| |
| |||||||
Log-Analyse und Auswertung: Vista - viele iexplore.exe-Prozesse, Rechner wird langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.08.2014, 22:13
| #1 |
 |  Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hallo. Ich fürchte, ich habe mir einen Virus, Trojaner oder was es da so alles gibt eingefangen und hoffe auf Eure Hilfe. Der Rechner wird ab dem Hochfahren immer langsamer. Wenn ich den Task-Manager öffne, finde ich dort mehrere (nicht von mir gestartete) iexplore.exe-Prozesse. Auch der rundll32.exe-Prozess ist doppelt: Avira fand in Scans nacheinander: > HTML/Infected.WebPage.Gen6 > TR/Agent.CHYZ.1 > TR/ShoeLoader.A.181 ... 2mal Alle wurden in die Quarantäne verschoben. Keine weiteren Funde nach 2 weiteren Scans. Beim Herunterfahren blitzt der Bildschirmhintergrung mehrfach auf. Ich konnte defogger und FRST ausführen. Bei GMER gabs einen Bluescreen auch nach Entfernen des Häkchens bei Devices und auch im abgesicherten Modus jeweils bevor ich "Scan" klicken konnte. Hier die Logs: defogger_disable.log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:08 on 06/08/2014 (********************)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:5-08-2014
Ran by ******************** (administrator) on C-NOTEBOOK on 06-08-2014 22:12:27
Running from F:\
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-03-17] (Hewlett-Packard Company)
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\Run: [Ryagyna] => C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe [374784 2010-01-29] ()
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\MountPoints2: {034cbb8a-316e-11e2-b4dd-001377ac244d} - F:\AutoRun.exe
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\MountPoints2: {6fc87f4d-3166-11e2-b445-001377ac244d} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
SearchScopes: HKCU - DefaultScope {FC6615C8-41BA-4D79-90FC-33DC7E42EDBA} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {5FFBB15E-0974-4A15-B630-10695677353F} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {606E1179-D5C1-4BDE-9402-FDD915F92834} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {7A598ED0-35EC-4423-970E-835672F06B02} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {B1708A82-0D53-46BD-A543-872339238259} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {FC6615C8-41BA-4D79-90FC-33DC7E42EDBA} URL = hxxp://www.google.de/search?q={searchTerms}
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-25]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200 2008-05-23] (Intel(R) Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-05-23] (Intel(R) Corporation) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-05-23] (SAMSUNG ELECTRONICS CO., LTD.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-05-30] (Avira GmbH)
R3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242560 2008-04-05] (Vimicro Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-06 22:12 - 2014-08-06 22:12 - 00000000 ____D () C:\FRST
2014-08-06 22:08 - 2014-08-06 22:08 - 00000000 _____ () C:\Users\********************\defogger_reenable
2014-08-06 09:03 - 2014-08-06 09:03 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 08:56 - 2014-08-06 09:31 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-02 00:41 - 2014-08-02 00:41 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-08-02 00:04 - 2014-08-04 21:25 - 00000680 _____ () C:\Users\********************\AppData\Local\d3d9caps.dat
2014-08-01 20:53 - 2014-08-06 22:00 - 00000856 _____ () C:\Windows\Tasks\Security Center Update - 2437663260.job
2014-08-01 20:53 - 2014-08-01 20:53 - 00000000 ____D () C:\Users\********************\AppData\Roaming\Nawuka
2014-07-31 21:58 - 2014-07-31 21:58 - 00002082 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-07-30 22:56 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-30 22:56 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-30 22:56 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 20:54 - 2014-07-07 20:54 - 00000000 ____D () C:\Users\********************\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-06 22:12 - 2014-08-06 22:12 - 00000000 ____D () C:\FRST
2014-08-06 22:08 - 2014-08-06 22:08 - 00000000 _____ () C:\Users\********************\defogger_reenable
2014-08-06 22:08 - 2009-01-10 17:17 - 00000000 ___HD () C:\Users\********************
2014-08-06 22:00 - 2014-08-01 20:53 - 00000856 _____ () C:\Windows\Tasks\Security Center Update - 2437663260.job
2014-08-06 21:58 - 2006-11-02 14:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-06 21:58 - 2006-11-02 14:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-06 21:51 - 2006-11-02 12:33 - 01714928 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-06 21:49 - 2008-07-08 16:39 - 00191289 _____ () C:\ProgramData\nvModes.dat
2014-08-06 21:49 - 2008-07-08 16:39 - 00191289 _____ () C:\ProgramData\nvModes.001
2014-08-06 20:40 - 2008-10-11 04:47 - 01252280 _____ () C:\Windows\WindowsUpdate.log
2014-08-06 09:31 - 2014-08-06 08:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-06 09:03 - 2014-08-06 09:03 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 09:03 - 2013-05-30 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-06 09:03 - 2013-05-30 21:30 - 00000000 ____D () C:\Program Files\Avira
2014-08-06 08:56 - 2013-05-30 21:30 - 00000000 ____D () C:\ProgramData\Avira
2014-08-06 08:50 - 2009-01-10 17:17 - 00000000 ____D () C:\Users\********************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-08-06 08:49 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 08:48 - 2008-07-09 08:09 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-08-06 08:48 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-06 07:49 - 2013-03-09 23:38 - 00101608 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-08-05 22:58 - 2008-01-21 04:47 - 00077770 _____ () C:\Windows\PFRO.log
2014-08-04 21:42 - 2013-05-21 21:56 - 00000000 ____D () C:\Users\********************\Documents\Steuerfälle
2014-08-04 21:25 - 2014-08-02 00:04 - 00000680 _____ () C:\Users\********************\AppData\Local\d3d9caps.dat
2014-08-02 00:41 - 2014-08-02 00:41 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-08-01 20:53 - 2014-08-01 20:53 - 00000000 ____D () C:\Users\********************\AppData\Roaming\Nawuka
2014-08-01 13:56 - 2006-11-02 14:47 - 00374280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-31 22:15 - 2013-05-21 21:45 - 00000000 ____D () C:\ProgramData\AAV
2014-07-31 21:58 - 2014-07-31 21:58 - 00002082 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-07-31 21:58 - 2013-05-21 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2014-07-31 21:55 - 2013-05-21 21:46 - 00000000 ____D () C:\Program Files\Akademische Arbeitsgemeinschaft
2014-07-31 09:01 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-30 23:00 - 2013-08-16 22:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-30 22:58 - 2008-07-08 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-30 22:58 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-23 10:52 - 2009-10-11 19:11 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-07 20:54 - 2014-07-07 20:54 - 00000000 ____D () C:\Users\********************\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\********************\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\********************\AppData\Local\Temp\AskSLib.dll
C:\Users\********************\AppData\Local\Temp\avgnt.exe
C:\Users\********************\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate05.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate06.exe
C:\Users\********************\AppData\Local\Temp\FlashPlayerUpdate07.exe
C:\Users\********************\AppData\Local\Temp\install_reader10_de_gtbd_chrd_dn_aaa_aih.exe
C:\Users\********************\AppData\Local\Temp\jinstaller142_19.exe
C:\Users\********************\AppData\Local\Temp\ResetDevice.exe
C:\Users\********************\AppData\Local\Temp\WEB.DE_Sicherheitsupdate_Sep2012_Setup.exe
C:\Users\********************\AppData\Local\Temp\WEB.DE_Toolbar_IE_Setup.exe
C:\Users\********************\AppData\Local\Temp\WEB.DE_Toolbar_IE_Special.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-06 10:24
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:5-08-2014
Ran by ******************** at 2014-08-06 22:13:04
Running from F:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
Avira (HKLM\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version: - )
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.2403 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.0.3825 - CyberLink Corp.)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - )
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 3.0 (HKLM\...\InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}) (Version: 3.0.0.0 - Ihr Firmenname)
Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.1.0 - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}) (Version: 12.00.2000 - Intel(R) Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 2 Runtime Environment, SE v1.4.2_19 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142190}) (Version: 1.4.2_19 - Sun Microsystems, Inc.)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: .2406 - CyberLink Corp.)
