15d0 AVM WLAN Connection Service - ok
22:09:21.0029 0x15d0 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
22:09:21.0038 0x15d0 avmeject - ok
22:09:21.0052 0x15d0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:09:21.0069 0x15d0 AxInstSV - ok
22:09:21.0087 0x15d0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:09:21.0108 0x15d0 b06bdrv - ok
22:09:21.0146 0x15d0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:09:21.0163 0x15d0 b57nd60a - ok
22:09:21.0175 0x15d0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:09:21.0188 0x15d0 BDESVC - ok
22:09:21.0193 0x15d0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:09:21.0221 0x15d0 Beep - ok
22:09:21.0259 0x15d0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:09:21.0301 0x15d0 BFE - ok
22:09:21.0329 0x15d0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
22:09:21.0375 0x15d0 BITS - ok
22:09:21.0384 0x15d0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:09:21.0396 0x15d0 blbdrive - ok
22:09:21.0406 0x15d0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:09:21.0419 0x15d0 bowser - ok
22:09:21.0426 0x15d0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:09:21.0440 0x15d0 BrFiltLo - ok
22:09:21.0443 0x15d0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:09:21.0456 0x15d0 BrFiltUp - ok
22:09:21.0477 0x15d0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:09:21.0507 0x15d0 BridgeMP - ok
22:09:21.0521 0x15d0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:09:21.0535 0x15d0 Browser - ok
22:09:21.0584 0x15d0 [ 21FA3E51618FF8E2F4B29964ABC5884F, AB6E5ACEBC426354C7CD7D297D8D2CA086755F0E410320CA15B989E8963ECC78 ] Browser Defender Update Service C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
22:09:21.0593 0x15d0 Browser Defender Update Service - ok
22:09:21.0606 0x15d0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:09:21.0624 0x15d0 Brserid - ok
22:09:21.0635 0x15d0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:09:21.0649 0x15d0 BrSerWdm - ok
22:09:21.0653 0x15d0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:09:21.0667 0x15d0 BrUsbMdm - ok
22:09:21.0675 0x15d0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:09:21.0686 0x15d0 BrUsbSer - ok
22:09:21.0708 0x15d0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:09:21.0722 0x15d0 BTHMODEM - ok
22:09:21.0734 0x15d0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:09:21.0763 0x15d0 bthserv - ok
22:09:21.0771 0x15d0 catchme - ok
22:09:21.0781 0x15d0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:09:21.0810 0x15d0 cdfs - ok
22:09:21.0820 0x15d0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:09:21.0834 0x15d0 cdrom - ok
22:09:21.0848 0x15d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:09:21.0876 0x15d0 CertPropSvc - ok
22:09:21.0885 0x15d0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
22:09:21.0899 0x15d0 circlass - ok
22:09:21.0919 0x15d0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
22:09:21.0935 0x15d0 CLFS - ok
22:09:21.0949 0x15d0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:09:21.0958 0x15d0 clr_optimization_v2.0.50727_32 - ok
22:09:21.0999 0x15d0 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:09:22.0008 0x15d0 clr_optimization_v2.0.50727_64 - ok
22:09:22.0075 0x15d0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:09:22.0085 0x15d0 clr_optimization_v4.0.30319_32 - ok
22:09:22.0119 0x15d0 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:09:22.0129 0x15d0 clr_optimization_v4.0.30319_64 - ok
22:09:22.0137 0x15d0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:09:22.0150 0x15d0 CmBatt - ok
22:09:22.0159 0x15d0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:09:22.0169 0x15d0 cmdide - ok
22:09:22.0188 0x15d0 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
22:09:22.0210 0x15d0 CNG - ok
22:09:22.0217 0x15d0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:09:22.0227 0x15d0 Compbatt - ok
22:09:22.0239 0x15d0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:09:22.0253 0x15d0 CompositeBus - ok
22:09:22.0262 0x15d0 COMSysApp - ok
22:09:22.0286 0x15d0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:09:22.0295 0x15d0 crcdisk - ok
22:09:22.0329 0x15d0 crtjnuyc - ok
22:09:22.0349 0x15d0 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:09:22.0365 0x15d0 CryptSvc - ok
22:09:22.0383 0x15d0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
22:09:22.0405 0x15d0 CSC - ok
22:09:22.0430 0x15d0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
22:09:22.0456 0x15d0 CscService - ok
22:09:22.0471 0x15d0 [ 8EC96B753727B380089D66D4AB5869DF, F8E36B68EED9680291610C83E7DF16A04D278E3E7BC807CF8A870D01C4E5A95E ] CYUSB C:\Windows\system32\Drivers\CYUSB.sys
22:09:22.0482 0x15d0 CYUSB - ok
22:09:22.0498 0x15d0 [ 003626F7CA17C204F16CD5047AF0703A, BA9063D77A60AF1107A1A6B3C1DD6F1EF3D9DCE7616BAC67DF13AEDD67B683F3 ] danewFltr C:\Windows\system32\drivers\danew.sys
22:09:22.0508 0x15d0 danewFltr - ok
22:09:22.0530 0x15d0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:09:22.0570 0x15d0 DcomLaunch - ok
22:09:22.0583 0x15d0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:09:22.0617 0x15d0 defragsvc - ok
22:09:22.0630 0x15d0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:09:22.0659 0x15d0 DfsC - ok
22:09:22.0679 0x15d0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:09:22.0697 0x15d0 Dhcp - ok
22:09:22.0714 0x15d0 DigiRefresh - ok
22:09:22.0719 0x15d0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:09:22.0747 0x15d0 discache - ok
22:09:22.0754 0x15d0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
22:09:22.0764 0x15d0 Disk - ok
22:09:22.0771 0x15d0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:09:22.0783 0x15d0 dmvsc - ok
22:09:22.0801 0x15d0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:09:22.0816 0x15d0 Dnscache - ok
22:09:22.0824 0x15d0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:09:22.0856 0x15d0 dot3svc - ok
22:09:22.0869 0x15d0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:09:22.0899 0x15d0 DPS - ok
22:09:22.0909 0x15d0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:09:22.0922 0x15d0 drmkaud - ok
22:09:22.0956 0x15d0 [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:09:22.0984 0x15d0 DXGKrnl - ok
22:09:22.0996 0x15d0 eaarkkjg - ok
22:09:23.0010 0x15d0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:09:23.0040 0x15d0 EapHost - ok
22:09:23.0118 0x15d0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:09:23.0202 0x15d0 ebdrv - ok
22:09:23.0221 0x15d0 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
22:09:23.0234 0x15d0 EFS - ok
22:09:23.0274 0x15d0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:09:23.0300 0x15d0 ehRecvr - ok
22:09:23.0313 0x15d0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:09:23.0327 0x15d0 ehSched - ok
22:09:23.0350 0x15d0 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
22:09:23.0359 0x15d0 ElbyCDIO - ok
22:09:23.0376 0x15d0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:09:23.0395 0x15d0 elxstor - ok
22:09:23.0402 0x15d0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:09:23.0414 0x15d0 ErrDev - ok
22:09:23.0436 0x15d0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:09:23.0472 0x15d0 EventSystem - ok
22:09:23.0484 0x15d0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:09:23.0515 0x15d0 exfat - ok
22:09:23.0529 0x15d0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:09:23.0561 0x15d0 fastfat - ok
22:09:23.0584 0x15d0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:09:23.0610 0x15d0 Fax - ok
22:09:23.0619 0x15d0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
22:09:23.0630 0x15d0 fdc - ok
22:09:23.0640 0x15d0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:09:23.0668 0x15d0 fdPHost - ok
22:09:23.0680 0x15d0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:09:23.0710 0x15d0 FDResPub - ok
22:09:23.0717 0x15d0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:09:23.0728 0x15d0 FileInfo - ok
22:09:23.0735 0x15d0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:09:23.0763 0x15d0 Filetrace - ok
22:09:23.0769 0x15d0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:09:23.0781 0x15d0 flpydisk - ok
22:09:23.0794 0x15d0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:09:23.0808 0x15d0 FltMgr - ok
22:09:23.0841 0x15d0 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
22:09:23.0877 0x15d0 FontCache - ok
22:09:23.0900 0x15d0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:09:23.0907 0x15d0 FontCache3.0.0.0 - ok
22:09:23.0919 0x15d0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:09:23.0928 0x15d0 FsDepends - ok
22:09:23.0939 0x15d0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:09:23.0948 0x15d0 Fs_Rec - ok
22:09:23.0967 0x15d0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:09:23.0983 0x15d0 fvevol - ok
22:09:24.0001 0x15d0 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
22:09:24.0020 0x15d0 FWLANUSB - ok
22:09:24.0028 0x15d0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:09:24.0038 0x15d0 gagp30kx - ok
22:09:24.0062 0x15d0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:09:24.0106 0x15d0 gpsvc - ok
22:09:24.0147 0x15d0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:09:24.0156 0x15d0 gupdate - ok
22:09:24.0172 0x15d0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:09:24.0181 0x15d0 gupdatem - ok
22:09:24.0217 0x15d0 [ D619BA1712B83D14149850E758B835AD, AD18807EC4DA6FA8C6846C1A0D914071FD59BD3273AFC103E5F2A7141F18C5F4 ] hardlock C:\Windows\system32\drivers\hardlock.sys
22:09:24.0233 0x15d0 hardlock - ok
22:09:24.0241 0x15d0 hasplms - ok
22:09:24.0266 0x15d0 [ D5FA01185A7D5A65724FD87B34E53F5B, 4951DC34E0E0EA598C3599B619D5DEEF527D0B5D2C2C6392469865C6420B31C0 ] hcmon C:\Windows\system32\drivers\hcmon.sys
22:09:24.0274 0x15d0 hcmon - ok
22:09:24.0283 0x15d0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:09:24.0295 0x15d0 hcw85cir - ok
22:09:24.0318 0x15d0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:09:24.0339 0x15d0 HdAudAddService - ok
22:09:24.0362 0x15d0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:09:24.0377 0x15d0 HDAudBus - ok
22:09:24.0383 0x15d0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:09:24.0395 0x15d0 HidBatt - ok
22:09:24.0406 0x15d0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:09:24.0421 0x15d0 HidBth - ok
22:09:24.0432 0x15d0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
22:09:24.0447 0x15d0 HidIr - ok
22:09:24.0454 0x15d0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
22:09:24.0483 0x15d0 hidserv - ok
22:09:24.0493 0x15d0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:09:24.0505 0x15d0 HidUsb - ok
22:09:24.0514 0x15d0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:09:24.0544 0x15d0 hkmsvc - ok
22:09:24.0560 0x15d0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:09:24.0577 0x15d0 HomeGroupListener - ok
22:09:24.0589 0x15d0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:09:24.0604 0x15d0 HomeGroupProvider - ok
22:09:24.0612 0x15d0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:09:24.0622 0x15d0 HpSAMD - ok
22:09:24.0648 0x15d0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:09:24.0691 0x15d0 HTTP - ok
22:09:24.0696 0x15d0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:09:24.0705 0x15d0 hwpolicy - ok
22:09:24.0724 0x15d0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:09:24.0737 0x15d0 i8042prt - ok
22:09:24.0778 0x15d0 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:09:24.0792 0x15d0 IAANTMON - ok
22:09:24.0813 0x15d0 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:09:24.0828 0x15d0 iaStor - ok
22:09:24.0845 0x15d0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:09:24.0862 0x15d0 iaStorV - ok
22:09:24.0902 0x15d0 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:09:24.0925 0x15d0 idsvc - ok
22:09:24.0936 0x15d0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:09:24.0945 0x15d0 iirsp - ok
22:09:24.0970 0x15d0 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
22:09:25.0015 0x15d0 IKEEXT - ok
22:09:25.0027 0x15d0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:09:25.0036 0x15d0 intelide - ok
22:09:25.0055 0x15d0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:09:25.0068 0x15d0 intelppm - ok
22:09:25.0076 0x15d0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:09:25.0107 0x15d0 IPBusEnum - ok
22:09:25.0120 0x15d0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:09:25.0148 0x15d0 IpFilterDriver - ok
22:09:25.0171 0x15d0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:09:25.0194 0x15d0 iphlpsvc - ok
22:09:25.0206 0x15d0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:09:25.0219 0x15d0 IPMIDRV - ok
22:09:25.0230 0x15d0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:09:25.0259 0x15d0 IPNAT - ok
22:09:25.0270 0x15d0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:09:25.0284 0x15d0 IRENUM - ok
22:09:25.0291 0x15d0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:09:25.0300 0x15d0 isapnp - ok
22:09:25.0314 0x15d0 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:09:25.0328 0x15d0 iScsiPrt - ok
22:09:25.0336 0x15d0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:09:25.0345 0x15d0 kbdclass - ok
22:09:25.0357 0x15d0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:09:25.0369 0x15d0 kbdhid - ok
22:09:25.0375 0x15d0 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
22:09:25.0387 0x15d0 KeyIso - ok
22:09:25.0398 0x15d0 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:09:25.0408 0x15d0 KSecDD - ok
22:09:25.0423 0x15d0 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:09:25.0435 0x15d0 KSecPkg - ok
22:09:25.0443 0x15d0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:09:25.0470 0x15d0 ksthunk - ok
22:09:25.0485 0x15d0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:09:25.0522 0x15d0 KtmRm - ok
22:09:25.0532 0x15d0 ktmujbzd - ok
22:09:25.0547 0x15d0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:09:25.0580 0x15d0 LanmanServer - ok
22:09:25.0595 0x15d0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:09:25.0626 0x15d0 LanmanWorkstation - ok
22:09:25.0652 0x15d0 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
22:09:25.0660 0x15d0 LGBusEnum - ok
22:09:25.0679 0x15d0 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
22:09:25.0688 0x15d0 LGVirHid - ok
22:09:25.0708 0x15d0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:09:25.0736 0x15d0 lltdio - ok
22:09:25.0754 0x15d0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:09:25.0788 0x15d0 lltdsvc - ok
22:09:25.0791 0x15d0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:09:25.0819 0x15d0 lmhosts - ok
22:09:25.0834 0x15d0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:09:25.0846 0x15d0 LSI_FC - ok
22:09:25.0855 0x15d0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:09:25.0866 0x15d0 LSI_SAS - ok
22:09:25.0873 0x15d0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:09:25.0883 0x15d0 LSI_SAS2 - ok
22:09:25.0892 0x15d0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:09:25.0903 0x15d0 LSI_SCSI - ok
22:09:25.0910 0x15d0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:09:25.0941 0x15d0 luafv - ok
22:09:25.0966 0x15d0 [ E2C6A3F80C1979B911408C17E3893371, 56FD7B743303BDC751C031372D7242C5CD25DAF927942D2D90F71033E7DE625C ] MAUSBFASTTRACK C:\Windows\system32\DRIVERS\MAudioFastTrack.sys
22:09:25.0977 0x15d0 MAUSBFASTTRACK - ok
22:09:25.0987 0x15d0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:09:26.0000 0x15d0 Mcx2Svc - ok
22:09:26.0009 0x15d0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
22:09:26.0019 0x15d0 megasas - ok
22:09:26.0030 0x15d0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:09:26.0044 0x15d0 MegaSR - ok
22:09:26.0055 0x15d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:09:26.0084 0x15d0 MMCSS - ok
22:09:26.0091 0x15d0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:09:26.0119 0x15d0 Modem - ok
22:09:26.0133 0x15d0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:09:26.0147 0x15d0 monitor - ok
22:09:26.0156 0x15d0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:09:26.0166 0x15d0 mouclass - ok
22:09:26.0176 0x15d0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:09:26.0187 0x15d0 mouhid - ok
22:09:26.0196 0x15d0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:09:26.0207 0x15d0 mountmgr - ok
22:09:26.0226 0x15d0 [ F8A10560B35C66F9DE212F03DAD5BFA7, 3ADCBC309A55494326EE8D152F92DFD11E1F97C897C8019BAB547E75D735FE92 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
22:09:26.0242 0x15d0 MpFilter - ok
22:09:26.0251 0x15d0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:09:26.0263 0x15d0 mpio - ok
22:09:26.0287 0x15d0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:09:26.0317 0x15d0 mpsdrv - ok
22:09:26.0345 0x15d0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:09:26.0390 0x15d0 MpsSvc - ok
22:09:26.0402 0x15d0 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:09:26.0420 0x15d0 MRxDAV - ok
22:09:26.0433 0x15d0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:09:26.0447 0x15d0 mrxsmb - ok
22:09:26.0461 0x15d0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:09:26.0477 0x15d0 mrxsmb10 - ok
22:09:26.0489 0x15d0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:09:26.0503 0x15d0 mrxsmb20 - ok
22:09:26.0515 0x15d0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:09:26.0524 0x15d0 msahci - ok
22:09:26.0535 0x15d0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:09:26.0546 0x15d0 msdsm - ok
22:09:26.0558 0x15d0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:09:26.0573 0x15d0 MSDTC - ok
22:09:26.0583 0x15d0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:09:26.0611 0x15d0 Msfs - ok
