| |
| |||||||
Log-Analyse und Auswertung: Keylogger? Passwort ausgespäht!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.04.2014, 19:51
| #1 |
 |  Keylogger? Passwort ausgespäht! Guten Abend! jemand hat sich mit meinem Passwort bei meinem Webhoster eingeloggt und Mist gebaut. Der Hoster-Support tippt auf einen Keylogger auf meinem Rechner - ich halte das für eher unwahrscheinlich - aber dass jemand mein Passwort errät oder (über die Schulter) ausspäht, kann ich ausschließen. Hat mein Rechner also doch was? Wäre für einen Check dankbar! Es läuft: Windows 8, Kaspersky Internet Security und (hin und wieder mal) Spybot S&D Sonstige Symptome: Keine, außer, dass der Rechner zunehmend langsam ist.... Frst.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by ***** (administrator) on VAIO on 09-04-2014 19:11:37
Running from C:\Users\*****\Desktop
Windows 8 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [TuneClone] - C:\Program Files\TuneClone\TuneClone.exe [4550656 2012-02-24] (TuneClone.COM)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [MMReminderService] - C:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe [38280 2012-07-17] (Mindjet)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-04-21] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\Run: [F.lux] - "C:\Users\*****\Local Settings\Apps\F.lux\flux.exe" /noshow
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\MountPoints2: {3f4965ee-e733-11e2-be8c-0024bebc453e} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\MountPoints2: {922798df-699d-11e2-be6d-506313e0d7de} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\MountPoints2: {b09f5f90-dcd6-11e2-be87-506313e0d7de} - "F:\EasySuite .exe" bootup
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\MountPoints2: {d623b469-70a2-11e2-be6d-506313e0d7de} - "F:\EasySuite .exe" bootup
HKU\S-1-5-21-2936259450-3521671367-2592787203-1001\...\MountPoints2: {e7380093-64c9-11e2-be6d-506313e0d7de} - "G:\WD SmartWare.exe" autoplay=true
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\WINDOWS\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL: EldosMountNotificator-cbfs4 - {9F0AB6D8-E919-4EE5-866B-5B9A3449D285} - C:\WINDOWS\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\WINDOWS\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {9F0AB6D8-E919-4EE5-866B-5B9A3449D285} - C:\WINDOWS\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7D7913AA4CF7CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Alive Text to Speech - {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\Program Files (x86)\AliveMedia\Text to Speech\IEToolbar.dll ()
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: chrome://newtab
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-20]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-20]
CHR Extension: (Kaspersky Protection) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-25]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-20]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-01-25]
CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-20]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-02-18]
CHR Extension: (Print Using Google Cloud Print™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaifmgpcdjedlffbhenaloimajbdkfg [2013-01-24]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-02-18]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-02-18]
CHR Extension: (RealDownloader) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-04-21]
CHR Extension: (Virtual Keyboard) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-02-18]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2013-01-23]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-01-23]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-01-21]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-20]
CHR Extension: (Anti-Banner) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-02-18]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2013-02-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R1 cbfs4; C:\WINDOWS\system32\drivers\cbfs4.sys [385216 2013-04-24] (EldoS Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-03-10] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-10] (Kaspersky Lab ZAO)
S3 RRNetCap; C:\Windows\system32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\system32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R0 tclondrv; C:\Windows\System32\DRIVERS\tclondrv.sys [26856 2012-02-24] (TuneClone Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295792 2012-10-02] (Marvell)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-09 19:00 - 2014-04-09 19:11 - 00022585 _____ () C:\Users\*****\Desktop\FRST.txt
2014-04-09 19:00 - 2014-04-09 19:00 - 02157056 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-04-09 19:00 - 2014-04-09 19:00 - 00380416 _____ () C:\Users\*****\Desktop\3fk5ydh8.exe
2014-04-09 18:58 - 2014-04-09 18:58 - 00000474 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-04-09 18:57 - 2014-04-09 18:57 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-04-08 20:26 - 2014-04-09 19:11 - 00000000 ____D () C:\FRST
2014-04-08 20:24 - 2014-04-08 20:24 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-08 19:50 - 2014-04-09 18:39 - 00003334 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2936259450-3521671367-2592787203-1001
2014-04-08 19:50 - 2014-04-09 18:39 - 00003202 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2936259450-3521671367-2592787203-1001
2014-04-08 17:01 - 2014-04-08 19:53 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 17:01 - 2014-04-08 17:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 17:01 - 2014-04-08 17:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-08 17:01 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-08 17:01 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-08 17:01 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-22 23:12 - 2014-03-22 23:13 - 05752608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-22 21:25 - 2014-03-22 23:10 - 01572864 _____ () C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2014-03-18 22:43 - 2014-03-18 22:43 - 00003605 _____ () C:\Users\*****\.ganttproject
2014-03-18 22:43 - 2014-03-18 22:43 - 00000225 _____ () C:\Users\*****\java0.log
2014-03-18 22:09 - 2014-03-18 22:43 - 00001619 _____ () C:\Users\*****\ganttproject.log
2014-03-18 22:09 - 2014-03-18 22:09 - 00000000 ____D () C:\Program Files (x86)\GanttProject-2.6
2014-03-12 23:50 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 23:50 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 23:49 - 2014-02-23 10:13 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 23:49 - 2014-02-23 10:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 23:49 - 2014-02-23 10:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-03-12 23:49 - 2014-02-23 10:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-03-12 23:49 - 2014-02-23 10:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 23:49 - 2014-02-23 10:12 - 19273216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 23:49 - 2014-02-23 10:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 23:49 - 2014-02-23 10:12 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-12 23:49 - 2014-02-23 10:11 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-12 23:49 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-12 23:49 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-12 23:49 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-12 23:49 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-12 23:49 - 2014-02-23 08:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-12 23:49 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-12 23:49 - 2014-02-23 06:06 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-03-12 23:49 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 23:49 - 2013-12-07 08:36 - 19751936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-12 23:49 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-12 23:48 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 23:48 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 23:48 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-03-12 23:48 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-03-10 13:31 - 2014-03-10 13:31 - 00001329 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
==================== One Month Modified Files and Folders =======
2014-04-09 19:11 - 2014-04-09 19:00 - 00022585 _____ () C:\Users\*****\Desktop\FRST.txt
2014-04-09 19:11 - 2014-04-08 20:26 - 00000000 ____D () C:\FRST
2014-04-09 19:08 - 2013-01-20 23:20 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-09 19:00 - 2014-04-09 19:00 - 02157056 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-04-09 19:00 - 2014-04-09 19:00 - 00380416 _____ () C:\Users\*****\Desktop\3fk5ydh8.exe
2014-04-09 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-09 18:58 - 2014-04-09 18:58 - 00000474 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-04-09 18:58 - 2013-02-18 21:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-09 18:57 - 2014-04-09 18:57 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-04-09 18:45 - 2012-07-26 12:27 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-09 18:45 - 2012-07-26 12:27 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-09 18:45 - 2012-07-26 09:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-09 18:39 - 2014-04-08 19:50 - 00003334 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2936259450-3521671367-2592787203-1001
2014-04-09 18:39 - 2014-04-08 19:50 - 00003202 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2936259450-3521671367-2592787203-1001
2014-04-09 18:39 - 2013-01-20 23:20 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 18:38 - 2013-04-09 18:26 - 00021946 _____ () C:\WINDOWS\PFRO.log
2014-04-09 18:38 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-09 18:37 - 2012-07-26 07:26 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-09 18:21 - 2013-01-22 02:34 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-09 18:18 - 2013-01-23 01:07 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-04-09 18:09 - 2013-01-20 22:25 - 00000000 ____D () C:\Users\*****
2014-04-09 17:52 - 2013-01-22 16:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-09 15:04 - 2013-01-22 15:54 - 16459776 ___SH () C:\Users\*****\Desktop\Thumbs.db
2014-04-09 14:35 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-04-08 20:24 - 2014-04-08 20:24 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-08 19:53 - 2014-04-08 17:01 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 17:08 - 2013-05-30 14:46 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-08 17:08 - 2013-05-30 14:45 - 556752336 _____ () C:\WINDOWS\MEMORY.DMP
2014-04-08 17:01 - 2014-04-08 17:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 17:01 - 2014-04-08 17:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-08 16:57 - 2013-01-22 15:50 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-04-08 12:04 - 2013-02-08 00:37 - 00000000 ____D () C:\Users\*****\AppData\Roaming\FileZilla
2014-04-04 09:31 - 2013-01-20 23:25 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-03 12:10 - 2013-09-06 23:36 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-04-03 09:51 - 2014-04-08 17:01 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-08 17:01 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-08 17:01 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-31 18:55 - 2013-01-20 22:26 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-03-29 22:03 - 2013-01-20 23:20 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 22:03 - 2013-01-20 23:20 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-28 17:02 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-26 12:14 - 2013-01-20 22:32 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2936259450-3521671367-2592787203-1001
2014-03-26 01:06 - 2013-09-25 00:41 - 00000132 _____ () C:\Users\*****\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-03-24 09:54 - 2013-10-17 16:47 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-03-24 09:54 - 2013-06-08 21:18 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-03-24 09:54 - 2013-05-07 18:56 - 00065120 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2014-03-22 23:13 - 2014-03-22 23:12 - 05752608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-22 23:12 - 2013-03-29 22:23 - 02004890 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-22 23:10 - 2014-03-22 21:25 - 01572864 _____ () C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2014-03-19 19:55 - 2013-07-15 22:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 19:52 - 2013-01-22 01:32 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 19:52 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-18 22:43 - 2014-03-18 22:43 - 00003605 _____ () C:\Users\*****\.ganttproject
2014-03-18 22:43 - 2014-03-18 22:43 - 00000225 _____ () C:\Users\*****\java0.log
2014-03-18 22:43 - 2014-03-18 22:09 - 00001619 _____ () C:\Users\*****\ganttproject.log
2014-03-18 22:09 - 2014-03-18 22:09 - 00000000 ____D () C:\Program Files (x86)\GanttProject-2.6
2014-03-18 21:45 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-03-17 11:31 - 2013-01-20 22:26 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-17 11:31 - 2013-01-20 22:26 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-17 11:29 - 2013-03-13 18:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 11:29 - 2013-03-13 18:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 11:27 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 11:27 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 11:27 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-17 11:26 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-17 11:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-13 02:28 - 2013-01-21 01:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 20:23 - 2013-01-22 02:34 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-10 13:38 - 2013-10-17 16:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2014-03-10 13:38 - 2013-10-17 16:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2014-03-10 13:38 - 2013-06-06 18:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2014-03-10 13:38 - 2012-07-27 19:38 - 00029792 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys
2014-03-10 13:31 - 2014-03-10 13:31 - 00001329 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-03-10 11:27 - 2013-02-18 21:38 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-10 00:33 - 2013-08-03 23:49 - 00000000 ____D () C:\My Kindle Content
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-07 12:42
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ***** at 2014-04-09 19:12:21
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Design Standard (HKLM-x32\...\{49DC7D87-B9F9-4782-9386-B7F13BC75E48}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Aiseesoft Total Video Converter 6.2.66 (HKLM-x32\...\{E09CEBAA-4435-4404-8D82-4C029F6391E4}_is1) (Version: 6.2.66 - Aiseesoft Studio)
Alive Text to Speech v6.1.0.2 (HKLM-x32\...\Alive Text to Speech_is1) (Version: - AliveMedia, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.3 (HKLM-x32\...\Ashampoo Photo Commander 9_is1) (Version: 9.4.3 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{30819B2C-C281-4D17-B4D4-ADC7D42BDB19}) (Version: 10.1.6207.700 - Audials AG)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.171.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BoxCryptor 1.5 (HKLM-x32\...\BoxCryptor) (Version: 1.5.413.155 - Secomba GmbH)
calibre 64bit (HKLM\...\{96AC0686-B9D4-4D85-A1ED-E1AA8550C15A}) (Version: 1.9.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EBookToMP3 (HKLM-x32\...\EBookToMP3_is1) (Version: Aktuelle Version - IN MEDIA KG)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Evernote v. 5.2.1 (HKLM-x32\...\{5E6D0ABA-ABDE-11E3-9AED-00163E98E7D6}) (Version: 5.2.1.3108 - Evernote Corp.)
F.lux (HKCU\...\Flux) (Version: - )
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Fotobuchexpress24 Bestellsoftware (HKLM-x32\...\Fotobuchexpress24) (Version: 3.1.26 - SSW Software GmbH)
Fotobuchexpress24 Bestellsoftware (x32 Version: 3.1.26 - SSW Software GmbH) Hidden
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
maxdome - Online Videothek (HKLM\...\maxdome - Online Videothek) (Version: 1.0 - maxdome GmbH und Co. KG)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mindjet MindManager 2012 (HKLM-x32\...\{2DD3FE18-F257-484C-8543-3793F14D999F}) (Version: 10.2.404 - Mindjet)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NaturalReaderFree (HKLM-x32\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11.9 - NaturalSoft)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.)
Steuer-Spar-Erklärung 2013 (HKLM-x32\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Selbstständige 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.07.73 - Akademische Arbeitsgemeinschaft)
Storybook4 (HKLM-x32\...\Storybook4) (Version: 4.0.9 - Intertec)
SugarSync (HKLM-x32\...\SugarSync) (Version: 2.0.44.122879 - SugarSync, Inc.)
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 (HKLM-x32\...\{8F311E92-C29F-4DF9-8259-B739A1831669}_is1) (Version: v2012.build.54 - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Timeline 0.10.2 (HKLM-x32\...\Timeline_is1) (Version: - Rickard Lindberg <ricli85@gmail.com>)
TogglDesktop (HKLM-x32\...\{901ACF4B-7DDB-4DE2-A9D7-6C1DA40671EE}) (Version: 4.94.0 - Toggl)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TTS (HKLM-x32\...\{62AAFC0A-00B8-4663-98D8-96AE9F3BA058}) (Version: 1.0.0.0 - ZoomCommerce Co., Ltd.)
TuneClone 2.20 (HKLM\...\TuneClone_is1) (Version: - TuneClone.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Your Software Deals (HKLM-x32\...\Your Software Deals_is1) (Version: - Ashampoo GmbH & Co. KG)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version: - ZDF)
==================== Restore Points =========================
24-03-2014 13:51:34 Installed Evernote v. 5.2.1
04-04-2014 08:40:21 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03AEA02F-F327-44C2-A3EB-128992CAAFB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {4ADBFEAF-85BD-4B88-8CA4-873019AF1CCB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2936259450-3521671367-2592787203-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {7538BC4C-FF28-41D0-A5BF-6CFA719CC6DB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {82CD85AB-C8AB-4ABF-AF3B-0CDFA85559C3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {85577CCA-1E43-4AD8-950D-A21AC130F708} - System32\Tasks\AdobeAAMUpdater-1.0-Vaio-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {9BBED98F-08AA-4588-8654-CE0A17ACD722} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A861DDF7-467F-4BBB-AE04-A0F2894E2CCE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B610BAEE-4DA5-4707-92D3-1B3265C4F67D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BDFBD245-FDA4-4EA7-B220-337318DC16E8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2936259450-3521671367-2592787203-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D2A91522-43A0-4C58-8827-6F2CA2D90D3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20] (Google Inc.)
Task: {DDC83C61-9FA3-4013-92ED-07F5A9FEC666} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2013-03-06 02:21 - 2013-03-06 02:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-11 07:31 - 2014-01-23 01:11 - 00301920 _____ () C:\Program Files (x86)\SugarSync\x64\SugarSyncVFSNamespace64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-03-13 16:41 - 2012-12-11 14:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-06-01 11:16 - 2013-06-01 11:17 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-04-04 09:31 - 2014-04-02 13:19 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-01-22 16:36 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-01-22 16:36 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-01-22 16:36 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-01-22 16:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-01-22 16:36 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2013-01-22 16:36 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-17 12:05 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-02-11 21:29 - 2014-02-11 21:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-03-17 12:05 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-17 12:05 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-17 12:05 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-17 12:05 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-17 12:05 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-04-04 09:31 - 2014-04-02 13:19 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libglesv2.dll
2014-04-04 09:31 - 2014-04-02 13:19 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libegl.dll
2014-04-04 09:31 - 2014-04-02 13:19 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\ffmpegsumo.dll
2014-03-14 17:56 - 2014-03-14 17:56 - 21115392 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2014-03-14 17:50 - 2014-03-14 17:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-03-14 17:50 - 2014-03-14 17:50 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-03-14 17:56 - 2014-03-14 17:56 - 00983054 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2014-03-14 17:56 - 2014-03-14 17:56 - 00133134 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2014-03-14 17:56 - 2014-03-14 17:56 - 00189454 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0B174FAE
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: FOXCONN-T77H114-BCM2070
Description: FOXCONN-T77H114-BCM2070
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/09/2014 05:11:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5484
Error: (04/09/2014 05:11:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5484
Error: (04/09/2014 05:11:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/09/2014 05:11:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4109
Error: (04/09/2014 05:11:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4109
Error: (04/09/2014 05:11:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/09/2014 05:11:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1343
Error: (04/09/2014 05:11:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1343
Error: (04/09/2014 05:11:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/08/2014 08:37:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19859
System errors:
=============
Error: (04/08/2014 05:11:47 PM) (Source: DCOM) (User: Vaio)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (04/08/2014 05:11:47 PM) (Source: DCOM) (User: Vaio)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (04/08/2014 05:11:47 PM) (Source: DCOM) (User: Vaio)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (04/08/2014 05:11:47 PM) (Source: DCOM) (User: Vaio)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (04/08/2014 05:09:28 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a64\??\C:\Users\*****\AppData\Local\Microsoft\Windows\UsrClass.dat
Error: (04/08/2014 05:08:39 PM) (Source: BugCheck) (User: )
Description: 0x0000000a (0x0000000000000203, 0x0000000000000002, 0x0000000000000000, 0xfffff800db8addb3)C:\WINDOWS\MEMORY.DMP
Error: (04/08/2014 05:08:39 PM) (Source: BugCheck) (User: )
Description:
Error: (04/08/2014 05:08:34 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 08.04.2014 um 13:22:40 unerwartet heruntergefahren.
Error: (04/08/2014 04:57:06 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.