LightScribe System Software 1.12.37.1 (HKLM\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.300.05.00.382 - Huawei Technologies Co.,Ltd)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Play AVStation (HKLM\...\InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}) (Version: 4.1.20.50 - Ihr Firmenname)
Play AVStation (Version: 4.1.20.50 - Ihr Firmenname) Hidden
PlayCamera (HKLM\...\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}) (Version: 1.0.1.7 - )
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 5.0.3927 - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corp.)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 085120(3.7)_Vista_SSPC - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.00 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.5 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
Saturn Fotoservice (HKLM\...\Saturn Fotoservice) (Version: - )
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.10 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.11.90 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Vimicro UVC Camera (HKLM\...\{71A51B09-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - WIDCOMM, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-08-2014 22:40:52 Geplanter Prüfpunkt
05-08-2014 18:42:08 Geplanter Prüfpunkt
05-08-2014 19:21:14 TestHF
06-08-2014 06:42:54 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3048F55A-A266-40E3-8960-C82CC5E9F0A2} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-05] (Samsung Electronics Co., Ltd.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3E21E1AC-D61F-4D06-85AE-7BA3CE25479D} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-04-17] (SAMSUNG Electronics co., LTD.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {56FC5C7B-173D-4CF6-8A5E-EACC301EBB6F} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-05-22] (SAMSUNG Electronics)
Task: {5EED903F-59ED-47CB-AE85-86E979AD1AFE} - System32\Tasks\Security Center Update - 2437663260 => C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe [2010-01-29] ()
Task: {A942CD87-3FE4-4614-8EAE-D88F98E2D3EB} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {CE3C7B64-1AB7-4FA9-83BD-864EC211E4D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-04-25] (Samsung Electronics Co., Ltd.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Security Center Update - 2437663260.job => C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2008-07-08 16:26 - 2006-12-19 15:23 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-07-08 16:32 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-07-08 16:31 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-07-08 16:31 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2007-07-12 06:55 - 2007-07-12 06:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 06:59 - 2007-08-14 06:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 06:55 - 2007-07-12 06:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-08-06 08:56 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\********************\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2010-01-29 16:30 - 2010-01-29 16:30 - 00374784 _____ () C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/06/2014 10:09:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung SynTPEnh.exe, Version 10.1.2.0, Zeitstempel 0x472258c9, fehlerhaftes Modul SynTPEnh.exe, Version 10.1.2.0, Zeitstempel 0x472258c9, Ausnahmecode 0xc0000409, Fehleroffset 0x00028ffc,
Prozess-ID 0xd24, Anwendungsstartzeit SynTPEnh.exe0.
Error: (08/06/2014 01:10:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16464, Zeitstempel 0x50ec971b, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19034, Zeitstempel 0x52f2ec86, Ausnahmecode 0xe06d7363, Fehleroffset 0x0003fd1e,
Prozess-ID 0x1958, Anwendungsstartzeit iexplore.exe0.
Error: (08/06/2014 08:51:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/06/2014 08:34:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16464, Zeitstempel 0x50ec971b, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19034, Zeitstempel 0x52f2ec86, Ausnahmecode 0xe06d7363, Fehleroffset 0x0003fd1e,
Prozess-ID 0x172c, Anwendungsstartzeit iexplore.exe0.
Error: (08/06/2014 08:18:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16464, Zeitstempel 0x50ec971b, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19034, Zeitstempel 0x52f2ec86, Ausnahmecode 0xe06d7363, Fehleroffset 0x0003fd1e,
Prozess-ID 0x13c4, Anwendungsstartzeit iexplore.exe0.
Error: (08/05/2014 11:16:45 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{ebd4c5ad-973d-11dd-87de-806e6f6e6963} - 00000144,0x0053c028,00808AF0,0,00807AE8,4096,[0])". hr = 0x8007045d.
Vorgang:
Maximale Größe des Vergleichsbereichs wird geändert
Kontext:
Volumename: \\?\Volume{ebd4c5ad-973d-11dd-87de-806e6f6e6963}\
Vergleichsbereichvolume: \\?\Volume{ebd4c5ad-973d-11dd-87de-806e6f6e6963}\
Maximale Vergleichsbereichgröße: 23207293132
Error: (08/05/2014 11:16:45 PM) (Source: System Restore) (EventID: 8199) (User: )
Description: Fehler beim Initiieren der Systemwiederherstellung (SteuerSparErklärung 2014 wurde installiert.).
Error: (08/05/2014 11:16:45 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{ebd4c5ad-973d-11dd-87de-806e6f6e6963} - 00000144,0x0053c06c,00808AF0,0,00807AE8,4096,[0])". hr = 0x8007045d.
Vorgang:
Maximale Größe des Vergleichsbereichs wird geändert
Kontext:
Volumename: \\?\Volume{ebd4c5ad-973d-11dd-87de-806e6f6e6963}\
Vergleichsbereichvolume: \\?\Volume{ebd4c5ad-973d-11dd-87de-806e6f6e6963}\
Maximale Vergleichsbereichgröße: 18446744073709551615
Error: (08/05/2014 10:59:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2014 09:42:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000008, Fehleroffset 0x000744cc,
Prozess-ID 0x2c4, Anwendungsstartzeit Explorer.EXE0.