22:09:26.0618 0x15d0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:09:26.0645 0x15d0 mshidkmdf - ok
22:09:26.0652 0x15d0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:09:26.0662 0x15d0 msisadrv - ok
22:09:26.0675 0x15d0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:09:26.0707 0x15d0 MSiSCSI - ok
22:09:26.0709 0x15d0 msiserver - ok
22:09:26.0726 0x15d0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:09:26.0753 0x15d0 MSKSSRV - ok
22:09:26.0791 0x15d0 [ E07DEC52FF801841BA9B6878A60304FB, A57A999F411559EA97C830C9FE0234578E2E98EDAF72F9949891F901B83B22A4 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:09:26.0802 0x15d0 MsMpSvc - ok
22:09:26.0812 0x15d0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:09:26.0841 0x15d0 MSPCLOCK - ok
22:09:26.0850 0x15d0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:09:26.0878 0x15d0 MSPQM - ok
22:09:26.0891 0x15d0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:09:26.0907 0x15d0 MsRPC - ok
22:09:26.0918 0x15d0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:09:26.0927 0x15d0 mssmbios - ok
22:09:26.0935 0x15d0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:09:26.0962 0x15d0 MSTEE - ok
22:09:26.0970 0x15d0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:09:26.0982 0x15d0 MTConfig - ok
22:09:26.0993 0x15d0 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
22:09:27.0002 0x15d0 MTsensor - ok
22:09:27.0010 0x15d0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:09:27.0021 0x15d0 Mup - ok
22:09:27.0038 0x15d0 [ 1CA758BC0DEAF35D21ECAACC30427527, DAC9839E2602365C9B867C602A739450CF7F2C5F65A6539F310B55F9D3C8447E ] mv64xx C:\Windows\system32\DRIVERS\mv64xx.sys
22:09:27.0052 0x15d0 mv64xx - ok
22:09:27.0071 0x15d0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:09:27.0108 0x15d0 napagent - ok
22:09:27.0126 0x15d0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:09:27.0147 0x15d0 NativeWifiP - ok
22:09:27.0189 0x15d0 [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
22:09:27.0207 0x15d0 NAUpdate - ok
22:09:27.0236 0x15d0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
22:09:27.0262 0x15d0 NDIS - ok
22:09:27.0275 0x15d0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:09:27.0303 0x15d0 NdisCap - ok
22:09:27.0311 0x15d0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:09:27.0339 0x15d0 NdisTapi - ok
22:09:27.0368 0x15d0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:09:27.0396 0x15d0 Ndisuio - ok
22:09:27.0408 0x15d0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:09:27.0437 0x15d0 NdisWan - ok
22:09:27.0445 0x15d0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:09:27.0472 0x15d0 NDProxy - ok
22:09:27.0479 0x15d0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:09:27.0507 0x15d0 NetBIOS - ok
22:09:27.0515 0x15d0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:09:27.0547 0x15d0 NetBT - ok
22:09:27.0555 0x15d0 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
22:09:27.0567 0x15d0 Netlogon - ok
22:09:27.0584 0x15d0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:09:27.0620 0x15d0 Netman - ok
22:09:27.0635 0x15d0 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:09:27.0645 0x15d0 NetMsmqActivator - ok
22:09:27.0649 0x15d0 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:09:27.0659 0x15d0 NetPipeActivator - ok
22:09:27.0676 0x15d0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:09:27.0714 0x15d0 netprofm - ok
22:09:27.0724 0x15d0 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:09:27.0733 0x15d0 NetTcpActivator - ok
22:09:27.0738 0x15d0 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:09:27.0747 0x15d0 NetTcpPortSharing - ok
22:09:27.0760 0x15d0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:09:27.0770 0x15d0 nfrd960 - ok
22:09:27.0792 0x15d0 [ 162100E0BC8377710F9D170631921C03, B4FC4F6BCCA5A61EC86F9D10F4FE284E9393CE4599CE64BC8360202F0108B499 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:09:27.0805 0x15d0 NisDrv - ok
22:09:27.0826 0x15d0 [ C6E15F2F95F9C0A6098D43510B604E52, 7B621846EC4DD066657536755455ADB016207A45D49FC5E5F1D50EAD2CCB6B13 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
22:09:27.0844 0x15d0 NisSrv - ok
22:09:27.0857 0x15d0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:09:27.0875 0x15d0 NlaSvc - ok
22:09:27.0881 0x15d0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:09:27.0910 0x15d0 Npfs - ok
22:09:27.0923 0x15d0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:09:27.0951 0x15d0 nsi - ok
22:09:27.0963 0x15d0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:09:27.0993 0x15d0 nsiproxy - ok
22:09:28.0040 0x15d0 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:09:28.0082 0x15d0 Ntfs - ok
22:09:28.0089 0x15d0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:09:28.0118 0x15d0 Null - ok
22:09:28.0128 0x15d0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:09:28.0140 0x15d0 nvraid - ok
22:09:28.0153 0x15d0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:09:28.0165 0x15d0 nvstor - ok
22:09:28.0173 0x15d0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:09:28.0185 0x15d0 nv_agp - ok
22:09:28.0192 0x15d0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:09:28.0204 0x15d0 ohci1394 - ok
22:09:28.0235 0x15d0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:09:28.0245 0x15d0 ose - ok
22:09:28.0377 0x15d0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:09:28.0481 0x15d0 osppsvc - ok
22:09:28.0508 0x15d0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:09:28.0527 0x15d0 p2pimsvc - ok
22:09:28.0544 0x15d0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:09:28.0565 0x15d0 p2psvc - ok
22:09:28.0574 0x15d0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
22:09:28.0587 0x15d0 Parport - ok
22:09:28.0599 0x15d0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:09:28.0610 0x15d0 partmgr - ok
22:09:28.0624 0x15d0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
22:09:28.0644 0x15d0 PcaSvc - ok
22:09:28.0652 0x15d0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:09:28.0664 0x15d0 pci - ok
22:09:28.0671 0x15d0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:09:28.0681 0x15d0 pciide - ok
22:09:28.0692 0x15d0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:09:28.0705 0x15d0 pcmcia - ok
22:09:28.0725 0x15d0 [ 3A68080572B81577791A7B19BB880DA9, 9F64FAB46BF6B5AB46EF77A7077295587F4A6C4851D5EB04D9EC8ECC4C7C67D1 ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
22:09:28.0737 0x15d0 PCTCore - ok
22:09:28.0744 0x15d0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:09:28.0754 0x15d0 pcw - ok
22:09:28.0773 0x15d0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:09:28.0814 0x15d0 PEAUTH - ok
22:09:28.0851 0x15d0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:09:28.0891 0x15d0 PeerDistSvc - ok
22:09:28.0945 0x15d0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:09:28.0958 0x15d0 PerfHost - ok
22:09:28.0999 0x15d0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:09:29.0056 0x15d0 pla - ok
22:09:29.0084 0x15d0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:09:29.0104 0x15d0 PlugPlay - ok
22:09:29.0120 0x15d0 PnkBstrA - ok
22:09:29.0129 0x15d0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:09:29.0140 0x15d0 PNRPAutoReg - ok
22:09:29.0153 0x15d0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:09:29.0171 0x15d0 PNRPsvc - ok
22:09:29.0191 0x15d0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:09:29.0228 0x15d0 PolicyAgent - ok
22:09:29.0246 0x15d0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:09:29.0278 0x15d0 Power - ok
22:09:29.0289 0x15d0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:09:29.0317 0x15d0 PptpMiniport - ok
22:09:29.0325 0x15d0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
22:09:29.0337 0x15d0 Processor - ok
22:09:29.0354 0x15d0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
22:09:29.0370 0x15d0 ProfSvc - ok
22:09:29.0375 0x15d0 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
22:09:29.0386 0x15d0 ProtectedStorage - ok
22:09:29.0402 0x15d0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:09:29.0431 0x15d0 Psched - ok
22:09:29.0433 0x15d0 ptqllcii - ok
22:09:29.0471 0x15d0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:09:29.0509 0x15d0 ql2300 - ok
22:09:29.0519 0x15d0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:09:29.0531 0x15d0 ql40xx - ok
22:09:29.0547 0x15d0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:09:29.0567 0x15d0 QWAVE - ok
22:09:29.0572 0x15d0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:09:29.0588 0x15d0 QWAVEdrv - ok
22:09:29.0595 0x15d0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:09:29.0622 0x15d0 RasAcd - ok
22:09:29.0640 0x15d0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:09:29.0668 0x15d0 RasAgileVpn - ok
22:09:29.0683 0x15d0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:09:29.0713 0x15d0 RasAuto - ok
22:09:29.0726 0x15d0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:09:29.0756 0x15d0 Rasl2tp - ok
22:09:29.0773 0x15d0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:09:29.0808 0x15d0 RasMan - ok
22:09:29.0826 0x15d0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:09:29.0855 0x15d0 RasPppoe - ok
22:09:29.0861 0x15d0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:09:29.0890 0x15d0 RasSstp - ok
22:09:29.0904 0x15d0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:09:29.0936 0x15d0 rdbss - ok
22:09:29.0945 0x15d0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:09:29.0958 0x15d0 rdpbus - ok
22:09:29.0982 0x15d0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:09:30.0009 0x15d0 RDPCDD - ok
22:09:30.0022 0x15d0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:09:30.0036 0x15d0 RDPDR - ok
22:09:30.0042 0x15d0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:09:30.0069 0x15d0 RDPENCDD - ok
22:09:30.0082 0x15d0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:09:30.0110 0x15d0 RDPREFMP - ok
22:09:30.0126 0x15d0 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:09:30.0142 0x15d0 RDPWD - ok
22:09:30.0155 0x15d0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:09:30.0168 0x15d0 rdyboost - ok
22:09:30.0179 0x15d0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:09:30.0209 0x15d0 RemoteAccess - ok
22:09:30.0221 0x15d0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:09:30.0252 0x15d0 RemoteRegistry - ok
22:09:30.0255 0x15d0 rlffuili - ok
22:09:30.0260 0x15d0 rmtofanc - ok
22:09:30.0271 0x15d0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:09:30.0301 0x15d0 RpcEptMapper - ok
22:09:30.0310 0x15d0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:09:30.0322 0x15d0 RpcLocator - ok
22:09:30.0344 0x15d0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
22:09:30.0382 0x15d0 RpcSs - ok
22:09:30.0391 0x15d0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:09:30.0419 0x15d0 rspndr - ok
22:09:30.0449 0x15d0 [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:09:30.0469 0x15d0 RTL8167 - ok
22:09:30.0485 0x15d0 [ AE4FDA46C0A644DC9FB2545BDF4CB496, 35C911D94B887E64395EC3F493971E5D36176A3632D2F9FB7B4D5A886E9464F1 ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
22:09:30.0496 0x15d0 rzdaendpt - ok
22:09:30.0518 0x15d0 [ D28AB8D41CA4633EA69F2897F0B45565, B8FF66583530787419D04EEA75A49B61FB184523E652C720B1EF1F1695864F0A ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
22:09:30.0532 0x15d0 rzudd - ok
22:09:30.0557 0x15d0 [ 4CE040A51CFA6614F46419CB5F5B7BB6, 91DD7B91287800E96EF0DB9DD69B3315629BFA690592C2D0A3E596386A84CD95 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
22:09:30.0569 0x15d0 rzvkeyboard - ok
22:09:30.0577 0x15d0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:09:30.0588 0x15d0 s3cap - ok
22:09:30.0591 0x15d0 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
22:09:30.0602 0x15d0 SamSs - ok
22:09:30.0613 0x15d0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:09:30.0623 0x15d0 sbp2port - ok
22:09:30.0686 0x15d0 [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
22:09:30.0715 0x15d0 SBSDWSCService - ok
22:09:30.0727 0x15d0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:09:30.0759 0x15d0 SCardSvr - ok
22:09:30.0766 0x15d0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:09:30.0793 0x15d0 scfilter - ok
22:09:30.0827 0x15d0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
22:09:30.0878 0x15d0 Schedule - ok
22:09:30.0888 0x15d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:09:30.0916 0x15d0 SCPolicySvc - ok
22:09:30.0947 0x15d0 [ EE088B31F5EB673A62E7E0D09B0007B0, 686B697F554E02ACADD5E44F707EF1E7DD87539FF8156F4FF67533E5D26BC160 ] sdAuxService C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
22:09:30.0962 0x15d0 sdAuxService - ok
22:09:30.0996 0x15d0 [ 747FFE0A5A34C349A363BE97C632B7C4, 7AC092581CCED5080DA8ED3B7243B0DC99B648493ACDE7EB02461DB0DDB1C0B0 ] sdCoreService C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
22:09:31.0024 0x15d0 sdCoreService - ok
22:09:31.0043 0x15d0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:09:31.0058 0x15d0 SDRSVC - ok
22:09:31.0075 0x15d0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:09:31.0102 0x15d0 secdrv - ok
22:09:31.0112 0x15d0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
22:09:31.0140 0x15d0 seclogon - ok
22:09:31.0148 0x15d0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
22:09:31.0177 0x15d0 SENS - ok
22:09:31.0181 0x15d0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:09:31.0194 0x15d0 SensrSvc - ok
22:09:31.0202 0x15d0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:09:31.0214 0x15d0 Serenum - ok
22:09:31.0223 0x15d0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
22:09:31.0235 0x15d0 Serial - ok
22:09:31.0242 0x15d0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:09:31.0254 0x15d0 sermouse - ok
22:09:31.0266 0x15d0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:09:31.0295 0x15d0 SessionEnv - ok
22:09:31.0301 0x15d0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:09:31.0314 0x15d0 sffdisk - ok
22:09:31.0317 0x15d0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:09:31.0330 0x15d0 sffp_mmc - ok
22:09:31.0335 0x15d0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:09:31.0348 0x15d0 sffp_sd - ok
22:09:31.0356 0x15d0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:09:31.0367 0x15d0 sfloppy - ok
22:09:31.0411 0x15d0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:09:31.0447 0x15d0 SharedAccess - ok
22:09:31.0465 0x15d0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:09:31.0500 0x15d0 ShellHWDetection - ok
22:09:31.0506 0x15d0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:09:31.0516 0x15d0 SiSRaid2 - ok
22:09:31.0525 0x15d0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:09:31.0535 0x15d0 SiSRaid4 - ok
22:09:31.0560 0x15d0 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:09:31.0570 0x15d0 SkypeUpdate - ok
22:09:31.0582 0x15d0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:09:31.0611 0x15d0 Smb - ok
22:09:31.0628 0x15d0 [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
22:09:31.0641 0x15d0 snapman - ok
22:09:31.0653 0x15d0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:09:31.0665 0x15d0 SNMPTRAP - ok
22:09:31.0668 0x15d0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:09:31.0678 0x15d0 spldr - ok
22:09:31.0698 0x15d0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:09:31.0722 0x15d0 Spooler - ok
22:09:31.0804 0x15d0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:09:31.0909 0x15d0 sppsvc - ok
22:09:31.0918 0x15d0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:09:31.0948 0x15d0 sppuinotify - ok
22:09:31.0968 0x15d0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:09:31.0989 0x15d0 srv - ok
22:09:32.0001 0x15d0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:09:32.0020 0x15d0 srv2 - ok
22:09:32.0034 0x15d0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:09:32.0047 0x15d0 srvnet - ok
22:09:32.0057 0x15d0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:09:32.0089 0x15d0 SSDPSRV - ok
22:09:32.0098 0x15d0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:09:32.0128 0x15d0 SstpSvc - ok
22:09:32.0147 0x15d0 Steam Client Service - ok
22:09:32.0154 0x15d0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:09:32.0164 0x15d0 stexstor - ok
22:09:32.0182 0x15d0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:09:32.0211 0x15d0 stisvc - ok
22:09:32.0222 0x15d0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:09:32.0232 0x15d0 storflt - ok
22:09:32.0237 0x15d0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
22:09:32.0249 0x15d0 StorSvc - ok
22:09:32.0258 0x15d0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:09:32.0267 0x15d0 storvsc - ok
22:09:32.0272 0x15d0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:09:32.0281 0x15d0 swenum - ok
22:09:32.0297 0x15d0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:09:32.0336 0x15d0 swprv - ok
22:09:32.0380 0x15d0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
22:09:32.0432 0x15d0 SysMain - ok
22:09:32.0442 0x15d0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:09:32.0459 0x15d0 TabletInputService - ok
22:09:32.0473 0x15d0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:09:32.0506 0x15d0 TapiSrv - ok
22:09:32.0514 0x15d0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:09:32.0544 0x15d0 TBS - ok
22:09:32.0595 0x15d0 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:09:32.0640 0x15d0 Tcpip - ok
22:09:32.0701 0x15d0 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:09:32.0746 0x15d0 TCPIP6 - ok
22:09:32.0770 0x15d0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:09:32.0781 0x15d0 tcpipreg - ok
22:09:32.0788 0x15d0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:09:32.0799 0x15d0 TDPIPE - ok