Error: (04/07/2014 01:17:50 AM) (Source: Ntfs) (User: )
Description: Auf dem Volume "X:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Microsoft Office Sessions:
=========================
Error: (04/09/2014 05:11:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5484
Error: (04/09/2014 05:11:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5484
Error: (04/09/2014 05:11:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/09/2014 05:11:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4109
Error: (04/09/2014 05:11:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4109
Error: (04/09/2014 05:11:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/09/2014 05:11:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1343
Error: (04/09/2014 05:11:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1343
Error: (04/09/2014 05:11:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/08/2014 08:37:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19859
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 3950.09 MB
Available physical RAM: 1640.91 MB
Total Pagefile: 7918.09 MB
Available Pagefile: 4702.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:108.46 GB) NTFS
Drive f: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
Drive g: (Elements) (Fixed) (Total:2794.52 GB) (Free:1648.9 GB) NTFS
Drive m: (My Passport) (Fixed) (Total:465.11 GB) (Free:20.67 GB) NTFS
Drive x: () (Fixed) (Total:55 GB) (Free:0.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9E7464BD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465 GB) (Disk ID: 00021968)
Partition 1: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End Of Log ============================
gmer.txt Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-09 20:02:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000046 TOSHIBA_MK5055GSX rev.FG001A 465,76GB
Running: 3fk5ydh8.exe; Driver: C:\Users\*****\AppData\Local\Temp\pxloypog.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\BtwRSupportService.exe[1808] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690 000007fb5b061532 4 bytes [06, 5B, FB, 07]
.text C:\WINDOWS\system32\BtwRSupportService.exe[1808] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698 000007fb5b06153a 4 bytes [06, 5B, FB, 07]
.text C:\WINDOWS\system32\BtwRSupportService.exe[1808] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246 000007fb5b06165a 4 bytes [06, 5B, FB, 07]
.text C:\WINDOWS\Explorer.EXE[4028] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fb5b061532 4 bytes [06, 5B, FB, 07]
.text C:\WINDOWS\Explorer.EXE[4028] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fb5b06153a 4 bytes [06, 5B, FB, 07]
.text C:\WINDOWS\Explorer.EXE[4028] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fb5b06165a 4 bytes [06, 5B, FB, 07]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlLeaveCriticalSection + 61 000007fb6423104d 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlEnterCriticalSection + 39 000007fb64231087 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 77 000007fb642310dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 128 000007fb64231110 48 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!_local_unwind + 36 000007fb64231174 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!memcmp + 199 000007fb64231257 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!strcat + 144 000007fb64231300 16 bytes {JMP 0xffffffffffffff8c}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!strcpy + 183 000007fb642313d7 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!strlen + 168 000007fb64231578 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!strncat + 405 000007fb64231725 32 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!strncmp + 181 000007fb64231805 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!strncpy + 354 000007fb64231982 64 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentProcessorNumberEx + 52 000007fb64231a24 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtdllDialogWndProc_W + 601 000007fb64231dee 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!DbgUserBreakPoint + 99 000007fb64231e73 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlInterlockedPushListSList + 118 000007fb64232096 48 bytes {JMP 0xffffffffffffffc0}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlpUmsExecuteYieldThreadEnd + 403 000007fb642325b4 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!__chkstk + 77 000007fb6423261d 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!_setjmp + 160 000007fb642326f0 16 bytes {JMP RAX}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!longjmp + 236 000007fb6423289c 32 bytes {JMP 0xffffffffffffffb9}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetInformationThread 000007fb64232cb0 8 bytes {JMP QWORD [RIP-0x402]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationThread 000007fb64232e30 8 bytes {JMP QWORD [RIP-0x51b]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007fb64232e60 8 bytes {JMP QWORD [RIP-0x5ca]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007fb64232f80 8 bytes {JMP QWORD [RIP-0x6da]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueueApcThread 000007fb64233030 8 bytes {JMP QWORD [RIP-0x792]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateThreadEx 000007fb642336f1 8 bytes {JMP QWORD [RIP-0xca0]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtGetContextThread 000007fb642339d1 8 bytes {JMP QWORD [RIP-0x1018]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetContextThread 000007fb64234251 8 bytes {JMP QWORD [RIP-0x18a0]}
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessInit + 616 00000000775f15f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessTerm + 3 00000000775f15fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuResetToConsistentState + 272 00000000775f17d4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuSetContext + 140 00000000775f18c4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuGetStackPointer + 23 00000000775f18e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuSetStackPointer + 23 00000000775f1903 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuSetInstructionPointer + 23 00000000775f1923 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000775f195f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessDebugEvent + 3 00000000775f196b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\WacomHost.exe[3556] C:\WINDOWS\system32\wow64cpu.dll!CpuNotifyAffinityChange + 3 00000000775f1977 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files\Tablet\Pen\Pen_Tablet.exe[2128] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fb6327177a 4 bytes [27, 63, FB, 07]
.text C:\Program Files\Tablet\Pen\Pen_Tablet.exe[2128] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fb63271782 4 bytes [27, 63, FB, 07]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlLeaveCriticalSection + 61 000007fb6423104d 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlEnterCriticalSection + 39 000007fb64231087 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 77 000007fb642310dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 128 000007fb64231110 48 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!_local_unwind + 36 000007fb64231174 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!memcmp + 199 000007fb64231257 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!strcat + 144 000007fb64231300 16 bytes {JMP 0xffffffffffffff8c}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!strcpy + 183 000007fb642313d7 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!strlen + 168 000007fb64231578 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!strncat + 405 000007fb64231725 32 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!strncmp + 181 000007fb64231805 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!strncpy + 354 000007fb64231982 64 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentProcessorNumberEx + 52 000007fb64231a24 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtdllDialogWndProc_W + 601 000007fb64231dee 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!DbgUserBreakPoint + 99 000007fb64231e73 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlInterlockedPushListSList + 118 000007fb64232096 48 bytes {JMP 0xffffffffffffffc0}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlpUmsExecuteYieldThreadEnd + 403 000007fb642325b4 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!__chkstk + 77 000007fb6423261d 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!_setjmp + 160 000007fb642326f0 16 bytes {JMP RAX}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!longjmp + 236 000007fb6423289c 32 bytes {JMP 0xffffffffffffffb9}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetInformationThread 000007fb64232cb0 8 bytes {JMP QWORD [RIP-0x402]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationThread 000007fb64232e30 8 bytes {JMP QWORD [RIP-0x51b]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007fb64232e60 8 bytes {JMP QWORD [RIP-0x5ca]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007fb64232f80 8 bytes {JMP QWORD [RIP-0x6da]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueueApcThread 000007fb64233030 8 bytes {JMP QWORD [RIP-0x792]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateThreadEx 000007fb642336f1 8 bytes {JMP QWORD [RIP-0xca0]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtGetContextThread 000007fb642339d1 8 bytes {JMP QWORD [RIP-0x1018]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetContextThread 000007fb64234251 8 bytes {JMP QWORD [RIP-0x18a0]}
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessInit + 616 00000000775f15f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessTerm + 3 00000000775f15fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuResetToConsistentState + 272 00000000775f17d4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuSetContext + 140 00000000775f18c4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuGetStackPointer + 23 00000000775f18e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuSetStackPointer + 23 00000000775f1903 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuSetInstructionPointer + 23 00000000775f1923 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000775f195f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessDebugEvent + 3 00000000775f196b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe[5204] C:\WINDOWS\system32\wow64cpu.dll!CpuNotifyAffinityChange + 3 00000000775f1977 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlLeaveCriticalSection + 61 000007fb6423104d 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlEnterCriticalSection + 39 000007fb64231087 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 77 000007fb642310dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 128 000007fb64231110 48 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!_local_unwind + 36 000007fb64231174 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!memcmp + 199 000007fb64231257 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!strcat + 144 000007fb64231300 16 bytes {JMP 0xffffffffffffff8c}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!strcpy + 183 000007fb642313d7 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!strlen + 168 000007fb64231578 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!strncat + 405 000007fb64231725 32 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!strncmp + 181 000007fb64231805 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!strncpy + 354 000007fb64231982 64 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlGetCurrentProcessorNumberEx + 52 000007fb64231a24 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtdllDialogWndProc_W + 601 000007fb64231dee 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!DbgUserBreakPoint + 99 000007fb64231e73 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlInterlockedPushListSList + 118 000007fb64232096 48 bytes {JMP 0xffffffffffffffc0}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlpUmsExecuteYieldThreadEnd + 403 000007fb642325b4 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!__chkstk + 77 000007fb6423261d 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!_setjmp + 160 000007fb642326f0 16 bytes {JMP RAX}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!longjmp + 236 000007fb6423289c 32 bytes {JMP 0xffffffffffffffb9}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetInformationThread 000007fb64232cb0 8 bytes {JMP QWORD [RIP-0x402]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationThread 000007fb64232e30 8 bytes {JMP QWORD [RIP-0x51b]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007fb64232e60 8 bytes {JMP QWORD [RIP-0x5ca]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007fb64232f80 8 bytes {JMP QWORD [RIP-0x6da]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueueApcThread 000007fb64233030 8 bytes {JMP QWORD [RIP-0x792]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateThreadEx 000007fb642336f1 8 bytes {JMP QWORD [RIP-0xca0]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtGetContextThread 000007fb642339d1 8 bytes {JMP QWORD [RIP-0x1018]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetContextThread 000007fb64234251 8 bytes {JMP QWORD [RIP-0x18a0]}
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessInit + 616 00000000775f15f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessTerm + 3 00000000775f15fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuResetToConsistentState + 272 00000000775f17d4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuSetContext + 140 00000000775f18c4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuGetStackPointer + 23 00000000775f18e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuSetStackPointer + 23 00000000775f1903 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuSetInstructionPointer + 23 00000000775f1923 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000775f195f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessDebugEvent + 3 00000000775f196b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\*****\Desktop\3fk5ydh8.exe[3396] C:\WINDOWS\system32\wow64cpu.dll!CpuNotifyAffinityChange + 3 00000000775f1977 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [676:708] fffff9600094f5e8
Thread C:\WINDOWS\system32\csrss.exe [676:712] fffff9600094f5e8
Thread [3724:3880] 0000000072267950
Thread [3724:3884] 000000007240c59c
Thread [3724:3892] 000000007240c59c
Thread [3724:3292] 000000007240c59c
Thread [3724:4056] 000000007240c59c
Thread [3724:3692] 00000000564c0dc7
Thread [3724:4064] 00000000565736af
Thread [3724:2004] 00000000565736af
Thread [3724:3500] 000000005367d80c
Thread [3724:416] 0000000075d64f62
Thread [3724:2844] 00000000565736af
Thread [3724:4612] 000000007240c59c
Thread [3724:3528] 00000000776750a7
Thread [3724:6880] 00000000776750a7
Thread [3724:7008] 00000000776750a7
Thread [3724:5456] 00000000776750a7
Thread [3724:1936] 00000000776750a7
Thread [3724:6048] 00000000776750a7
Thread [3724:5072] 00000000776750a7
Thread [3724:6632] 0000000075d64f62
Thread [3724:188] 0000000075d64f62
Thread [3724:6676] 00000000746624c6
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -688039526
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\506313e0d7de
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\506313e0d7de@d8b3770b0e76 0xA6 0x1B 0x63 0x3A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\KLIF\Parameters@LastProcessedRevision 7157049
---- EOF - GMER 2.1 ----
Besten Dank für die Hilfe! |
|
10.04.2014, 06:03
| #2 |
| /// the machine /// TB-Ausbilder    | Keylogger? Passwort ausgespäht! hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
10.04.2014, 10:45
| #3 |
| | Keylogger? Passwort ausgespäht! Hallo Schrauber,
__________________danke, dass Du Dich (erneut) um meinen Rechner kümmerst! Malwarebytes Anti-Rootkit hat nichts gefunden. mbar-Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.04.10.03
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16843
***** :: VAIO [administrator]
10.04.2014 09:56:59
mbar-log-2014-04-10 (09-56-59).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 256946
Time elapsed: 1 hour(s), 9 minute(s), 5 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSSKiller.3.0.0.30_10.04.2014_11.25.51_log [TEIL 1]: Code:
ATTFilter 11:25:51.0816 0x1b58 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12
11:25:58.0742 0x1b58 ============================================================
11:25:58.0742 0x1b58 Current date / time: 2014/04/10 11:25:58.0742
11:25:58.0742 0x1b58 SystemInfo:
11:25:58.0742 0x1b58
11:25:58.0742 0x1b58 OS Version: 6.2.9200 ServicePack: 0.0
11:25:58.0742 0x1b58 Product type: Workstation
11:25:58.0742 0x1b58 ComputerName: VAIO
11:25:58.0743 0x1b58 UserName: *****
11:25:58.0743 0x1b58 Windows directory: C:\WINDOWS
11:25:58.0743 0x1b58 System windows directory: C:\WINDOWS
11:25:58.0743 0x1b58 Running under WOW64
11:25:58.0743 0x1b58 Processor architecture: Intel x64
11:25:58.0743 0x1b58 Number of processors: 4
11:25:58.0743 0x1b58 Page size: 0x1000
11:25:58.0743 0x1b58 Boot type: Normal boot
11:25:58.0743 0x1b58 ============================================================
11:25:59.0622 0x1b58 KLMD registered as C:\WINDOWS\system32\drivers\43197930.sys
11:26:00.0142 0x1b58 System UUID: {EAF30C5E-12A1-11A7-7946-86B340A3BE09}
11:26:01.0182 0x1b58 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:26:01.0188 0x1b58 Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:26:05.0014 0x1b58 ============================================================
11:26:05.0014 0x1b58 \Device\Harddisk0\DR0:
11:26:05.0082 0x1b58 MBR partitions:
11:26:05.0082 0x1b58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:26:05.0082 0x1b58 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
11:26:05.0082 0x1b58 \Device\Harddisk1\DR1:
11:26:05.0090 0x1b58 MBR partitions:
11:26:05.0090 0x1b58 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
11:26:05.0090 0x1b58 ============================================================
11:26:05.0112 0x1b58 C: <-> \Device\Harddisk0\DR0\Partition2
11:26:05.0137 0x1b58 M: <-> \Device\Harddisk1\DR1\Partition1
11:26:05.0161 0x1b58 ============================================================
11:26:05.0161 0x1b58 Initialize success
11:26:05.0161 0x1b58 ============================================================
11:26:48.0782 0x0434 ============================================================
11:26:48.0782 0x0434 Scan started
11:26:48.0782 0x0434 Mode: Manual; SigCheck; TDLFS;
11:26:48.0782 0x0434 ============================================================
11:26:48.0782 0x0434 KSN ping started
11:26:51.0147 0x0434 KSN ping finished: true
11:26:53.0252 0x0434 ================ Scan system memory ========================
11:26:53.0252 0x0434 System memory - ok
11:26:53.0253 0x0434 ================ Scan services =============================
11:26:53.0469 0x0434 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
11:26:53.0574 0x0434 1394ohci - ok
11:26:53.0631 0x0434 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
11:26:53.0655 0x0434 3ware - ok
11:26:53.0755 0x0434 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
11:26:53.0774 0x0434 AAV UpdateService - ok
11:26:53.0830 0x0434 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
11:26:53.0853 0x0434 ACPI - ok
11:26:53.0892 0x0434 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
11:26:53.0914 0x0434 acpiex - ok
11:26:53.0949 0x0434 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
11:26:53.0973 0x0434 acpipagr - ok
11:26:54.0009 0x0434 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
11:26:54.0106 0x0434 AcpiPmi - ok
11:26:54.0192 0x0434 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
11:26:54.0266 0x0434 acpitime - ok
11:26:54.0519 0x0434 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:26:54.0547 0x0434 AdobeFlashPlayerUpdateSvc - ok
11:26:54.0620 0x0434 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
11:26:54.0658 0x0434 adp94xx - ok
11:26:54.0711 0x0434 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
11:26:54.0731 0x0434 adpahci - ok
11:26:54.0810 0x0434 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
11:26:54.0832 0x0434 adpu320 - ok