System errors:
=============
Error: (08/06/2014 08:57:30 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (08/06/2014 08:51:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/06/2014 08:49:14 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Microsoft Office Sessions:
=========================
Error: (11/08/2010 10:51:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 15828 seconds with 7320 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2008-07-25 13:44:09.879
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2008-07-25 13:44:09.864
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2008-07-25 13:44:09.864
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2008-07-25 13:44:09.848
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3065.88 MB
Available physical RAM: 1606.52 MB
Total Pagefile: 6354.91 MB
Available Pagefile: 4312.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1874.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:144.09 GB) (Free:85.26 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144 GB) (Free:143.88 GB) NTFS
Drive f: (PKBACK# 001) (Removable) (Total:0.48 GB) (Free:0.48 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B6394A61)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 489 MB) (Disk ID: A9194E25)
Partition 1: (Active) - (Size=489 MB) - (Type=06)
==================== End Of Log ============================
Ich hoffe sehr, Ihr könnt helfen. Ich habe zwar ein "Systemwiederherstellungsmedium" von Samsung, weiß aber nicht damit umzugehen, z.B. ob da das ganze Betriebssystem drauf ist und auch die Office-Produkte ... Weitere DVDs gabs beim Kauf nicht dazu. Viele Grüße, Heinz. |
|
06.08.2014, 22:40
| #2 |
| /// the machine /// TB-Ausbilder    | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hi,
__________________Scan mit Combofix
__________________ |
|
07.08.2014, 07:58
| #3 |
| | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hallo Schrauber.
__________________ComboFix bricht leider mit Bluescreen ab. Beim ersten Versuch während Schritt 3, beim zweiten Versuch vor Schritt 1. Kein log vorhanden. Beim Starten wird mir nun gemeldet, dass der Windows-Defender wg. eines Fehlers bei der Anwendungsinitialisierung nicht starten kann. Gruß, Heinz. |
|
07.08.2014, 17:03
| #4 |
| /// the machine /// TB-Ausbilder | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.08.2014, 22:31
| #5 |
| | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hallo Schrauber, es wurden 3 threats gefunden. hier das Log: Code:
ATTFilter 23:01:11.0539 0x17b8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:01:21.0612 0x17b8 ============================================================
23:01:21.0613 0x17b8 Current date / time: 2014/08/07 23:01:21.0612
23:01:21.0613 0x17b8 SystemInfo:
23:01:21.0613 0x17b8
23:01:21.0615 0x17b8 OS Version: 6.0.6002 ServicePack: 2.0
23:01:21.0615 0x17b8 Product type: Workstation
23:01:21.0615 0x17b8 ComputerName: C-NOTEBOOK
23:01:21.0617 0x17b8 UserName: ********************
23:01:21.0617 0x17b8 Windows directory: C:\Windows
23:01:21.0617 0x17b8 System windows directory: C:\Windows
23:01:21.0617 0x17b8 Processor architecture: Intel x86
23:01:21.0617 0x17b8 Number of processors: 2
23:01:21.0617 0x17b8 Page size: 0x1000
23:01:21.0617 0x17b8 Boot type: Normal boot
23:01:21.0617 0x17b8 ============================================================
23:01:22.0032 0x17b8 KLMD registered as C:\Windows\system32\drivers\09278041.sys
23:01:22.0489 0x17b8 System UUID: {6C8A1B6B-9CE8-2C1D-B0BF-C248C8B2BB4B}
23:01:23.0519 0x17b8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:01:23.0521 0x17b8 ============================================================
23:01:23.0521 0x17b8 \Device\Harddisk0\DR0:
23:01:23.0522 0x17b8 MBR partitions:
23:01:23.0522 0x17b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x1202E000
23:01:23.0522 0x17b8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1342E800, BlocksNum 0x11FFF800
23:01:23.0522 0x17b8 ============================================================
23:01:23.0619 0x17b8 C: <-> \Device\Harddisk0\DR0\Partition1
23:01:23.0694 0x17b8 D: <-> \Device\Harddisk0\DR0\Partition2
23:01:23.0695 0x17b8 ============================================================
23:01:23.0695 0x17b8 Initialize success
23:01:23.0695 0x17b8 ============================================================
23:02:14.0780 0x0874 ============================================================
23:02:14.0780 0x0874 Scan started
23:02:14.0780 0x0874 Mode: Manual; SigCheck; TDLFS;
23:02:14.0780 0x0874 ============================================================
23:02:14.0780 0x0874 KSN ping started
23:02:28.0428 0x0874 KSN ping finished: true
23:02:41.0829 0x0874 ================ Scan system memory ========================
23:02:41.0830 0x0874 System memory - ok
23:02:41.0831 0x0874 ================ Scan services =============================
23:02:42.0066 0x0874 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
23:02:42.0477 0x0874 AAV UpdateService - ok
23:02:42.0915 0x0874 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:02:42.0951 0x0874 ACPI - ok
23:02:43.0153 0x0874 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:02:43.0176 0x0874 AdobeARMservice - ok
23:02:43.0331 0x0874 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:02:43.0463 0x0874 adp94xx - ok
23:02:43.0561 0x0874 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:02:43.0724 0x0874 adpahci - ok
23:02:43.0757 0x0874 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:02:43.0815 0x0874 adpu160m - ok
23:02:43.0882 0x0874 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:02:43.0941 0x0874 adpu320 - ok
23:02:44.0023 0x0874 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:02:44.0304 0x0874 AeLookupSvc - ok
23:02:44.0393 0x0874 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
23:02:44.0496 0x0874 AFD - ok
23:02:44.0619 0x0874 [ CE91B158FA490CF4C4D487A4130F4660, C343AEB125B15E6FC8428499E1C48390EF5073FACB0DC9BAB9040EFB170D04A5 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
23:02:44.0926 0x0874 AgereSoftModem - ok
23:02:44.0991 0x0874 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:02:45.0013 0x0874 agp440 - ok
23:02:45.0064 0x0874 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:02:45.0102 0x0874 aic78xx - ok
23:02:45.0136 0x0874 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
23:02:45.0277 0x0874 ALG - ok
23:02:45.0302 0x0874 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
23:02:45.0360 0x0874 aliide - ok
23:02:45.0390 0x0874 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:02:45.0414 0x0874 amdagp - ok
23:02:45.0450 0x0874 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
23:02:45.0488 0x0874 amdide - ok
23:02:45.0554 0x0874 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:02:45.0618 0x0874 AmdK7 - ok
23:02:45.0638 0x0874 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:02:45.0802 0x0874 AmdK8 - ok
23:02:46.0015 0x0874 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:02:46.0052 0x0874 AntiVirSchedulerService - ok
23:02:46.0142 0x0874 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:02:46.0190 0x0874 AntiVirService - ok
23:02:46.0233 0x0874 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
23:02:46.0312 0x0874 Appinfo - ok
23:02:46.0342 0x0874 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
23:02:46.0366 0x0874 arc - ok
23:02:46.0402 0x0874 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:02:46.0426 0x0874 arcsas - ok