22:09:32.0835 0x15d0 [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
22:09:32.0866 0x15d0 tdrpman273 - ok
22:09:32.0881 0x15d0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:09:32.0892 0x15d0 TDTCP - ok
22:09:32.0904 0x15d0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:09:32.0932 0x15d0 tdx - ok
22:09:32.0945 0x15d0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:09:32.0955 0x15d0 TermDD - ok
22:09:32.0982 0x15d0 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
22:09:33.0024 0x15d0 TermService - ok
22:09:33.0030 0x15d0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:09:33.0046 0x15d0 Themes - ok
22:09:33.0056 0x15d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:09:33.0085 0x15d0 THREADORDER - ok
22:09:33.0116 0x15d0 [ 2C1CAF5563548A15515EAB07D2A069C6, 863405BAC725C7DC6CC86613365A099A2370781018996DD3E74981565AD0DDF5 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
22:09:33.0141 0x15d0 timounter - ok
22:09:33.0154 0x15d0 [ C676B0F52F2B6483AFB88F79CABB011E, 8F10C7C91B47F87C3E29785BDACA49831857849F688C34A1F097C9D6593003AA ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
22:09:33.0163 0x15d0 Tpkd - ok
22:09:33.0178 0x15d0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:09:33.0209 0x15d0 TrkWks - ok
22:09:33.0228 0x15d0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:09:33.0258 0x15d0 TrustedInstaller - ok
22:09:33.0272 0x15d0 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:09:33.0283 0x15d0 tssecsrv - ok
22:09:33.0296 0x15d0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:09:33.0307 0x15d0 TsUsbFlt - ok
22:09:33.0317 0x15d0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:09:33.0328 0x15d0 TsUsbGD - ok
22:09:33.0340 0x15d0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:09:33.0369 0x15d0 tunnel - ok
22:09:33.0379 0x15d0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:09:33.0389 0x15d0 uagp35 - ok
22:09:33.0391 0x15d0 ubqgdokm - ok
22:09:33.0406 0x15d0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:09:33.0440 0x15d0 udfs - ok
22:09:33.0478 0x15d0 [ 215462AE7E6A897D675E84DD1E3B3B56, 7F45E77F971E9AC3E1402663EF5F6A2D496F9BB758C8E50D2D329E834E20B7D8 ] ufad-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
22:09:33.0490 0x15d0 ufad-ws60 - ok
22:09:33.0497 0x15d0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:09:33.0509 0x15d0 UI0Detect - ok
22:09:33.0520 0x15d0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:09:33.0531 0x15d0 uliagpkx - ok
22:09:33.0539 0x15d0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:09:33.0551 0x15d0 umbus - ok
22:09:33.0560 0x15d0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
22:09:33.0571 0x15d0 UmPass - ok
22:09:33.0581 0x15d0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
22:09:33.0597 0x15d0 UmRdpService - ok
22:09:33.0611 0x15d0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:09:33.0647 0x15d0 upnphost - ok
22:09:33.0664 0x15d0 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:09:33.0679 0x15d0 usbaudio - ok
22:09:33.0696 0x15d0 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:09:33.0709 0x15d0 usbccgp - ok
22:09:33.0722 0x15d0 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:09:33.0738 0x15d0 usbcir - ok
22:09:33.0748 0x15d0 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:09:33.0760 0x15d0 usbehci - ok
22:09:33.0778 0x15d0 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:09:33.0796 0x15d0 usbhub - ok
22:09:33.0803 0x15d0 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:09:33.0815 0x15d0 usbohci - ok
22:09:33.0822 0x15d0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:09:33.0835 0x15d0 usbprint - ok
22:09:33.0843 0x15d0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:09:33.0856 0x15d0 USBSTOR - ok
22:09:33.0869 0x15d0 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:09:33.0880 0x15d0 usbuhci - ok
22:09:33.0886 0x15d0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:09:33.0915 0x15d0 UxSms - ok
22:09:33.0925 0x15d0 varehocl - ok
22:09:33.0931 0x15d0 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
22:09:33.0943 0x15d0 VaultSvc - ok
22:09:33.0956 0x15d0 [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
22:09:33.0966 0x15d0 VClone - ok
22:09:33.0975 0x15d0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:09:33.0984 0x15d0 vdrvroot - ok
22:09:34.0002 0x15d0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:09:34.0041 0x15d0 vds - ok
22:09:34.0055 0x15d0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:09:34.0068 0x15d0 vga - ok
22:09:34.0075 0x15d0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:09:34.0103 0x15d0 VgaSave - ok
22:09:34.0115 0x15d0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:09:34.0128 0x15d0 vhdmp - ok
22:09:34.0139 0x15d0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:09:34.0149 0x15d0 viaide - ok
22:09:34.0166 0x15d0 [ 3B59BB6D10CF969DBE4DB93D9EAD7FB4, 8BD4648AAD460F276C79AF81D1479E781E62D292F3318D39B53703403E57E52F ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
22:09:34.0177 0x15d0 VKbms - ok
22:09:34.0197 0x15d0 [ 7AC6239C65DADE55DEFD573B98616C3F, 39EC745BFA38C70DA80DC121CB24C12ED9AF9AFDCFE38FCD853CFA53D6E538A8 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
22:09:34.0207 0x15d0 VMAuthdService - ok
22:09:34.0216 0x15d0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:09:34.0229 0x15d0 vmbus - ok
22:09:34.0237 0x15d0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:09:34.0248 0x15d0 VMBusHID - ok
22:09:34.0263 0x15d0 [ 312AEC23A85424543AF898A59209B479, 7423643ACA900824CCC44B6347AD81E027A9C2A42C12C7F7FD9B89F3D5B5F654 ] vmci C:\Windows\system32\drivers\vmci.sys
22:09:34.0272 0x15d0 vmci - ok
22:09:34.0291 0x15d0 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED, 56DA6F766906A160C326AAA901E0B50E5CA8B054BDE1B95DD6EA14BBB5286E65 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
22:09:34.0299 0x15d0 vmkbd - ok
22:09:34.0311 0x15d0 [ 9D54F1339E78C95BF3D9939EBCB66378, 99E29225443049B35E633BB7E709AC89B555F6A1EC5FAE075825A74F088FDC9A ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
22:09:34.0319 0x15d0 VMnetAdapter - ok
22:09:34.0332 0x15d0 [ FB54EF3AA613D2832FD3812E7CB2FC75, 2D638EFE2E457C4F9B50AF49C7A0B0DA82A98FF10049C2E5DABE32B7E0BA2B23 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
22:09:34.0340 0x15d0 VMnetBridge - ok
22:09:34.0346 0x15d0 VMnetDHCP - ok
22:09:34.0356 0x15d0 [ 56D547BFC3F1619FA82EC9EF5D24E802, D82DDC1E15F87E3E5809991CEFD81CE24BC8C9249108F36F7B854CEDBDB56FFC ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
22:09:34.0364 0x15d0 VMnetuserif - ok
22:09:34.0391 0x15d0 [ 19368F7C4DC6EF444B826249FC8A0E30, 6F26729EA0BD651FCCC8657BF7C40174AC06926373B467BC3BD3ED352421D2FA ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
22:09:34.0409 0x15d0 VMUSBArbService - ok
22:09:34.0413 0x15d0 VMware NAT Service - ok
22:09:34.0430 0x15d0 [ 62CD5A87FDE14701506D4E0DD8F13D2E, C449E52039BAF7B262BEE4D1389239B196965A0A08E002441CE56B89EF6688E8 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
22:09:34.0439 0x15d0 vmx86 - ok
22:09:34.0450 0x15d0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:09:34.0460 0x15d0 volmgr - ok
22:09:34.0474 0x15d0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:09:34.0506 0x15d0 volmgrx - ok
22:09:34.0527 0x15d0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:09:34.0543 0x15d0 volsnap - ok
22:09:34.0554 0x15d0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:09:34.0566 0x15d0 vsmraid - ok
22:09:34.0606 0x15d0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:09:34.0669 0x15d0 VSS - ok
22:09:34.0687 0x15d0 [ E61C910E2DDF4797C1B1F9239636E894, BEC555AB66BD0D33BBC9ABFF7F3955F7D0821383549C8BAC1944B63A85F897E8 ] vstor2-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
22:09:34.0696 0x15d0 vstor2-ws60 - ok
22:09:34.0704 0x15d0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:09:34.0719 0x15d0 vwifibus - ok
22:09:34.0738 0x15d0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:09:34.0775 0x15d0 W32Time - ok
22:09:34.0784 0x15d0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:09:34.0795 0x15d0 WacomPen - ok
22:09:34.0802 0x15d0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:09:34.0830 0x15d0 WANARP - ok
22:09:34.0834 0x15d0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:09:34.0862 0x15d0 Wanarpv6 - ok
22:09:34.0901 0x15d0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:09:34.0945 0x15d0 wbengine - ok
22:09:34.0957 0x15d0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:09:34.0977 0x15d0 WbioSrvc - ok
22:09:34.0991 0x15d0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:09:35.0015 0x15d0 wcncsvc - ok
22:09:35.0023 0x15d0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:09:35.0035 0x15d0 WcsPlugInService - ok
22:09:35.0041 0x15d0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
22:09:35.0050 0x15d0 Wd - ok
22:09:35.0077 0x15d0 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:09:35.0102 0x15d0 Wdf01000 - ok
22:09:35.0115 0x15d0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:09:35.0133 0x15d0 WdiServiceHost - ok
22:09:35.0136 0x15d0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:09:35.0153 0x15d0 WdiSystemHost - ok
22:09:35.0166 0x15d0 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
22:09:35.0187 0x15d0 WebClient - ok
22:09:35.0198 0x15d0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:09:35.0231 0x15d0 Wecsvc - ok
22:09:35.0240 0x15d0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:09:35.0271 0x15d0 wercplsupport - ok
22:09:35.0282 0x15d0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:09:35.0313 0x15d0 WerSvc - ok
22:09:35.0320 0x15d0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:09:35.0349 0x15d0 WfpLwf - ok
22:09:35.0355 0x15d0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:09:35.0365 0x15d0 WIMMount - ok
22:09:35.0372 0x15d0 WinDefend - ok
22:09:35.0379 0x15d0 WinHttpAutoProxySvc - ok
22:09:35.0413 0x15d0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:09:35.0447 0x15d0 Winmgmt - ok
22:09:35.0495 0x15d0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
22:09:35.0566 0x15d0 WinRM - ok
22:09:35.0601 0x15d0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:09:35.0616 0x15d0 WinUsb - ok
22:09:35.0637 0x15d0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:09:35.0672 0x15d0 Wlansvc - ok
22:09:35.0761 0x15d0 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:09:35.0810 0x15d0 wlidsvc - ok
22:09:35.0822 0x15d0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:09:35.0834 0x15d0 WmiAcpi - ok
22:09:35.0849 0x15d0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:09:35.0865 0x15d0 wmiApSrv - ok
22:09:35.0880 0x15d0 WMPNetworkSvc - ok
22:09:35.0896 0x15d0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:09:35.0908 0x15d0 WPCSvc - ok
22:09:35.0918 0x15d0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:09:35.0935 0x15d0 WPDBusEnum - ok
22:09:35.0943 0x15d0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:09:35.0971 0x15d0 ws2ifsl - ok
22:09:35.0978 0x15d0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
22:09:35.0996 0x15d0 wscsvc - ok
22:09:35.0998 0x15d0 WSearch - ok
22:09:36.0061 0x15d0 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
22:09:36.0116 0x15d0 wuauserv - ok
22:09:36.0133 0x15d0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:09:36.0146 0x15d0 WudfPf - ok
22:09:36.0162 0x15d0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:09:36.0177 0x15d0 WUDFRd - ok
22:09:36.0189 0x15d0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:09:36.0202 0x15d0 wudfsvc - ok
22:09:36.0217 0x15d0 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:09:36.0235 0x15d0 WwanSvc - ok
22:09:36.0254 0x15d0 ================ Scan global ===============================
22:09:36.0269 0x15d0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:09:36.0283 0x15d0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:09:36.0294 0x15d0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:09:36.0308 0x15d0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:09:36.0319 0x15d0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:09:36.0326 0x15d0 [ Global ] - ok
22:09:36.0326 0x15d0 ================ Scan MBR ==================================
22:09:36.0331 0x15d0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
22:09:36.0748 0x15d0 \Device\Harddisk2\DR2 - ok
22:09:36.0771 0x15d0 [ 87D88FA4D3EFD4431866EA91949644BF ] \Device\Harddisk0\DR0
22:09:36.0773 0x15d0 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a ( 0 )
22:09:36.0773 0x15d0 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
22:09:39.0407 0x15d0 [ 87D88FA4D3EFD4431866EA91949644BF ] \Device\Harddisk1\DR1
22:09:39.0429 0x15d0 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Wistler.a ( 0 )
22:09:39.0429 0x15d0 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - infected
22:09:42.0030 0x15d0 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR3
22:09:43.0027 0x15d0 \Device\Harddisk3\DR3 - ok
22:09:43.0028 0x15d0 ================ Scan VBR ==================================
22:09:43.0040 0x15d0 [ 648FC44956DAA6F6D2A8D210255768CC ] \Device\Harddisk2\DR2\Partition1
22:09:43.0042 0x15d0 \Device\Harddisk2\DR2\Partition1 - ok
22:09:43.0046 0x15d0 [ EE9BD2983364C91FDF0753BA7BC6215D ] \Device\Harddisk2\DR2\Partition2
22:09:43.0048 0x15d0 \Device\Harddisk2\DR2\Partition2 - ok
22:09:43.0050 0x15d0 [ 3541107D5B9039B36E7DAD4CDEDD327F ] \Device\Harddisk0\DR0\Partition1
22:09:43.0051 0x15d0 \Device\Harddisk0\DR0\Partition1 - ok
22:09:43.0054 0x15d0 [ A59F8BF144837A8162BE68CC117745D5 ] \Device\Harddisk1\DR1\Partition1
22:09:43.0056 0x15d0 \Device\Harddisk1\DR1\Partition1 - ok
22:09:43.0066 0x15d0 [ 911F9106D691F1862BE6E8DEF08C586E ] \Device\Harddisk3\DR3\Partition1
22:09:43.0068 0x15d0 \Device\Harddisk3\DR3\Partition1 - ok
22:09:43.0073 0x15d0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.2.223.0 ), 0x60000 ( disabled : updated )
22:09:43.0077 0x15d0 Win FW state via NFP2: enabled
22:09:48.0582 0x15d0 ============================================================
22:09:48.0582 0x15d0 Scan finished
22:09:48.0582 0x15d0 ============================================================
22:09:48.0587 0x1a70 Detected object count: 2
22:09:48.0587 0x1a70 Actual detected object count: 2
22:10:02.0997 0x1a70 \Device\Harddisk0\DR0\# - copied to quarantine
22:10:02.0997 0x1a70 \Device\Harddisk0\DR0 - copied to quarantine
22:10:02.0998 0x1a70 \Device\Harddisk0\DR0 - processing error
22:47:31.0950 0x1a70 \Device\Harddisk0\DR0 - will be restored on reboot
22:47:31.0950 0x1a70 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure Restore
22:47:31.0990 0x1a70 \Device\Harddisk1\DR1\# - copied to quarantine
22:47:31.0990 0x1a70 \Device\Harddisk1\DR1 - copied to quarantine
22:47:33.0453 0x1a70 \Device\Harddisk1\DR1 - processing error
22:47:38.0565 0x1a70 \Device\Harddisk1\DR1 - will be restored on reboot
22:47:38.0565 0x1a70 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - User select action: Cure Restore
22:48:11.0961 0x0ef0 Deinitialize success
|
|
10.10.2013, 23:19
| #26 |
| | GVU Trojaner Windows 7 64 Bit Hat geklappt. Hier die Logs: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by ***** (administrator) on *****-PC on 10-10-2013 22:54:30
Running from C:\Users\*****\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Threat Expert Ltd.) C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
(Avid Technology, Inc..) C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Kaspersky Lab ZAO) C:\Users\*****\AppData\Local\temp\{5FE98B5E-EA8F-4487-AFA3-D1EA5ADCA351}.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
() C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
() C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [358944 2010-12-11] (Acronis)
HKLM\...\Run: [M-Audio Taskbar Icon] - C:\Windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-21] (Google Inc.)
MountPoints2: {3aaca747-f6ae-11e2-81cf-005056c00008} - G:\Startme.exe
MountPoints2: {7561e1d3-6444-11e1-9b58-00040ecc87e4} - H:\SETUP.EXE
MountPoints2: {f27fbd11-63df-11e1-a2c1-e0cb4e3e42d0} - E:\pushinst.exe
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [vmware-tray] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [129648 2011-03-26] (VMware, Inc.)
HKLM-x32\...\Run: [DigidesignMMERefresh] - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-24] (Avid Technology, Inc..)
HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248320 2011-03-21] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x70AC4DD3F3F7CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=010812_nich_3112_8&babsrc=SP_ss&mntrId=9e1017a8000000000000e0cb4e3e3e0f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=010812_nich_3112_8&babsrc=SP_ss&mntrId=9e1017a8000000000000e0cb4e3e3e0f
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {C4415769-1588-4AD6-9624-B2E69DB78D1A} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 14 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 15 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 16 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [233912] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [233912] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [233912] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 14 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [233912] (PC Tools Research Pty Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 Browser Defender Update Service; C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [112592 2010-01-22] (Threat Expert Ltd.)
R2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-24] (Avid Technology, Inc..)