11:26:54.0880 0x0434 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
11:26:54.0925 0x0434 AeLookupSvc - ok
11:26:54.0996 0x0434 [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\WINDOWS\system32\drivers\afd.sys
11:26:55.0052 0x0434 AFD - ok
11:26:55.0096 0x0434 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
11:26:55.0117 0x0434 agp440 - ok
11:26:55.0157 0x0434 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\WINDOWS\System32\alg.exe
11:26:55.0208 0x0434 ALG - ok
11:26:55.0249 0x0434 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
11:26:55.0287 0x0434 AllUserInstallAgent - ok
11:26:55.0343 0x0434 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
11:26:55.0394 0x0434 AmdK8 - ok
11:26:55.0848 0x0434 [ 8DC532B5BF820E48194C6AFC8862FCBC, AA8040A2EC9004FBED4B94166B2DD5A4F5BC835EBADD6199651C856A695AA3E1 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
11:26:56.0499 0x0434 amdkmdag - ok
11:26:56.0540 0x0434 [ AA48FEABA50C2DED9C485DFDBA044E40, AE52933B85494F51E4F1524489BEAC4C16F80D09BC8974D97F792D94EAD2A231 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
11:26:56.0586 0x0434 amdkmdap - ok
11:26:56.0603 0x0434 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
11:26:56.0634 0x0434 AmdPPM - ok
11:26:56.0674 0x0434 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
11:26:56.0686 0x0434 amdsata - ok
11:26:56.0732 0x0434 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
11:26:56.0750 0x0434 amdsbs - ok
11:26:56.0762 0x0434 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
11:26:56.0772 0x0434 amdxata - ok
11:26:56.0808 0x0434 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\WINDOWS\system32\drivers\appid.sys
11:26:56.0833 0x0434 AppID - ok
11:26:56.0877 0x0434 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
11:26:56.0913 0x0434 AppIDSvc - ok
11:26:56.0949 0x0434 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\WINDOWS\System32\appinfo.dll
11:26:56.0978 0x0434 Appinfo - ok
11:26:57.0081 0x0434 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:26:57.0096 0x0434 Apple Mobile Device - ok
11:26:57.0152 0x0434 [ 2D14788C5D0836292BEB27BBE109BE56, D032FDBD9E1708F77348655DE00DB395E38EB27A7EC3FB2EF3BA07D22CBC1402 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:26:57.0185 0x0434 AppMgmt - ok
11:26:57.0220 0x0434 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\WINDOWS\system32\drivers\arc.sys
11:26:57.0235 0x0434 arc - ok
11:26:57.0251 0x0434 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
11:26:57.0265 0x0434 arcsas - ok
11:26:57.0285 0x0434 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:26:57.0309 0x0434 AsyncMac - ok
11:26:57.0344 0x0434 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
11:26:57.0363 0x0434 atapi - ok
11:26:57.0532 0x0434 [ DECE3E2832F125A41A02FB59F4C54EEA, 2994024E5C295E9FDF4C6C0A8F2B17C07C158AD1567BEDA46A482C6C08F460BC ] athr C:\WINDOWS\system32\DRIVERS\athrx.sys
11:26:57.0689 0x0434 athr - ok
11:26:57.0731 0x0434 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:26:57.0762 0x0434 AudioEndpointBuilder - ok
11:26:57.0845 0x0434 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
11:26:57.0892 0x0434 Audiosrv - ok
11:26:57.0988 0x0434 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] avp C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
11:26:58.0053 0x0434 avp - ok
11:26:58.0106 0x0434 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
11:26:58.0146 0x0434 AxInstSV - ok
11:26:58.0213 0x0434 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
11:26:58.0242 0x0434 b06bdrv - ok
11:26:58.0285 0x0434 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:26:58.0325 0x0434 BasicDisplay - ok
11:26:58.0368 0x0434 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
11:26:58.0399 0x0434 BasicRender - ok
11:26:58.0539 0x0434 [ 988D01E8AE8C80B413C5E01C89A1886E, 24CC3A984CAFBFE730BB6E45152E3B62B0E9D9704982E7144277A6750FBC5FC5 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
11:26:58.0601 0x0434 BcmBtRSupport - ok
11:26:58.0643 0x0434 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\WINDOWS\System32\bdesvc.dll
11:26:58.0687 0x0434 BDESVC - ok
11:26:58.0721 0x0434 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:26:58.0750 0x0434 Beep - ok
11:26:58.0834 0x0434 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\WINDOWS\System32\bfe.dll
11:26:58.0869 0x0434 BFE - ok
11:26:58.0933 0x0434 [ 65608C44E71D7BA056C9EFCD8A00A7FE, A6B581A8354C7E2902AA1FFDD87C9465EFA2CD75A920CE3098E774292E4825CE ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
11:26:58.0964 0x0434 BingDesktopUpdate - ok
11:26:59.0081 0x0434 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\WINDOWS\System32\qmgr.dll
11:26:59.0199 0x0434 BITS - ok
11:26:59.0304 0x0434 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:26:59.0331 0x0434 Bonjour Service - ok
11:26:59.0349 0x0434 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
11:26:59.0377 0x0434 bowser - ok
11:26:59.0422 0x0434 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:26:59.0463 0x0434 BrokerInfrastructure - ok
11:26:59.0506 0x0434 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\WINDOWS\System32\browser.dll
11:26:59.0547 0x0434 Browser - ok
11:26:59.0590 0x0434 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:26:59.0622 0x0434 BthAvrcpTg - ok
11:26:59.0658 0x0434 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
11:26:59.0686 0x0434 BthEnum - ok
11:26:59.0723 0x0434 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
11:26:59.0763 0x0434 BthHFEnum - ok
11:26:59.0801 0x0434 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
11:26:59.0828 0x0434 bthhfhid - ok
11:26:59.0873 0x0434 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
11:26:59.0917 0x0434 BTHMODEM - ok
11:26:59.0963 0x0434 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
11:26:59.0997 0x0434 BthPan - ok
11:27:00.0087 0x0434 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
11:27:00.0140 0x0434 BTHPORT - ok
11:27:00.0172 0x0434 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\WINDOWS\system32\bthserv.dll
11:27:00.0203 0x0434 bthserv - ok
11:27:00.0240 0x0434 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
11:27:00.0270 0x0434 BTHUSB - ok
11:27:00.0319 0x0434 [ D3848CBF21C75D46321838634B9442F9, 1BB0AD412371CD8DA89D952EFE9156516B720B56074581CD645512244421292E ] cbfs4 C:\WINDOWS\system32\drivers\cbfs4.sys
11:27:00.0339 0x0434 cbfs4 - ok
11:27:00.0384 0x0434 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:27:00.0419 0x0434 cdfs - ok
11:27:00.0448 0x0434 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
11:27:00.0489 0x0434 cdrom - ok
11:27:00.0534 0x0434 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
11:27:00.0574 0x0434 CertPropSvc - ok
11:27:00.0610 0x0434 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\WINDOWS\System32\drivers\circlass.sys
11:27:00.0659 0x0434 circlass - ok
11:27:00.0690 0x0434 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
11:27:00.0710 0x0434 CLFS - ok
11:27:00.0757 0x0434 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
11:27:00.0786 0x0434 CmBatt - ok
11:27:00.0855 0x0434 [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
11:27:00.0887 0x0434 CNG - ok
11:27:00.0926 0x0434 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
11:27:00.0974 0x0434 CompositeBus - ok
11:27:00.0979 0x0434 COMSysApp - ok
11:27:01.0015 0x0434 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
11:27:01.0026 0x0434 condrv - ok
11:27:01.0061 0x0434 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
11:27:01.0091 0x0434 CryptSvc - ok
11:27:01.0143 0x0434 [ F2C69C3D98249DE14D4B2832516D4FD5, 5F622A61A99202802B35532036CFCFDFB1FDEC32465BA8CCAB4C4FAFA336FC2A ] CSC C:\WINDOWS\system32\drivers\csc.sys
11:27:01.0180 0x0434 CSC - ok
11:27:01.0263 0x0434 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4, 7F6F888CF4D7EF93144A791891E41858F7C0CDDC0B65ED09B9CD55EE3734FCCF ] CscService C:\WINDOWS\System32\cscsvc.dll
11:27:01.0319 0x0434 CscService - ok
11:27:01.0367 0x0434 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\WINDOWS\system32\drivers\dam.sys
11:27:01.0388 0x0434 dam - ok
11:27:01.0452 0x0434 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:27:01.0523 0x0434 DcomLaunch - ok
11:27:01.0575 0x0434 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\WINDOWS\System32\defragsvc.dll
11:27:01.0623 0x0434 defragsvc - ok
11:27:01.0684 0x0434 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:27:01.0738 0x0434 DeviceAssociationService - ok
11:27:01.0779 0x0434 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
11:27:01.0818 0x0434 DeviceInstall - ok
11:27:01.0858 0x0434 [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
11:27:01.0890 0x0434 Dfsc - ok
11:27:01.0930 0x0434 [ 41AC348DBD378F618CB4FDEE54270692, A4080C9FF314F52C52E2207E5F7B745A003E931FA42E67E742D34477B5CC0166 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:27:01.0939 0x0434 dg_ssudbus - ok
11:27:02.0011 0x0434 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
11:27:02.0037 0x0434 Dhcp - ok
11:27:02.0084 0x0434 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\WINDOWS\system32\drivers\discache.sys
11:27:02.0116 0x0434 discache - ok
11:27:02.0154 0x0434 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\WINDOWS\system32\drivers\disk.sys
11:27:02.0166 0x0434 disk - ok
11:27:02.0178 0x0434 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
11:27:02.0206 0x0434 dmvsc - ok
11:27:02.0246 0x0434 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:27:02.0278 0x0434 Dnscache - ok
11:27:02.0321 0x0434 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
11:27:02.0374 0x0434 dot3svc - ok
11:27:02.0420 0x0434 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\WINDOWS\system32\dps.dll
11:27:02.0453 0x0434 DPS - ok
11:27:02.0487 0x0434 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:27:02.0511 0x0434 drmkaud - ok
11:27:02.0547 0x0434 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
11:27:02.0583 0x0434 DsmSvc - ok
11:27:02.0688 0x0434 [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:27:02.0751 0x0434 DXGKrnl - ok
11:27:02.0797 0x0434 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
11:27:02.0830 0x0434 Eaphost - ok
11:27:02.0984 0x0434 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
11:27:03.0158 0x0434 ebdrv - ok
11:27:03.0192 0x0434 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\WINDOWS\System32\lsass.exe
11:27:03.0228 0x0434 EFS - ok
11:27:03.0343 0x0434 [ 4B84E647C934EDFF7F28C4B91A5C0864, 909770C436273CFCE606F5FDE5D66AA2A826C85DF03F0CDDAED3D2300E3ADBF7 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
11:27:03.0394 0x0434 ehRecvr - ok
11:27:03.0438 0x0434 [ 72781EC7A97E44B9651550D7A83D1B96, E587687BF27DE23326EBFC9E38D461CCE10D3DDA35F7D586ED32A4788AE96718 ] ehSched C:\WINDOWS\ehome\ehsched.exe
11:27:03.0464 0x0434 ehSched - ok
11:27:03.0502 0x0434 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
11:27:03.0514 0x0434 EhStorClass - ok
11:27:03.0539 0x0434 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:27:03.0552 0x0434 EhStorTcgDrv - ok
11:27:03.0571 0x0434 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
11:27:03.0594 0x0434 ErrDev - ok
11:27:03.0672 0x0434 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\WINDOWS\system32\es.dll
11:27:03.0708 0x0434 EventSystem - ok
11:27:03.0760 0x0434 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\WINDOWS\system32\drivers\exfat.sys
11:27:03.0797 0x0434 exfat - ok
11:27:03.0819 0x0434 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
11:27:03.0835 0x0434 fastfat - ok
11:27:03.0913 0x0434 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\WINDOWS\system32\fxssvc.exe
11:27:03.0946 0x0434 Fax - ok
11:27:03.0959 0x0434 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
11:27:03.0994 0x0434 fdc - ok
11:27:04.0024 0x0434 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
11:27:04.0065 0x0434 fdPHost - ok
11:27:04.0098 0x0434 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
11:27:04.0134 0x0434 FDResPub - ok
11:27:04.0175 0x0434 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\WINDOWS\system32\fhsvc.dll
11:27:04.0210 0x0434 fhsvc - ok
11:27:04.0240 0x0434 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
11:27:04.0264 0x0434 FileInfo - ok
11:27:04.0324 0x0434 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
11:27:04.0374 0x0434 Filetrace - ok
11:27:04.0483 0x0434 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:27:04.0537 0x0434 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
11:27:06.0880 0x0434 Detect skipped due to KSN trusted
11:27:06.0880 0x0434 FLEXnet Licensing Service - ok
11:27:06.0926 0x0434 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
11:27:06.0960 0x0434 flpydisk - ok
11:27:07.0048 0x0434 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:27:07.0077 0x0434 FltMgr - ok
11:27:07.0167 0x0434 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\WINDOWS\system32\FntCache.dll
11:27:07.0240 0x0434 FontCache - ok
11:27:07.0389 0x0434 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:27:07.0410 0x0434 FontCache3.0.0.0 - ok
11:27:07.0435 0x0434 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
11:27:07.0448 0x0434 FsDepends - ok
11:27:07.0483 0x0434 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:27:07.0502 0x0434 Fs_Rec - ok
11:27:07.0564 0x0434 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:27:07.0591 0x0434 fvevol - ok
11:27:07.0627 0x0434 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
11:27:07.0649 0x0434 FxPPM - ok
11:27:07.0696 0x0434 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
11:27:07.0716 0x0434 gagp30kx - ok
11:27:07.0785 0x0434 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:27:07.0798 0x0434 GEARAspiWDM - ok
11:27:07.0849 0x0434 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
11:27:07.0881 0x0434 gencounter - ok
11:27:07.0921 0x0434 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:27:07.0940 0x0434 GPIOClx0101 - ok
11:27:08.0007 0x0434 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
11:27:08.0067 0x0434 gpsvc - ok
11:27:08.0134 0x0434 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:27:08.0152 0x0434 gupdate - ok
11:27:08.0162 0x0434 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:27:08.0175 0x0434 gupdatem - ok
11:27:08.0211 0x0434 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:27:08.0242 0x0434 HdAudAddService - ok
11:27:08.0282 0x0434 [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
11:27:08.0316 0x0434 HDAudBus - ok
11:27:08.0352 0x0434 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
11:27:08.0361 0x0434 HECIx64 - ok
11:27:08.0401 0x0434 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
11:27:08.0412 0x0434 HidBatt - ok
11:27:08.0434 0x0434 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
11:27:08.0465 0x0434 HidBth - ok
11:27:08.0503 0x0434 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
11:27:08.0542 0x0434 hidi2c - ok
11:27:08.0593 0x0434 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
11:27:08.0637 0x0434 HidIr - ok
11:27:08.0666 0x0434 [ 46BBE8EA221461A65F18A078528F4B2C, C0B0D35E2A6C750E5505156694F41F987AB548449F6C9DB1EEEAF12E5F146AD7 ] hidkmdf C:\WINDOWS\System32\drivers\hidkmdf.sys
11:27:08.0672 0x0434 hidkmdf - ok
11:27:08.0709 0x0434 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\WINDOWS\system32\hidserv.dll
11:27:08.0744 0x0434 hidserv - ok
11:27:08.0783 0x0434 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
11:27:08.0803 0x0434 HidUsb - ok
11:27:08.0840 0x0434 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
11:27:08.0873 0x0434 hkmsvc - ok
11:27:08.0911 0x0434 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:27:08.0951 0x0434 HomeGroupListener - ok
11:27:09.0003 0x0434 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:27:09.0031 0x0434 HomeGroupProvider - ok
11:27:09.0070 0x0434 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
11:27:09.0081 0x0434 HpSAMD - ok
11:27:09.0146 0x0434 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
11:27:09.0196 0x0434 HTTP - ok
11:27:09.0236 0x0434 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
11:27:09.0253 0x0434 hwpolicy - ok
11:27:09.0291 0x0434 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
11:27:09.0316 0x0434 hyperkbd - ok
11:27:09.0330 0x0434 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
11:27:09.0355 0x0434 HyperVideo - ok
11:27:09.0382 0x0434 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
11:27:09.0409 0x0434 i8042prt - ok
11:27:09.0459 0x0434 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
11:27:09.0489 0x0434 iaStorV - ok
11:27:09.0526 0x0434 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
11:27:09.0547 0x0434 iirsp - ok
11:27:09.0619 0x0434 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
11:27:09.0685 0x0434 IKEEXT - ok
11:27:09.0719 0x0434 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
11:27:09.0729 0x0434 intelide - ok
11:27:09.0768 0x0434 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
11:27:09.0802 0x0434 intelppm - ok
11:27:09.0835 0x0434 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:27:09.0868 0x0434 IpFilterDriver - ok
11:27:09.0954 0x0434 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
11:27:10.0015 0x0434 iphlpsvc - ok
11:27:10.0043 0x0434 [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:27:10.0080 0x0434 IPMIDRV - ok
11:27:10.0113 0x0434 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
11:27:10.0151 0x0434 IPNAT - ok
11:27:10.0223 0x0434 [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:27:10.0253 0x0434 iPod Service - ok
11:27:10.0294 0x0434 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
11:27:10.0317 0x0434 IRENUM - ok
11:27:10.0351 0x0434 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
11:27:10.0361 0x0434 isapnp - ok
11:27:10.0414 0x0434 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
11:27:10.0440 0x0434 iScsiPrt - ok
11:27:10.0500 0x0434 [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb C:\WINDOWS\System32\drivers\ivusb.sys
11:27:10.0706 0x0434 ivusb - ok
11:27:10.0743 0x0434 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
11:27:10.0764 0x0434 kbdclass - ok
11:27:10.0814 0x0434 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
11:27:10.0850 0x0434 kbdhid - ok
11:27:10.0871 0x0434 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
11:27:10.0906 0x0434 kdnic - ok
11:27:10.0926 0x0434 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\WINDOWS\system32\lsass.exe
11:27:10.0950 0x0434 KeyIso - ok
11:27:10.0994 0x0434 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
11:27:11.0016 0x0434 kl1 - ok
11:27:11.0034 0x0434 [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
11:27:11.0044 0x0434 klelam - ok
11:27:11.0075 0x0434 [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
11:27:11.0087 0x0434 klflt - ok
11:27:11.0172 0x0434 [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
11:27:11.0195 0x0434 KLIF - ok
11:27:11.0236 0x0434 [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
11:27:11.0250 0x0434 KLIM6 - ok
11:27:11.0275 0x0434 [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
11:27:11.0289 0x0434 klkbdflt - ok
11:27:11.0302 0x0434 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
11:27:11.0316 0x0434 klmouflt - ok
11:27:11.0358 0x0434 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
11:27:11.0366 0x0434 klpd - ok
11:27:11.0406 0x0434 [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
11:27:11.0415 0x0434 klwfp - ok
11:27:11.0444 0x0434 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
11:27:11.0455 0x0434 kneps - ok
11:27:11.0493 0x0434 [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
11:27:11.0505 0x0434 KSecDD - ok
11:27:11.0557 0x0434 [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:27:11.0572 0x0434 KSecPkg - ok
11:27:11.0603 0x0434 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
11:27:11.0626 0x0434 ksthunk - ok
11:27:11.0683 0x0434 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
11:27:11.0719 0x0434 KtmRm - ok
11:27:11.0765 0x0434 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
11:27:11.0788 0x0434 LanmanServer - ok
11:27:11.0844 0x0434 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:27:11.0876 0x0434 LanmanWorkstation - ok
11:27:11.0897 0x0434 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