23:02:46.0787 0x0874 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:02:46.0885 0x0874 aspnet_state - ok
23:02:46.0949 0x0874 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:47.0000 0x0874 AsyncMac - ok
23:02:47.0048 0x0874 [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
23:02:47.0088 0x0874 atapi - ok
23:02:47.0163 0x0874 [ 91E15B0A1D6F7B99ACE55D04C6D1544A, 23988261D07D009437F6AD78641E44E690058E85A5C81568DAE999679EE58112 ] athr C:\Windows\system32\DRIVERS\athr.sys
23:02:47.0268 0x0874 athr - ok
23:02:47.0344 0x0874 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:02:47.0400 0x0874 AudioEndpointBuilder - ok
23:02:47.0414 0x0874 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:02:47.0447 0x0874 Audiosrv - ok
23:02:47.0529 0x0874 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:02:47.0607 0x0874 avgntflt - ok
23:02:47.0654 0x0874 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:02:47.0679 0x0874 avipbb - ok
23:02:47.0795 0x0874 [ 8F9FB2E345549C1432249BDB8B9C1C0A, 337370238116022987D3CA957CFDAC9D953990F2AC513ACBFBA2D05E35A5F400 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
23:02:47.0817 0x0874 Avira.OE.ServiceHost - ok
23:02:47.0874 0x0874 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:02:47.0905 0x0874 avkmgr - ok
23:02:47.0996 0x0874 [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
23:02:48.0263 0x0874 bcm4sbxp - ok
23:02:48.0429 0x0874 [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
23:02:48.0448 0x0874 BcmSqlStartupSvc - ok
23:02:48.0471 0x0874 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
23:02:48.0557 0x0874 Beep - ok
23:02:48.0648 0x0874 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
23:02:48.0733 0x0874 BFE - ok
23:02:48.0998 0x0874 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
23:02:49.0169 0x0874 BITS - ok
23:02:49.0225 0x0874 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:02:49.0296 0x0874 blbdrive - ok
23:02:49.0367 0x0874 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:02:49.0445 0x0874 bowser - ok
23:02:49.0484 0x0874 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:02:49.0545 0x0874 BrFiltLo - ok
23:02:49.0561 0x0874 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:02:49.0623 0x0874 BrFiltUp - ok
23:02:49.0652 0x0874 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
23:02:49.0720 0x0874 Browser - ok
23:02:49.0783 0x0874 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:02:49.0882 0x0874 Brserid - ok
23:02:49.0897 0x0874 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:02:49.0962 0x0874 BrSerWdm - ok
23:02:49.0973 0x0874 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:02:50.0033 0x0874 BrUsbMdm - ok
23:02:50.0085 0x0874 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:02:50.0154 0x0874 BrUsbSer - ok
23:02:50.0237 0x0874 [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:02:50.0289 0x0874 BthEnum - ok
23:02:50.0342 0x0874 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:02:50.0404 0x0874 BTHMODEM - ok
23:02:50.0422 0x0874 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:02:50.0481 0x0874 BthPan - ok
23:02:50.0544 0x0874 [ 671134053D59E23704F08DB19F11E10B, 7AFE5B6646B9A38EFAF127B7C820463CC06C4B8B82BC76259DA346B51377EA0B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:02:50.0646 0x0874 BTHPORT - ok
23:02:50.0724 0x0874 [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
23:02:50.0759 0x0874 BthServ - ok
23:02:50.0775 0x0874 [ 93D7007E2C660DFCCA6AE72622740B14, 3483FD5060CE7FB9208A8016D5D79EC88DA63BF6C656EFC476AAA3D912DB451F ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:02:50.0843 0x0874 BTHUSB - ok
23:02:50.0932 0x0874 [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1, 4AF75222BF49EBFA93C98DF206D715DFE2B5EB742BDE06622256F628A756AAD6 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:02:50.0953 0x0874 btwaudio - ok
23:02:51.0003 0x0874 [ 195872E48A7FB01F8BC9B800F70F4054, 5F37D7CE44F00791241911BA1E77AD5DAD22C08584F19367BBE27BBFA3484616 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:02:51.0033 0x0874 btwavdt - ok
23:02:51.0358 0x0874 [ 0724E7D6C9B6A289EDDDA33FA8176E80, 836BFED3A4A374AB1C699D950D87A0709F529FD65B860890699584640490DBE8 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:02:51.0379 0x0874 btwrchid - ok
23:02:51.0547 0x0874 catchme - ok
23:02:51.0575 0x0874 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:02:51.0640 0x0874 cdfs - ok
23:02:51.0691 0x0874 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:02:51.0753 0x0874 cdrom - ok
23:02:51.0806 0x0874 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
23:02:51.0869 0x0874 CertPropSvc - ok
23:02:51.0972 0x0874 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
23:02:52.0084 0x0874 circlass - ok
23:02:52.0162 0x0874 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
23:02:52.0195 0x0874 CLFS - ok
23:02:52.0304 0x0874 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:02:52.0327 0x0874 clr_optimization_v2.0.50727_32 - ok
23:02:52.0389 0x0874 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:02:52.0460 0x0874 clr_optimization_v4.0.30319_32 - ok
23:02:52.0517 0x0874 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:52.0558 0x0874 CmBatt - ok
23:02:52.0590 0x0874 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:02:52.0611 0x0874 cmdide - ok
23:02:52.0629 0x0874 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:02:52.0649 0x0874 Compbatt - ok
23:02:52.0682 0x0874 COMSysApp - ok
23:02:52.0688 0x0874 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:02:52.0716 0x0874 crcdisk - ok
23:02:52.0737 0x0874 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:02:52.0786 0x0874 Crusoe - ok
23:02:52.0854 0x0874 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:02:52.0927 0x0874 CryptSvc - ok
23:02:53.0169 0x0874 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:02:53.0281 0x0874 DcomLaunch - ok
23:02:53.0348 0x0874 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:02:53.0424 0x0874 DfsC - ok
23:02:53.0562 0x0874 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
23:02:53.0813 0x0874 DFSR - ok
23:02:53.0887 0x0874 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:02:53.0981 0x0874 Dhcp - ok
23:02:54.0033 0x0874 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
23:02:54.0056 0x0874 disk - ok
23:02:54.0150 0x0874 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:02:54.0217 0x0874 Dnscache - ok
23:02:54.0262 0x0874 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
23:02:54.0314 0x0874 dot3svc - ok
23:02:54.0343 0x0874 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
23:02:54.0422 0x0874 DPS - ok
23:02:54.0451 0x0874 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:02:54.0520 0x0874 drmkaud - ok
23:02:54.0647 0x0874 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:02:54.0775 0x0874 DXGKrnl - ok
23:02:54.0811 0x0874 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:02:54.0852 0x0874 E1G60 - ok
23:02:54.0904 0x0874 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
23:02:55.0050 0x0874 EapHost - ok
23:02:55.0106 0x0874 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
23:02:55.0138 0x0874 Ecache - ok
23:02:55.0280 0x0874 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:02:55.0350 0x0874 ehRecvr - ok
23:02:55.0370 0x0874 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
23:02:55.0419 0x0874 ehSched - ok
23:02:55.0436 0x0874 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