R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-15] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 sdAuxService; C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe [365280 2009-12-09] (PC Tools)
S4 sdCoreService; C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe [1141712 2010-01-18] (PC Tools)
S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R0 mv64xx; C:\Windows\System32\DRIVERS\mv64xx.sys [331816 2009-09-16] (Marvell Semiconductor, Inc.)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [218056 2009-09-23] (PC Tools)
S3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [25600 2012-11-07] (Razer USA Ltd)
S3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [23040 2012-11-07] (Razer USA Ltd)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
S1 ajlvsasx; \??\C:\Windows\system32\drivers\ajlvsasx.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 crtjnuyc; \??\C:\Windows\system32\drivers\crtjnuyc.sys [x]
S1 eaarkkjg; \??\C:\Windows\system32\drivers\eaarkkjg.sys [x]
S1 ktmujbzd; \??\C:\Windows\system32\drivers\ktmujbzd.sys [x]
S1 ptqllcii; \??\C:\Windows\system32\drivers\ptqllcii.sys [x]
S1 rlffuili; \??\C:\Windows\system32\drivers\rlffuili.sys [x]
S1 rmtofanc; \??\C:\Windows\system32\drivers\rmtofanc.sys [x]
S1 ubqgdokm; \??\C:\Windows\system32\drivers\ubqgdokm.sys [x]
S1 varehocl; \??\C:\Windows\system32\drivers\varehocl.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-10 22:53 - 2013-10-10 22:54 - 01954124 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2013-10-10 22:10 - 2013-10-10 22:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-10-10 21:20 - 2013-10-10 22:08 - 00000000 ____D C:\Users\*****\Desktop\tdsskiller
2013-10-10 21:17 - 2013-10-10 21:19 - 04101172 _____ C:\Users\*****\Desktop\tdsskiller.zip
2013-10-10 21:13 - 2013-10-10 21:20 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\*****\Desktop\TDSSKiller.exe
2013-10-10 20:15 - 2013-10-10 20:15 - 00000000 ____D C:\_OTL
2013-10-10 20:13 - 2013-10-10 20:14 - 00001183 _____ C:\Users\Administrator\Desktop\OTL FIX.txt
2013-10-10 08:22 - 2013-10-10 08:22 - 00092158 _____ C:\Users\Administrator\Desktop\OTL.Txt
2013-10-10 08:13 - 2013-10-10 08:13 - 00023010 _____ C:\ComboFix.txt
2013-10-10 07:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-10 07:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-10 07:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-10 07:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-10 07:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-10 07:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-10 07:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-10 07:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-10 07:50 - 2013-10-10 08:13 - 00000000 ____D C:\Qoobox
2013-10-10 07:49 - 2013-10-10 08:10 - 00000000 ____D C:\Windows\erdnt
2013-10-10 07:47 - 2013-10-10 07:47 - 05131844 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2013-10-09 19:41 - 2013-10-09 19:41 - 00602112 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\OTL.exe
2013-10-09 01:28 - 2013-10-09 01:31 - 00016321 _____ C:\Users\Administrator\Desktop\Gmer.txt
2013-10-09 01:22 - 2013-10-09 01:22 - 00377856 _____ C:\Users\Administrator\Desktop\gmer_2.1.19163.exe
2013-10-09 01:20 - 2013-10-09 01:21 - 00000320 _____ C:\Users\Administrator\Desktop\Addition.txt
2013-10-09 01:18 - 2013-10-09 01:19 - 01954124 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2013-10-08 20:40 - 2013-10-08 20:46 - 00010918 _____ C:\Windows\IE10_main.log
2013-10-08 20:31 - 2013-10-08 20:31 - 00000000 ____D C:\FRST
2013-10-08 02:03 - 2013-10-08 02:05 - 00000000 ____D C:\Windows\system32\MRT
2013-10-08 02:02 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-08 02:02 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-08 02:02 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-08 02:02 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-08 02:02 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-08 02:02 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-08 02:02 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-08 02:02 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-08 02:02 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-08 02:02 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-08 02:02 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-08 02:02 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-08 02:02 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-08 02:02 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-08 02:02 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-08 02:02 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-08 02:02 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-08 02:02 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-08 02:02 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-08 02:02 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-08 02:02 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-08 02:02 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-08 02:02 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-08 02:02 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-08 02:02 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-08 02:02 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-08 02:02 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-08 02:02 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-08 02:02 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-08 02:02 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-08 02:02 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-08 02:02 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-08 01:52 - 2013-10-08 01:52 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-10-08 01:51 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-08 01:51 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-10-08 01:51 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-08 01:51 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-08 01:51 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-08 01:51 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-08 01:51 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-10-08 01:51 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-10-08 01:51 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-10-08 01:51 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-10-08 01:50 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-08 01:50 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-10-08 01:50 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-08 01:50 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-08 01:50 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-10-08 01:50 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-08 01:50 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-10-08 01:50 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-10-08 01:50 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-10-08 01:50 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-10-08 01:50 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-08 01:50 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-08 01:50 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-08 01:50 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-10-08 01:50 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-10-08 01:50 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-10-08 01:50 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-10-08 01:50 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-08 01:50 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-08 01:50 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-08 01:50 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-08 01:50 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-08 01:50 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-08 01:50 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-08 01:50 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-08 01:50 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-08 01:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-08 01:50 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-08 01:50 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-08 01:50 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-10-08 01:50 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-10-08 01:50 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-08 01:50 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-10-08 01:47 - 2013-10-08 01:49 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-10-08 01:47 - 2013-10-08 01:47 - 04095448 _____ (BrightFort LLC ) C:\Users\Administrator\Desktop\spywareblastersetup50.exe
2013-10-08 01:47 - 2013-10-08 01:47 - 00001085 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-10-08 01:47 - 2013-10-08 01:47 - 00000000 ____D C:\ProgramData\Licenses
2013-10-08 01:47 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-10-08 01:43 - 2013-10-08 01:43 - 01032220 _____ (Thisisu) C:\Users\Administrator\Desktop\JRT.exe
2013-10-08 01:41 - 2013-10-08 01:41 - 01032220 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2013-10-08 01:40 - 2013-10-08 01:40 - 00000000 ____D C:\ProgramData\Oracle
2013-10-08 01:40 - 2013-10-08 01:39 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-08 01:40 - 2013-10-08 01:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 01:39 - 2013-10-08 01:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 01:39 - 2013-10-08 01:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 01:39 - 2013-10-08 01:39 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 01:39 - 2013-10-08 01:39 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 01:32 - 2013-10-08 01:32 - 02378752 _____ C:\Users\Administrator\Downloads\Adblock_Installer.msi
2013-10-08 01:24 - 2013-10-08 01:25 - 00000000 ____D C:\AdwCleaner
2013-10-08 01:24 - 2013-10-08 01:24 - 01045226 _____ C:\Users\Administrator\Desktop\adwcleaner.exe
2013-10-08 01:18 - 2013-10-08 01:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2013-10-08 01:18 - 2013-10-08 01:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-10-08 01:18 - 2013-10-08 01:18 - 00000000 ____D C:\Users\Administrator\AppData\Local\Threat Expert
2013-10-08 01:15 - 2013-10-08 20:29 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-08 01:15 - 2013-10-08 20:29 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-08 01:15 - 2013-10-08 01:15 - 00115960 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-08 01:15 - 2013-10-08 01:15 - 00001445 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-08 01:15 - 2013-10-08 01:15 - 00001411 _____ C:\Users\Administrator\Desktop\Internet Explorer (64-bit).lnk
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Razer
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Logitech
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2013-10-08 01:02 - 2013-10-10 08:02 - 00000000 ____D C:\ProgramData\VMware
2013-10-08 00:53 - 2013-10-08 00:53 - 00000000 _____ C:\Users\*****\Desktop\4wcl7hv.txt
2013-09-29 13:43 - 2013-09-29 14:04 - 00000000 ____D C:\Users\*****\AppData\Local\SCE
2013-09-24 22:31 - 2013-09-24 23:56 - 00000000 ____D C:\Users\*****\Desktop\Vermietung
2013-09-17 02:36 - 2013-09-17 02:36 - 00000000 _____ C:\Users\*****\Desktop\Attack on Titan 25.txt
2013-09-13 21:12 - 2013-09-13 21:12 - 00138240 _____ C:\Users\*****\Desktop\Finanzierungsplan.xls
2013-09-10 20:17 - 2013-09-10 20:19 - 00000000 ____D C:\Users\*****\AppData\Roaming\PACE Anti-Piracy
2013-09-10 20:17 - 2013-09-10 20:17 - 00000000 ____D C:\Users\*****\AppData\Local\PACE Anti-Piracy
==================== One Month Modified Files and Folders =======
2013-10-10 22:54 - 2013-10-10 22:53 - 01954124 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2013-10-10 22:54 - 2011-04-12 09:26 - 00713640 _____ C:\Windows\system32\perfh007.dat
2013-10-10 22:54 - 2011-04-12 09:26 - 00155258 _____ C:\Windows\system32\perfc007.dat
2013-10-10 22:54 - 2009-07-14 07:13 - 01659522 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 22:53 - 2012-03-01 23:01 - 01287695 _____ C:\Windows\WindowsUpdate.log
2013-10-10 22:50 - 2012-07-21 17:25 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-10 22:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 22:50 - 2009-07-14 06:51 - 00089353 _____ C:\Windows\setupact.log
2013-10-10 22:45 - 2012-11-12 13:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-10 22:31 - 2012-08-05 17:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037283242-4171337582-128212150-1000UA.job
2013-10-10 22:10 - 2013-10-10 22:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-10-10 22:09 - 2012-07-21 17:25 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-10 22:08 - 2013-10-10 21:20 - 00000000 ____D C:\Users\*****\Desktop\tdsskiller
2013-10-10 21:20 - 2013-10-10 21:13 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\*****\Desktop\TDSSKiller.exe
2013-10-10 21:19 - 2013-10-10 21:17 - 04101172 _____ C:\Users\*****\Desktop\tdsskiller.zip
2013-10-10 20:24 - 2009-07-14 06:45 - 00026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-10 20:24 - 2009-07-14 06:45 - 00026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-10 20:15 - 2013-10-10 20:15 - 00000000 ____D C:\_OTL
2013-10-10 20:15 - 2012-03-01 22:59 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-10 20:14 - 2013-10-10 20:13 - 00001183 _____ C:\Users\Administrator\Desktop\OTL FIX.txt
2013-10-10 08:22 - 2013-10-10 08:22 - 00092158 _____ C:\Users\Administrator\Desktop\OTL.Txt
2013-10-10 08:13 - 2013-10-10 08:13 - 00023010 _____ C:\ComboFix.txt
2013-10-10 08:13 - 2013-10-10 07:50 - 00000000 ____D C:\Qoobox
2013-10-10 08:13 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-10 08:10 - 2013-10-10 07:49 - 00000000 ____D C:\Windows\erdnt
2013-10-10 08:08 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-10-10 08:02 - 2013-10-08 01:02 - 00000000 ____D C:\ProgramData\VMware
2013-10-10 08:02 - 2010-11-21 05:47 - 00056220 _____ C:\Windows\PFRO.log
2013-10-10 07:59 - 2012-03-01 22:59 - 00000000 ____D C:\Users\*****
2013-10-10 07:47 - 2013-10-10 07:47 - 05131844 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2013-10-10 07:45 - 2012-11-12 14:45 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-10 07:45 - 2012-11-12 13:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 07:45 - 2012-11-12 13:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 07:45 - 2012-03-01 23:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:04 - 2012-07-21 17:25 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 20:04 - 2012-07-21 17:25 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 19:41 - 2013-10-09 19:41 - 00602112 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\OTL.exe
2013-10-09 05:04 - 2012-08-12 16:19 - 00000000 ____D C:\Users\Administrator
2013-10-09 03:20 - 2012-03-01 22:59 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-09 01:31 - 2013-10-09 01:28 - 00016321 _____ C:\Users\Administrator\Desktop\Gmer.txt
2013-10-09 01:31 - 2012-08-05 17:00 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037283242-4171337582-128212150-1000Core.job
2013-10-09 01:22 - 2013-10-09 01:22 - 00377856 _____ C:\Users\Administrator\Desktop\gmer_2.1.19163.exe
2013-10-09 01:21 - 2013-10-09 01:20 - 00000320 _____ C:\Users\Administrator\Desktop\Addition.txt
2013-10-09 01:19 - 2013-10-09 01:18 - 01954124 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2013-10-08 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-10-08 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-10-08 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-10-08 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-10-08 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-08 20:46 - 2013-10-08 20:40 - 00010918 _____ C:\Windows\IE10_main.log
2013-10-08 20:31 - 2013-10-08 20:31 - 00000000 ____D C:\FRST
2013-10-08 20:29 - 2013-10-08 01:15 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-08 20:29 - 2013-10-08 01:15 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-08 20:15 - 2009-07-14 06:45 - 00427632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 02:05 - 2013-10-08 02:03 - 00000000 ____D C:\Windows\system32\MRT
2013-10-08 02:03 - 2012-03-02 11:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-08 01:52 - 2013-10-08 01:52 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-10-08 01:49 - 2013-10-08 01:47 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-10-08 01:47 - 2013-10-08 01:47 - 04095448 _____ (BrightFort LLC ) C:\Users\Administrator\Desktop\spywareblastersetup50.exe
2013-10-08 01:47 - 2013-10-08 01:47 - 00001085 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-10-08 01:47 - 2013-10-08 01:47 - 00000000 ____D C:\ProgramData\Licenses
2013-10-08 01:43 - 2013-10-08 01:43 - 01032220 _____ (Thisisu) C:\Users\Administrator\Desktop\JRT.exe
2013-10-08 01:41 - 2013-10-08 01:41 - 01032220 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2013-10-08 01:40 - 2013-10-08 01:40 - 00000000 ____D C:\ProgramData\Oracle
2013-10-08 01:39 - 2013-10-08 01:40 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-08 01:39 - 2013-10-08 01:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 01:39 - 2013-10-08 01:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 01:39 - 2013-10-08 01:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 01:39 - 2013-10-08 01:39 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 01:39 - 2013-10-08 01:39 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 01:39 - 2012-03-04 18:42 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-08 01:32 - 2013-10-08 01:32 - 02378752 _____ C:\Users\Administrator\Downloads\Adblock_Installer.msi
2013-10-08 01:25 - 2013-10-08 01:24 - 00000000 ____D C:\AdwCleaner
2013-10-08 01:25 - 2012-03-03 20:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-08 01:24 - 2013-10-08 01:24 - 01045226 _____ C:\Users\Administrator\Desktop\adwcleaner.exe
2013-10-08 01:18 - 2013-10-08 01:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2013-10-08 01:18 - 2013-10-08 01:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-10-08 01:18 - 2013-10-08 01:18 - 00000000 ____D C:\Users\Administrator\AppData\Local\Threat Expert
2013-10-08 01:15 - 2013-10-08 01:15 - 00115960 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-08 01:15 - 2013-10-08 01:15 - 00001445 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-08 01:15 - 2013-10-08 01:15 - 00001411 _____ C:\Users\Administrator\Desktop\Internet Explorer (64-bit).lnk
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Razer
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Logitech
2013-10-08 01:15 - 2013-10-08 01:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2013-10-08 00:53 - 2013-10-08 00:53 - 00000000 _____ C:\Users\*****\Desktop\4wcl7hv.txt
2013-10-08 00:45 - 2012-03-05 17:25 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-08 00:29 - 2013-02-28 22:38 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2013-10-08 00:28 - 2012-03-03 23:13 - 00000000 ____D C:\Users\*****\AppData\Roaming\TS3Client
2013-10-05 01:47 - 2012-03-03 22:38 - 00000000 ____D C:\Users\*****\AppData\Local\PMB Files
2013-10-05 01:47 - 2012-03-03 22:38 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-03 02:09 - 2013-05-19 14:41 - 00000000 ____D C:\Program Files (x86)\War Thunder
2013-10-01 11:47 - 2012-03-03 21:42 - 00000000 ____D C:\Users\*****\AppData\Local\TeamSpeak 3 Client
2013-09-29 14:04 - 2013-09-29 13:43 - 00000000 ____D C:\Users\*****\AppData\Local\SCE
2013-09-29 14:04 - 2013-01-07 03:26 - 00000000 ____D C:\Users\*****\Documents\My Games
2013-09-29 13:42 - 2012-03-05 18:10 - 00155388 _____ C:\Windows\DirectX.log
2013-09-24 23:56 - 2013-09-24 22:31 - 00000000 ____D C:\Users\*****\Desktop\Vermietung
2013-09-24 23:56 - 2012-03-29 06:32 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2013-09-17 02:36 - 2013-09-17 02:36 - 00000000 _____ C:\Users\*****\Desktop\Attack on Titan 25.txt
2013-09-15 21:16 - 2013-08-20 20:17 - 00000000 ____D C:\Users\*****\Documents\Assassin's Creed III
2013-09-15 19:53 - 2013-03-22 00:29 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-15 19:52 - 2013-03-22 23:58 - 00281392 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-15 19:52 - 2013-03-22 23:58 - 00000000 ____D C:\Users\*****\AppData\Local\PunkBuster
2013-09-15 19:52 - 2013-03-22 00:29 - 00281392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-13 21:12 - 2013-09-13 21:12 - 00138240 _____ C:\Users\*****\Desktop\Finanzierungsplan.xls
2013-09-10 20:42 - 2012-03-04 02:10 - 00000000 ____D C:\Users\*****\AppData\Roaming\Digidesign
2013-09-10 20:19 - 2013-09-10 20:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\PACE Anti-Piracy
2013-09-10 20:17 - 2013-09-10 20:17 - 00000000 ____D C:\Users\*****\AppData\Local\PACE Anti-Piracy
2013-09-10 20:17 - 2012-10-27 00:40 - 00000000 ___HD C:\Users\*****\AppData\Local\iBY3HyQdk0QdJ
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\temp\{5FE98B5E-EA8F-4487-AFA3-D1EA5ADCA351}.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-01 11:02
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by ***** at 2013-10-10 22:55:22
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Disabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spyware Doctor (Disabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
AS: Microsoft Security Essentials (Disabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}
==================== Installed Programs ======================
µTorrent (x32 Version: 3.1.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acronis*True*Image*Home (x32 Version: 13.0.7154)
AdblockIE (x32 Version: 1.2)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.3) - Deutsch (x32 Version: 10.1.3)
Age of Empires Online (x32)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
Apple Application Support (x32 Version: 2.1.5)
Apple Software Update (x32 Version: 2.1.3.127)
Assassin's Creed(R) III v1.06 (x32 Version: 1.06)
Avid Pro Tools SE 8.0.3 (x32 Version: 8.0.3)
AVM FRITZ!WLAN (x32)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
Borderlands 2 (x32)
Browser Defender 2.0.6.15 (x32 Version: 2.0.6.15)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2012.0928.1531.26058)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2012.0928.1531.26058)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2012.0928.1531.26058)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2012.0928.1531.26058)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2012.0928.1531.26058)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2012.0928.1531.26058)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2012.0928.1531.26058)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2012.0928.1531.26058)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2012.0928.1531.26058)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2012.0928.1531.26058)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2012.0928.1531.26058)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2012.0928.1531.26058)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2012.0928.1531.26058)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2012.0928.1531.26058)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2012.0928.1531.26058)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2012.0928.1531.26058)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2012.0928.1531.26058)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2012.0928.1531.26058)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2012.0928.1531.26058)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2012.0928.1531.26058)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2012.0928.1532.26058)
ccc-utility64 (Version: 2013.0328.2218.38225)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0)
Company of Heroes (x32 Version: 2.0.0.1)
DC Universe Online (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diablo III (x32 Version: 1.0.6.13644)
Dota 2 (x32)
ESN Sonar (x32 Version: 0.70.4)
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Guild Wars 2 (x32)
High-Definition Video Playback (x32 Version: 7.3.10800.5.0)
Host OpenAL (ADI) (x32)
Intel® Matrix Storage Manager
Interlok driver setup x64 (Version: 5.8.13)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
JNLP (HKCU)
K-Lite Codec Pack 9.9.5 (Basic) (x32 Version: 9.9.5)
League of Legends (x32 Version: 1.02.0000)
Lightworks (x32 Version: 11.0.3.0)
Logitech Gaming Software (Version: 8.20.74)
Logitech Gaming Software 8.20 (Version: 8.20.74)
marvell 61xx (x32 Version: 1.2.0.7100)
M-Audio FastTrack Driver 6.0.6 (x64) (Version: 6.0.6)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.6.10000.0.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10600)
Nero Burning ROM 10 (x32 Version: 10.6.10600.4.100)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.6.10600)
Nero BurnRights 10 (x32 Version: 4.4.10300.1.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.6.10600)
Nero Control Center 10 (x32 Version: 10.6.12600.0.5)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10700)
Nero Core Components 10 (x32 Version: 2.0.19800.9.10)
Nero CoverDesigner 10 (x32 Version: 5.6.10500.3.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.6.10600)
Nero DiscSpeed 10 (x32 Version: 6.4.10400.0.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.6.10600)
Nero Dolby Files 10 (x32 Version: 2.0.13000.0.10)
Nero Express 10 (x32 Version: 10.6.10600.4.100)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10600)
Nero InfoTool 10 (x32 Version: 7.4.10200.0.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.6.10600)
Nero Multimedia Suite 10 (x32 Version: 10.6.11300)
Nero Recode 10 (x32 Version: 4.10.10600.4.100)
Nero Recode 10 Help (CHM) (x32 Version: 10.6.10600)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10700)
Nero SoundTrax 10 (x32 Version: 4.10.10300.2.100)
Nero SoundTrax 10 Help (CHM) (x32 Version: 10.6.10600)
Nero StartSmart 10 (x32 Version: 10.6.10400.2.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10600)
Nero Update (x32 Version: 1.0.10900.31.0)
Nero Vision 10 (x32 Version: 7.4.10800.7.100)
Nero Vision 10 Help (CHM) (x32 Version: 10.6.10600)
Nero WaveEditor 10 (x32 Version: 5.10.10400.3.100)
Nero WaveEditor 10 Help (CHM) (x32 Version: 10.6.10600)
NeroKwikMedia Help (CHM) (x32 Version: 10.6.10700)
Origin (x32 Version: 9.1.10.2728)
Pando Media Booster (x32 Version: 2.6.0.6)
PC VGA Camer@ (x32 Version: 1.0.2.04)
PunkBuster Services (x32 Version: 0.991)
QuickTime (x32 Version: 7.71.80.42)
Razer DeathAdder(TM) Mouse (x32 Version: 3.03)
Security Task Manager 1.8d (x32 Version: 1.8d)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 5.10 (x32 Version: 5.10.116)
SoundMAX (x32 Version: 6.10.2.6585)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Spyware Doctor 7.0 (x32 Version: 7.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
StarCraft II (x32 Version: 2.0.9.26147)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.13)
TERA (x32 Version: 19.04.02.03.hf3)
tools-freebsd (x32 Version: 8.4.6.16648)
tools-linux (x32 Version: 8.4.6.16648)
tools-netware (x32 Version: 8.4.6.16648)
tools-solaris (x32 Version: 8.4.6.16648)
tools-windows (x32 Version: 8.4.6.16648)
tools-winPre2k (x32 Version: 8.4.6.16648)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Uplay (x32 Version: 3.0)
VirtualCloneDrive (x32)
VLC media player 2.0.0 (x32 Version: 2.0.0)
VMware Workstation (x32 Version: 7.1.4.16648)
War Thunder (x32)
War Thunder Launcher 1.0.1.199 (x32)
Warhammer 40,000 Space Marine (x32)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (x32)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (x32)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
==================== Restore Points =========================
07-10-2013 20:24:40 Windows Update
07-10-2013 23:39:08 Removed Java(TM) 6 Update 31
07-10-2013 23:39:37 Installed Java 7 Update 40
07-10-2013 23:52:26 Windows Update
08-10-2013 18:35:44 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-10-10 08:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0F4E9001-C870-4EAB-A187-9E52BA88E7A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {42F7F6D6-FFA5-4FC7-A224-C0CAACE96272} - System32\Tasks\preispilotSWU => C:\Program Files (x86)\preispilot\swu.vbs"C:\Program Files (x86)\preispilot\swu.vbs"
Task: {6327BBCB-6CB1-40A0-88CC-065AB6D369C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6641C950-F758-45B9-A97E-F73FAA4BA591} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1037283242-4171337582-128212150-1000Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {7160B5AA-0163-4361-A8A7-2833E7C09055} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {824CDB4A-0255-4960-B783-C9F8438AC3E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1037283242-4171337582-128212150-1000UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {F34D9388-C0D5-4964-81B7-B2E9EE4EBB61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {F37E929B-7EFA-4994-92D4-8647F4F3EB18} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037283242-4171337582-128212150-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037283242-4171337582-128212150-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-12-11 20:19 - 2010-12-11 20:19 - 01208560 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2012-10-23 01:54 - 2009-11-10 10:26 - 00767952 _____ () C:\Windows\BDTSupport.dll
2011-03-26 00:42 - 2011-03-26 00:42 - 00970352 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2011-03-26 00:41 - 2011-03-26 00:41 - 00068720 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
2013-10-04 03:33 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\*****\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-04 03:33 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\*****\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-04 03:33 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\*****\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-04 03:33 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\*****\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-04 03:33 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\*****\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:fFNjQ1aWCMRRdy6DQwtMgGo1
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:IhXHys7HsOvYZe9lmWQJui
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68380184.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68380184.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Logitech Gaming Virtual Mouse
Description: Logitech Gaming Virtual Mouse
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: LGVirHid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2013 01:18:29 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1228
Startzeit: 01cec4785aab6526
Endzeit: 0
Anwendungspfad: C:\Users\Administrator\Desktop\FRST64.exe
Berichts-ID:
Error: (10/09/2013 00:52:27 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696b
ID des fehlerhaften Prozesses: 0x11dc
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/09/2013 00:52:26 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696b
ID des fehlerhaften Prozesses: 0x124c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/09/2013 00:51:58 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696b
ID des fehlerhaften Prozesses: 0x13b0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/09/2013 00:51:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696b
ID des fehlerhaften Prozesses: 0x10e0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/09/2013 00:51:56 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696f
ID des fehlerhaften Prozesses: 0x10e8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/09/2013 00:51:34 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696b
ID des fehlerhaften Prozesses: 0xc2c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/09/2013 00:51:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16506, Zeitstempel: 0x51f8de05
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696f
ID des fehlerhaften Prozesses: 0xe54
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (10/08/2013 08:46:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WU-IE10-Windows7-x64.exe, Version: 10.0.9200.16521, Zeitstempel: 0x51207d62
Name des fehlerhaften Moduls: WU-IE10-Windows7-x64.exe, Version: 10.0.9200.16521, Zeitstempel: 0x51207d62
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000b1c3
ID des fehlerhaften Prozesses: 0x760
Startzeit der fehlerhaften Anwendung: 0xWU-IE10-Windows7-x64.exe0
Pfad der fehlerhaften Anwendung: WU-IE10-Windows7-x64.exe1
Pfad des fehlerhaften Moduls: WU-IE10-Windows7-x64.exe2
Berichtskennung: WU-IE10-Windows7-x64.exe3
Error: (10/08/2013 01:40:21 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16496, Zeitstempel: 0x51a55c6d
Name des fehlerhaften Moduls: PCTBDCore.dll, Version: 2.0.6.11, Zeitstempel: 0x4af8a3c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002696b
ID des fehlerhaften Prozesses: 0x1bec
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
System errors:
=============
Error: (10/10/2013 10:50:20 PM) (Source: Service Control Manager) (User: )
Description: Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2013 10:50:19 PM) (Source: VMnetDHCP) (User: )
Description: Can't open C:\ProgramData\VMware\vmnetdhcp.conf: Das System kann die angegebene Datei nicht finden.