11:27:11.0912 0x0434 lltdio - ok
11:27:11.0965 0x0434 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
11:27:12.0009 0x0434 lltdsvc - ok
11:27:12.0025 0x0434 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
11:27:12.0046 0x0434 lmhosts - ok
11:27:12.0095 0x0434 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
11:27:12.0107 0x0434 LSI_SAS - ok
11:27:12.0144 0x0434 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
11:27:12.0155 0x0434 LSI_SAS2 - ok
11:27:12.0174 0x0434 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
11:27:12.0186 0x0434 LSI_SCSI - ok
11:27:12.0208 0x0434 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
11:27:12.0220 0x0434 LSI_SSS - ok
11:27:12.0268 0x0434 [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\WINDOWS\System32\lsm.dll
11:27:12.0314 0x0434 LSM - ok
11:27:12.0368 0x0434 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
11:27:12.0409 0x0434 luafv - ok
11:27:12.0431 0x0434 [ 4448CCEA974F0B15A00EA33FCEDFC062, EAA5B156480F6F5B11D4B358489714AF7DB77EB58B841BF0AC284A17B4288CC9 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
11:27:12.0474 0x0434 Mcx2Svc - ok
11:27:12.0500 0x0434 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
11:27:12.0521 0x0434 megasas - ok
11:27:12.0570 0x0434 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
11:27:12.0596 0x0434 MegaSR - ok
11:27:12.0656 0x0434 Microsoft SharePoint Workspace Audit Service - ok
11:27:12.0691 0x0434 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\WINDOWS\system32\mmcss.dll
11:27:12.0715 0x0434 MMCSS - ok
11:27:12.0756 0x0434 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\WINDOWS\system32\drivers\modem.sys
11:27:12.0801 0x0434 Modem - ok
11:27:12.0845 0x0434 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
11:27:12.0887 0x0434 monitor - ok
11:27:12.0924 0x0434 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
11:27:12.0938 0x0434 mouclass - ok
11:27:12.0980 0x0434 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
11:27:12.0992 0x0434 mouhid - ok
11:27:13.0002 0x0434 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
11:27:13.0014 0x0434 mountmgr - ok
11:27:13.0058 0x0434 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
11:27:13.0085 0x0434 mpsdrv - ok
11:27:13.0156 0x0434 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
11:27:13.0209 0x0434 MpsSvc - ok
11:27:13.0278 0x0434 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
11:27:13.0306 0x0434 MRxDAV - ok
11:27:13.0346 0x0434 [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:27:13.0369 0x0434 mrxsmb - ok
11:27:13.0387 0x0434 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:27:13.0406 0x0434 mrxsmb10 - ok
11:27:13.0426 0x0434 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:27:13.0464 0x0434 mrxsmb20 - ok
11:27:13.0481 0x0434 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
11:27:13.0510 0x0434 MsBridge - ok
11:27:13.0546 0x0434 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:27:13.0576 0x0434 MSDTC - ok
11:27:13.0607 0x0434 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:27:13.0636 0x0434 Msfs - ok
11:27:13.0673 0x0434 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:27:13.0686 0x0434 msgpiowin32 - ok
11:27:13.0719 0x0434 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:27:13.0747 0x0434 mshidkmdf - ok
11:27:13.0774 0x0434 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
11:27:13.0801 0x0434 mshidumdf - ok
11:27:13.0825 0x0434 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
11:27:13.0835 0x0434 msisadrv - ok
11:27:13.0873 0x0434 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
11:27:13.0911 0x0434 MSiSCSI - ok
11:27:13.0916 0x0434 msiserver - ok
11:27:13.0939 0x0434 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:27:13.0971 0x0434 MSKSSRV - ok
11:27:14.0009 0x0434 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
11:27:14.0024 0x0434 MsLldp - ok
11:27:14.0038 0x0434 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:27:14.0052 0x0434 MSPCLOCK - ok
11:27:14.0099 0x0434 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:27:14.0139 0x0434 MSPQM - ok
11:27:14.0208 0x0434 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
11:27:14.0241 0x0434 MsRPC - ok
11:27:14.0274 0x0434 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
11:27:14.0285 0x0434 mssmbios - ok
11:27:14.0304 0x0434 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:27:14.0339 0x0434 MSTEE - ok
11:27:14.0370 0x0434 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
11:27:14.0391 0x0434 MTConfig - ok
11:27:14.0437 0x0434 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\WINDOWS\system32\Drivers\mup.sys
11:27:14.0466 0x0434 Mup - ok
11:27:14.0492 0x0434 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
11:27:14.0503 0x0434 mvumis - ok
11:27:14.0545 0x0434 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\WINDOWS\system32\qagentRT.dll
11:27:14.0594 0x0434 napagent - ok
11:27:14.0653 0x0434 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:27:14.0683 0x0434 NativeWifiP - ok
11:27:14.0698 0x0434 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
11:27:14.0715 0x0434 NcaSvc - ok
11:27:14.0753 0x0434 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
11:27:14.0783 0x0434 NcdAutoSetup - ok
11:27:14.0854 0x0434 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
11:27:14.0901 0x0434 NDIS - ok
11:27:14.0918 0x0434 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
11:27:14.0945 0x0434 NdisCap - ok
11:27:14.0988 0x0434 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
11:27:15.0013 0x0434 NdisImPlatform - ok
11:27:15.0053 0x0434 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:27:15.0064 0x0434 NdisTapi - ok
11:27:15.0083 0x0434 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:27:15.0106 0x0434 Ndisuio - ok
11:27:15.0150 0x0434 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:27:15.0181 0x0434 NdisWan - ok
11:27:15.0192 0x0434 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:27:15.0209 0x0434 NDISWANLEGACY - ok
11:27:15.0274 0x0434 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:27:15.0318 0x0434 NDProxy - ok
11:27:15.0358 0x0434 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
11:27:15.0379 0x0434 Ndu - ok
11:27:15.0398 0x0434 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:27:15.0425 0x0434 NetBIOS - ok
11:27:15.0461 0x0434 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:27:15.0511 0x0434 NetBT - ok
11:27:15.0526 0x0434 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:27:15.0537 0x0434 Netlogon - ok
11:27:15.0589 0x0434 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\WINDOWS\System32\netman.dll
11:27:15.0630 0x0434 Netman - ok
11:27:15.0678 0x0434 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
11:27:15.0723 0x0434 netprofm - ok
11:27:15.0780 0x0434 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:27:15.0880 0x0434 NetTcpPortSharing - ok
11:27:15.0919 0x0434 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
11:27:15.0941 0x0434 nfrd960 - ok
11:27:15.0996 0x0434 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
11:27:16.0019 0x0434 NlaSvc - ok
11:27:16.0047 0x0434 [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd C:\WINDOWS\system32\drivers\ccdcmbx64.sys
11:27:16.0092 0x0434 nmwcd - ok
11:27:16.0131 0x0434 [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbox64.sys
11:27:16.0358 0x0434 nmwcdc - ok
11:27:16.0384 0x0434 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:27:16.0402 0x0434 Npfs - ok
11:27:16.0443 0x0434 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
11:27:16.0475 0x0434 npsvctrig - ok
11:27:16.0517 0x0434 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\WINDOWS\system32\nsisvc.dll
11:27:16.0554 0x0434 nsi - ok
11:27:16.0597 0x0434 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
11:27:16.0631 0x0434 nsiproxy - ok
11:27:16.0744 0x0434 [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:27:16.0810 0x0434 Ntfs - ok
11:27:16.0858 0x0434 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:27:16.0893 0x0434 Null - ok
11:27:16.0937 0x0434 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
11:27:16.0964 0x0434 nvraid - ok
11:27:16.0991 0x0434 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
11:27:17.0008 0x0434 nvstor - ok
11:27:17.0026 0x0434 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
11:27:17.0039 0x0434 nv_agp - ok
11:27:17.0111 0x0434 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:27:17.0133 0x0434 ose - ok
11:27:17.0358 0x0434 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:27:17.0486 0x0434 osppsvc - ok
11:27:17.0566 0x0434 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
11:27:17.0612 0x0434 p2pimsvc - ok
11:27:17.0646 0x0434 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\WINDOWS\system32\p2psvc.dll
11:27:17.0692 0x0434 p2psvc - ok
11:27:17.0728 0x0434 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\WINDOWS\System32\drivers\parport.sys
11:27:17.0759 0x0434 Parport - ok
11:27:17.0794 0x0434 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
11:27:17.0806 0x0434 partmgr - ok
11:27:17.0858 0x0434 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
11:27:17.0903 0x0434 PcaSvc - ok
11:27:17.0941 0x0434 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys
11:27:17.0974 0x0434 pccsmcfd - ok
11:27:18.0019 0x0434 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\WINDOWS\system32\drivers\pci.sys
11:27:18.0046 0x0434 pci - ok
11:27:18.0064 0x0434 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\WINDOWS\system32\drivers\pciide.sys
11:27:18.0074 0x0434 pciide - ok
11:27:18.0111 0x0434 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
11:27:18.0129 0x0434 pcmcia - ok
11:27:18.0168 0x0434 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\WINDOWS\system32\drivers\pcw.sys
11:27:18.0188 0x0434 pcw - ok
11:27:18.0232 0x0434 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\WINDOWS\system32\drivers\pdc.sys
11:27:18.0254 0x0434 pdc - ok
11:27:18.0316 0x0434 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
11:27:18.0353 0x0434 PEAUTH - ok
11:27:18.0489 0x0434 [ DF0D9BDCB600913F40FF125BF8CE1979, 63544C3CEAF47FEEB761FD25BCAE53610C7AD65B7B2295C49D72A7C3C78A376D ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
11:27:18.0611 0x0434 PeerDistSvc - ok
11:27:18.0719 0x0434 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
11:27:18.0756 0x0434 PerfHost - ok
11:27:18.0861 0x0434 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\WINDOWS\system32\pla.dll
11:27:18.0925 0x0434 pla - ok
11:27:18.0969 0x0434 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
11:27:18.0983 0x0434 PlugPlay - ok
11:27:19.0011 0x0434 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
11:27:19.0038 0x0434 PNRPAutoReg - ok
11:27:19.0070 0x0434 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
11:27:19.0090 0x0434 PNRPsvc - ok
11:27:19.0155 0x0434 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
11:27:19.0189 0x0434 PolicyAgent - ok
11:27:19.0229 0x0434 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\WINDOWS\system32\umpo.dll
11:27:19.0260 0x0434 Power - ok
11:27:19.0301 0x0434 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:27:19.0344 0x0434 PptpMiniport - ok
11:27:19.0610 0x0434 [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:27:19.0804 0x0434 PrintNotify - ok
11:27:19.0847 0x0434 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\WINDOWS\System32\drivers\processr.sys
11:27:19.0878 0x0434 Processor - ok
11:27:19.0924 0x0434 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
11:27:19.0943 0x0434 ProfSvc - ok
11:27:19.0983 0x0434 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
11:27:20.0020 0x0434 Psched - ok
11:27:20.0071 0x0434 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\WINDOWS\system32\qwave.dll
11:27:20.0102 0x0434 QWAVE - ok
11:27:20.0108 0x0434 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
11:27:20.0122 0x0434 QWAVEdrv - ok
11:27:20.0163 0x0434 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:27:20.0215 0x0434 RasAcd - ok
11:27:20.0240 0x0434 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
11:27:20.0283 0x0434 RasAgileVpn - ok
11:27:20.0321 0x0434 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:27:20.0373 0x0434 RasAuto - ok
11:27:20.0400 0x0434 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:27:20.0431 0x0434 Rasl2tp - ok
11:27:20.0491 0x0434 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:27:20.0533 0x0434 RasMan - ok
11:27:20.0570 0x0434 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:27:20.0587 0x0434 RasPppoe - ok
11:27:20.0601 0x0434 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
11:27:20.0618 0x0434 RasSstp - ok
11:27:20.0677 0x0434 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:27:20.0705 0x0434 rdbss - ok
11:27:20.0750 0x0434 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
11:27:20.0770 0x0434 rdpbus - ok
11:27:20.0783 0x0434 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
11:27:20.0801 0x0434 RDPDR - ok
11:27:20.0840 0x0434 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:27:20.0851 0x0434 RdpVideoMiniport - ok
11:27:20.0892 0x0434 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:27:20.0923 0x0434 RDPWD - ok
11:27:20.0945 0x0434 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
11:27:20.0963 0x0434 rdyboost - ok
11:27:21.0018 0x0434 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
11:27:21.0033 0x0434 RealNetworks Downloader Resolver Service - ok
11:27:21.0073 0x0434 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:27:21.0093 0x0434 RemoteAccess - ok
11:27:21.0117 0x0434 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:27:21.0154 0x0434 RemoteRegistry - ok
11:27:21.0197 0x0434 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
11:27:21.0236 0x0434 RFCOMM - ok
11:27:21.0267 0x0434 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
11:27:21.0290 0x0434 RpcEptMapper - ok
11:27:21.0325 0x0434 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:27:21.0339 0x0434 RpcLocator - ok
11:27:21.0408 0x0434 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:27:21.0440 0x0434 RpcSs - ok
11:27:21.0483 0x0434 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
11:27:21.0491 0x0434 RRNetCap - ok
11:27:21.0495 0x0434 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
11:27:21.0501 0x0434 RRNetCapMP - ok
11:27:21.0535 0x0434 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:27:21.0564 0x0434 rspndr - ok
11:27:21.0604 0x0434 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
11:27:21.0616 0x0434 s3cap - ok
11:27:21.0637 0x0434 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\WINDOWS\system32\lsass.exe
11:27:21.0649 0x0434 SamSs - ok
11:27:21.0687 0x0434 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
11:27:21.0701 0x0434 sbp2port - ok
11:27:21.0746 0x0434 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
11:27:22.0000 0x0434 SCardSvr - ok
11:27:22.0037 0x0434 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:27:22.0064 0x0434 scfilter - ok
11:27:22.0162 0x0434 [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:27:22.0231 0x0434 Schedule - ok
11:27:22.0275 0x0434 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
11:27:22.0291 0x0434 SCPolicySvc - ok
11:27:22.0322 0x0434 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
11:27:22.0340 0x0434 sdbus - ok
11:27:22.0385 0x0434 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
11:27:22.0414 0x0434 SDRSVC - ok
11:27:22.0520 0x0434 [ 206387AB881E93A1A6EB89966C8651F1, 3BF9DFF3E70F0787F7F94BE5B9717DFADD9E13AB8154FAE295CEAC834F0835E5 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:27:22.0553 0x0434 SDScannerService - ok
11:27:22.0597 0x0434 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
11:27:22.0615 0x0434 sdstor - ok
11:27:22.0708 0x0434 [ A529CFE32565C0B145578FFB2B32C9A5, 4B1596CBDDA74D510707FD475AAB3A89B1203E0B95ECAE3756CAA56555F9F66D ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:27:22.0747 0x0434 SDUpdateService - ok
11:27:22.0766 0x0434 [ CB63BDB77BB86549FC3303C2F11EDC18, 1C96C082B9CE08C8F3C088D5DE68BA8783E6F6A837A88E2654BC4CBCF7B81846 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:27:22.0776 0x0434 SDWSCService - ok
11:27:22.0811 0x0434 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
11:27:22.0831 0x0434 secdrv - ok
11:27:22.0875 0x0434 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\WINDOWS\system32\seclogon.dll
11:27:22.0909 0x0434 seclogon - ok
11:27:22.0951 0x0434 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\WINDOWS\System32\sens.dll
11:27:22.0989 0x0434 SENS - ok
11:27:23.0016 0x0434 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
11:27:23.0043 0x0434 SensrSvc - ok
11:27:23.0070 0x0434 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
11:27:23.0101 0x0434 SerCx - ok
11:27:23.0147 0x0434 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
11:27:23.0185 0x0434 Serenum - ok
11:27:23.0206 0x0434 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\WINDOWS\System32\drivers\serial.sys
11:27:23.0247 0x0434 Serial - ok
11:27:23.0273 0x0434 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
11:27:23.0298 0x0434 sermouse - ok
11:27:23.0442 0x0434 [ C3BB6CF8F9EE199005A2AAE2815AD756, 7A817599C2F3AD819D643223AA714CCCB790EE5983096D8D9CD2D626D6924837 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:27:23.0472 0x0434 ServiceLayer - ok
11:27:23.0529 0x0434 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\WINDOWS\system32\sessenv.dll
11:27:23.0580 0x0434 SessionEnv - ok
11:27:23.0627 0x0434 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
11:27:23.0647 0x0434 sfloppy - ok
11:27:23.0703 0x0434 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:27:23.0752 0x0434 SharedAccess - ok
11:27:23.0799 0x0434 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:27:23.0850 0x0434 ShellHWDetection - ok
11:27:23.0885 0x0434 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:27:23.0899 0x0434 SiSRaid2 - ok
11:27:23.0912 0x0434 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
11:27:23.0928 0x0434 SiSRaid4 - ok
11:27:23.0980 0x0434 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:27:23.0996 0x0434 SkypeUpdate - ok
11:27:24.0038 0x0434 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:27:24.0053 0x0434 SNMPTRAP - ok
11:27:24.0097 0x0434 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
11:27:24.0114 0x0434 spaceport - ok
11:27:24.0133 0x0434 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
11:27:24.0163 0x0434 SpbCx - ok
11:27:24.0224 0x0434 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\WINDOWS\System32\spoolsv.exe
11:27:24.0279 0x0434 Spooler - ok
11:27:24.0508 0x0434 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
11:27:24.0730 0x0434 sppsvc - ok
11:27:24.0763 0x0434 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:27:24.0803 0x0434 srv - ok
11:27:24.0854 0x0434 [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
11:27:24.0894 0x0434 srv2 - ok
11:27:24.0931 0x0434 [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:27:24.0965 0x0434 srvnet - ok
11:27:25.0005 0x0434 [ 2F4595C0AFA2152D67AAE594DC461509, 7CD0C856EC11362EDA45779696EA670DF0047070515DDBDA65C4741EC401CB59 ] SSCBFS3 C:\WINDOWS\System32\drivers\sscbfs3.sys
11:27:25.0020 0x0434 SSCBFS3 - ok
11:27:25.0080 0x0434 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:27:25.0111 0x0434 SSDPSRV - ok
11:27:25.0150 0x0434 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
11:27:25.0168 0x0434 SstpSvc - ok
11:27:25.0203 0x0434 [ B4C983DA20E2970E21893BF0E4EE2AD8, 473D0E5339A8914775A03F76A805DAD4727FC045E3984F85F54BB92D5214E06F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:27:25.0215 0x0434 ssudmdm - ok
11:27:25.0301 0x0434 [ 882E2063832AA21716D2C17F11BE4079, 8E2E20960B1D6A2E9C26AB1E1A7BD4571C12B04DD73BB0BA77A22111B78ACD37 ] Start8 C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
11:27:25.0333 0x0434 Start8 - ok
11:27:25.0366 0x0434 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
11:27:25.0378 0x0434 stexstor - ok
11:27:25.0432 0x0434 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\WINDOWS\System32\wiaservc.dll
11:27:25.0467 0x0434 stisvc - ok
11:27:25.0506 0x0434 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
11:27:25.0518 0x0434 storahci - ok