23:02:55.0465 0x0874 ehstart - ok
23:02:55.0518 0x0874 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:02:55.0574 0x0874 elxstor - ok
23:02:55.0684 0x0874 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:02:55.0851 0x0874 EMDMgmt - ok
23:02:55.0899 0x0874 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:02:55.0947 0x0874 ErrDev - ok
23:02:56.0003 0x0874 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
23:02:56.0070 0x0874 EventSystem - ok
23:02:56.0182 0x0874 [ 87BFD4EF2F43399DA37B48B42A84A749, DCD62246CBD60708C0F97F403F557410FBD09E726A1FA2F87351EB38F5A32CC8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:02:56.0283 0x0874 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
23:02:58.0791 0x0874 Detect skipped due to KSN trusted
23:02:58.0791 0x0874 EvtEng - ok
23:02:58.0869 0x0874 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
23:02:58.0928 0x0874 exfat - ok
23:02:58.0971 0x0874 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:02:59.0006 0x0874 fastfat - ok
23:02:59.0076 0x0874 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:02:59.0124 0x0874 fdc - ok
23:02:59.0167 0x0874 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
23:02:59.0224 0x0874 fdPHost - ok
23:02:59.0249 0x0874 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
23:02:59.0330 0x0874 FDResPub - ok
23:02:59.0353 0x0874 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:02:59.0377 0x0874 FileInfo - ok
23:02:59.0387 0x0874 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:02:59.0428 0x0874 Filetrace - ok
23:02:59.0449 0x0874 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:02:59.0483 0x0874 flpydisk - ok
23:02:59.0543 0x0874 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:02:59.0591 0x0874 FltMgr - ok
23:02:59.0681 0x0874 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
23:02:59.0815 0x0874 FontCache - ok
23:02:59.0939 0x0874 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:02:59.0964 0x0874 FontCache3.0.0.0 - ok
23:03:00.0011 0x0874 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:00.0078 0x0874 Fs_Rec - ok
23:03:00.0129 0x0874 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:03:00.0152 0x0874 gagp30kx - ok
23:03:00.0253 0x0874 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:00.0382 0x0874 gpsvc - ok
23:03:00.0432 0x0874 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:00.0479 0x0874 HdAudAddService - ok
23:03:00.0553 0x0874 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:00.0676 0x0874 HDAudBus - ok
23:03:00.0711 0x0874 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:03:00.0765 0x0874 HidBth - ok
23:03:00.0788 0x0874 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
23:03:00.0861 0x0874 HidIr - ok
23:03:00.0900 0x0874 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
23:03:00.0947 0x0874 hidserv - ok
23:03:00.0989 0x0874 [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:01.0036 0x0874 HidUsb - ok
23:03:01.0079 0x0874 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:01.0147 0x0874 hkmsvc - ok
23:03:01.0170 0x0874 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:03:01.0192 0x0874 HpCISSs - ok
23:03:01.0244 0x0874 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:01.0361 0x0874 HTTP - ok
23:03:01.0437 0x0874 [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:03:01.0515 0x0874 hwdatacard - ok
23:03:01.0637 0x0874 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:03:01.0659 0x0874 i2omp - ok
23:03:01.0794 0x0874 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:01.0861 0x0874 i8042prt - ok
23:03:01.0995 0x0874 [ 496DB78E6A0C4C44023D9A92B4A7AC31, 2B44213C39F05090D2057E3A21C1718DFC4478E976D44255B6FA5C3B8CF20FFF ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
23:03:02.0223 0x0874 ialm - ok
23:03:02.0296 0x0874 [ F263A9036F8897FFA2AE54685E03AD60, 8286D4BE1F684E2B0DB5258ADBBD679A9A9D95CC435FA6B7D394A9E94B0FBE89 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:03:02.0335 0x0874 iaStor - ok
23:03:02.0363 0x0874 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:03:02.0420 0x0874 iaStorV - ok
23:03:02.0529 0x0874 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:03:02.0650 0x0874 idsvc - ok
23:03:02.0685 0x0874 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:03:02.0706 0x0874 iirsp - ok
23:03:02.0900 0x0874 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:02.0979 0x0874 IKEEXT - ok
23:03:03.0096 0x0874 [ FFD2B3BC042596ABE785D3C15F51AB46, C2CA6E15FE95ADE211325CA907FBC213DB3B5E871DBD22CC485837FAB4E9BCEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:03:03.0301 0x0874 IntcAzAudAddService - ok
23:03:03.0367 0x0874 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
23:03:03.0389 0x0874 intelide - ok
23:03:03.0409 0x0874 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:03:03.0456 0x0874 intelppm - ok
23:03:03.0488 0x0874 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:03.0569 0x0874 IPBusEnum - ok
23:03:03.0606 0x0874 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:03.0673 0x0874 IpFilterDriver - ok
23:03:03.0716 0x0874 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:03.0789 0x0874 iphlpsvc - ok
23:03:03.0794 0x0874 IpInIp - ok
23:03:03.0812 0x0874 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:03:03.0850 0x0874 IPMIDRV - ok
23:03:03.0898 0x0874 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:03:03.0937 0x0874 IPNAT - ok
23:03:03.0960 0x0874 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:03.0994 0x0874 IRENUM - ok
23:03:04.0011 0x0874 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:03:04.0035 0x0874 isapnp - ok
23:03:04.0117 0x0874 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:03:04.0146 0x0874 iScsiPrt - ok
23:03:04.0192 0x0874 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:03:04.0225 0x0874 iteatapi - ok
23:03:04.0280 0x0874 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:03:04.0324 0x0874 iteraid - ok
23:03:04.0349 0x0874 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:04.0371 0x0874 kbdclass - ok
23:03:04.0379 0x0874 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:04.0430 0x0874 kbdhid - ok
23:03:04.0469 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
23:03:04.0514 0x0874 KeyIso - ok
23:03:04.0561 0x0874 [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
23:03:04.0598 0x0874 KMDFMEMIO - ok
23:03:04.0657 0x0874 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:04.0708 0x0874 KSecDD - ok
23:03:04.0741 0x0874 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:04.0793 0x0874 KtmRm - ok
23:03:04.0832 0x0874 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
23:03:04.0909 0x0874 LanmanServer - ok
23:03:04.0965 0x0874 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:05.0037 0x0874 LanmanWorkstation - ok
23:03:05.0117 0x0874 [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:03:05.0163 0x0874 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
23:03:07.0526 0x0874 Detect skipped due to KSN trusted
23:03:07.0526 0x0874 LightScribeService - ok
23:03:07.0564 0x0874 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:07.0630 0x0874 lltdio - ok
23:03:07.0670 0x0874 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:07.0727 0x0874 lltdsvc - ok
23:03:07.0748 0x0874 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:07.0816 0x0874 lmhosts - ok
23:03:07.0855 0x0874 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:03:07.0880 0x0874 LSI_FC - ok
23:03:07.0910 0x0874 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:03:07.0934 0x0874 LSI_SAS - ok