/ Unknown error 2 (0x2)
Error: (10/10/2013 10:50:14 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (10/10/2013 08:17:52 PM) (Source: Service Control Manager) (User: )
Description: Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2013 08:17:45 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (10/10/2013 08:17:43 PM) (Source: VMnetDHCP) (User: )
Description: Can't open C:\ProgramData\VMware\vmnetdhcp.conf: Das System kann die angegebene Datei nicht finden.
/ Unknown error 2 (0x2)
Error: (10/10/2013 08:15:21 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2013 08:11:22 PM) (Source: Service Control Manager) (User: )
Description: Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2013 08:11:16 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (10/10/2013 08:11:14 PM) (Source: VMnetDHCP) (User: )
Description: Can't open C:\ProgramData\VMware\vmnetdhcp.conf: Das System kann die angegebene Datei nicht finden.
/ Unknown error 2 (0x2)
Microsoft Office Sessions:
=========================
Error: (10/09/2013 01:18:29 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.8.1122801cec4785aab65260C:\Users\Administrator\Desktop\FRST64.exe
Error: (10/09/2013 00:52:27 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696b11dc01cec479100077ddC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll4db8e99f-306c-11e3-b08e-005056c00008
Error: (10/09/2013 00:52:26 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696b124c01cec4790ede0ffcC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll4c9681bd-306c-11e3-b08e-005056c00008
Error: (10/09/2013 00:51:58 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696b13b001cec478fe9f8bfdC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll3c57fdbf-306c-11e3-b08e-005056c00008
Error: (10/09/2013 00:51:57 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696b10e001cec478fde84208C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll3ba0b3c9-306c-11e3-b08e-005056c00008
Error: (10/09/2013 00:51:56 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696f10e801cec478fcb9f345C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll3ad8c032-306c-11e3-b08e-005056c00008
Error: (10/09/2013 00:51:34 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696bc2c01cec478efb30b65C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll2dd1d853-306c-11e3-b08e-005056c00008
Error: (10/09/2013 00:51:31 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1650651f8de05PCTBDCore.dll2.0.6.114af8a3c7c00000050002696fe5401cec478ebe7d9f5C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dll2be51b7a-306c-11e3-b08e-005056c00008
Error: (10/08/2013 08:46:58 PM) (Source: Application Error)(User: )
Description: WU-IE10-Windows7-x64.exe10.0.9200.1652151207d62WU-IE10-Windows7-x64.exe10.0.9200.1652151207d62c00000050000b1c376001cec455d3365962C:\Windows\SoftwareDistribution\Download\Install\WU-IE10-Windows7-x64.exeC:\Windows\SoftwareDistribution\Download\Install\WU-IE10-Windows7-x64.exe02078b45-304a-11e3-a583-005056c00008
Error: (10/08/2013 01:40:21 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1649651a55c6dPCTBDCore.dll2.0.6.114af8a3c7c00000050002696b1bec01cec3b696061358C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\PCTBDCore.dlld41ae717-2fa9-11e3-acdf-005056c00008
CodeIntegrity Errors:
===================================
Date: 2013-10-10 07:59:52.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-10 07:59:52.539
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-16 01:37:43.338
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-16 01:18:39.647
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-16 01:08:21.381
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-16 01:00:54.643
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-15 20:31:19.656
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-13 21:03:36.209
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-12 17:35:19.454
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-12 16:24:03.462
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spyware Doctor\smum64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 18%
Total physical RAM: 12279.09 MB
Available physical RAM: 10038.14 MB
Total Pagefile: 24556.37 MB
Available Pagefile: 21930.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:273.2 GB) (Free:19.81 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.76 GB) (Free:313.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Daten) (Fixed) (Total:465.76 GB) (Free:6.35 GB) NTFS
Drive g: (INTENSO) (Removable) (Total:7.26 GB) (Free:7.26 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 065C96F9)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: A5281CF9)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 273 GB) (Disk ID: 5AC2E66E)
Partition 1: (Active) - (Size=110 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=273 GB) - (Type=07 NTFS)
==================== End Of Log ============================
EDIT: Habe jetzt mal folgende Maßnahmen durchgeführt: - alle noch ausstehenden Windows-Updates gemacht - Microsoft Security Essentials auf den neuesten Stand gebracht (aber keinen Scan durchgeführt, mit derartiger Software warte ich mal besser bis wir hier fertig sind) - die Rechte seines Benutzerkontos von "Admin" auf "Standardnutzer" degradiert und die Geschichte mit Passwort versehen - Adminkonto mit Passwort versehen - Sandboxie installiert und ihm erklärt wie man es am sinnvollsten benutzt - Benutzerkontensteuerung aktiviert (Regler ganz nach oben!!) - Browser (IE und Firefox werde ich wohl beiseite schieben bzw. deinstallieren, er soll Chrome nutzen) geupdated also folgende Addons installiert: https://chrome.google.com/webstore/detail/adblock/gighmmpiobklfepjocnamgkkbiglidom?hl=de https://chrome.google.com/webstore/detail/ghostery/mlomiejdfkolichcflejclcbmpeaniij Ich hoffe nichts davon beeinträchtigt in irgendeiner Form das weitere Vorgehen nach deinen Anweisungen. Falls doch mache ich betreffende Aktion natürlich direkt wieder rückgängig. Bezüglich des Malwareprogramms bin ich mir noch unschlüssig. Vielleicht kannst du mir ja später einen Tip geben. Ich weiß, "das Beste" gibts nicht. Soweit bin ich immerhin schonmal  .Auch falls ich deiner Meinung nach noch eine sinnvolle Maßnahme vergessen haben sollte (macht Secunia PSI z.B. Sinn?) bitte ich um einen dezenten Hinweis ^^. Geändert von Lou Schalter (10.10.2013 um 22:08 Uhr) |
|
11.10.2013, 08:51
| #27 |
| /// TB-Ausbilder | GVU Trojaner Windows 7 64 Bit Hallo, Tipps zur Absicherung geb ich dann zum Schluss noch mit. Zuerst kontrollieren wir nochmals gründlich: Schritt 1 Mach bitte nochmals einen Scan mit dem TDSSKiller, um zu sehen, ob das geklappt hat, und poste das Log. Schritt 2 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument (Den richtigen Benutzernamen wieder einsetzen anstelle der *****!!) Code:
ATTFilter HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68380184.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68380184.sys => ""="Driver"
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:fFNjQ1aWCMRRdy6DQwtMgGo1
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:IhXHys7HsOvYZe9lmWQJui
C:\Users\*****\AppData\Local\temp\{5FE98B5E-EA8F-4487-AFA3-D1EA5ADCA351}.exe
2013-09-10 20:17 - 2012-10-27 00:40 - 00000000 ___HD C:\Users\*****\AppData\Local\iBY3HyQdk0QdJ
2013-10-08 01:52 - 2013-10-08 01:52 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
S1 ajlvsasx; \??\C:\Windows\system32\drivers\ajlvsasx.sys [x]
S1 crtjnuyc; \??\C:\Windows\system32\drivers\crtjnuyc.sys [x]
S1 eaarkkjg; \??\C:\Windows\system32\drivers\eaarkkjg.sys [x]
S1 ktmujbzd; \??\C:\Windows\system32\drivers\ktmujbzd.sys [x]
S1 ptqllcii; \??\C:\Windows\system32\drivers\ptqllcii.sys [x]
S1 rlffuili; \??\C:\Windows\system32\drivers\rlffuili.sys [x]
S1 rmtofanc; \??\C:\Windows\system32\drivers\rmtofanc.sys [x]
S1 ubqgdokm; \??\C:\Windows\system32\drivers\ubqgdokm.sys [x]
S1 varehocl; \??\C:\Windows\system32\drivers\varehocl.sys [x]
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=010812_nich_3112_8&babsrc=SP_ss&mntrId=9e1017a8000000000000e0cb4e3e3e0f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=010812_nich_3112_8&babsrc=SP_ss&mntrId=9e1017a8000000000000e0cb4e3e3e0f
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 4 ESET Online Scanner
Schritt 5 Starte noch einmal FRST.
__________________ cheers, Leo |
|
11.10.2013, 21:12
| #28 |
| | GVU Trojaner Windows 7 64 BitCode:
ATTFilter 19:54:23.0188 0x1100 TDSS rootkit removing tool 3.0.0.12 Oct 9 2013 14:59:22
19:54:23.0586 0x1100 ============================================================
19:54:23.0586 0x1100 Current date / time: 2013/10/11 19:54:23.0586
19:54:23.0586 0x1100 SystemInfo:
19:54:23.0586 0x1100
19:54:23.0586 0x1100 OS Version: 6.1.7601 ServicePack: 1.0
19:54:23.0586 0x1100 Product type: Workstation
19:54:23.0586 0x1100 ComputerName: *****-PC
19:54:23.0587 0x1100 UserName: Administrator
19:54:23.0587 0x1100 Windows directory: C:\Windows
19:54:23.0587 0x1100 System windows directory: C:\Windows
19:54:23.0587 0x1100 Running under WOW64
19:54:23.0587 0x1100 Processor architecture: Intel x64
19:54:23.0587 0x1100 Number of processors: 8
19:54:23.0587 0x1100 Page size: 0x1000
19:54:23.0587 0x1100 Boot type: Normal boot
19:54:23.0587 0x1100 ============================================================
19:54:25.0553 0x1100 System UUID: {438E91DF-0BCC-791E-3945-FA16759C1496}
19:54:26.0190 0x1100 Drive \Device\Harddisk2\DR2 - Size: 0x4453C00000 (273.31 Gb), SectorSize: 0x200, Cylinders: 0x8B5E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
19:54:26.0196 0x1100 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:26.0197 0x1100 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:26.0210 0x1100 Drive \Device\Harddisk3\DR3 - Size: 0x1D1A00000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:54:26.0213 0x1100 ============================================================
19:54:26.0213 0x1100 \Device\Harddisk2\DR2:
19:54:26.0213 0x1100 MBR partitions:
19:54:26.0213 0x1100 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37000
19:54:26.0213 0x1100 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x37800, BlocksNum 0x22266800
19:54:26.0213 0x1100 \Device\Harddisk0\DR0:
19:54:26.0221 0x1100 MBR partitions:
19:54:26.0221 0x1100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
19:54:26.0221 0x1100 \Device\Harddisk1\DR1:
19:54:26.0221 0x1100 MBR partitions:
19:54:26.0221 0x1100 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
19:54:26.0221 0x1100 \Device\Harddisk3\DR3:
19:54:26.0223 0x1100 MBR partitions:
19:54:26.0223 0x1100 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0xB88, BlocksNum 0xE8C478
19:54:26.0223 0x1100 ============================================================
19:54:26.0243 0x1100 C: <-> \Device\Harddisk2\DR2\Partition2
19:54:26.0269 0x1100 E: <-> \Device\Harddisk0\DR0\Partition1
19:54:26.0336 0x1100 D: <-> \Device\Harddisk1\DR1\Partition1
19:54:26.0336 0x1100 ============================================================
19:54:26.0336 0x1100 Initialize success
19:54:26.0336 0x1100 ============================================================
19:54:31.0732 0x0afc ============================================================
19:54:31.0732 0x0afc Scan started
19:54:31.0732 0x0afc Mode: Manual; SigCheck; TDLFS;
19:54:31.0732 0x0afc ============================================================
19:54:31.0732 0x0afc KSN ping started
19:54:34.0214 0x0afc KSN ping finished: true
19:54:34.0974 0x0afc ================ Scan system memory ========================
19:54:34.0974 0x0afc System memory - ok
19:54:34.0974 0x0afc ================ Scan services =============================
19:54:35.0163 0x0afc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:54:35.0302 0x0afc 1394ohci - ok
19:54:35.0323 0x0afc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:54:35.0347 0x0afc ACPI - ok
19:54:35.0374 0x0afc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:54:35.0439 0x0afc AcpiPmi - ok
19:54:35.0531 0x0afc [ 1FE7229F34038D1ABE837688EC0EF15B, BEDCCCC47285DC7B8D43A6F8B69347E53E4165E30C684503D6A8FDAE191D0ABF ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
19:54:35.0571 0x0afc AcrSch2Svc - ok
19:54:35.0601 0x0afc [ 1C090E86AFD15231377AD37436C3C719, 7C8C679ADB7AF0A965508012C4F3F2FA68D0BFE0E04941B94693D94DB0931B53 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
19:54:35.0644 0x0afc ADIHdAudAddService - ok
19:54:35.0686 0x0afc [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:35.0696 0x0afc AdobeARMservice - ok
19:54:35.0783 0x0afc [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:35.0799 0x0afc AdobeFlashPlayerUpdateSvc - ok
19:54:35.0826 0x0afc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:54:35.0850 0x0afc adp94xx - ok
19:54:35.0873 0x0afc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:54:35.0894 0x0afc adpahci - ok
19:54:35.0912 0x0afc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:54:35.0927 0x0afc adpu320 - ok
19:54:35.0941 0x0afc [ 3BDB13C79CC8C06E2F8182595903ED69, 9E00D6649E862DE6812718B091C350E05A2C5C4D28DE8E05E3DD1F789A04EE96 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
19:54:35.0960 0x0afc AEADIFilters - ok
19:54:35.0971 0x0afc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:54:36.0054 0x0afc AeLookupSvc - ok
19:54:36.0081 0x0afc [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
19:54:36.0104 0x0afc afcdp - ok
19:54:36.0194 0x0afc [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
19:54:36.0288 0x0afc afcdpsrv - ok
19:54:36.0332 0x0afc [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
19:54:36.0371 0x0afc AFD - ok
19:54:36.0394 0x0afc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:54:36.0410 0x0afc agp440 - ok
19:54:36.0428 0x0afc ajlvsasx - ok
19:54:36.0450 0x0afc [ 44F360B65C37A42EB5B71C2E5179FDD5, A7E65515FEE1698C96F647111F5C7D009C5FAC9A1F62D027802861A699AF1F93 ] aksdf C:\Windows\system32\drivers\aksdf.sys
19:54:36.0482 0x0afc aksdf - ok
19:54:36.0515 0x0afc [ BC61697103C9EFC3DBA83777CEA8E76B, 15F55C9E4ACB695A5A9BEF52D69AFE9D8D50F8307B81349FB4300368B52493D3 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
19:54:36.0526 0x0afc aksfridge - ok
19:54:36.0541 0x0afc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:54:36.0579 0x0afc ALG - ok
19:54:36.0597 0x0afc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:54:36.0608 0x0afc aliide - ok
19:54:36.0629 0x0afc [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:54:36.0773 0x0afc AMD External Events Utility - ok
19:54:36.0792 0x0afc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:54:36.0803 0x0afc amdide - ok
19:54:36.0821 0x0afc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:54:36.0845 0x0afc AmdK8 - ok
19:54:37.0121 0x0afc [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:54:37.0566 0x0afc amdkmdag - ok
19:54:37.0599 0x0afc [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:54:37.0640 0x0afc amdkmdap - ok
19:54:37.0654 0x0afc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:54:37.0675 0x0afc AmdPPM - ok
19:54:37.0696 0x0afc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:54:37.0710 0x0afc amdsata - ok
19:54:37.0730 0x0afc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:54:37.0747 0x0afc amdsbs - ok
19:54:37.0767 0x0afc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:54:37.0777 0x0afc amdxata - ok
19:54:37.0796 0x0afc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:54:37.0933 0x0afc AppID - ok
19:54:37.0943 0x0afc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:54:37.0979 0x0afc AppIDSvc - ok
19:54:38.0000 0x0afc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:54:38.0027 0x0afc Appinfo - ok
19:54:38.0045 0x0afc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
19:54:38.0076 0x0afc AppMgmt - ok
19:54:38.0086 0x0afc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:54:38.0099 0x0afc arc - ok
19:54:38.0112 0x0afc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:54:38.0125 0x0afc arcsas - ok
19:54:38.0208 0x0afc [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:54:38.0254 0x0afc aspnet_state - ok
19:54:38.0275 0x0afc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:54:38.0309 0x0afc AsyncMac - ok
19:54:38.0325 0x0afc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:54:38.0335 0x0afc atapi - ok
19:54:38.0355 0x0afc [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:54:38.0386 0x0afc AtiHDAudioService - ok
19:54:38.0409 0x0afc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:54:38.0464 0x0afc AudioEndpointBuilder - ok
19:54:38.0481 0x0afc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:54:38.0523 0x0afc AudioSrv - ok
19:54:38.0557 0x0afc [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:54:38.0651 0x0afc AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
19:54:41.0084 0x0afc Detect skipped due to KSN trusted
19:54:41.0084 0x0afc AVM WLAN Connection Service - ok
19:54:41.0113 0x0afc [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
19:54:41.0123 0x0afc avmeject - ok
19:54:41.0153 0x0afc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:54:41.0209 0x0afc AxInstSV - ok
19:54:41.0237 0x0afc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:54:41.0274 0x0afc b06bdrv - ok
19:54:41.0297 0x0afc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:41.0322 0x0afc b57nd60a - ok
19:54:41.0340 0x0afc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:54:41.0364 0x0afc BDESVC - ok
19:54:41.0378 0x0afc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:54:41.0411 0x0afc Beep - ok
19:54:41.0450 0x0afc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:54:41.0506 0x0afc BFE - ok
19:54:41.0534 0x0afc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
19:54:41.0593 0x0afc BITS - ok
19:54:41.0605 0x0afc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:54:41.0623 0x0afc blbdrive - ok
19:54:41.0641 0x0afc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:54:41.0665 0x0afc bowser - ok
19:54:41.0671 0x0afc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:54:41.0692 0x0afc BrFiltLo - ok
19:54:41.0700 0x0afc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:54:41.0715 0x0afc BrFiltUp - ok
19:54:41.0737 0x0afc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:54:41.0769 0x0afc BridgeMP - ok
19:54:41.0786 0x0afc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:54:41.0809 0x0afc Browser - ok