11:27:25.0550 0x0434 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
11:27:25.0563 0x0434 storflt - ok
11:27:25.0600 0x0434 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\WINDOWS\system32\storsvc.dll
11:27:25.0613 0x0434 StorSvc - ok
11:27:25.0648 0x0434 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
11:27:25.0659 0x0434 storvsc - ok
11:27:25.0705 0x0434 [ 1A36AC469140F87CDE62D7F8524E270C, B07086E0D844567FF0A880366EA8ED8042F8ED744E6AB1FD9539F360905A07F2 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
11:27:25.0731 0x0434 storvsp - ok
11:27:25.0769 0x0434 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\WINDOWS\system32\svsvc.dll
11:27:25.0788 0x0434 svsvc - ok
11:27:25.0803 0x0434 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\WINDOWS\System32\drivers\swenum.sys
11:27:25.0813 0x0434 swenum - ok
11:27:25.0916 0x0434 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:27:25.0947 0x0434 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
11:27:28.0388 0x0434 Detect skipped due to KSN trusted
11:27:28.0388 0x0434 SwitchBoard - ok
11:27:28.0491 0x0434 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\WINDOWS\System32\swprv.dll
11:27:28.0555 0x0434 swprv - ok
11:27:28.0650 0x0434 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\WINDOWS\system32\sysmain.dll
11:27:28.0720 0x0434 SysMain - ok
11:27:28.0772 0x0434 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:27:28.0798 0x0434 SystemEventsBroker - ok
11:27:28.0843 0x0434 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:27:28.0862 0x0434 TabletInputService - ok
11:27:28.0904 0x0434 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:27:28.0927 0x0434 TapiSrv - ok
11:27:28.0965 0x0434 [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
11:27:28.0979 0x0434 tbhsd - ok
11:27:29.0021 0x0434 [ BB7C91D0E97AA8126212838D32DCC83C, A32599E53AAAB21A5222B4BB261885FA3930AF968C1B17463920F6AD670668DE ] tclondrv C:\WINDOWS\system32\DRIVERS\tclondrv.sys
11:27:29.0035 0x0434 tclondrv - ok
11:27:29.0166 0x0434 [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
11:27:29.0258 0x0434 Tcpip - ok
11:27:29.0330 0x0434 [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:27:29.0404 0x0434 TCPIP6 - ok
11:27:29.0418 0x0434 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
11:27:29.0433 0x0434 tcpipreg - ok
11:27:29.0470 0x0434 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
11:27:29.0516 0x0434 tdx - ok
11:27:29.0554 0x0434 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
11:27:29.0568 0x0434 terminpt - ok
11:27:29.0649 0x0434 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\WINDOWS\System32\termsrv.dll
11:27:29.0700 0x0434 TermService - ok
11:27:29.0733 0x0434 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\WINDOWS\system32\themeservice.dll
11:27:29.0771 0x0434 Themes - ok
11:27:29.0803 0x0434 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
11:27:29.0826 0x0434 THREADORDER - ok
11:27:29.0870 0x0434 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
11:27:29.0897 0x0434 TimeBroker - ok
11:27:29.0935 0x0434 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
11:27:29.0950 0x0434 TPM - ok
11:27:29.0982 0x0434 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\WINDOWS\System32\trkwks.dll
11:27:30.0025 0x0434 TrkWks - ok
11:27:30.0075 0x0434 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
11:27:30.0103 0x0434 truecrypt - ok
11:27:30.0201 0x0434 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:27:30.0224 0x0434 TrustedInstaller - ok
11:27:30.0273 0x0434 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
11:27:30.0286 0x0434 TsUsbFlt - ok
11:27:30.0325 0x0434 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:27:30.0356 0x0434 TsUsbGD - ok
11:27:30.0384 0x0434 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
11:27:30.0403 0x0434 tunnel - ok
11:27:30.0424 0x0434 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
11:27:30.0436 0x0434 uagp35 - ok
11:27:30.0452 0x0434 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
11:27:30.0465 0x0434 UASPStor - ok
11:27:30.0507 0x0434 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
11:27:30.0524 0x0434 UCX01000 - ok
11:27:30.0563 0x0434 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
11:27:30.0599 0x0434 udfs - ok
11:27:30.0639 0x0434 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
11:27:30.0671 0x0434 UI0Detect - ok
11:27:30.0709 0x0434 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
11:27:30.0731 0x0434 uliagpkx - ok
11:27:30.0769 0x0434 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
11:27:30.0792 0x0434 umbus - ok
11:27:30.0809 0x0434 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
11:27:30.0839 0x0434 UmPass - ok
11:27:30.0875 0x0434 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
11:27:30.0907 0x0434 UmRdpService - ok
11:27:30.0951 0x0434 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
11:27:30.0964 0x0434 UnlockerDriver5 - ok
11:27:31.0030 0x0434 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:27:31.0063 0x0434 upnphost - ok
11:27:31.0099 0x0434 [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys
11:27:31.0117 0x0434 upperdev - ok
11:27:31.0148 0x0434 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
11:27:31.0173 0x0434 USBAAPL64 - ok
11:27:31.0214 0x0434 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
11:27:31.0246 0x0434 usbccgp - ok
11:27:31.0262 0x0434 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
11:27:31.0288 0x0434 usbcir - ok
11:27:31.0335 0x0434 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
11:27:31.0358 0x0434 usbehci - ok
11:27:31.0393 0x0434 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
11:27:31.0421 0x0434 usbhub - ok
11:27:31.0484 0x0434 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
11:27:31.0512 0x0434 USBHUB3 - ok
11:27:31.0548 0x0434 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
11:27:31.0582 0x0434 usbohci - ok
11:27:31.0617 0x0434 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
11:27:31.0637 0x0434 usbprint - ok
11:27:31.0671 0x0434 [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
11:27:31.0691 0x0434 usbscan - ok
11:27:31.0703 0x0434 [ 4E896888B2FDC694D8EF4462E1C58B78, D64F3A95C87DA3B523C4AD0A68410AE4B927767D1EA9A72EB082E1AFC1E37275 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
11:27:31.0715 0x0434 usbser - ok
11:27:31.0729 0x0434 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys
11:27:31.0747 0x0434 UsbserFilt - ok
11:27:31.0772 0x0434 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:27:31.0786 0x0434 USBSTOR - ok
11:27:31.0828 0x0434 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
11:27:31.0857 0x0434 usbuhci - ok
11:27:31.0898 0x0434 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
11:27:31.0916 0x0434 usbvideo - ok
11:27:31.0962 0x0434 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:27:31.0984 0x0434 USBXHCI - ok
11:27:32.0003 0x0434 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\WINDOWS\system32\lsass.exe
11:27:32.0016 0x0434 VaultSvc - ok
11:27:32.0055 0x0434 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
11:27:32.0075 0x0434 vdrvroot - ok
11:27:32.0146 0x0434 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\WINDOWS\System32\vds.exe
11:27:32.0181 0x0434 vds - ok
11:27:32.0189 0x0434 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
11:27:32.0202 0x0434 VerifierExt - ok
11:27:32.0262 0x0434 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
11:27:32.0291 0x0434 vhdmp - ok
11:27:32.0329 0x0434 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
11:27:32.0340 0x0434 viaide - ok
11:27:32.0384 0x0434 [ 0E43886F01C85B47BA0A3157274BCF59, C81E1841B1138D8C224FAF76258F7EB65145CCAF7938CA86CBADD8FFF79BA596 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
11:27:32.0429 0x0434 Vid - ok
11:27:32.0448 0x0434 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
11:27:32.0464 0x0434 vmbus - ok
11:27:32.0498 0x0434 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
11:27:32.0511 0x0434 VMBusHID - ok
11:27:32.0549 0x0434 [ B4F432A51826FFC66F4DF72A83E8E4B1, 2C6F4D477F91605A3685FCF9EC6EA798E74C6853CC91547A749E9C050E7C19E8 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
11:27:32.0564 0x0434 vmbusr - ok
11:27:32.0619 0x0434 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
11:27:32.0660 0x0434 vmicheartbeat - ok
11:27:32.0673 0x0434 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
11:27:32.0693 0x0434 vmickvpexchange - ok
11:27:32.0705 0x0434 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
11:27:32.0725 0x0434 vmicrdv - ok
11:27:32.0738 0x0434 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
11:27:32.0756 0x0434 vmicshutdown - ok
11:27:32.0769 0x0434 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
11:27:32.0788 0x0434 vmictimesync - ok
11:27:32.0802 0x0434 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\WINDOWS\System32\ICSvc.dll
11:27:32.0820 0x0434 vmicvss - ok
11:27:32.0860 0x0434 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
11:27:32.0873 0x0434 volmgr - ok
11:27:32.0924 0x0434 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
11:27:32.0948 0x0434 volmgrx - ok
11:27:32.0985 0x0434 [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
11:27:33.0007 0x0434 volsnap - ok
11:27:33.0051 0x0434 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
11:27:33.0074 0x0434 vpci - ok
11:27:33.0091 0x0434 [ 0190AFFF28F600461C0164353CC7EE27, D112DF69C9E629EC77FB95E7ACDDAAE24B5028C84454134BD26FEF9CC953AC0E ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
11:27:33.0119 0x0434 vpcivsp - ok
11:27:33.0153 0x0434 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
11:27:33.0167 0x0434 vsmraid - ok
11:27:33.0266 0x0434 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\WINDOWS\system32\vssvc.exe
11:27:33.0326 0x0434 VSS - ok
11:27:33.0381 0x0434 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
11:27:33.0410 0x0434 VSTXRAID - ok
11:27:33.0424 0x0434 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
11:27:33.0435 0x0434 vwifibus - ok
11:27:33.0451 0x0434 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
11:27:33.0463 0x0434 vwififlt - ok
11:27:33.0475 0x0434 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
11:27:33.0516 0x0434 vwifimp - ok
11:27:33.0573 0x0434 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\WINDOWS\system32\w32time.dll
11:27:33.0621 0x0434 W32Time - ok
11:27:33.0658 0x0434 [ FDA15A0510F84FA46452B74529147A15, DAF92C2B733311B767895175E27B671C80DC028EEB477C28E0209C6467E072D1 ] WacHidRouter C:\WINDOWS\System32\drivers\wachidrouter.sys
11:27:33.0665 0x0434 WacHidRouter - ok
11:27:33.0686 0x0434 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
11:27:33.0719 0x0434 WacomPen - ok
11:27:33.0745 0x0434 [ EABFDBDC9BEDD325F260A3A9FEE5B3F9, 496AD989DA6F500140FCDB88C65CECD4F306D3FBDAACE1D42C5312C1E321B9D1 ] wacomrouterfilter C:\WINDOWS\System32\drivers\wacomrouterfilter.sys
11:27:33.0751 0x0434 wacomrouterfilter - ok
11:27:33.0797 0x0434 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:27:33.0834 0x0434 Wanarp - ok
11:27:33.0843 0x0434 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:27:33.0861 0x0434 Wanarpv6 - ok
11:27:33.0962 0x0434 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\WINDOWS\system32\wbengine.exe
11:27:34.0048 0x0434 wbengine - ok
11:27:34.0086 0x0434 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
11:27:34.0126 0x0434 WbioSrvc - ok
11:27:34.0193 0x0434 [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
11:27:34.0397 0x0434 Wcmsvc - ok
11:27:34.0442 0x0434 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
11:27:34.0471 0x0434 wcncsvc - ok
11:27:34.0489 0x0434 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
11:27:34.0502 0x0434 WcsPlugInService - ok
11:27:34.0542 0x0434 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\WINDOWS\system32\drivers\wd.sys
11:27:34.0562 0x0434 Wd - ok
11:27:34.0608 0x0434 [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
11:27:34.0628 0x0434 WdBoot - ok
11:27:34.0705 0x0434 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
11:27:34.0743 0x0434 Wdf01000 - ok
11:27:34.0794 0x0434 [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
11:27:34.0820 0x0434 WdFilter - ok
11:27:34.0856 0x0434 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
11:27:34.0891 0x0434 WdiServiceHost - ok
11:27:34.0897 0x0434 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
11:27:34.0918 0x0434 WdiSystemHost - ok
11:27:34.0961 0x0434 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\WINDOWS\System32\webclnt.dll
11:27:34.0991 0x0434 WebClient - ok
11:27:35.0014 0x0434 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
11:27:35.0048 0x0434 Wecsvc - ok
11:27:35.0077 0x0434 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
11:27:35.0102 0x0434 wercplsupport - ok
11:27:35.0136 0x0434 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
11:27:35.0167 0x0434 WerSvc - ok
11:27:35.0207 0x0434 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
11:27:35.0231 0x0434 WFPLWFS - ok
11:27:35.0279 0x0434 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
11:27:35.0323 0x0434 WiaRpc - ok
11:27:35.0348 0x0434 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
11:27:35.0361 0x0434 WIMMount - ok
11:27:35.0397 0x0434 WinDefend - ok
11:27:35.0473 0x0434 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:27:35.0523 0x0434 WinHttpAutoProxySvc - ok
11:27:35.0614 0x0434 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:27:35.0663 0x0434 Winmgmt - ok
11:27:35.0806 0x0434 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:27:35.0954 0x0434 WinRM - ok
11:27:36.0003 0x0434 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
11:27:36.0043 0x0434 WinUsb - ok
11:27:36.0135 0x0434 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
11:27:36.0191 0x0434 WlanSvc - ok
11:27:36.0305 0x0434 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
11:27:36.0395 0x0434 wlidsvc - ok
11:27:36.0434 0x0434 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
11:27:36.0453 0x0434 WmiAcpi - ok
11:27:36.0506 0x0434 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:27:36.0532 0x0434 wmiApSrv - ok
11:27:36.0568 0x0434 WMPNetworkSvc - ok
11:27:36.0590 0x0434 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
11:27:36.0602 0x0434 wpcfltr - ok
11:27:36.0622 0x0434 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
11:27:36.0653 0x0434 WPCSvc - ok
11:27:36.0697 0x0434 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
11:27:36.0735 0x0434 WPDBusEnum - ok
11:27:36.0760 0x0434 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:27:36.0781 0x0434 WpdUpFltr - ok
11:27:36.0812 0x0434 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:27:36.0823 0x0434 ws2ifsl - ok
11:27:36.0863 0x0434 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
11:27:36.0879 0x0434 wscsvc - ok
11:27:36.0920 0x0434 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
11:27:36.0960 0x0434 WSDPrintDevice - ok
11:27:36.0991 0x0434 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
11:27:37.0051 0x0434 WSDScan - ok
11:27:37.0057 0x0434 WSearch - ok
11:27:37.0224 0x0434 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\WINDOWS\System32\WSService.dll
11:27:37.0334 0x0434 WSService - ok
11:27:37.0390 0x0434 [ FF3F745A22B0C9C2EF1600762E8858A1, A63A66537A5316963825A963F2A9EC2BEB68027EB3A2EF28DC2C936FF194915A ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
11:27:37.0411 0x0434 WTabletServiceCon - ok
11:27:37.0570 0x0434 [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
11:27:37.0725 0x0434 wuauserv - ok
11:27:37.0775 0x0434 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
11:27:37.0804 0x0434 WudfPf - ok
11:27:37.0831 0x0434 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
11:27:37.0865 0x0434 WUDFRd - ok
11:27:37.0875 0x0434 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:27:37.0890 0x0434 WUDFSensorLP - ok
11:27:37.0913 0x0434 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
11:27:37.0927 0x0434 wudfsvc - ok
11:27:37.0942 0x0434 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:27:37.0956 0x0434 WUDFWpdFs - ok
11:27:37.0968 0x0434 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:27:37.0986 0x0434 WUDFWpdMtp - ok
11:27:38.0042 0x0434 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
11:27:38.0082 0x0434 WwanSvc - ok
11:27:38.0136 0x0434 [ 537319A784278409FF5353515A39DE38, A69CB8B24861399E9C965A4432717A5F60A09B241160E4777DA14EB50485DA74 ] yukonw8 C:\WINDOWS\system32\DRIVERS\yk63x64.sys
11:27:38.0149 0x0434 yukonw8 - ok
11:27:38.0163 0x0434 ================ Scan global ===============================
11:27:38.0222 0x0434 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\WINDOWS\system32\basesrv.dll
11:27:38.0273 0x0434 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll
11:27:38.0284 0x0434 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
11:27:38.0337 0x0434 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\WINDOWS\system32\services.exe
11:27:38.0351 0x0434 [ Global ] - ok
11:27:38.0351 0x0434 ================ Scan MBR ==================================
11:27:38.0371 0x0434 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:27:39.0461 0x0434 \Device\Harddisk0\DR0 - ok
11:27:39.0466 0x0434 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:27:39.0931 0x0434 \Device\Harddisk1\DR1 - ok
11:27:39.0932 0x0434 ================ Scan VBR ==================================
11:27:40.0085 0x0434 [ 820EEFF5763B186E32E5261854C4E411 ] \Device\Harddisk0\DR0\Partition1
11:27:40.0096 0x0434 \Device\Harddisk0\DR0\Partition1 - ok
11:27:40.0109 0x0434 [ 5B054FB0321A87CF4312ABEABCB0DFC6 ] \Device\Harddisk0\DR0\Partition2
11:27:40.0111 0x0434 \Device\Harddisk0\DR0\Partition2 - ok
11:27:40.0117 0x0434 [ 679468958EAF69D7BAF921957BB6C2FA ] \Device\Harddisk1\DR1\Partition1
11:27:40.0217 0x0434 \Device\Harddisk1\DR1\Partition1 - ok
11:27:40.0218 0x0434 Waiting for KSN requests completion. In queue: 144
11:27:41.0218 0x0434 Waiting for KSN requests completion. In queue: 144
11:27:42.0219 0x0434 Waiting for KSN requests completion. In queue: 144
11:27:43.0340 0x0434 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
11:27:43.0389 0x0434 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
11:27:43.0417 0x0434 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
11:27:45.0796 0x0434 ============================================================
11:27:45.0796 0x0434 Scan finished
11:27:45.0796 0x0434 ============================================================
11:27:45.0810 0x1624 Detected object count: 0
11:27:45.0810 0x1624 Actual detected object count: 0
11:31:45.0274 0x1c3c ============================================================
11:31:45.0274 0x1c3c Scan started
11:31:45.0274 0x1c3c Mode: Manual; SigCheck; TDLFS;
11:31:45.0274 0x1c3c ============================================================
11:31:45.0274 0x1c3c KSN ping started
11:31:47.0649 0x1c3c KSN ping finished: true
11:31:48.0399 0x1c3c ================ Scan system memory ========================
11:31:48.0399 0x1c3c System memory - ok
11:31:48.0399 0x1c3c ================ Scan services =============================
11:31:48.0586 0x1c3c [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
11:31:48.0618 0x1c3c 1394ohci - ok
11:31:48.0633 0x1c3c [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
11:31:48.0649 0x1c3c 3ware - ok
11:31:48.0758 0x1c3c [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
11:31:48.0774 0x1c3c AAV UpdateService - ok
11:31:48.0852 0x1c3c [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
11:31:48.0868 0x1c3c ACPI - ok
11:31:48.0914 0x1c3c [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
11:31:48.0930 0x1c3c acpiex - ok
11:31:48.0961 0x1c3c [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
11:31:48.0977 0x1c3c acpipagr - ok
11:31:49.0008 0x1c3c [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
11:31:49.0024 0x1c3c AcpiPmi - ok
11:31:49.0055 0x1c3c [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
11:31:49.0071 0x1c3c acpitime - ok
11:31:49.0180 0x1c3c [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:31:49.0196 0x1c3c AdobeFlashPlayerUpdateSvc - ok
11:31:49.0274 0x1c3c [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
11:31:49.0305 0x1c3c adp94xx - ok