23:03:07.0958 0x0874 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:03:07.0983 0x0874 LSI_SCSI - ok
23:03:08.0011 0x0874 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:08.0075 0x0874 luafv - ok
23:03:08.0091 0x0874 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:08.0159 0x0874 Mcx2Svc - ok
23:03:08.0202 0x0874 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
23:03:08.0224 0x0874 megasas - ok
23:03:08.0267 0x0874 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:03:08.0372 0x0874 MegaSR - ok
23:03:08.0412 0x0874 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
23:03:08.0465 0x0874 MMCSS - ok
23:03:08.0494 0x0874 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
23:03:08.0541 0x0874 Modem - ok
23:03:08.0574 0x0874 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:08.0632 0x0874 monitor - ok
23:03:08.0655 0x0874 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:08.0677 0x0874 mouclass - ok
23:03:08.0703 0x0874 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:08.0736 0x0874 mouhid - ok
23:03:08.0767 0x0874 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:03:08.0800 0x0874 MountMgr - ok
23:03:08.0851 0x0874 [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:03:08.0879 0x0874 MozillaMaintenance - ok
23:03:08.0909 0x0874 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:03:08.0944 0x0874 mpio - ok
23:03:09.0028 0x0874 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:09.0058 0x0874 mpsdrv - ok
23:03:09.0103 0x0874 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:09.0214 0x0874 MpsSvc - ok
23:03:09.0233 0x0874 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:03:09.0253 0x0874 Mraid35x - ok
23:03:09.0290 0x0874 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:09.0340 0x0874 MRxDAV - ok
23:03:09.0396 0x0874 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:09.0434 0x0874 mrxsmb - ok
23:03:09.0492 0x0874 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:09.0544 0x0874 mrxsmb10 - ok
23:03:09.0557 0x0874 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:09.0582 0x0874 mrxsmb20 - ok
23:03:09.0618 0x0874 [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci C:\Windows\system32\drivers\msahci.sys
23:03:09.0648 0x0874 msahci - ok
23:03:09.0699 0x0874 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:03:09.0742 0x0874 msdsm - ok
23:03:09.0786 0x0874 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
23:03:09.0855 0x0874 MSDTC - ok
23:03:09.0900 0x0874 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:09.0953 0x0874 Msfs - ok
23:03:09.0992 0x0874 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:03:10.0014 0x0874 msisadrv - ok
23:03:10.0036 0x0874 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:10.0096 0x0874 MSiSCSI - ok
23:03:10.0121 0x0874 msiserver - ok
23:03:10.0149 0x0874 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:10.0250 0x0874 MSKSSRV - ok
23:03:10.0276 0x0874 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:10.0310 0x0874 MSPCLOCK - ok
23:03:10.0357 0x0874 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:10.0402 0x0874 MSPQM - ok
23:03:10.0445 0x0874 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:10.0474 0x0874 MsRPC - ok
23:03:10.0618 0x0874 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:10.0640 0x0874 mssmbios - ok
23:03:10.0715 0x0874 MSSQL$MSSMLBIZ - ok
23:03:10.0742 0x0874 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:03:10.0764 0x0874 MSSQLServerADHelper - ok
23:03:10.0807 0x0874 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:10.0868 0x0874 MSTEE - ok
23:03:10.0901 0x0874 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:10.0934 0x0874 Mup - ok
23:03:10.0990 0x0874 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
23:03:11.0074 0x0874 napagent - ok
23:03:11.0152 0x0874 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:11.0193 0x0874 NativeWifiP - ok
23:03:11.0237 0x0874 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:11.0295 0x0874 NDIS - ok
23:03:11.0345 0x0874 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:11.0410 0x0874 NdisTapi - ok
23:03:11.0441 0x0874 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:11.0485 0x0874 Ndisuio - ok
23:03:11.0526 0x0874 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:11.0568 0x0874 NdisWan - ok
23:03:11.0582 0x0874 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:11.0615 0x0874 NDProxy - ok
23:03:11.0653 0x0874 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:11.0718 0x0874 NetBIOS - ok
23:03:11.0759 0x0874 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:03:11.0818 0x0874 netbt - ok
23:03:11.0847 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
23:03:11.0864 0x0874 Netlogon - ok
23:03:11.0929 0x0874 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
23:03:11.0997 0x0874 Netman - ok
23:03:12.0045 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0112 0x0874 NetMsmqActivator - ok
23:03:12.0121 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0142 0x0874 NetPipeActivator - ok
23:03:12.0179 0x0874 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
23:03:12.0234 0x0874 netprofm - ok
23:03:12.0243 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0264 0x0874 NetTcpActivator - ok
23:03:12.0272 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0293 0x0874 NetTcpPortSharing - ok
23:03:12.0426 0x0874 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
23:03:12.0697 0x0874 NETw3v32 - ok
23:03:12.0890 0x0874 [ 0B214C6A4728F085FB64A29ED9C4DE94, 5AB06F2D2826482BCD72A9D7574C1DD86FDE68DD67E7D4435F94B86817D4BC40 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
23:03:13.0432 0x0874 NETw5v32 - ok
23:03:13.0466 0x0874 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:03:13.0488 0x0874 nfrd960 - ok
23:03:13.0515 0x0874 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:13.0556 0x0874 NlaSvc - ok
23:03:13.0593 0x0874 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:13.0660 0x0874 Npfs - ok
23:03:13.0694 0x0874 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
23:03:13.0734 0x0874 nsi - ok
23:03:13.0782 0x0874 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:13.0831 0x0874 nsiproxy - ok
23:03:13.0942 0x0874 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:14.0163 0x0874 Ntfs - ok
23:03:14.0187 0x0874 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:03:14.0249 0x0874 ntrigdigi - ok
23:03:14.0282 0x0874 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
23:03:14.0332 0x0874 Null - ok
23:03:15.0397 0x0874 [ 440690DA4358D9682DBCC56DA7D419AB, C6958DF3769665DCF59B39B499AE110253E2482B9E4F3C7A2BC3A75776E4E3EA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:03:17.0728 0x0874 nvlddmkm - ok
23:03:17.0778 0x0874 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:17.0834 0x0874 nvraid - ok
23:03:17.0864 0x0874 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:17.0922 0x0874 nvstor - ok
23:03:18.0010 0x0874 [ 11E1DC466C3E384C1A697B95DC5AA785, F411BB0554A2F19252A4E2B32113C6E9836DFC56C6E856FAEB1A44F562309F98 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:03:18.0113 0x0874 nvsvc - ok
23:03:18.0147 0x0874 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:03:18.0229 0x0874 nv_agp - ok
23:03:18.0234 0x0874 NwlnkFlt - ok
23:03:18.0240 0x0874 NwlnkFwd - ok
23:03:18.0559 0x0874 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:03:18.0854 0x0874 odserv - ok