19:54:41.0864 0x0afc [ 21FA3E51618FF8E2F4B29964ABC5884F, AB6E5ACEBC426354C7CD7D297D8D2CA086755F0E410320CA15B989E8963ECC78 ] Browser Defender Update Service C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
19:54:41.0875 0x0afc Browser Defender Update Service - ok
19:54:41.0886 0x0afc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:54:41.0929 0x0afc Brserid - ok
19:54:41.0935 0x0afc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:54:41.0953 0x0afc BrSerWdm - ok
19:54:41.0961 0x0afc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:54:41.0983 0x0afc BrUsbMdm - ok
19:54:41.0990 0x0afc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:54:42.0007 0x0afc BrUsbSer - ok
19:54:42.0016 0x0afc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:54:42.0037 0x0afc BTHMODEM - ok
19:54:42.0059 0x0afc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:54:42.0089 0x0afc bthserv - ok
19:54:42.0100 0x0afc catchme - ok
19:54:42.0111 0x0afc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:54:42.0146 0x0afc cdfs - ok
19:54:42.0156 0x0afc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:54:42.0173 0x0afc cdrom - ok
19:54:42.0193 0x0afc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:54:42.0229 0x0afc CertPropSvc - ok
19:54:42.0238 0x0afc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:54:42.0258 0x0afc circlass - ok
19:54:42.0272 0x0afc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:54:42.0294 0x0afc CLFS - ok
19:54:42.0321 0x0afc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:42.0333 0x0afc clr_optimization_v2.0.50727_32 - ok
19:54:42.0364 0x0afc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:54:42.0376 0x0afc clr_optimization_v2.0.50727_64 - ok
19:54:42.0430 0x0afc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:42.0534 0x0afc clr_optimization_v4.0.30319_32 - ok
19:54:42.0544 0x0afc [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:54:42.0605 0x0afc clr_optimization_v4.0.30319_64 - ok
19:54:42.0613 0x0afc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:54:42.0630 0x0afc CmBatt - ok
19:54:42.0639 0x0afc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:54:42.0650 0x0afc cmdide - ok
19:54:42.0667 0x0afc [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
19:54:42.0704 0x0afc CNG - ok
19:54:42.0716 0x0afc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:54:42.0728 0x0afc Compbatt - ok
19:54:42.0737 0x0afc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:54:42.0756 0x0afc CompositeBus - ok
19:54:42.0758 0x0afc COMSysApp - ok
19:54:42.0767 0x0afc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:54:42.0781 0x0afc crcdisk - ok
19:54:42.0810 0x0afc crtjnuyc - ok
19:54:42.0829 0x0afc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:54:42.0868 0x0afc CryptSvc - ok
19:54:42.0886 0x0afc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
19:54:42.0925 0x0afc CSC - ok
19:54:42.0951 0x0afc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
19:54:42.0989 0x0afc CscService - ok
19:54:43.0022 0x0afc [ 8EC96B753727B380089D66D4AB5869DF, F8E36B68EED9680291610C83E7DF16A04D278E3E7BC807CF8A870D01C4E5A95E ] CYUSB C:\Windows\system32\Drivers\CYUSB.sys
19:54:43.0045 0x0afc CYUSB - ok
19:54:43.0059 0x0afc [ 003626F7CA17C204F16CD5047AF0703A, BA9063D77A60AF1107A1A6B3C1DD6F1EF3D9DCE7616BAC67DF13AEDD67B683F3 ] danewFltr C:\Windows\system32\drivers\danew.sys
19:54:43.0081 0x0afc danewFltr - ok
19:54:43.0108 0x0afc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:54:43.0160 0x0afc DcomLaunch - ok
19:54:43.0175 0x0afc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:54:43.0211 0x0afc defragsvc - ok
19:54:43.0224 0x0afc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:54:43.0258 0x0afc DfsC - ok
19:54:43.0274 0x0afc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:54:43.0312 0x0afc Dhcp - ok
19:54:43.0327 0x0afc DigiRefresh - ok
19:54:43.0336 0x0afc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:54:43.0372 0x0afc discache - ok
19:54:43.0384 0x0afc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:54:43.0397 0x0afc Disk - ok
19:54:43.0406 0x0afc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:54:43.0428 0x0afc dmvsc - ok
19:54:43.0448 0x0afc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:54:43.0473 0x0afc Dnscache - ok
19:54:43.0484 0x0afc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:54:43.0526 0x0afc dot3svc - ok
19:54:43.0546 0x0afc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:54:43.0583 0x0afc DPS - ok
19:54:43.0595 0x0afc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:54:43.0610 0x0afc drmkaud - ok
19:54:43.0643 0x0afc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:54:43.0682 0x0afc DXGKrnl - ok
19:54:43.0693 0x0afc eaarkkjg - ok
19:54:43.0712 0x0afc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:54:43.0745 0x0afc EapHost - ok
19:54:43.0827 0x0afc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:54:43.0940 0x0afc ebdrv - ok
19:54:43.0951 0x0afc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
19:54:43.0972 0x0afc EFS - ok
19:54:44.0012 0x0afc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:54:44.0072 0x0afc ehRecvr - ok
19:54:44.0086 0x0afc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:54:44.0105 0x0afc ehSched - ok
19:54:44.0127 0x0afc [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:54:44.0138 0x0afc ElbyCDIO - ok
19:54:44.0155 0x0afc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:54:44.0182 0x0afc elxstor - ok
19:54:44.0189 0x0afc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:54:44.0206 0x0afc ErrDev - ok
19:54:44.0230 0x0afc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:54:44.0275 0x0afc EventSystem - ok
19:54:44.0286 0x0afc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:54:44.0320 0x0afc exfat - ok
19:54:44.0331 0x0afc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:54:44.0370 0x0afc fastfat - ok
19:54:44.0394 0x0afc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:54:44.0438 0x0afc Fax - ok
19:54:44.0449 0x0afc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:54:44.0468 0x0afc fdc - ok
19:54:44.0494 0x0afc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:54:44.0530 0x0afc fdPHost - ok
19:54:44.0542 0x0afc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:54:44.0578 0x0afc FDResPub - ok
19:54:44.0588 0x0afc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:54:44.0600 0x0afc FileInfo - ok
19:54:44.0605 0x0afc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:54:44.0638 0x0afc Filetrace - ok
19:54:44.0644 0x0afc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:54:44.0656 0x0afc flpydisk - ok
19:54:44.0668 0x0afc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:54:44.0686 0x0afc FltMgr - ok
19:54:44.0725 0x0afc [ 76C196B109E4BFA50132EF50AF6A1C1B, 6452E96C3C9D35433890FFE72CDBBECBD1D0F56BBAD92DDC31551C1EE44B5860 ] FontCache C:\Windows\system32\FntCache.dll
19:54:44.0781 0x0afc FontCache - ok
19:54:44.0806 0x0afc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:54:44.0818 0x0afc FontCache3.0.0.0 - ok
19:54:44.0826 0x0afc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:54:44.0838 0x0afc FsDepends - ok
19:54:44.0853 0x0afc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:54:44.0863 0x0afc Fs_Rec - ok
19:54:44.0877 0x0afc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:54:44.0894 0x0afc fvevol - ok
19:54:44.0911 0x0afc [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
19:54:44.0944 0x0afc FWLANUSB - ok
19:54:44.0954 0x0afc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:54:44.0968 0x0afc gagp30kx - ok
19:54:44.0991 0x0afc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:54:45.0042 0x0afc gpsvc - ok
19:54:45.0082 0x0afc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:45.0093 0x0afc gupdate - ok
19:54:45.0111 0x0afc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:45.0121 0x0afc gupdatem - ok
19:54:45.0152 0x0afc [ D619BA1712B83D14149850E758B835AD, AD18807EC4DA6FA8C6846C1A0D914071FD59BD3273AFC103E5F2A7141F18C5F4 ] hardlock C:\Windows\system32\drivers\hardlock.sys
19:54:45.0185 0x0afc hardlock - ok
19:54:45.0193 0x0afc hasplms - ok
19:54:45.0208 0x0afc [ D5FA01185A7D5A65724FD87B34E53F5B, 4951DC34E0E0EA598C3599B619D5DEEF527D0B5D2C2C6392469865C6420B31C0 ] hcmon C:\Windows\system32\drivers\hcmon.sys
19:54:45.0217 0x0afc hcmon - ok
19:54:45.0225 0x0afc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:54:45.0253 0x0afc hcw85cir - ok
19:54:45.0278 0x0afc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:54:45.0311 0x0afc HdAudAddService - ok
19:54:45.0325 0x0afc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:54:45.0345 0x0afc HDAudBus - ok
19:54:45.0350 0x0afc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:54:45.0368 0x0afc HidBatt - ok
19:54:45.0377 0x0afc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:54:45.0400 0x0afc HidBth - ok
19:54:45.0414 0x0afc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:54:45.0430 0x0afc HidIr - ok
19:54:45.0437 0x0afc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
19:54:45.0471 0x0afc hidserv - ok
19:54:45.0482 0x0afc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:54:45.0512 0x0afc HidUsb - ok
19:54:45.0529 0x0afc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:54:45.0566 0x0afc hkmsvc - ok
19:54:45.0579 0x0afc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:54:45.0605 0x0afc HomeGroupListener - ok
19:54:45.0617 0x0afc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:54:45.0640 0x0afc HomeGroupProvider - ok
19:54:45.0651 0x0afc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:54:45.0664 0x0afc HpSAMD - ok
19:54:45.0692 0x0afc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:54:45.0749 0x0afc HTTP - ok
19:54:45.0762 0x0afc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:54:45.0771 0x0afc hwpolicy - ok
19:54:45.0782 0x0afc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:54:45.0798 0x0afc i8042prt - ok
19:54:45.0837 0x0afc [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:54:45.0857 0x0afc IAANTMON - ok
19:54:45.0877 0x0afc [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:54:45.0893 0x0afc iaStor - ok
19:54:45.0913 0x0afc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:54:45.0936 0x0afc iaStorV - ok
19:54:45.0973 0x0afc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:54:46.0006 0x0afc idsvc - ok
19:54:46.0017 0x0afc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:54:46.0030 0x0afc iirsp - ok
19:54:46.0059 0x0afc [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
19:54:46.0123 0x0afc IKEEXT - ok
19:54:46.0140 0x0afc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:54:46.0151 0x0afc intelide - ok
19:54:46.0160 0x0afc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:54:46.0179 0x0afc intelppm - ok
19:54:46.0189 0x0afc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:54:46.0224 0x0afc IPBusEnum - ok
19:54:46.0233 0x0afc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:54:46.0264 0x0afc IpFilterDriver - ok
19:54:46.0285 0x0afc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:54:46.0330 0x0afc iphlpsvc - ok
19:54:46.0339 0x0afc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:54:46.0359 0x0afc IPMIDRV - ok
19:54:46.0369 0x0afc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:54:46.0408 0x0afc IPNAT - ok
19:54:46.0415 0x0afc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:54:46.0434 0x0afc IRENUM - ok
19:54:46.0440 0x0afc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:54:46.0450 0x0afc isapnp - ok
19:54:46.0467 0x0afc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:54:46.0483 0x0afc iScsiPrt - ok
19:54:46.0492 0x0afc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:54:46.0503 0x0afc kbdclass - ok
19:54:46.0514 0x0afc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:54:46.0533 0x0afc kbdhid - ok
19:54:46.0540 0x0afc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
19:54:46.0552 0x0afc KeyIso - ok
19:54:46.0563 0x0afc [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:54:46.0574 0x0afc KSecDD - ok
19:54:46.0588 0x0afc [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:54:46.0601 0x0afc KSecPkg - ok
19:54:46.0608 0x0afc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:54:46.0641 0x0afc ksthunk - ok
19:54:46.0659 0x0afc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:54:46.0708 0x0afc KtmRm - ok
19:54:46.0721 0x0afc ktmujbzd - ok
19:54:46.0741 0x0afc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:54:46.0781 0x0afc LanmanServer - ok
19:54:46.0798 0x0afc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:54:46.0829 0x0afc LanmanWorkstation - ok
19:54:46.0854 0x0afc [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
19:54:46.0863 0x0afc LGBusEnum - ok
19:54:46.0879 0x0afc [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
19:54:46.0888 0x0afc LGVirHid - ok
19:54:46.0899 0x0afc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:54:46.0931 0x0afc lltdio - ok
19:54:46.0948 0x0afc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:54:46.0996 0x0afc lltdsvc - ok
19:54:47.0004 0x0afc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:54:47.0037 0x0afc lmhosts - ok
19:54:47.0052 0x0afc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:54:47.0065 0x0afc LSI_FC - ok
19:54:47.0075 0x0afc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:54:47.0088 0x0afc LSI_SAS - ok
19:54:47.0094 0x0afc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:54:47.0106 0x0afc LSI_SAS2 - ok
19:54:47.0113 0x0afc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:54:47.0126 0x0afc LSI_SCSI - ok
19:54:47.0133 0x0afc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:54:47.0170 0x0afc luafv - ok
19:54:47.0194 0x0afc [ E2C6A3F80C1979B911408C17E3893371, 56FD7B743303BDC751C031372D7242C5CD25DAF927942D2D90F71033E7DE625C ] MAUSBFASTTRACK C:\Windows\system32\DRIVERS\MAudioFastTrack.sys
19:54:47.0221 0x0afc MAUSBFASTTRACK - ok
19:54:47.0237 0x0afc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:54:47.0258 0x0afc Mcx2Svc - ok
19:54:47.0267 0x0afc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:54:47.0279 0x0afc megasas - ok
19:54:47.0291 0x0afc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:54:47.0308 0x0afc MegaSR - ok
19:54:47.0319 0x0afc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:54:47.0353 0x0afc MMCSS - ok
19:54:47.0362 0x0afc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:54:47.0397 0x0afc Modem - ok
19:54:47.0409 0x0afc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:54:47.0427 0x0afc monitor - ok
19:54:47.0439 0x0afc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:54:47.0449 0x0afc mouclass - ok
19:54:47.0455 0x0afc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:54:47.0473 0x0afc mouhid - ok
19:54:47.0483 0x0afc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:54:47.0495 0x0afc mountmgr - ok
19:54:47.0516 0x0afc [ F8A10560B35C66F9DE212F03DAD5BFA7, 3ADCBC309A55494326EE8D152F92DFD11E1F97C897C8019BAB547E75D735FE92 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:54:47.0534 0x0afc MpFilter - ok
19:54:47.0546 0x0afc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:54:47.0559 0x0afc mpio - ok
19:54:47.0578 0x0afc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:54:47.0608 0x0afc mpsdrv - ok
19:54:47.0634 0x0afc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:54:47.0688 0x0afc MpsSvc - ok
19:54:47.0697 0x0afc [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:54:47.0717 0x0afc MRxDAV - ok
19:54:47.0731 0x0afc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:54:47.0753 0x0afc mrxsmb - ok
19:54:47.0771 0x0afc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:54:47.0793 0x0afc mrxsmb10 - ok
19:54:47.0804 0x0afc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:54:47.0819 0x0afc mrxsmb20 - ok
19:54:47.0829 0x0afc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:54:47.0839 0x0afc msahci - ok
19:54:47.0850 0x0afc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:54:47.0863 0x0afc msdsm - ok
19:54:47.0875 0x0afc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:54:47.0893 0x0afc MSDTC - ok
19:54:47.0903 0x0afc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:54:47.0939 0x0afc Msfs - ok
19:54:47.0944 0x0afc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:54:47.0978 0x0afc mshidkmdf - ok
19:54:47.0984 0x0afc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:54:47.0995 0x0afc msisadrv - ok
19:54:48.0007 0x0afc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:54:48.0047 0x0afc MSiSCSI - ok
19:54:48.0050 0x0afc msiserver - ok
19:54:48.0064 0x0afc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:54:48.0106 0x0afc MSKSSRV - ok
19:54:48.0145 0x0afc [ E07DEC52FF801841BA9B6878A60304FB, A57A999F411559EA97C830C9FE0234578E2E98EDAF72F9949891F901B83B22A4 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:54:48.0157 0x0afc MsMpSvc - ok
19:54:48.0167 0x0afc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:54:48.0200 0x0afc MSPCLOCK - ok
19:54:48.0209 0x0afc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:54:48.0241 0x0afc MSPQM - ok
19:54:48.0254 0x0afc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:54:48.0276 0x0afc MsRPC - ok
19:54:48.0285 0x0afc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:54:48.0295 0x0afc mssmbios - ok
19:54:48.0302 0x0afc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:54:48.0334 0x0afc MSTEE - ok
19:54:48.0342 0x0afc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:54:48.0357 0x0afc MTConfig - ok
19:54:48.0368 0x0afc [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:54:48.0387 0x0afc MTsensor - ok
19:54:48.0394 0x0afc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:54:48.0405 0x0afc Mup - ok
19:54:48.0421 0x0afc [ 1CA758BC0DEAF35D21ECAACC30427527, DAC9839E2602365C9B867C602A739450CF7F2C5F65A6539F310B55F9D3C8447E ] mv64xx C:\Windows\system32\DRIVERS\mv64xx.sys
19:54:48.0435 0x0afc mv64xx - ok
19:54:48.0457 0x0afc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:54:48.0505 0x0afc napagent - ok
19:54:48.0525 0x0afc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:54:48.0555 0x0afc NativeWifiP - ok
19:54:48.0597 0x0afc [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:54:48.0621 0x0afc NAUpdate - ok
19:54:48.0660 0x0afc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:54:48.0696 0x0afc NDIS - ok
19:54:48.0711 0x0afc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:54:48.0744 0x0afc NdisCap - ok