11:31:49.0352 0x1c3c [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
11:31:49.0368 0x1c3c adpahci - ok
11:31:49.0415 0x1c3c [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
11:31:49.0430 0x1c3c adpu320 - ok
11:31:49.0477 0x1c3c [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
11:31:49.0493 0x1c3c AeLookupSvc - ok
11:31:49.0571 0x1c3c [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\WINDOWS\system32\drivers\afd.sys
11:31:49.0586 0x1c3c AFD - ok
11:31:49.0618 0x1c3c [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
11:31:49.0618 0x1c3c agp440 - ok
11:31:49.0665 0x1c3c [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\WINDOWS\System32\alg.exe
11:31:49.0696 0x1c3c ALG - ok
11:31:49.0743 0x1c3c [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
11:31:49.0758 0x1c3c AllUserInstallAgent - ok
11:31:49.0805 0x1c3c [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
11:31:49.0821 0x1c3c AmdK8 - ok
11:31:50.0258 0x1c3c [ 8DC532B5BF820E48194C6AFC8862FCBC, AA8040A2EC9004FBED4B94166B2DD5A4F5BC835EBADD6199651C856A695AA3E1 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
11:31:50.0571 0x1c3c amdkmdag - ok
11:31:50.0649 0x1c3c [ AA48FEABA50C2DED9C485DFDBA044E40, AE52933B85494F51E4F1524489BEAC4C16F80D09BC8974D97F792D94EAD2A231 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
11:31:50.0696 0x1c3c amdkmdap - ok
11:31:50.0711 0x1c3c [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
11:31:50.0727 0x1c3c AmdPPM - ok
11:31:50.0758 0x1c3c [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
11:31:50.0774 0x1c3c amdsata - ok
11:31:50.0836 0x1c3c [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
11:31:50.0868 0x1c3c amdsbs - ok
11:31:50.0883 0x1c3c [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
11:31:50.0883 0x1c3c amdxata - ok
11:31:50.0930 0x1c3c [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\WINDOWS\system32\drivers\appid.sys
11:31:50.0961 0x1c3c AppID - ok
11:31:50.0993 0x1c3c [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
11:31:51.0024 0x1c3c AppIDSvc - ok
11:31:51.0055 0x1c3c [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\WINDOWS\System32\appinfo.dll
|
|
10.04.2014, 10:46
| #4 |
| | Keylogger? Passwort ausgespäht! TDSSKiller.3.0.0.30_10.04.2014_11.25.51_log [TEIL 2]: Code:
ATTFilter 11:31:51.0071 0x1c3c Appinfo - ok
11:31:51.0180 0x1c3c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:31:51.0196 0x1c3c Apple Mobile Device - ok
11:31:51.0227 0x1c3c [ 2D14788C5D0836292BEB27BBE109BE56, D032FDBD9E1708F77348655DE00DB395E38EB27A7EC3FB2EF3BA07D22CBC1402 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:31:51.0258 0x1c3c AppMgmt - ok
11:31:51.0290 0x1c3c [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\WINDOWS\system32\drivers\arc.sys
11:31:51.0321 0x1c3c arc - ok
11:31:51.0337 0x1c3c [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
11:31:51.0352 0x1c3c arcsas - ok
11:31:51.0352 0x1c3c [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:31:51.0368 0x1c3c AsyncMac - ok
11:31:51.0399 0x1c3c [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
11:31:51.0415 0x1c3c atapi - ok
11:31:51.0586 0x1c3c [ DECE3E2832F125A41A02FB59F4C54EEA, 2994024E5C295E9FDF4C6C0A8F2B17C07C158AD1567BEDA46A482C6C08F460BC ] athr C:\WINDOWS\system32\DRIVERS\athrx.sys
11:31:51.0680 0x1c3c athr - ok
11:31:51.0727 0x1c3c [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:31:51.0758 0x1c3c AudioEndpointBuilder - ok
11:31:51.0852 0x1c3c [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
11:31:51.0883 0x1c3c Audiosrv - ok
11:31:51.0977 0x1c3c [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] avp C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
11:31:52.0008 0x1c3c avp - ok
11:31:52.0055 0x1c3c [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
11:31:52.0071 0x1c3c AxInstSV - ok
11:31:52.0133 0x1c3c [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
11:31:52.0180 0x1c3c b06bdrv - ok
11:31:52.0212 0x1c3c [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:31:52.0227 0x1c3c BasicDisplay - ok
11:31:52.0274 0x1c3c [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
11:31:52.0290 0x1c3c BasicRender - ok
11:31:52.0430 0x1c3c [ 988D01E8AE8C80B413C5E01C89A1886E, 24CC3A984CAFBFE730BB6E45152E3B62B0E9D9704982E7144277A6750FBC5FC5 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
11:31:52.0493 0x1c3c BcmBtRSupport - ok
11:31:52.0524 0x1c3c [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\WINDOWS\System32\bdesvc.dll
11:31:52.0540 0x1c3c BDESVC - ok
11:31:52.0571 0x1c3c [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:31:52.0587 0x1c3c Beep - ok
11:31:52.0665 0x1c3c [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\WINDOWS\System32\bfe.dll
11:31:52.0680 0x1c3c BFE - ok
11:31:52.0743 0x1c3c [ 65608C44E71D7BA056C9EFCD8A00A7FE, A6B581A8354C7E2902AA1FFDD87C9465EFA2CD75A920CE3098E774292E4825CE ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
11:31:52.0774 0x1c3c BingDesktopUpdate - ok
11:31:52.0883 0x1c3c [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\WINDOWS\System32\qmgr.dll
11:31:53.0040 0x1c3c BITS - ok
11:31:53.0149 0x1c3c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:31:53.0165 0x1c3c Bonjour Service - ok
11:31:53.0180 0x1c3c [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
11:31:53.0196 0x1c3c bowser - ok
11:31:53.0243 0x1c3c [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:31:53.0274 0x1c3c BrokerInfrastructure - ok
11:31:53.0305 0x1c3c [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\WINDOWS\System32\browser.dll
11:31:53.0337 0x1c3c Browser - ok
11:31:53.0368 0x1c3c [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:31:53.0383 0x1c3c BthAvrcpTg - ok
11:31:53.0415 0x1c3c [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
11:31:53.0430 0x1c3c BthEnum - ok
11:31:53.0477 0x1c3c [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
11:31:53.0508 0x1c3c BthHFEnum - ok
11:31:53.0540 0x1c3c [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
11:31:53.0555 0x1c3c bthhfhid - ok
11:31:53.0571 0x1c3c [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
11:31:53.0587 0x1c3c BTHMODEM - ok
11:31:53.0633 0x1c3c [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
11:31:53.0665 0x1c3c BthPan - ok
11:31:53.0743 0x1c3c [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
11:31:53.0805 0x1c3c BTHPORT - ok
11:31:53.0837 0x1c3c [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\WINDOWS\system32\bthserv.dll
11:31:53.0852 0x1c3c bthserv - ok
11:31:53.0883 0x1c3c [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
11:31:53.0899 0x1c3c BTHUSB - ok
11:31:53.0946 0x1c3c [ D3848CBF21C75D46321838634B9442F9, 1BB0AD412371CD8DA89D952EFE9156516B720B56074581CD645512244421292E ] cbfs4 C:\WINDOWS\system32\drivers\cbfs4.sys
11:31:53.0962 0x1c3c cbfs4 - ok
11:31:54.0008 0x1c3c [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:31:54.0024 0x1c3c cdfs - ok
11:31:54.0040 0x1c3c [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
11:31:54.0055 0x1c3c cdrom - ok
11:31:54.0087 0x1c3c [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
11:31:54.0134 0x1c3c CertPropSvc - ok
11:31:54.0165 0x1c3c [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\WINDOWS\System32\drivers\circlass.sys
11:31:54.0180 0x1c3c circlass - ok
11:31:54.0212 0x1c3c [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
11:31:54.0227 0x1c3c CLFS - ok
11:31:54.0274 0x1c3c [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
11:31:54.0290 0x1c3c CmBatt - ok
11:31:54.0337 0x1c3c [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
11:31:54.0368 0x1c3c CNG - ok
11:31:54.0415 0x1c3c [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
11:31:54.0446 0x1c3c CompositeBus - ok
11:31:54.0446 0x1c3c COMSysApp - ok
11:31:54.0493 0x1c3c [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
11:31:54.0508 0x1c3c condrv - ok
11:31:54.0540 0x1c3c [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
11:31:54.0555 0x1c3c CryptSvc - ok
11:31:54.0618 0x1c3c [ F2C69C3D98249DE14D4B2832516D4FD5, 5F622A61A99202802B35532036CFCFDFB1FDEC32465BA8CCAB4C4FAFA336FC2A ] CSC C:\WINDOWS\system32\drivers\csc.sys
11:31:54.0633 0x1c3c CSC - ok
11:31:54.0712 0x1c3c [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4, 7F6F888CF4D7EF93144A791891E41858F7C0CDDC0B65ED09B9CD55EE3734FCCF ] CscService C:\WINDOWS\System32\cscsvc.dll
11:31:54.0727 0x1c3c CscService - ok
11:31:54.0774 0x1c3c [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\WINDOWS\system32\drivers\dam.sys
11:31:54.0790 0x1c3c dam - ok
11:31:54.0868 0x1c3c [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:31:54.0899 0x1c3c DcomLaunch - ok
11:31:54.0962 0x1c3c [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\WINDOWS\System32\defragsvc.dll
11:31:54.0977 0x1c3c defragsvc - ok
11:31:55.0040 0x1c3c [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:31:55.0071 0x1c3c DeviceAssociationService - ok
11:31:55.0118 0x1c3c [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
11:31:55.0133 0x1c3c DeviceInstall - ok
11:31:55.0180 0x1c3c [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
11:31:55.0180 0x1c3c Dfsc - ok
11:31:55.0244 0x1c3c [ 41AC348DBD378F618CB4FDEE54270692, A4080C9FF314F52C52E2207E5F7B745A003E931FA42E67E742D34477B5CC0166 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:31:55.0260 0x1c3c dg_ssudbus - ok
11:31:55.0322 0x1c3c [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
11:31:55.0369 0x1c3c Dhcp - ok
11:31:55.0400 0x1c3c [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\WINDOWS\system32\drivers\discache.sys
11:31:55.0431 0x1c3c discache - ok
11:31:55.0463 0x1c3c [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\WINDOWS\system32\drivers\disk.sys
11:31:55.0478 0x1c3c disk - ok
11:31:55.0510 0x1c3c [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
11:31:55.0541 0x1c3c dmvsc - ok
11:31:55.0588 0x1c3c [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:31:55.0619 0x1c3c Dnscache - ok
11:31:55.0666 0x1c3c [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
11:31:55.0682 0x1c3c dot3svc - ok
11:31:55.0728 0x1c3c [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\WINDOWS\system32\dps.dll
11:31:55.0760 0x1c3c DPS - ok
11:31:55.0791 0x1c3c [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:31:55.0807 0x1c3c drmkaud - ok
11:31:55.0853 0x1c3c [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
11:31:55.0885 0x1c3c DsmSvc - ok
11:31:55.0978 0x1c3c [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:31:56.0041 0x1c3c DXGKrnl - ok
11:31:56.0072 0x1c3c [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
11:31:56.0103 0x1c3c Eaphost - ok
11:31:56.0275 0x1c3c [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
11:31:56.0385 0x1c3c ebdrv - ok
11:31:56.0416 0x1c3c [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\WINDOWS\System32\lsass.exe
11:31:56.0432 0x1c3c EFS - ok
11:31:56.0541 0x1c3c [ 4B84E647C934EDFF7F28C4B91A5C0864, 909770C436273CFCE606F5FDE5D66AA2A826C85DF03F0CDDAED3D2300E3ADBF7 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
11:31:56.0557 0x1c3c ehRecvr - ok
11:31:56.0603 0x1c3c [ 72781EC7A97E44B9651550D7A83D1B96, E587687BF27DE23326EBFC9E38D461CCE10D3DDA35F7D586ED32A4788AE96718 ] ehSched C:\WINDOWS\ehome\ehsched.exe
11:31:56.0635 0x1c3c ehSched - ok
11:31:56.0666 0x1c3c [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
11:31:56.0682 0x1c3c EhStorClass - ok
11:31:56.0713 0x1c3c [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:31:56.0728 0x1c3c EhStorTcgDrv - ok
11:31:56.0744 0x1c3c [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
11:31:56.0760 0x1c3c ErrDev - ok
11:31:56.0838 0x1c3c [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\WINDOWS\system32\es.dll
11:31:56.0853 0x1c3c EventSystem - ok
11:31:56.0900 0x1c3c [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\WINDOWS\system32\drivers\exfat.sys
11:31:56.0932 0x1c3c exfat - ok
11:31:56.0947 0x1c3c [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
11:31:56.0963 0x1c3c fastfat - ok
11:31:57.0010 0x1c3c [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\WINDOWS\system32\fxssvc.exe
11:31:57.0041 0x1c3c Fax - ok
11:31:57.0057 0x1c3c [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
11:31:57.0088 0x1c3c fdc - ok
11:31:57.0119 0x1c3c [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
11:31:57.0135 0x1c3c fdPHost - ok
11:31:57.0182 0x1c3c [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
11:31:57.0197 0x1c3c FDResPub - ok
11:31:57.0244 0x1c3c [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\WINDOWS\system32\fhsvc.dll
11:31:57.0260 0x1c3c fhsvc - ok
11:31:57.0291 0x1c3c [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
11:31:57.0307 0x1c3c FileInfo - ok
11:31:57.0338 0x1c3c [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
11:31:57.0353 0x1c3c Filetrace - ok
11:31:57.0432 0x1c3c [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:31:57.0447 0x1c3c FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
11:31:57.0447 0x1c3c Detect skipped due to KSN trusted
11:31:57.0447 0x1c3c FLEXnet Licensing Service - ok
11:31:57.0478 0x1c3c [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
11:31:57.0510 0x1c3c flpydisk - ok
11:31:57.0572 0x1c3c [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:31:57.0603 0x1c3c FltMgr - ok
11:31:57.0713 0x1c3c [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\WINDOWS\system32\FntCache.dll
11:31:57.0744 0x1c3c FontCache - ok
11:31:57.0900 0x1c3c [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:31:57.0916 0x1c3c FontCache3.0.0.0 - ok
11:31:57.0932 0x1c3c [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
11:31:57.0947 0x1c3c FsDepends - ok
11:31:57.0979 0x1c3c [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:31:57.0994 0x1c3c Fs_Rec - ok
11:31:58.0041 0x1c3c [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:31:58.0057 0x1c3c fvevol - ok
11:31:58.0104 0x1c3c [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
11:31:58.0119 0x1c3c FxPPM - ok
11:31:58.0150 0x1c3c [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
11:31:58.0166 0x1c3c gagp30kx - ok
11:31:58.0197 0x1c3c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:31:58.0213 0x1c3c GEARAspiWDM - ok
11:31:58.0260 0x1c3c [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
11:31:58.0260 0x1c3c gencounter - ok
11:31:58.0307 0x1c3c [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:31:58.0338 0x1c3c GPIOClx0101 - ok
11:31:58.0400 0x1c3c [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
11:31:58.0447 0x1c3c gpsvc - ok
11:31:58.0510 0x1c3c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:31:58.0525 0x1c3c gupdate - ok
11:31:58.0541 0x1c3c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:31:58.0557 0x1c3c gupdatem - ok
11:31:58.0588 0x1c3c [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:31:58.0619 0x1c3c HdAudAddService - ok
11:31:58.0650 0x1c3c [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
11:31:58.0682 0x1c3c HDAudBus - ok
11:31:58.0822 0x1c3c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
11:31:58.0916 0x1c3c HECIx64 - ok
11:31:58.0947 0x1c3c [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
11:31:58.0963 0x1c3c HidBatt - ok
11:31:58.0994 0x1c3c [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
11:31:59.0025 0x1c3c HidBth - ok
11:31:59.0057 0x1c3c [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
11:31:59.0057 0x1c3c hidi2c - ok
11:31:59.0104 0x1c3c [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
11:31:59.0119 0x1c3c HidIr - ok
11:31:59.0150 0x1c3c [ 46BBE8EA221461A65F18A078528F4B2C, C0B0D35E2A6C750E5505156694F41F987AB548449F6C9DB1EEEAF12E5F146AD7 ] hidkmdf C:\WINDOWS\System32\drivers\hidkmdf.sys
11:31:59.0150 0x1c3c hidkmdf - ok
11:31:59.0197 0x1c3c [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\WINDOWS\system32\hidserv.dll
11:31:59.0197 0x1c3c hidserv - ok
11:31:59.0244 0x1c3c [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
11:31:59.0260 0x1c3c HidUsb - ok
11:31:59.0291 0x1c3c [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
11:31:59.0322 0x1c3c hkmsvc - ok
11:31:59.0354 0x1c3c [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:31:59.0369 0x1c3c HomeGroupListener - ok
11:31:59.0416 0x1c3c [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:31:59.0432 0x1c3c HomeGroupProvider - ok
11:31:59.0479 0x1c3c [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
11:31:59.0494 0x1c3c HpSAMD - ok
11:31:59.0572 0x1c3c [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
11:31:59.0604 0x1c3c HTTP - ok
11:31:59.0635 0x1c3c [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
11:31:59.0666 0x1c3c hwpolicy - ok
11:31:59.0697 0x1c3c [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
11:31:59.0713 0x1c3c hyperkbd - ok
11:31:59.0729 0x1c3c [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
11:31:59.0760 0x1c3c HyperVideo - ok
11:31:59.0775 0x1c3c [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
11:31:59.0807 0x1c3c i8042prt - ok
11:31:59.0854 0x1c3c [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
11:31:59.0869 0x1c3c iaStorV - ok
11:31:59.0900 0x1c3c [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
11:31:59.0916 0x1c3c iirsp - ok
11:32:00.0010 0x1c3c [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
11:32:00.0041 0x1c3c IKEEXT - ok
11:32:00.0088 0x1c3c [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
11:32:00.0104 0x1c3c intelide - ok
11:32:00.0150 0x1c3c [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
11:32:00.0166 0x1c3c intelppm - ok
11:32:00.0213 0x1c3c [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:32:00.0229 0x1c3c IpFilterDriver - ok
11:32:00.0322 0x1c3c [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
11:32:00.0354 0x1c3c iphlpsvc - ok
11:32:00.0369 0x1c3c [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:32:00.0385 0x1c3c IPMIDRV - ok
11:32:00.0416 0x1c3c [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
11:32:00.0432 0x1c3c IPNAT - ok
11:32:00.0510 0x1c3c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:32:00.0541 0x1c3c iPod Service - ok
11:32:00.0572 0x1c3c [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
11:32:00.0588 0x1c3c IRENUM - ok
11:32:00.0635 0x1c3c [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
11:32:00.0650 0x1c3c isapnp - ok
11:32:00.0697 0x1c3c [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
11:32:00.0713 0x1c3c iScsiPrt - ok
11:32:00.0744 0x1c3c [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb C:\WINDOWS\System32\drivers\ivusb.sys
11:32:00.0760 0x1c3c ivusb - ok
11:32:00.0791 0x1c3c [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
11:32:00.0807 0x1c3c kbdclass - ok
11:32:00.0838 0x1c3c [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
11:32:00.0854 0x1c3c kbdhid - ok
11:32:00.0869 0x1c3c [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
11:32:00.0869 0x1c3c kdnic - ok
11:32:00.0885 0x1c3c [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\WINDOWS\system32\lsass.exe
11:32:00.0900 0x1c3c KeyIso - ok
11:32:00.0932 0x1c3c [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
11:32:00.0963 0x1c3c kl1 - ok
11:32:00.0979 0x1c3c [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
11:32:00.0979 0x1c3c klelam - ok
11:32:01.0072 0x1c3c [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
11:32:01.0088 0x1c3c klflt - ok
11:32:01.0150 0x1c3c [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
11:32:01.0182 0x1c3c KLIF - ok
11:32:01.0229 0x1c3c [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
11:32:01.0244 0x1c3c KLIM6 - ok
11:32:01.0275 0x1c3c [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
11:32:01.0275 0x1c3c klkbdflt - ok
11:32:01.0291 0x1c3c [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
11:32:01.0307 0x1c3c klmouflt - ok
11:32:01.0338 0x1c3c [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
11:32:01.0354 0x1c3c klpd - ok
11:32:01.0385 0x1c3c [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
11:32:01.0400 0x1c3c klwfp - ok
11:32:01.0432 0x1c3c [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
11:32:01.0447 0x1c3c kneps - ok
11:32:01.0494 0x1c3c [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
11:32:01.0510 0x1c3c KSecDD - ok
11:32:01.0557 0x1c3c [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:32:01.0572 0x1c3c KSecPkg - ok