23:03:18.0889 0x0874 [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:03:19.0035 0x0874 ohci1394 - ok
23:03:19.0153 0x0874 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:19.0310 0x0874 ose - ok
23:03:19.0534 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:03:19.0805 0x0874 p2pimsvc - ok
23:03:19.0912 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:19.0998 0x0874 p2psvc - ok
23:03:20.0058 0x0874 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
23:03:20.0114 0x0874 Parport - ok
23:03:20.0182 0x0874 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:20.0216 0x0874 partmgr - ok
23:03:20.0253 0x0874 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:03:20.0382 0x0874 Parvdm - ok
23:03:20.0422 0x0874 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:20.0483 0x0874 PcaSvc - ok
23:03:20.0547 0x0874 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
23:03:20.0576 0x0874 pci - ok
23:03:20.0633 0x0874 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
23:03:20.0736 0x0874 pciide - ok
23:03:20.0774 0x0874 [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:03:20.0804 0x0874 pcmcia - ok
23:03:20.0865 0x0874 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:21.0033 0x0874 PEAUTH - ok
23:03:21.0179 0x0874 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
23:03:21.0395 0x0874 pla - ok
23:03:21.0442 0x0874 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:21.0505 0x0874 PlugPlay - ok
23:03:21.0614 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:03:21.0670 0x0874 PNRPAutoReg - ok
23:03:21.0699 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:03:21.0752 0x0874 PNRPsvc - ok
23:03:21.0796 0x0874 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:21.0888 0x0874 PolicyAgent - ok
23:03:21.0927 0x0874 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:22.0007 0x0874 PptpMiniport - ok
23:03:22.0025 0x0874 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
23:03:22.0098 0x0874 Processor - ok
23:03:22.0144 0x0874 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:22.0181 0x0874 ProfSvc - ok
23:03:22.0204 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:22.0249 0x0874 ProtectedStorage - ok
23:03:22.0290 0x0874 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:03:22.0336 0x0874 PSched - ok
23:03:22.0414 0x0874 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:03:22.0560 0x0874 ql2300 - ok
23:03:22.0602 0x0874 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:03:22.0627 0x0874 ql40xx - ok
23:03:22.0664 0x0874 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
23:03:22.0699 0x0874 QWAVE - ok
23:03:22.0723 0x0874 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:22.0777 0x0874 QWAVEdrv - ok
23:03:22.0800 0x0874 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:22.0844 0x0874 RasAcd - ok
23:03:22.0858 0x0874 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:22.0922 0x0874 RasAuto - ok
23:03:22.0953 0x0874 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:23.0024 0x0874 Rasl2tp - ok
23:03:23.0082 0x0874 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
23:03:23.0161 0x0874 RasMan - ok
23:03:23.0215 0x0874 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:23.0250 0x0874 RasPppoe - ok
23:03:23.0288 0x0874 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:23.0324 0x0874 RasSstp - ok
23:03:23.0367 0x0874 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:23.0441 0x0874 rdbss - ok
23:03:23.0464 0x0874 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:23.0509 0x0874 RDPCDD - ok
23:03:23.0537 0x0874 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:03:23.0585 0x0874 rdpdr - ok
23:03:23.0590 0x0874 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:23.0626 0x0874 RDPENCDD - ok
23:03:23.0662 0x0874 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:23.0744 0x0874 RDPWD - ok
23:03:23.0798 0x0874 [ 3C109EFD0CEF1B540ED3C7F573594BFD, 3AAC865732972E19CD2583209D047D176259A7CB0E8ACEB1E6D91DB82A58DCA7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:03:23.0865 0x0874 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
23:03:26.0366 0x0874 Detect skipped due to KSN trusted
23:03:26.0366 0x0874 RegSrvc - ok
23:03:26.0411 0x0874 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:26.0480 0x0874 RemoteAccess - ok
23:03:26.0531 0x0874 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:26.0605 0x0874 RemoteRegistry - ok
23:03:26.0643 0x0874 [ 10536B0AD6F416FC7F1149977C28CCDC, F0CE929BBA996762D59570338AC2E7DCC920E76E2E945FEB629E8EBE1B311D19 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:03:26.0681 0x0874 RFCOMM - ok
23:03:26.0748 0x0874 [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:03:26.0790 0x0874 RichVideo - ok
23:03:26.0816 0x0874 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
23:03:26.0853 0x0874 RpcLocator - ok
23:03:26.0928 0x0874 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:27.0014 0x0874 RpcSs - ok
23:03:27.0048 0x0874 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:27.0090 0x0874 rspndr - ok
23:03:27.0127 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
23:03:27.0144 0x0874 SamSs - ok
23:03:27.0271 0x0874 [ A9D840FA78F65857EB554229914F855C, AC3BD980ABDAECFE7D824DF71CCBA7D84749B9AD51460D130A9AA9C7B2DE3D3E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
23:03:27.0326 0x0874 Samsung Update Plus - detected UnsignedFile.Multi.Generic ( 1 )
23:03:37.0431 0x0874 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
23:03:37.0431 0x0874 Force sending object to P2P due to detect: Samsung Update Plus
23:03:41.0833 0x0874 Object send P2P result: true
23:03:44.0260 0x0874 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:03:44.0282 0x0874 sbp2port - ok
23:03:44.0323 0x0874 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:44.0372 0x0874 SCardSvr - ok
23:03:44.0491 0x0874 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
23:03:44.0659 0x0874 Schedule - ok
23:03:44.0679 0x0874 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:44.0706 0x0874 SCPolicySvc - ok
23:03:45.0125 0x0874 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:03:45.0235 0x0874 sdbus - ok
23:03:45.0267 0x0874 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:45.0476 0x0874 SDRSVC - ok
23:03:45.0500 0x0874 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:45.0597 0x0874 secdrv - ok
23:03:45.0621 0x0874 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
23:03:45.0661 0x0874 seclogon - ok
23:03:45.0690 0x0874 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
23:03:45.0824 0x0874 SENS - ok
23:03:45.0849 0x0874 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:03:45.0907 0x0874 Serenum - ok
23:03:45.0932 0x0874 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
23:03:46.0426 0x0874 Serial - ok
23:03:46.0460 0x0874 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:03:46.0500 0x0874 sermouse - ok
23:03:46.0613 0x0874 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:46.0685 0x0874 SessionEnv - ok
23:03:46.0699 0x0874 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:03:46.0760 0x0874 sffdisk - ok
23:03:46.0779 0x0874 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:03:46.0835 0x0874 sffp_mmc - ok
23:03:46.0848 0x0874 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:03:46.0909 0x0874 sffp_sd - ok
23:03:46.0930 0x0874 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:03:47.0031 0x0874 sfloppy - ok
23:03:47.0235 0x0874 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:47.0384 0x0874 SharedAccess - ok