19:54:48.0782 0x0afc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:54:48.0812 0x0afc NdisTapi - ok
19:54:48.0835 0x0afc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:54:48.0880 0x0afc Ndisuio - ok
19:54:48.0922 0x0afc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:54:48.0982 0x0afc NdisWan - ok
19:54:48.0992 0x0afc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:54:49.0022 0x0afc NDProxy - ok
19:54:49.0041 0x0afc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:54:49.0081 0x0afc NetBIOS - ok
19:54:49.0090 0x0afc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:54:49.0126 0x0afc NetBT - ok
19:54:49.0137 0x0afc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
19:54:49.0150 0x0afc Netlogon - ok
19:54:49.0190 0x0afc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:54:49.0270 0x0afc Netman - ok
19:54:49.0397 0x0afc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:49.0525 0x0afc NetMsmqActivator - ok
19:54:49.0531 0x0afc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:49.0541 0x0afc NetPipeActivator - ok
19:54:49.0817 0x0afc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:54:49.0870 0x0afc netprofm - ok
19:54:49.0884 0x0afc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:49.0894 0x0afc NetTcpActivator - ok
19:54:49.0900 0x0afc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:49.0911 0x0afc NetTcpPortSharing - ok
19:54:49.0930 0x0afc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:54:49.0946 0x0afc nfrd960 - ok
19:54:49.0976 0x0afc [ 162100E0BC8377710F9D170631921C03, B4FC4F6BCCA5A61EC86F9D10F4FE284E9393CE4599CE64BC8360202F0108B499 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:54:49.0990 0x0afc NisDrv - ok
19:54:50.0013 0x0afc [ C6E15F2F95F9C0A6098D43510B604E52, 7B621846EC4DD066657536755455ADB016207A45D49FC5E5F1D50EAD2CCB6B13 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
19:54:50.0041 0x0afc NisSrv - ok
19:54:50.0057 0x0afc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:54:50.0089 0x0afc NlaSvc - ok
19:54:50.0097 0x0afc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:54:50.0134 0x0afc Npfs - ok
19:54:50.0150 0x0afc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:54:50.0196 0x0afc nsi - ok
19:54:50.0211 0x0afc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:54:50.0252 0x0afc nsiproxy - ok
19:54:50.0326 0x0afc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:54:50.0377 0x0afc Ntfs - ok
19:54:50.0392 0x0afc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:54:50.0432 0x0afc Null - ok
19:54:50.0456 0x0afc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:54:50.0474 0x0afc nvraid - ok
19:54:50.0496 0x0afc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:54:50.0515 0x0afc nvstor - ok
19:54:50.0540 0x0afc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:54:50.0559 0x0afc nv_agp - ok
19:54:50.0575 0x0afc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:54:50.0601 0x0afc ohci1394 - ok
19:54:50.0632 0x0afc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:54:50.0648 0x0afc ose - ok
19:54:50.0812 0x0afc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:54:50.0964 0x0afc osppsvc - ok
19:54:51.0005 0x0afc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:54:51.0069 0x0afc p2pimsvc - ok
19:54:51.0092 0x0afc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:54:51.0126 0x0afc p2psvc - ok
19:54:51.0147 0x0afc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:54:51.0176 0x0afc Parport - ok
19:54:51.0198 0x0afc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:54:51.0217 0x0afc partmgr - ok
19:54:51.0237 0x0afc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:54:51.0266 0x0afc PcaSvc - ok
19:54:51.0281 0x0afc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:54:51.0299 0x0afc pci - ok
19:54:51.0324 0x0afc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:54:51.0340 0x0afc pciide - ok
19:54:51.0356 0x0afc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:54:51.0374 0x0afc pcmcia - ok
19:54:51.0399 0x0afc [ 3A68080572B81577791A7B19BB880DA9, 9F64FAB46BF6B5AB46EF77A7077295587F4A6C4851D5EB04D9EC8ECC4C7C67D1 ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
19:54:51.0415 0x0afc PCTCore - ok
19:54:51.0428 0x0afc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:54:51.0440 0x0afc pcw - ok
19:54:51.0463 0x0afc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:54:51.0527 0x0afc PEAUTH - ok
19:54:51.0572 0x0afc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:54:51.0636 0x0afc PeerDistSvc - ok
19:54:51.0685 0x0afc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:54:51.0704 0x0afc PerfHost - ok
19:54:51.0744 0x0afc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:54:51.0815 0x0afc pla - ok
19:54:51.0841 0x0afc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:54:51.0870 0x0afc PlugPlay - ok
19:54:51.0889 0x0afc PnkBstrA - ok
19:54:51.0902 0x0afc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:54:51.0920 0x0afc PNRPAutoReg - ok
19:54:51.0929 0x0afc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:54:51.0948 0x0afc PNRPsvc - ok
19:54:51.0969 0x0afc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:54:52.0019 0x0afc PolicyAgent - ok
19:54:52.0035 0x0afc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:54:52.0071 0x0afc Power - ok
19:54:52.0082 0x0afc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:54:52.0121 0x0afc PptpMiniport - ok
19:54:52.0130 0x0afc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:54:52.0148 0x0afc Processor - ok
19:54:52.0164 0x0afc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:54:52.0188 0x0afc ProfSvc - ok
19:54:52.0196 0x0afc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
19:54:52.0208 0x0afc ProtectedStorage - ok
19:54:52.0223 0x0afc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:54:52.0259 0x0afc Psched - ok
19:54:52.0262 0x0afc ptqllcii - ok
19:54:52.0304 0x0afc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:54:52.0354 0x0afc ql2300 - ok
19:54:52.0369 0x0afc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:54:52.0382 0x0afc ql40xx - ok
19:54:52.0393 0x0afc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:54:52.0416 0x0afc QWAVE - ok
19:54:52.0421 0x0afc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:54:52.0444 0x0afc QWAVEdrv - ok
19:54:52.0452 0x0afc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:54:52.0486 0x0afc RasAcd - ok
19:54:52.0501 0x0afc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:54:52.0531 0x0afc RasAgileVpn - ok
19:54:52.0540 0x0afc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:54:52.0579 0x0afc RasAuto - ok
19:54:52.0587 0x0afc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:54:52.0624 0x0afc Rasl2tp - ok
19:54:52.0639 0x0afc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:54:52.0681 0x0afc RasMan - ok
19:54:52.0687 0x0afc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:54:52.0720 0x0afc RasPppoe - ok
19:54:52.0726 0x0afc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:54:52.0760 0x0afc RasSstp - ok
19:54:52.0773 0x0afc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:54:52.0814 0x0afc rdbss - ok
19:54:52.0822 0x0afc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:54:52.0841 0x0afc rdpbus - ok
19:54:52.0855 0x0afc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:54:52.0884 0x0afc RDPCDD - ok
19:54:52.0896 0x0afc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:54:52.0916 0x0afc RDPDR - ok
19:54:52.0927 0x0afc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:54:52.0961 0x0afc RDPENCDD - ok
19:54:52.0971 0x0afc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:54:53.0008 0x0afc RDPREFMP - ok
19:54:53.0024 0x0afc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:54:53.0055 0x0afc RDPWD - ok
19:54:53.0072 0x0afc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:54:53.0090 0x0afc rdyboost - ok
19:54:53.0101 0x0afc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:54:53.0135 0x0afc RemoteAccess - ok
19:54:53.0150 0x0afc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:54:53.0187 0x0afc RemoteRegistry - ok
19:54:53.0189 0x0afc rlffuili - ok
19:54:53.0198 0x0afc rmtofanc - ok
19:54:53.0206 0x0afc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:54:53.0242 0x0afc RpcEptMapper - ok
19:54:53.0247 0x0afc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:54:53.0267 0x0afc RpcLocator - ok
19:54:53.0289 0x0afc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:54:53.0328 0x0afc RpcSs - ok
19:54:53.0340 0x0afc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:54:53.0373 0x0afc rspndr - ok
19:54:53.0398 0x0afc [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:54:53.0438 0x0afc RTL8167 - ok
19:54:53.0453 0x0afc [ AE4FDA46C0A644DC9FB2545BDF4CB496, 35C911D94B887E64395EC3F493971E5D36176A3632D2F9FB7B4D5A886E9464F1 ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
19:54:53.0476 0x0afc rzdaendpt - ok
19:54:53.0503 0x0afc [ D28AB8D41CA4633EA69F2897F0B45565, B8FF66583530787419D04EEA75A49B61FB184523E652C720B1EF1F1695864F0A ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
19:54:53.0528 0x0afc rzudd - ok
19:54:53.0551 0x0afc [ 4CE040A51CFA6614F46419CB5F5B7BB6, 91DD7B91287800E96EF0DB9DD69B3315629BFA690592C2D0A3E596386A84CD95 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
19:54:53.0573 0x0afc rzvkeyboard - ok
19:54:53.0579 0x0afc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:54:53.0598 0x0afc s3cap - ok
19:54:53.0601 0x0afc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
19:54:53.0614 0x0afc SamSs - ok
19:54:53.0664 0x0afc [ 53E618640032FF0511901551D7F77424, 10679F1B0FBF2B0C4B8D53BACB238119EC5E48A4C1A9EE73F121BCBC9A1EEFA6 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
19:54:53.0677 0x0afc SbieDrv - ok
19:54:53.0716 0x0afc [ DD78D286FF9032D9E0938F815928C2FD, C85B65CC5B56DFE6D700BA98B607B934C7447C6AF8B59E98E4E4855FA83BDD51 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
19:54:53.0730 0x0afc SbieSvc - ok
19:54:53.0742 0x0afc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:54:53.0756 0x0afc sbp2port - ok
19:54:53.0819 0x0afc [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:54:53.0858 0x0afc SBSDWSCService - ok
19:54:53.0875 0x0afc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:54:53.0911 0x0afc SCardSvr - ok
19:54:53.0918 0x0afc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:54:53.0949 0x0afc scfilter - ok
19:54:53.0980 0x0afc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:54:54.0041 0x0afc Schedule - ok
19:54:54.0054 0x0afc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:54:54.0083 0x0afc SCPolicySvc - ok
19:54:54.0116 0x0afc [ EE088B31F5EB673A62E7E0D09B0007B0, 686B697F554E02ACADD5E44F707EF1E7DD87539FF8156F4FF67533E5D26BC160 ] sdAuxService C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
19:54:54.0135 0x0afc sdAuxService - ok
19:54:54.0173 0x0afc [ 747FFE0A5A34C349A363BE97C632B7C4, 7AC092581CCED5080DA8ED3B7243B0DC99B648493ACDE7EB02461DB0DDB1C0B0 ] sdCoreService C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
19:54:54.0213 0x0afc sdCoreService - ok
19:54:54.0231 0x0afc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:54:54.0254 0x0afc SDRSVC - ok
19:54:54.0268 0x0afc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:54:54.0304 0x0afc secdrv - ok
19:54:54.0316 0x0afc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:54:54.0348 0x0afc seclogon - ok
19:54:54.0356 0x0afc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
19:54:54.0389 0x0afc SENS - ok
19:54:54.0397 0x0afc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:54:54.0413 0x0afc SensrSvc - ok
19:54:54.0428 0x0afc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:54:54.0446 0x0afc Serenum - ok
19:54:54.0457 0x0afc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
19:54:54.0475 0x0afc Serial - ok
19:54:54.0489 0x0afc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:54:54.0510 0x0afc sermouse - ok
19:54:54.0522 0x0afc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:54:54.0556 0x0afc SessionEnv - ok
19:54:54.0563 0x0afc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:54:54.0580 0x0afc sffdisk - ok
19:54:54.0583 0x0afc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:54:54.0599 0x0afc sffp_mmc - ok
19:54:54.0603 0x0afc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:54:54.0622 0x0afc sffp_sd - ok
19:54:54.0631 0x0afc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:54:54.0647 0x0afc sfloppy - ok
19:54:54.0693 0x0afc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:54:54.0740 0x0afc SharedAccess - ok
19:54:54.0759 0x0afc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:54:54.0804 0x0afc ShellHWDetection - ok
19:54:54.0813 0x0afc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:54:54.0825 0x0afc SiSRaid2 - ok
19:54:54.0831 0x0afc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:54:54.0844 0x0afc SiSRaid4 - ok
19:54:54.0867 0x0afc [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:54:54.0879 0x0afc SkypeUpdate - ok
19:54:54.0893 0x0afc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:54:54.0929 0x0afc Smb - ok
19:54:54.0951 0x0afc [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
19:54:54.0965 0x0afc snapman - ok
19:54:54.0983 0x0afc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:54:55.0003 0x0afc SNMPTRAP - ok
19:54:55.0007 0x0afc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:54:55.0017 0x0afc spldr - ok
19:54:55.0047 0x0afc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:54:55.0089 0x0afc Spooler - ok
19:54:55.0175 0x0afc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:54:55.0311 0x0afc sppsvc - ok
19:54:55.0324 0x0afc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:54:55.0356 0x0afc sppuinotify - ok
19:54:55.0374 0x0afc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:54:55.0408 0x0afc srv - ok
19:54:55.0423 0x0afc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:54:55.0455 0x0afc srv2 - ok
19:54:55.0468 0x0afc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:54:55.0485 0x0afc srvnet - ok
19:54:55.0499 0x0afc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:54:55.0535 0x0afc SSDPSRV - ok
19:54:55.0546 0x0afc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:54:55.0577 0x0afc SstpSvc - ok
19:54:55.0597 0x0afc Steam Client Service - ok
19:54:55.0605 0x0afc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:54:55.0617 0x0afc stexstor - ok
19:54:55.0641 0x0afc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:54:55.0678 0x0afc stisvc - ok
19:54:55.0688 0x0afc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:54:55.0699 0x0afc storflt - ok
19:54:55.0707 0x0afc [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
19:54:55.0727 0x0afc StorSvc - ok
19:54:55.0736 0x0afc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:54:55.0748 0x0afc storvsc - ok
19:54:55.0754 0x0afc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:54:55.0765 0x0afc swenum - ok
19:54:55.0786 0x0afc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:54:55.0833 0x0afc swprv - ok
19:54:55.0876 0x0afc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:54:55.0952 0x0afc SysMain - ok
19:54:55.0962 0x0afc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:54:55.0982 0x0afc TabletInputService - ok
19:54:55.0995 0x0afc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:54:56.0041 0x0afc TapiSrv - ok
19:54:56.0049 0x0afc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:54:56.0081 0x0afc TBS - ok
19:54:56.0135 0x0afc [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:54:56.0199 0x0afc Tcpip - ok
19:54:56.0257 0x0afc [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:54:56.0306 0x0afc TCPIP6 - ok
19:54:56.0324 0x0afc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:54:56.0336 0x0afc tcpipreg - ok
19:54:56.0346 0x0afc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:54:56.0369 0x0afc TDPIPE - ok
19:54:56.0411 0x0afc [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
19:54:56.0452 0x0afc tdrpman273 - ok
19:54:56.0467 0x0afc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:54:56.0484 0x0afc TDTCP - ok
19:54:56.0494 0x0afc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:54:56.0525 0x0afc tdx - ok
19:54:56.0535 0x0afc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:54:56.0546 0x0afc TermDD - ok
19:54:56.0575 0x0afc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
19:54:56.0630 0x0afc TermService - ok
19:54:56.0640 0x0afc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:54:56.0658 0x0afc Themes - ok
19:54:56.0670 0x0afc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:54:56.0701 0x0afc THREADORDER - ok
19:54:56.0730 0x0afc [ 2C1CAF5563548A15515EAB07D2A069C6, 863405BAC725C7DC6CC86613365A099A2370781018996DD3E74981565AD0DDF5 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
19:54:56.0762 0x0afc timounter - ok
19:54:56.0779 0x0afc [ C676B0F52F2B6483AFB88F79CABB011E, 8F10C7C91B47F87C3E29785BDACA49831857849F688C34A1F097C9D6593003AA ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
19:54:56.0886 0x0afc Tpkd - ok
19:54:56.0899 0x0afc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:54:56.0935 0x0afc TrkWks - ok
19:54:56.0954 0x0afc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:54:56.0989 0x0afc TrustedInstaller - ok
19:54:57.0002 0x0afc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:54:57.0034 0x0afc tssecsrv - ok
19:54:57.0049 0x0afc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:54:57.0074 0x0afc TsUsbFlt - ok
19:54:57.0083 0x0afc [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:54:57.0101 0x0afc TsUsbGD - ok
19:54:57.0118 0x0afc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:54:57.0153 0x0afc tunnel - ok
19:54:57.0163 0x0afc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:54:57.0175 0x0afc uagp35 - ok
19:54:57.0177 0x0afc ubqgdokm - ok
19:54:57.0192 0x0afc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:54:57.0234 0x0afc udfs - ok
19:54:57.0268 0x0afc [ 215462AE7E6A897D675E84DD1E3B3B56, 7F45E77F971E9AC3E1402663EF5F6A2D496F9BB758C8E50D2D329E834E20B7D8 ] ufad-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
19:54:57.0282 0x0afc ufad-ws60 - ok
19:54:57.0289 0x0afc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:54:57.0310 0x0afc UI0Detect - ok
19:54:57.0329 0x0afc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:54:57.0341 0x0afc uliagpkx - ok