11:32:01.0604 0x1c3c [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
11:32:01.0619 0x1c3c ksthunk - ok
11:32:01.0682 0x1c3c [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
11:32:01.0713 0x1c3c KtmRm - ok
11:32:01.0775 0x1c3c [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
11:32:01.0807 0x1c3c LanmanServer - ok
11:32:01.0838 0x1c3c [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:32:01.0854 0x1c3c LanmanWorkstation - ok
11:32:01.0869 0x1c3c [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
11:32:01.0885 0x1c3c lltdio - ok
11:32:01.0932 0x1c3c [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
11:32:01.0963 0x1c3c lltdsvc - ok
11:32:01.0979 0x1c3c [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
11:32:02.0010 0x1c3c lmhosts - ok
11:32:02.0057 0x1c3c [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
11:32:02.0072 0x1c3c LSI_SAS - ok
11:32:02.0119 0x1c3c [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
11:32:02.0135 0x1c3c LSI_SAS2 - ok
11:32:02.0151 0x1c3c [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
11:32:02.0166 0x1c3c LSI_SCSI - ok
11:32:02.0197 0x1c3c [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
11:32:02.0197 0x1c3c LSI_SSS - ok
11:32:02.0276 0x1c3c [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\WINDOWS\System32\lsm.dll
11:32:02.0291 0x1c3c LSM - ok
11:32:02.0338 0x1c3c [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
11:32:02.0385 0x1c3c luafv - ok
11:32:02.0401 0x1c3c [ 4448CCEA974F0B15A00EA33FCEDFC062, EAA5B156480F6F5B11D4B358489714AF7DB77EB58B841BF0AC284A17B4288CC9 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
11:32:02.0416 0x1c3c Mcx2Svc - ok
11:32:02.0432 0x1c3c [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
11:32:02.0447 0x1c3c megasas - ok
11:32:02.0510 0x1c3c [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
11:32:02.0541 0x1c3c MegaSR - ok
11:32:02.0604 0x1c3c Microsoft SharePoint Workspace Audit Service - ok
11:32:02.0635 0x1c3c [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\WINDOWS\system32\mmcss.dll
11:32:02.0635 0x1c3c MMCSS - ok
11:32:02.0666 0x1c3c [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\WINDOWS\system32\drivers\modem.sys
11:32:02.0682 0x1c3c Modem - ok
11:32:02.0729 0x1c3c [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
11:32:02.0744 0x1c3c monitor - ok
11:32:02.0776 0x1c3c [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
11:32:02.0791 0x1c3c mouclass - ok
11:32:02.0822 0x1c3c [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
11:32:02.0854 0x1c3c mouhid - ok
11:32:02.0869 0x1c3c [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
11:32:02.0869 0x1c3c mountmgr - ok
11:32:02.0916 0x1c3c [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
11:32:02.0932 0x1c3c mpsdrv - ok
11:32:02.0979 0x1c3c [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
11:32:03.0010 0x1c3c MpsSvc - ok
11:32:03.0072 0x1c3c [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
11:32:03.0104 0x1c3c MRxDAV - ok
11:32:03.0135 0x1c3c [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:32:03.0151 0x1c3c mrxsmb - ok
11:32:03.0182 0x1c3c [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:32:03.0197 0x1c3c mrxsmb10 - ok
11:32:03.0213 0x1c3c [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:32:03.0229 0x1c3c mrxsmb20 - ok
11:32:03.0244 0x1c3c [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
11:32:03.0276 0x1c3c MsBridge - ok
11:32:03.0307 0x1c3c [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:32:03.0322 0x1c3c MSDTC - ok
11:32:03.0354 0x1c3c [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:32:03.0369 0x1c3c Msfs - ok
11:32:03.0401 0x1c3c [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:32:03.0416 0x1c3c msgpiowin32 - ok
11:32:03.0447 0x1c3c [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:32:03.0463 0x1c3c mshidkmdf - ok
11:32:03.0494 0x1c3c [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
11:32:03.0494 0x1c3c mshidumdf - ok
11:32:03.0526 0x1c3c [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
11:32:03.0526 0x1c3c msisadrv - ok
11:32:03.0572 0x1c3c [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
11:32:03.0572 0x1c3c MSiSCSI - ok
11:32:03.0588 0x1c3c msiserver - ok
11:32:03.0604 0x1c3c [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:32:03.0604 0x1c3c MSKSSRV - ok
11:32:03.0619 0x1c3c [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
11:32:03.0635 0x1c3c MsLldp - ok
11:32:03.0651 0x1c3c [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:32:03.0666 0x1c3c MSPCLOCK - ok
11:32:03.0697 0x1c3c [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:32:03.0713 0x1c3c MSPQM - ok
11:32:03.0744 0x1c3c [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
11:32:03.0776 0x1c3c MsRPC - ok
11:32:03.0791 0x1c3c [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
11:32:03.0807 0x1c3c mssmbios - ok
11:32:03.0823 0x1c3c [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:32:03.0823 0x1c3c MSTEE - ok
11:32:03.0869 0x1c3c [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
11:32:03.0885 0x1c3c MTConfig - ok
11:32:03.0932 0x1c3c [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\WINDOWS\system32\Drivers\mup.sys
11:32:03.0947 0x1c3c Mup - ok
11:32:03.0963 0x1c3c [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
11:32:03.0979 0x1c3c mvumis - ok
11:32:04.0010 0x1c3c [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\WINDOWS\system32\qagentRT.dll
11:32:04.0041 0x1c3c napagent - ok
11:32:04.0088 0x1c3c [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:32:04.0119 0x1c3c NativeWifiP - ok
11:32:04.0135 0x1c3c [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
11:32:04.0151 0x1c3c NcaSvc - ok
11:32:04.0197 0x1c3c [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
11:32:04.0213 0x1c3c NcdAutoSetup - ok
11:32:04.0307 0x1c3c [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
11:32:04.0354 0x1c3c NDIS - ok
11:32:04.0432 0x1c3c [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
11:32:04.0463 0x1c3c NdisCap - ok
11:32:04.0494 0x1c3c [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
11:32:04.0510 0x1c3c NdisImPlatform - ok
11:32:04.0557 0x1c3c [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:32:04.0572 0x1c3c NdisTapi - ok
11:32:04.0588 0x1c3c [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:32:04.0604 0x1c3c Ndisuio - ok
11:32:04.0651 0x1c3c [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:32:04.0666 0x1c3c NdisWan - ok
11:32:04.0682 0x1c3c [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:32:04.0698 0x1c3c NDISWANLEGACY - ok
11:32:04.0744 0x1c3c [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:32:04.0760 0x1c3c NDProxy - ok
11:32:04.0791 0x1c3c [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
11:32:04.0807 0x1c3c Ndu - ok
11:32:04.0823 0x1c3c [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:32:04.0838 0x1c3c NetBIOS - ok
11:32:04.0869 0x1c3c [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:32:04.0885 0x1c3c NetBT - ok
11:32:04.0901 0x1c3c [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:32:04.0916 0x1c3c Netlogon - ok
11:32:04.0963 0x1c3c [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\WINDOWS\System32\netman.dll
11:32:04.0994 0x1c3c Netman - ok
11:32:05.0041 0x1c3c [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
11:32:05.0057 0x1c3c netprofm - ok
11:32:05.0119 0x1c3c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:32:05.0151 0x1c3c NetTcpPortSharing - ok
11:32:05.0182 0x1c3c [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
11:32:05.0182 0x1c3c nfrd960 - ok
11:32:05.0229 0x1c3c [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
11:32:05.0260 0x1c3c NlaSvc - ok
11:32:05.0291 0x1c3c [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd C:\WINDOWS\system32\drivers\ccdcmbx64.sys
11:32:05.0307 0x1c3c nmwcd - ok
11:32:05.0354 0x1c3c [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbox64.sys
11:32:05.0385 0x1c3c nmwcdc - ok
11:32:05.0401 0x1c3c [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:32:05.0416 0x1c3c Npfs - ok
11:32:05.0463 0x1c3c [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
11:32:05.0479 0x1c3c npsvctrig - ok
11:32:05.0526 0x1c3c [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\WINDOWS\system32\nsisvc.dll
11:32:05.0526 0x1c3c nsi - ok
11:32:05.0588 0x1c3c [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
11:32:05.0604 0x1c3c nsiproxy - ok
11:32:05.0698 0x1c3c [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:32:05.0760 0x1c3c Ntfs - ok
11:32:05.0807 0x1c3c [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:32:05.0823 0x1c3c Null - ok
11:32:05.0869 0x1c3c [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
11:32:05.0901 0x1c3c nvraid - ok
11:32:05.0916 0x1c3c [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
11:32:05.0932 0x1c3c nvstor - ok
11:32:05.0948 0x1c3c [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
11:32:05.0963 0x1c3c nv_agp - ok
11:32:06.0041 0x1c3c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:06.0057 0x1c3c ose - ok
11:32:06.0307 0x1c3c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:32:06.0432 0x1c3c osppsvc - ok
11:32:06.0510 0x1c3c [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
11:32:06.0526 0x1c3c p2pimsvc - ok
11:32:06.0557 0x1c3c [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\WINDOWS\system32\p2psvc.dll
11:32:06.0573 0x1c3c p2psvc - ok
11:32:06.0604 0x1c3c [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\WINDOWS\System32\drivers\parport.sys
11:32:06.0619 0x1c3c Parport - ok
11:32:06.0666 0x1c3c [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
11:32:06.0682 0x1c3c partmgr - ok
11:32:06.0729 0x1c3c [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
11:32:06.0760 0x1c3c PcaSvc - ok
11:32:06.0791 0x1c3c [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys
11:32:06.0807 0x1c3c pccsmcfd - ok
11:32:06.0838 0x1c3c [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\WINDOWS\system32\drivers\pci.sys
11:32:06.0854 0x1c3c pci - ok
11:32:06.0870 0x1c3c [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\WINDOWS\system32\drivers\pciide.sys
11:32:06.0870 0x1c3c pciide - ok
11:32:06.0916 0x1c3c [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
11:32:06.0948 0x1c3c pcmcia - ok
11:32:06.0979 0x1c3c [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\WINDOWS\system32\drivers\pcw.sys
11:32:06.0994 0x1c3c pcw - ok
11:32:07.0041 0x1c3c [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\WINDOWS\system32\drivers\pdc.sys
11:32:07.0057 0x1c3c pdc - ok
11:32:07.0135 0x1c3c [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
11:32:07.0166 0x1c3c PEAUTH - ok
11:32:07.0291 0x1c3c [ DF0D9BDCB600913F40FF125BF8CE1979, 63544C3CEAF47FEEB761FD25BCAE53610C7AD65B7B2295C49D72A7C3C78A376D ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
11:32:07.0369 0x1c3c PeerDistSvc - ok
11:32:07.0479 0x1c3c [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
11:32:07.0495 0x1c3c PerfHost - ok
11:32:07.0588 0x1c3c [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\WINDOWS\system32\pla.dll
11:32:07.0651 0x1c3c pla - ok
11:32:07.0698 0x1c3c [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
11:32:07.0729 0x1c3c PlugPlay - ok
11:32:07.0776 0x1c3c [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
11:32:07.0807 0x1c3c PNRPAutoReg - ok
11:32:07.0838 0x1c3c [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
11:32:07.0854 0x1c3c PNRPsvc - ok
11:32:07.0901 0x1c3c [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
11:32:07.0932 0x1c3c PolicyAgent - ok
11:32:07.0979 0x1c3c [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\WINDOWS\system32\umpo.dll
11:32:07.0995 0x1c3c Power - ok
11:32:08.0026 0x1c3c [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:32:08.0057 0x1c3c PptpMiniport - ok
11:32:08.0246 0x1c3c [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:32:08.0308 0x1c3c PrintNotify - ok
11:32:08.0355 0x1c3c [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\WINDOWS\System32\drivers\processr.sys
11:32:08.0371 0x1c3c Processor - ok
11:32:08.0402 0x1c3c [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
11:32:08.0418 0x1c3c ProfSvc - ok
11:32:08.0464 0x1c3c [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
11:32:08.0480 0x1c3c Psched - ok
11:32:08.0527 0x1c3c [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\WINDOWS\system32\qwave.dll
11:32:08.0543 0x1c3c QWAVE - ok
11:32:08.0543 0x1c3c [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
11:32:08.0558 0x1c3c QWAVEdrv - ok
11:32:08.0605 0x1c3c [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:32:08.0621 0x1c3c RasAcd - ok
11:32:08.0636 0x1c3c [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
11:32:08.0668 0x1c3c RasAgileVpn - ok
11:32:08.0699 0x1c3c [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:32:08.0730 0x1c3c RasAuto - ok
11:32:08.0746 0x1c3c [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:32:08.0761 0x1c3c Rasl2tp - ok
11:32:08.0824 0x1c3c [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:32:08.0855 0x1c3c RasMan - ok
11:32:08.0902 0x1c3c [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:32:08.0933 0x1c3c RasPppoe - ok
11:32:08.0933 0x1c3c [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
11:32:08.0949 0x1c3c RasSstp - ok
11:32:09.0011 0x1c3c [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:32:09.0043 0x1c3c rdbss - ok
11:32:09.0074 0x1c3c [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
11:32:09.0089 0x1c3c rdpbus - ok
11:32:09.0105 0x1c3c [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
11:32:09.0105 0x1c3c RDPDR - ok
11:32:09.0152 0x1c3c [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:32:09.0199 0x1c3c RdpVideoMiniport - ok
11:32:09.0261 0x1c3c [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:32:09.0293 0x1c3c RDPWD - ok
11:32:09.0324 0x1c3c [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
11:32:09.0339 0x1c3c rdyboost - ok
11:32:09.0386 0x1c3c [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
11:32:09.0402 0x1c3c RealNetworks Downloader Resolver Service - ok
11:32:09.0449 0x1c3c [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:32:09.0480 0x1c3c RemoteAccess - ok
11:32:09.0496 0x1c3c [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:32:09.0527 0x1c3c RemoteRegistry - ok
11:32:09.0558 0x1c3c [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
11:32:09.0574 0x1c3c RFCOMM - ok
11:32:09.0621 0x1c3c [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
11:32:09.0621 0x1c3c RpcEptMapper - ok
11:32:09.0668 0x1c3c [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:32:09.0668 0x1c3c RpcLocator - ok
11:32:09.0730 0x1c3c [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:32:09.0761 0x1c3c RpcSs - ok
11:32:09.0808 0x1c3c [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
11:32:09.0824 0x1c3c RRNetCap - ok
11:32:09.0824 0x1c3c [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
11:32:09.0839 0x1c3c RRNetCapMP - ok
11:32:09.0933 0x1c3c [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:32:09.0964 0x1c3c rspndr - ok
11:32:10.0011 0x1c3c [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
11:32:10.0027 0x1c3c s3cap - ok
11:32:10.0043 0x1c3c [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\WINDOWS\system32\lsass.exe
11:32:10.0058 0x1c3c SamSs - ok
11:32:10.0105 0x1c3c [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
11:32:10.0121 0x1c3c sbp2port - ok
11:32:10.0168 0x1c3c [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
11:32:10.0183 0x1c3c SCardSvr - ok
11:32:10.0230 0x1c3c [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:32:10.0246 0x1c3c scfilter - ok
11:32:10.0340 0x1c3c [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:32:10.0386 0x1c3c Schedule - ok
11:32:10.0418 0x1c3c [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
11:32:10.0449 0x1c3c SCPolicySvc - ok
11:32:10.0496 0x1c3c [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
11:32:10.0511 0x1c3c sdbus - ok
11:32:10.0590 0x1c3c [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
11:32:10.0605 0x1c3c SDRSVC - ok
11:32:10.0730 0x1c3c [ 206387AB881E93A1A6EB89966C8651F1, 3BF9DFF3E70F0787F7F94BE5B9717DFADD9E13AB8154FAE295CEAC834F0835E5 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:32:10.0761 0x1c3c SDScannerService - ok
11:32:10.0808 0x1c3c [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
11:32:10.0808 0x1c3c sdstor - ok
11:32:10.0902 0x1c3c [ A529CFE32565C0B145578FFB2B32C9A5, 4B1596CBDDA74D510707FD475AAB3A89B1203E0B95ECAE3756CAA56555F9F66D ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:32:10.0949 0x1c3c SDUpdateService - ok
11:32:10.0964 0x1c3c [ CB63BDB77BB86549FC3303C2F11EDC18, 1C96C082B9CE08C8F3C088D5DE68BA8783E6F6A837A88E2654BC4CBCF7B81846 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:32:10.0980 0x1c3c SDWSCService - ok
11:32:11.0011 0x1c3c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
11:32:11.0027 0x1c3c secdrv - ok
11:32:11.0074 0x1c3c [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\WINDOWS\system32\seclogon.dll
11:32:11.0089 0x1c3c seclogon - ok
11:32:11.0121 0x1c3c [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\WINDOWS\System32\sens.dll
11:32:11.0136 0x1c3c SENS - ok
11:32:11.0152 0x1c3c [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
11:32:11.0168 0x1c3c SensrSvc - ok
11:32:11.0183 0x1c3c [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
11:32:11.0199 0x1c3c SerCx - ok
11:32:11.0246 0x1c3c [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
11:32:11.0261 0x1c3c Serenum - ok
11:32:11.0277 0x1c3c [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\WINDOWS\System32\drivers\serial.sys
11:32:11.0293 0x1c3c Serial - ok
11:32:11.0308 0x1c3c [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
11:32:11.0324 0x1c3c sermouse - ok
11:32:11.0433 0x1c3c [ C3BB6CF8F9EE199005A2AAE2815AD756, 7A817599C2F3AD819D643223AA714CCCB790EE5983096D8D9CD2D626D6924837 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:32:11.0449 0x1c3c ServiceLayer - ok
11:32:11.0511 0x1c3c [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\WINDOWS\system32\sessenv.dll
11:32:11.0527 0x1c3c SessionEnv - ok
11:32:11.0574 0x1c3c [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
11:32:11.0590 0x1c3c sfloppy - ok
11:32:11.0636 0x1c3c [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:32:11.0668 0x1c3c SharedAccess - ok
11:32:11.0730 0x1c3c [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:32:11.0761 0x1c3c ShellHWDetection - ok
11:32:11.0793 0x1c3c [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:32:11.0808 0x1c3c SiSRaid2 - ok
11:32:11.0824 0x1c3c [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
11:32:11.0840 0x1c3c SiSRaid4 - ok
11:32:11.0886 0x1c3c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:32:11.0918 0x1c3c SkypeUpdate - ok
11:32:11.0949 0x1c3c [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:32:11.0980 0x1c3c SNMPTRAP - ok
11:32:12.0043 0x1c3c [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
11:32:12.0058 0x1c3c spaceport - ok
11:32:12.0090 0x1c3c [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
11:32:12.0090 0x1c3c SpbCx - ok
11:32:12.0152 0x1c3c [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\WINDOWS\System32\spoolsv.exe
11:32:12.0183 0x1c3c Spooler - ok
11:32:12.0402 0x1c3c [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
11:32:12.0543 0x1c3c sppsvc - ok
11:32:12.0590 0x1c3c [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:32:12.0605 0x1c3c srv - ok
11:32:12.0652 0x1c3c [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
11:32:12.0699 0x1c3c srv2 - ok
11:32:12.0746 0x1c3c [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:32:12.0777 0x1c3c srvnet - ok
11:32:12.0808 0x1c3c [ 2F4595C0AFA2152D67AAE594DC461509, 7CD0C856EC11362EDA45779696EA670DF0047070515DDBDA65C4741EC401CB59 ] SSCBFS3 C:\WINDOWS\System32\drivers\sscbfs3.sys
11:32:12.0824 0x1c3c SSCBFS3 - ok
11:32:12.0871 0x1c3c [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:32:12.0902 0x1c3c SSDPSRV - ok
11:32:12.0949 0x1c3c [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
11:32:12.0965 0x1c3c SstpSvc - ok
11:32:13.0011 0x1c3c [ B4C983DA20E2970E21893BF0E4EE2AD8, 473D0E5339A8914775A03F76A805DAD4727FC045E3984F85F54BB92D5214E06F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:32:13.0011 0x1c3c ssudmdm - ok
11:32:13.0105 0x1c3c [ 882E2063832AA21716D2C17F11BE4079, 8E2E20960B1D6A2E9C26AB1E1A7BD4571C12B04DD73BB0BA77A22111B78ACD37 ] Start8 C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
11:32:13.0121 0x1c3c Start8 - ok
11:32:13.0183 0x1c3c [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
11:32:13.0199 0x1c3c stexstor - ok
11:32:13.0261 0x1c3c [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\WINDOWS\System32\wiaservc.dll
11:32:13.0277 0x1c3c stisvc - ok
11:32:13.0324 0x1c3c [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
11:32:13.0340 0x1c3c storahci - ok
11:32:13.0387 0x1c3c [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
11:32:13.0418 0x1c3c storflt - ok
11:32:13.0449 0x1c3c [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\WINDOWS\system32\storsvc.dll
11:32:13.0465 0x1c3c StorSvc - ok
11:32:13.0496 0x1c3c [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
11:32:13.0511 0x1c3c storvsc - ok
11:32:13.0543 0x1c3c [ 1A36AC469140F87CDE62D7F8524E270C, B07086E0D844567FF0A880366EA8ED8042F8ED744E6AB1FD9539F360905A07F2 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
11:32:13.0558 0x1c3c storvsp - ok
11:32:13.0590 0x1c3c [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\WINDOWS\system32\svsvc.dll
11:32:13.0605 0x1c3c svsvc - ok
11:32:13.0621 0x1c3c [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\WINDOWS\System32\drivers\swenum.sys
11:32:13.0621 0x1c3c swenum - ok
11:32:13.0730 0x1c3c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:32:13.0761 0x1c3c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
11:32:13.0761 0x1c3c Detect skipped due to KSN trusted
11:32:13.0761 0x1c3c SwitchBoard - ok
11:32:13.0808 0x1c3c [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\WINDOWS\System32\swprv.dll
11:32:13.0840 0x1c3c swprv - ok
11:32:13.0933 0x1c3c [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\WINDOWS\system32\sysmain.dll
11:32:13.0980 0x1c3c SysMain - ok
11:32:14.0027 0x1c3c [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:32:14.0043 0x1c3c SystemEventsBroker - ok
11:32:14.0074 0x1c3c [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:32:14.0090 0x1c3c TabletInputService - ok
11:32:14.0152 0x1c3c [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:32:14.0168 0x1c3c TapiSrv - ok
11:32:14.0199 0x1c3c [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
11:32:14.0215 0x1c3c tbhsd - ok
11:32:14.0246 0x1c3c [ BB7C91D0E97AA8126212838D32DCC83C, A32599E53AAAB21A5222B4BB261885FA3930AF968C1B17463920F6AD670668DE ] tclondrv C:\WINDOWS\system32\DRIVERS\tclondrv.sys
11:32:14.0262 0x1c3c tclondrv - ok
11:32:14.0355 0x1c3c [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
11:32:14.0433 0x1c3c Tcpip - ok
11:32:14.0512 0x1c3c [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:32:14.0590 0x1c3c TCPIP6 - ok
11:32:14.0605 0x1c3c [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
11:32:14.0621 0x1c3c tcpipreg - ok
11:32:14.0652 0x1c3c [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
11:32:14.0668 0x1c3c tdx - ok
11:32:14.0699 0x1c3c [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
11:32:14.0715 0x1c3c terminpt - ok
11:32:14.0793 0x1c3c [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\WINDOWS\System32\termsrv.dll
11:32:14.0808 0x1c3c TermService - ok
11:32:14.0855 0x1c3c [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\WINDOWS\system32\themeservice.dll
11:32:14.0887 0x1c3c Themes - ok
11:32:14.0933 0x1c3c [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
11:32:14.0933 0x1c3c THREADORDER - ok
11:32:14.0980 0x1c3c [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
11:32:15.0012 0x1c3c TimeBroker - ok
11:32:15.0058 0x1c3c [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
11:32:15.0074 0x1c3c TPM - ok
11:32:15.0121 0x1c3c [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\WINDOWS\System32\trkwks.dll
11:32:15.0152 0x1c3c TrkWks - ok
11:32:15.0199 0x1c3c [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
11:32:15.0215 0x1c3c truecrypt - ok
11:32:15.0308 0x1c3c [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:32:15.0324 0x1c3c TrustedInstaller - ok
11:32:15.0387 0x1c3c [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
11:32:15.0402 0x1c3c TsUsbFlt - ok
11:32:15.0449 0x1c3c [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:32:15.0574 0x1c3c TsUsbGD - ok
11:32:15.0605 0x1c3c [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
11:32:15.0621 0x1c3c tunnel - ok
11:32:15.0637 0x1c3c [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
11:32:15.0652 0x1c3c uagp35 - ok
11:32:15.0668 0x1c3c [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
11:32:15.0683 0x1c3c UASPStor - ok
11:32:15.0715 0x1c3c [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
11:32:15.0730 0x1c3c UCX01000 - ok
11:32:15.0793 0x1c3c [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
11:32:15.0808 0x1c3c udfs - ok
11:32:15.0855 0x1c3c [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
11:32:15.0871 0x1c3c UI0Detect - ok
11:32:15.0918 0x1c3c [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
11:32:15.0934 0x1c3c uliagpkx - ok
11:32:15.0980 0x1c3c [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
11:32:15.0996 0x1c3c umbus - ok
11:32:16.0012 0x1c3c [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
11:32:16.0027 0x1c3c UmPass - ok
11:32:16.0074 0x1c3c [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
11:32:16.0090 0x1c3c UmRdpService - ok
11:32:16.0137 0x1c3c [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
11:32:16.0137 0x1c3c UnlockerDriver5 - ok
11:32:16.0199 0x1c3c [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:32:16.0246 0x1c3c upnphost - ok
11:32:16.0277 0x1c3c [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys
11:32:16.0308 0x1c3c upperdev - ok
11:32:16.0340 0x1c3c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
11:32:16.0355 0x1c3c USBAAPL64 - ok
11:32:16.0402 0x1c3c [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
11:32:16.0402 0x1c3c usbccgp - ok
11:32:16.0418 0x1c3c [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
11:32:16.0433 0x1c3c usbcir - ok
11:32:16.0465 0x1c3c [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
11:32:16.0496 0x1c3c usbehci - ok
11:32:16.0527 0x1c3c [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
11:32:16.0543 0x1c3c usbhub - ok
11:32:16.0605 0x1c3c [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
11:32:16.0621 0x1c3c USBHUB3 - ok
11:32:16.0668 0x1c3c [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
11:32:16.0668 0x1c3c usbohci - ok
11:32:16.0715 0x1c3c [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
11:32:16.0730 0x1c3c usbprint - ok
11:32:16.0777 0x1c3c [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
11:32:16.0793 0x1c3c usbscan - ok
11:32:16.0809 0x1c3c [ 4E896888B2FDC694D8EF4462E1C58B78, D64F3A95C87DA3B523C4AD0A68410AE4B927767D1EA9A72EB082E1AFC1E37275 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
11:32:16.0824 0x1c3c usbser - ok
11:32:16.0840 0x1c3c [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys
11:32:16.0871 0x1c3c UsbserFilt - ok
11:32:16.0902 0x1c3c [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:32:16.0918 0x1c3c USBSTOR - ok
11:32:16.0949 0x1c3c [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
11:32:16.0980 0x1c3c usbuhci - ok
11:32:16.0996 0x1c3c [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
11:32:17.0027 0x1c3c usbvideo - ok
11:32:17.0074 0x1c3c [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:32:17.0090 0x1c3c USBXHCI - ok
11:32:17.0105 0x1c3c [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\WINDOWS\system32\lsass.exe
11:32:17.0121 0x1c3c VaultSvc - ok
11:32:17.0152 0x1c3c [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
11:32:17.0184 0x1c3c vdrvroot - ok
11:32:17.0246 0x1c3c [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\WINDOWS\System32\vds.exe
11:32:17.0278 0x1c3c vds - ok
11:32:17.0294 0x1c3c [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
11:32:17.0310 0x1c3c VerifierExt - ok
11:32:17.0372 0x1c3c [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
11:32:17.0388 0x1c3c vhdmp - ok
11:32:17.0419 0x1c3c [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
11:32:17.0435 0x1c3c viaide - ok
11:32:17.0481 0x1c3c [ 0E43886F01C85B47BA0A3157274BCF59, C81E1841B1138D8C224FAF76258F7EB65145CCAF7938CA86CBADD8FFF79BA596 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
11:32:17.0497 0x1c3c Vid - ok
11:32:17.0513 0x1c3c [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
11:32:17.0528 0x1c3c vmbus - ok
11:32:17.0560 0x1c3c [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
11:32:17.0575 0x1c3c VMBusHID - ok
11:32:17.0607 0x1c3c [ B4F432A51826FFC66F4DF72A83E8E4B1, 2C6F4D477F91605A3685FCF9EC6EA798E74C6853CC91547A749E9C050E7C19E8 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
11:32:17.0622 0x1c3c vmbusr - ok
11:32:17.0669 0x1c3c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
11:32:17.0700 0x1c3c vmicheartbeat - ok
11:32:17.0716 0x1c3c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
11:32:17.0731 0x1c3c vmickvpexchange - ok
11:32:17.0747 0x1c3c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
11:32:17.0763 0x1c3c vmicrdv - ok
11:32:17.0778 0x1c3c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
11:32:17.0794 0x1c3c vmicshutdown - ok
11:32:17.0810 0x1c3c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
11:32:17.0825 0x1c3c vmictimesync - ok
11:32:17.0841 0x1c3c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\WINDOWS\System32\ICSvc.dll
11:32:17.0857 0x1c3c vmicvss - ok
11:32:17.0903 0x1c3c [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
11:32:17.0903 0x1c3c volmgr - ok
11:32:17.0966 0x1c3c [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
11:32:17.0997 0x1c3c volmgrx - ok
11:32:18.0028 0x1c3c [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
11:32:18.0060 0x1c3c volsnap - ok
11:32:18.0107 0x1c3c [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
11:32:18.0122 0x1c3c vpci - ok
11:32:18.0138 0x1c3c [ 0190AFFF28F600461C0164353CC7EE27, D112DF69C9E629EC77FB95E7ACDDAAE24B5028C84454134BD26FEF9CC953AC0E ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
11:32:18.0153 0x1c3c vpcivsp - ok
11:32:18.0200 0x1c3c [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
11:32:18.0232 0x1c3c vsmraid - ok
11:32:18.0341 0x1c3c [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\WINDOWS\system32\vssvc.exe
11:32:18.0403 0x1c3c VSS - ok
11:32:18.0450 0x1c3c [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
11:32:18.0482 0x1c3c VSTXRAID - ok
11:32:18.0497 0x1c3c [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
11:32:18.0513 0x1c3c vwifibus - ok
11:32:18.0528 0x1c3c [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
11:32:18.0528 0x1c3c vwififlt - ok
11:32:18.0544 0x1c3c [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
11:32:18.0560 0x1c3c vwifimp - ok
11:32:18.0622 0x1c3c [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\WINDOWS\system32\w32time.dll
11:32:18.0653 0x1c3c W32Time - ok
11:32:18.0669 0x1c3c [ FDA15A0510F84FA46452B74529147A15, DAF92C2B733311B767895175E27B671C80DC028EEB477C28E0209C6467E072D1 ] WacHidRouter C:\WINDOWS\System32\drivers\wachidrouter.sys
11:32:18.0685 0x1c3c WacHidRouter - ok
11:32:18.0685 0x1c3c [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
11:32:18.0732 0x1c3c WacomPen - ok
11:32:18.0778 0x1c3c [ EABFDBDC9BEDD325F260A3A9FEE5B3F9, 496AD989DA6F500140FCDB88C65CECD4F306D3FBDAACE1D42C5312C1E321B9D1 ] wacomrouterfilter C:\WINDOWS\System32\drivers\wacomrouterfilter.sys
11:32:18.0778 0x1c3c wacomrouterfilter - ok
11:32:18.0825 0x1c3c [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:32:18.0825 0x1c3c Wanarp - ok
11:32:18.0841 0x1c3c [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:32:18.0857 0x1c3c Wanarpv6 - ok
11:32:18.0982 0x1c3c [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\WINDOWS\system32\wbengine.exe
11:32:19.0028 0x1c3c wbengine - ok
11:32:19.0075 0x1c3c [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
11:32:19.0091 0x1c3c WbioSrvc - ok
11:32:19.0138 0x1c3c [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
11:32:19.0153 0x1c3c Wcmsvc - ok
11:32:19.0200 0x1c3c [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
11:32:19.0247 0x1c3c wcncsvc - ok
11:32:19.0263 0x1c3c [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
11:32:19.0278 0x1c3c WcsPlugInService - ok
11:32:19.0310 0x1c3c [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\WINDOWS\system32\drivers\wd.sys
11:32:19.0325 0x1c3c Wd - ok
11:32:19.0372 0x1c3c [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
11:32:19.0372 0x1c3c WdBoot - ok
11:32:19.0497 0x1c3c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
11:32:19.0528 0x1c3c Wdf01000 - ok
11:32:19.0575 0x1c3c [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
11:32:19.0591 0x1c3c WdFilter - ok
11:32:19.0622 0x1c3c [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
11:32:19.0669 0x1c3c WdiServiceHost - ok
11:32:19.0685 0x1c3c [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
11:32:19.0700 0x1c3c WdiSystemHost - ok
11:32:19.0747 0x1c3c [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\WINDOWS\System32\webclnt.dll
11:32:19.0778 0x1c3c WebClient - ok
11:32:19.0794 0x1c3c [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
11:32:19.0810 0x1c3c Wecsvc - ok
11:32:19.0857 0x1c3c [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
11:32:19.0888 0x1c3c wercplsupport - ok
11:32:19.0919 0x1c3c [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
11:32:19.0935 0x1c3c WerSvc - ok
11:32:19.0982 0x1c3c [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
11:32:19.0997 0x1c3c WFPLWFS - ok
11:32:20.0044 0x1c3c [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
11:32:20.0060 0x1c3c WiaRpc - ok
11:32:20.0122 0x1c3c [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
11:32:20.0138 0x1c3c WIMMount - ok
11:32:20.0216 0x1c3c WinDefend - ok
11:32:20.0325 0x1c3c [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:32:20.0357 0x1c3c WinHttpAutoProxySvc - ok
11:32:20.0435 0x1c3c [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:32:20.0466 0x1c3c Winmgmt - ok
11:32:20.0591 0x1c3c [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:32:20.0685 0x1c3c WinRM - ok
11:32:20.0732 0x1c3c [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
11:32:20.0747 0x1c3c WinUsb - ok
11:32:20.0841 0x1c3c [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
11:32:20.0872 0x1c3c WlanSvc - ok
11:32:20.0997 0x1c3c [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
11:32:21.0060 0x1c3c wlidsvc - ok
11:32:21.0200 0x1c3c [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
11:32:21.0232 0x1c3c WmiAcpi - ok
11:32:21.0279 0x1c3c [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:32:21.0310 0x1c3c wmiApSrv - ok
11:32:21.0357 0x1c3c WMPNetworkSvc - ok
11:32:21.0372 0x1c3c [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
11:32:21.0388 0x1c3c wpcfltr - ok
11:32:21.0404 0x1c3c [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
11:32:21.0419 0x1c3c WPCSvc - ok
11:32:21.0466 0x1c3c [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
11:32:21.0497 0x1c3c WPDBusEnum - ok
11:32:21.0513 0x1c3c [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:32:21.0529 0x1c3c WpdUpFltr - ok
11:32:21.0560 0x1c3c [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:32:21.0575 0x1c3c ws2ifsl - ok
11:32:21.0607 0x1c3c [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
11:32:21.0638 0x1c3c wscsvc - ok
11:32:21.0669 0x1c3c [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
11:32:21.0685 0x1c3c WSDPrintDevice - ok
11:32:21.0732 0x1c3c [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
11:32:21.0747 0x1c3c WSDScan - ok
11:32:21.0747 0x1c3c WSearch - ok
11:32:21.0872 0x1c3c [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\WINDOWS\System32\WSService.dll
11:32:21.0950 0x1c3c WSService - ok
11:32:22.0013 0x1c3c [ FF3F745A22B0C9C2EF1600762E8858A1, A63A66537A5316963825A963F2A9EC2BEB68027EB3A2EF28DC2C936FF194915A ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
11:32:22.0044 0x1c3c WTabletServiceCon - ok
11:32:22.0200 0x1c3c [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
11:32:22.0294 0x1c3c wuauserv - ok
11:32:22.0341 0x1c3c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
11:32:22.0357 0x1c3c WudfPf - ok
11:32:22.0372 0x1c3c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
11:32:22.0388 0x1c3c WUDFRd - ok
11:32:22.0404 0x1c3c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:32:22.0419 0x1c3c WUDFSensorLP - ok
11:32:22.0435 0x1c3c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
11:32:22.0450 0x1c3c wudfsvc - ok
11:32:22.0466 0x1c3c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:32:22.0482 0x1c3c WUDFWpdFs - ok
11:32:22.0482 0x1c3c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:32:22.0497 0x1c3c WUDFWpdMtp - ok
11:32:22.0560 0x1c3c [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
11:32:22.0591 0x1c3c WwanSvc - ok
11:32:22.0654 0x1c3c [ 537319A784278409FF5353515A39DE38, A69CB8B24861399E9C965A4432717A5F60A09B241160E4777DA14EB50485DA74 ] yukonw8 C:\WINDOWS\system32\DRIVERS\yk63x64.sys
11:32:22.0685 0x1c3c yukonw8 - ok
11:32:22.0685 0x1c3c ================ Scan global ===============================
11:32:22.0747 0x1c3c [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\WINDOWS\system32\basesrv.dll
11:32:22.0810 0x1c3c [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll
11:32:22.0810 0x1c3c [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
11:32:22.0841 0x1c3c [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\WINDOWS\system32\services.exe
11:32:22.0857 0x1c3c [ Global ] - ok
11:32:22.0857 0x1c3c ================ Scan MBR ==================================
11:32:22.0872 0x1c3c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:32:23.0951 0x1c3c \Device\Harddisk0\DR0 - ok
11:32:23.0966 0x1c3c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:32:24.0107 0x1c3c \Device\Harddisk1\DR1 - ok
11:32:24.0107 0x1c3c ================ Scan VBR ==================================
11:32:24.0122 0x1c3c [ 820EEFF5763B186E32E5261854C4E411 ] \Device\Harddisk0\DR0\Partition1
11:32:24.0138 0x1c3c \Device\Harddisk0\DR0\Partition1 - ok
11:32:24.0154 0x1c3c [ 5B054FB0321A87CF4312ABEABCB0DFC6 ] \Device\Harddisk0\DR0\Partition2
11:32:24.0154 0x1c3c \Device\Harddisk0\DR0\Partition2 - ok
11:32:24.0154 0x1c3c [ 679468958EAF69D7BAF921957BB6C2FA ] \Device\Harddisk1\DR1\Partition1
11:32:24.0154 0x1c3c \Device\Harddisk1\DR1\Partition1 - ok
11:32:24.0185 0x1c3c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
11:32:24.0185 0x1c3c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
11:32:24.0201 0x1c3c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
11:32:26.0560 0x1c3c ============================================================
11:32:26.0560 0x1c3c Scan finished
11:32:26.0560 0x1c3c ============================================================
11:32:26.0560 0x1d74 Detected object count: 0
11:32:26.0560 0x1d74 Actual detected object count: 0
11:32:58.0944 0x17d8 Deinitialize success
beste Grüße, m |
|
11.04.2014, 06:38
| #5 |
| /// the machine /// TB-Ausbilder | Keylogger? Passwort ausgespäht! ja alles sauber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.04.2014, 11:29
| #6 |
| | Keylogger? Passwort ausgespäht! Super, vielen Dank für die Hilfe. Hast Du sonst Erfahrung oder eine Idee, wie jemand an mein Passwort für den Webserver gekommen sein könnte? Oder eine Idee, wie man die Schwachstelle finden könnte?? Besten Dank für Deinen tollen Service, m |
|
13.04.2014, 14:03
| #7 |
| /// the machine /// TB-Ausbilder | Keylogger? Passwort ausgespäht! Meist einfach Online gehackt. Wenn du nicht noch von einem andern Rechner drauf warst. Passwort ändern, in ein starkes 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Keylogger? Passwort ausgespäht! |
| bonjour, browser, converter, defender, ebanking, excel, explorer, flash player, format, ftp, google, homepage, internet, kaspersky, langsam, ntdll.dll, registry, rootkit, rundll, scan, security, services.exe, sketchup, software, svchost.exe, system, tablet, tracker, usb, windows xp, windowsapps |
Linear-Darstellung