19:54:57.0354 0x0afc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:54:57.0371 0x0afc umbus - ok
19:54:57.0387 0x0afc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:54:57.0404 0x0afc UmPass - ok
19:54:57.0416 0x0afc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:54:57.0437 0x0afc UmRdpService - ok
19:54:57.0451 0x0afc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:54:57.0498 0x0afc upnphost - ok
19:54:57.0516 0x0afc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:54:57.0552 0x0afc usbaudio - ok
19:54:57.0568 0x0afc [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:54:57.0587 0x0afc usbccgp - ok
19:54:57.0602 0x0afc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:54:57.0638 0x0afc usbcir - ok
19:54:57.0656 0x0afc [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:54:57.0671 0x0afc usbehci - ok
19:54:57.0690 0x0afc [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:54:57.0718 0x0afc usbhub - ok
19:54:57.0725 0x0afc [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:54:57.0744 0x0afc usbohci - ok
19:54:57.0750 0x0afc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:54:57.0771 0x0afc usbprint - ok
19:54:57.0784 0x0afc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:54:57.0816 0x0afc USBSTOR - ok
19:54:57.0829 0x0afc [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:54:57.0847 0x0afc usbuhci - ok
19:54:57.0856 0x0afc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:54:57.0887 0x0afc UxSms - ok
19:54:57.0895 0x0afc varehocl - ok
19:54:57.0903 0x0afc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
19:54:57.0915 0x0afc VaultSvc - ok
19:54:57.0929 0x0afc [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
19:54:57.0948 0x0afc VClone - ok
19:54:57.0955 0x0afc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:54:57.0965 0x0afc vdrvroot - ok
19:54:57.0986 0x0afc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:54:58.0036 0x0afc vds - ok
19:54:58.0043 0x0afc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:54:58.0058 0x0afc vga - ok
19:54:58.0067 0x0afc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:54:58.0099 0x0afc VgaSave - ok
19:54:58.0110 0x0afc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:54:58.0128 0x0afc vhdmp - ok
19:54:58.0142 0x0afc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:54:58.0153 0x0afc viaide - ok
19:54:58.0167 0x0afc [ 3B59BB6D10CF969DBE4DB93D9EAD7FB4, 8BD4648AAD460F276C79AF81D1479E781E62D292F3318D39B53703403E57E52F ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
19:54:58.0185 0x0afc VKbms - ok
19:54:58.0202 0x0afc [ 7AC6239C65DADE55DEFD573B98616C3F, 39EC745BFA38C70DA80DC121CB24C12ED9AF9AFDCFE38FCD853CFA53D6E538A8 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
19:54:58.0213 0x0afc VMAuthdService - ok
19:54:58.0224 0x0afc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:54:58.0239 0x0afc vmbus - ok
19:54:58.0246 0x0afc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:54:58.0262 0x0afc VMBusHID - ok
19:54:58.0275 0x0afc [ 312AEC23A85424543AF898A59209B479, 7423643ACA900824CCC44B6347AD81E027A9C2A42C12C7F7FD9B89F3D5B5F654 ] vmci C:\Windows\system32\drivers\vmci.sys
19:54:58.0284 0x0afc vmci - ok
19:54:58.0303 0x0afc [ FFC30CAEEB2FC5FEE8568CFF74EDEAED, 56DA6F766906A160C326AAA901E0B50E5CA8B054BDE1B95DD6EA14BBB5286E65 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
19:54:58.0311 0x0afc vmkbd - ok
19:54:58.0326 0x0afc [ 9D54F1339E78C95BF3D9939EBCB66378, 99E29225443049B35E633BB7E709AC89B555F6A1EC5FAE075825A74F088FDC9A ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
19:54:58.0334 0x0afc VMnetAdapter - ok
19:54:58.0352 0x0afc [ FB54EF3AA613D2832FD3812E7CB2FC75, 2D638EFE2E457C4F9B50AF49C7A0B0DA82A98FF10049C2E5DABE32B7E0BA2B23 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
19:54:58.0362 0x0afc VMnetBridge - ok
19:54:58.0370 0x0afc VMnetDHCP - ok
19:54:58.0379 0x0afc [ 56D547BFC3F1619FA82EC9EF5D24E802, D82DDC1E15F87E3E5809991CEFD81CE24BC8C9249108F36F7B854CEDBDB56FFC ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
19:54:58.0387 0x0afc VMnetuserif - ok
19:54:58.0414 0x0afc [ 19368F7C4DC6EF444B826249FC8A0E30, 6F26729EA0BD651FCCC8657BF7C40174AC06926373B467BC3BD3ED352421D2FA ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
19:54:58.0438 0x0afc VMUSBArbService - ok
19:54:58.0442 0x0afc VMware NAT Service - ok
19:54:58.0462 0x0afc [ 62CD5A87FDE14701506D4E0DD8F13D2E, C449E52039BAF7B262BEE4D1389239B196965A0A08E002441CE56B89EF6688E8 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
19:54:58.0471 0x0afc vmx86 - ok
19:54:58.0479 0x0afc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:54:58.0490 0x0afc volmgr - ok
19:54:58.0503 0x0afc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:54:58.0522 0x0afc volmgrx - ok
19:54:58.0534 0x0afc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:54:58.0552 0x0afc volsnap - ok
19:54:58.0564 0x0afc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:54:58.0578 0x0afc vsmraid - ok
19:54:58.0617 0x0afc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:54:58.0695 0x0afc VSS - ok
19:54:58.0715 0x0afc [ E61C910E2DDF4797C1B1F9239636E894, BEC555AB66BD0D33BBC9ABFF7F3955F7D0821383549C8BAC1944B63A85F897E8 ] vstor2-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
19:54:58.0724 0x0afc vstor2-ws60 - ok
19:54:58.0732 0x0afc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:54:58.0752 0x0afc vwifibus - ok
19:54:58.0768 0x0afc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:54:58.0812 0x0afc W32Time - ok
19:54:58.0824 0x0afc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:54:58.0838 0x0afc WacomPen - ok
19:54:58.0845 0x0afc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:54:58.0879 0x0afc WANARP - ok
19:54:58.0883 0x0afc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:54:58.0912 0x0afc Wanarpv6 - ok
19:54:58.0951 0x0afc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:54:59.0014 0x0afc wbengine - ok
19:54:59.0028 0x0afc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:54:59.0051 0x0afc WbioSrvc - ok
19:54:59.0065 0x0afc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:54:59.0097 0x0afc wcncsvc - ok
19:54:59.0104 0x0afc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:54:59.0128 0x0afc WcsPlugInService - ok
19:54:59.0140 0x0afc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:54:59.0151 0x0afc Wd - ok
19:54:59.0179 0x0afc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:54:59.0210 0x0afc Wdf01000 - ok
19:54:59.0231 0x0afc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:54:59.0304 0x0afc WdiServiceHost - ok
19:54:59.0309 0x0afc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:54:59.0327 0x0afc WdiSystemHost - ok
19:54:59.0337 0x0afc [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
19:54:59.0366 0x0afc WebClient - ok
19:54:59.0377 0x0afc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:54:59.0423 0x0afc Wecsvc - ok
19:54:59.0432 0x0afc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:54:59.0464 0x0afc wercplsupport - ok
19:54:59.0474 0x0afc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:54:59.0507 0x0afc WerSvc - ok
19:54:59.0516 0x0afc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:54:59.0544 0x0afc WfpLwf - ok
19:54:59.0555 0x0afc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:54:59.0566 0x0afc WIMMount - ok
19:54:59.0575 0x0afc WinDefend - ok
19:54:59.0582 0x0afc WinHttpAutoProxySvc - ok
19:54:59.0613 0x0afc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:54:59.0648 0x0afc Winmgmt - ok
19:54:59.0698 0x0afc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:54:59.0786 0x0afc WinRM - ok
19:54:59.0820 0x0afc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:54:59.0839 0x0afc WinUsb - ok
19:54:59.0861 0x0afc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:54:59.0905 0x0afc Wlansvc - ok
19:54:59.0979 0x0afc [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:55:00.0046 0x0afc wlidsvc - ok
19:55:00.0057 0x0afc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:55:00.0074 0x0afc WmiAcpi - ok
19:55:00.0091 0x0afc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:55:00.0115 0x0afc wmiApSrv - ok
19:55:00.0127 0x0afc WMPNetworkSvc - ok
19:55:00.0143 0x0afc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:55:00.0158 0x0afc WPCSvc - ok
19:55:00.0167 0x0afc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:55:00.0185 0x0afc WPDBusEnum - ok
19:55:00.0190 0x0afc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:55:00.0221 0x0afc ws2ifsl - ok
19:55:00.0230 0x0afc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
19:55:00.0254 0x0afc wscsvc - ok
19:55:00.0257 0x0afc WSearch - ok
19:55:00.0324 0x0afc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
19:55:00.0398 0x0afc wuauserv - ok
19:55:00.0417 0x0afc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:55:00.0440 0x0afc WudfPf - ok
19:55:00.0453 0x0afc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:55:00.0478 0x0afc WUDFRd - ok
19:55:00.0488 0x0afc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:55:00.0507 0x0afc wudfsvc - ok
19:55:00.0521 0x0afc [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:55:00.0550 0x0afc WwanSvc - ok
19:55:00.0569 0x0afc ================ Scan global ===============================
19:55:00.0580 0x0afc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:55:00.0596 0x0afc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:55:00.0620 0x0afc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:55:00.0635 0x0afc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:55:00.0650 0x0afc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:55:00.0656 0x0afc [ Global ] - ok
19:55:00.0657 0x0afc ================ Scan MBR ==================================
19:55:00.0661 0x0afc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:55:01.0079 0x0afc \Device\Harddisk2\DR2 - ok
19:55:01.0105 0x0afc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:55:01.0211 0x0afc \Device\Harddisk0\DR0 - ok
19:55:01.0213 0x0afc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
19:55:01.0616 0x0afc \Device\Harddisk1\DR1 - ok
19:55:01.0621 0x0afc [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR3
19:55:02.0627 0x0afc \Device\Harddisk3\DR3 - ok
19:55:02.0628 0x0afc ================ Scan VBR ==================================
19:55:02.0637 0x0afc [ 648FC44956DAA6F6D2A8D210255768CC ] \Device\Harddisk2\DR2\Partition1
19:55:02.0638 0x0afc \Device\Harddisk2\DR2\Partition1 - ok
19:55:02.0641 0x0afc [ EE9BD2983364C91FDF0753BA7BC6215D ] \Device\Harddisk2\DR2\Partition2
19:55:02.0642 0x0afc \Device\Harddisk2\DR2\Partition2 - ok
19:55:02.0644 0x0afc [ 3541107D5B9039B36E7DAD4CDEDD327F ] \Device\Harddisk0\DR0\Partition1
19:55:02.0646 0x0afc \Device\Harddisk0\DR0\Partition1 - ok
19:55:02.0648 0x0afc [ A59F8BF144837A8162BE68CC117745D5 ] \Device\Harddisk1\DR1\Partition1
19:55:02.0650 0x0afc \Device\Harddisk1\DR1\Partition1 - ok
19:55:02.0660 0x0afc [ 7698342B4FE72C6E6A589CB4E9B83B22 ] \Device\Harddisk3\DR3\Partition1
19:55:02.0662 0x0afc \Device\Harddisk3\DR3\Partition1 - ok
19:55:02.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:03.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:04.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:05.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:06.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:07.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:08.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:09.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:10.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:11.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:12.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:13.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:14.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:15.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:16.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:17.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:18.0663 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:19.0664 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:20.0664 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:21.0664 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:22.0664 0x0afc Waiting for KSN requests completion. In queue: 109
19:55:23.0673 0x0afc AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.2.223.0 ), 0x61000 ( enabled : updated )
19:55:23.0721 0x0afc Win FW state via NFP2: enabled
19:55:26.0223 0x0afc ============================================================
19:55:26.0223 0x0afc Scan finished
19:55:26.0223 0x0afc ============================================================
19:55:26.0229 0x0634 Detected object count: 0
19:55:26.0229 0x0634 Actual detected object count: 0
Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by ***** at 2013-10-11 19:58:41 Run:1
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68380184.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68380184.sys => ""="Driver"
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:jBiCmiIbIlyrVCVyNieZi
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:fFNjQ1aWCMRRdy6DQwtMgGo1
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:IhXHys7HsOvYZe9lmWQJui
C:\Users\*****\AppData\Local\temp\{5FE98B5E-EA8F-4487-AFA3-D1EA5ADCA351}.exe
2013-09-10 20:17 - 2012-10-27 00:40 - 00000000 ___HD C:\Users\*****\AppData\Local\iBY3HyQdk0QdJ
2013-10-08 01:52 - 2013-10-08 01:52 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
S1 ajlvsasx; \??\C:\Windows\system32\drivers\ajlvsasx.sys [x]
S1 crtjnuyc; \??\C:\Windows\system32\drivers\crtjnuyc.sys [x]
S1 eaarkkjg; \??\C:\Windows\system32\drivers\eaarkkjg.sys [x]
S1 ktmujbzd; \??\C:\Windows\system32\drivers\ktmujbzd.sys [x]
S1 ptqllcii; \??\C:\Windows\system32\drivers\ptqllcii.sys [x]
S1 rlffuili; \??\C:\Windows\system32\drivers\rlffuili.sys [x]
S1 rmtofanc; \??\C:\Windows\system32\drivers\rmtofanc.sys [x]
S1 ubqgdokm; \??\C:\Windows\system32\drivers\ubqgdokm.sys [x]
S1 varehocl; \??\C:\Windows\system32\drivers\varehocl.sys [x]
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=010812_nich_3112_8&babsrc=SP_ss&mntrId=9e1017a8000000000000e0cb4e3e3e0f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=010812_nich_3112_8&babsrc=SP_ss&mntrId=9e1017a8000000000000e0cb4e3e3e0f
*****************
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\68380184.sys => Key not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\68380184.sys => Key not found.
"C:\ProgramData\TEMP" => ":A8ADE5D8" ADS not found.
"C:\Users\*****\Lokale Einstellungen" => ":jBiCmiIbIlyrVCVyNieZi" ADS not found.
C:\Users\*****\AppData\Local => ":jBiCmiIbIlyrVCVyNieZi" ADS removed successfully.
"C:\Users\*****\AppData\Local\Anwendungsdaten" => ":jBiCmiIbIlyrVCVyNieZi" ADS not found.
"C:\Users\*****\AppData\Local\Temporary Internet Files" => ":fFNjQ1aWCMRRdy6DQwtMgGo1" ADS not found.
"C:\Users\*****\AppData\Local\Temporary Internet Files" => ":IhXHys7HsOvYZe9lmWQJui" ADS not found.
"C:\Users\*****\AppData\Local\temp\{5FE98B5E-EA8F-4487-AFA3-D1EA5ADCA351}.exe" => File/Directory not found.
C:\Users\*****\AppData\Local\iBY3HyQdk0QdJ => Moved successfully.
"C:\Windows\SysWOW64\%APPDATA%" directory move:
Could not move "C:\Windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat" => Scheduled to move on reboot.
Could not move "C:\Windows\SysWOW64\%APPDATA%" directory. => Scheduled to move on reboot.
ajlvsasx => Service not found.
crtjnuyc => Service not found.
eaarkkjg => Service not found.
ktmujbzd => Service not found.
ptqllcii => Service not found.
rlffuili => Service not found.
rmtofanc => Service not found.
ubqgdokm => Service not found.
varehocl => Service not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
=========== Result of Scheduled Files to move ===========
"C:\Windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat" => File could not move.
"C:\Windows\SysWOW64\%APPDATA%" => Directory could not move.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.11.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Administrator :: *****-PC [Administrator] 11.10.2013 20:06:44 mbam-log-2013-10-11 (20-06-44).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 229416 Laufzeit: 3 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Bislang hat ESET 2 Infizierte Dateien gefunden: "a variant of Win32/Kryptik.BMDL trojan Win 32/Rootkit.Whistler.A trojan". Gescannt wurden 309000 Dateien, bin derzeit bei 66% ... . Ist das normal, dass das so lange dauert? |
|
11.10.2013, 22:46
| #29 | |
| /// TB-Ausbilder | GVU Trojaner Windows 7 64 Bit Hallo, Zitat:
Wenn die Festplatte gut gefüllt ist, ist eine Scanzeit von mehreren Stunden üblich. ESET ist dafür sehr gründlich und scannt zum Abschluss nochmals auch die hintersten Ecken durch. Nicht alles, was da zum Vorschein kommt, stellt noch eine aktive Bedrohung dar. (Der Rootkit.Whistler-Fund beispielsweise ist nur noch entweder in der TDSSKiller-Quarantäne oder im MBR-Dump, den Combofix erstellt hat - also nicht mehr aktiv.)
__________________ cheers, Leo |
|
11.10.2013, 23:15
| #30 |
| | GVU Trojaner Windows 7 64 Bit O.k., dann sind wir ja beruhigt hier. Hatten ein Sixpack Bier und nen Film am Start, nachdem das Bier alle und der Film vorüber war, ESET aber noch lang keine Anstalten gemacht hatte alle bzw. vorüber zu sein warf das einige Fragen auf  . Jetzt ist es gerade bei 92%, dürfte also demnächst beendet sein. *jippie* Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dd2cf20c96daec47bb4c1bc028c5767b
# engine=15452
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-11 10:13:02
# local_time=2013-10-12 12:13:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 6760671 133159432 0 0
# scanned=573738
# found=2
# cleaned=0
# scan_time=14258
sh=FAA080341857F582DC02F086A503680F6AB7CE49 ft=0 fh=0000000000000000 vn="Win32/Rootkit.Whistler.A trojan" ac=I fn="C:\Qoobox\Quarantine\MBR_HardDisk0.mbr"
sh=CAABC402F6D8B97E1917E17C6501BA44834DA173 ft=1 fh=b3b1f4995b1c8cbf vn="a variant of Win32/Kryptik.BMDL trojan" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\4wcl7hv.plz.vir"
|
|
| Themen zu GVU Trojaner Windows 7 64 Bit |
| aktuelle, anderen, benutzer, besucht, computer, direkt, farbar recovery scan tool, frage, guten, lag, link, modus, netzwerk, probleme, recht, recovery, scan, software, surfen, system, tool, trojaner, websites, windows, windows 7, zweck |
Linear-Darstellung