23:03:47.0527 0x0874 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:47.0600 0x0874 ShellHWDetection - ok
23:03:47.0636 0x0874 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:03:47.0662 0x0874 sisagp - ok
23:03:47.0687 0x0874 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:03:47.0711 0x0874 SiSRaid2 - ok
23:03:47.0745 0x0874 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:03:48.0079 0x0874 SiSRaid4 - ok
23:03:48.0687 0x0874 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
23:03:52.0426 0x0874 slsvc - ok
23:03:52.0485 0x0874 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:03:52.0542 0x0874 SLUINotify - ok
23:03:52.0589 0x0874 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:52.0645 0x0874 Smb - ok
23:03:52.0688 0x0874 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:52.0710 0x0874 SNMPTRAP - ok
23:03:52.0750 0x0874 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:52.0772 0x0874 spldr - ok
23:03:52.0836 0x0874 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
23:03:52.0951 0x0874 Spooler - ok
23:03:53.0034 0x0874 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:03:53.0060 0x0874 SQLBrowser - ok
23:03:53.0152 0x0874 [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:03:53.0176 0x0874 SQLWriter - ok
23:03:53.0220 0x0874 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:53.0296 0x0874 srv - ok
23:03:53.0341 0x0874 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:53.0387 0x0874 srv2 - ok
23:03:53.0409 0x0874 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:53.0472 0x0874 srvnet - ok
23:03:53.0519 0x0874 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:53.0587 0x0874 SSDPSRV - ok
23:03:53.0613 0x0874 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:03:53.0629 0x0874 ssmdrv - ok
23:03:53.0680 0x0874 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:53.0720 0x0874 SstpSvc - ok
23:03:53.0789 0x0874 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
23:03:53.0904 0x0874 stisvc - ok
23:03:53.0940 0x0874 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:53.0962 0x0874 swenum - ok
23:03:54.0008 0x0874 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
23:03:54.0082 0x0874 swprv - ok
23:03:54.0101 0x0874 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:03:54.0123 0x0874 Symc8xx - ok
23:03:54.0138 0x0874 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:03:54.0162 0x0874 Sym_hi - ok
23:03:54.0179 0x0874 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:03:54.0205 0x0874 Sym_u3 - ok
23:03:54.0247 0x0874 [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:03:54.0285 0x0874 SynTP - ok
23:03:54.0357 0x0874 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
23:03:54.0524 0x0874 SysMain - ok
23:03:54.0616 0x0874 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:54.0676 0x0874 TabletInputService - ok
23:03:54.0730 0x0874 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:54.0782 0x0874 TapiSrv - ok
23:03:54.0814 0x0874 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
23:03:54.0872 0x0874 TBS - ok
23:03:54.0961 0x0874 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:55.0076 0x0874 Tcpip - ok
23:03:55.0163 0x0874 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:55.0220 0x0874 Tcpip6 - ok
23:03:55.0396 0x0874 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:55.0542 0x0874 tcpipreg - ok
23:03:55.0618 0x0874 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:55.0667 0x0874 TDPIPE - ok
23:03:55.0694 0x0874 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:55.0742 0x0874 TDTCP - ok
23:03:55.0805 0x0874 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:55.0847 0x0874 tdx - ok
23:03:55.0929 0x0874 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:55.0955 0x0874 TermDD - ok
23:03:56.0014 0x0874 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
23:03:56.0340 0x0874 TermService - ok
23:03:56.0374 0x0874 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
23:03:56.0421 0x0874 Themes - ok
23:03:56.0462 0x0874 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:56.0497 0x0874 THREADORDER - ok
23:03:56.0634 0x0874 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
23:03:56.0706 0x0874 TrkWks - ok
23:03:56.0868 0x0874 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:56.0902 0x0874 TrustedInstaller - ok
23:03:56.0958 0x0874 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:57.0036 0x0874 tssecsrv - ok
23:03:57.0105 0x0874 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:03:57.0173 0x0874 tunmp - ok
23:03:57.0265 0x0874 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:57.0696 0x0874 tunnel - ok
23:03:57.0770 0x0874 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:03:57.0806 0x0874 uagp35 - ok
23:03:57.0886 0x0874 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:57.0930 0x0874 udfs - ok
23:03:58.0037 0x0874 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:58.0107 0x0874 UI0Detect - ok
23:03:58.0193 0x0874 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:03:58.0224 0x0874 uliagpkx - ok
23:03:58.0301 0x0874 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:03:58.0336 0x0874 uliahci - ok
23:03:58.0449 0x0874 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:03:58.0487 0x0874 UlSata - ok
23:03:58.0552 0x0874 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:03:58.0585 0x0874 ulsata2 - ok
23:03:58.0647 0x0874 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:58.0745 0x0874 umbus - ok
23:03:58.0807 0x0874 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
23:03:58.0952 0x0874 upnphost - ok
23:03:59.0021 0x0874 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:59.0049 0x0874 usbccgp - ok
23:03:59.0108 0x0874 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:03:59.0199 0x0874 usbcir - ok
23:03:59.0291 0x0874 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:03:59.0381 0x0874 usbehci - ok
23:03:59.0444 0x0874 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:59.0526 0x0874 usbhub - ok
23:03:59.0570 0x0874 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:03:59.0733 0x0874 usbohci - ok
23:03:59.0769 0x0874 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:59.0839 0x0874 usbprint - ok
23:03:59.0932 0x0874 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:04:00.0020 0x0874 usbscan - ok
23:04:00.0109 0x0874 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:04:00.0192 0x0874 USBSTOR - ok
23:04:00.0249 0x0874 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:04:00.0283 0x0874 usbuhci - ok
23:04:00.0334 0x0874 [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:04:00.0419 0x0874 usbvideo - ok
23:04:00.0465 0x0874 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
23:04:00.0559 0x0874 UxSms - ok
23:04:00.0619 0x0874 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
23:04:00.0811 0x0874 vds - ok
23:04:00.0849 0x0874 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:04:00.0906 0x0874 vga - ok
23:04:00.0935 0x0874 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:04:00.0998 0x0874 VgaSave - ok
23:04:01.0040 0x0874 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:04:01.0078 0x0874 viaagp - ok
23:04:01.0177 0x0874 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:04:01.0230 0x0874 ViaC7 - ok
23:04:01.0271 0x0874 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
23:04:01.0299 0x0874 viaide - ok
23:04:01.0398 0x0874 [ 2B0970A8C0A65874EFF4AA436E651D85, 5674DB79019960E527CE7AE79F7866AFFAA5AE9DAB625EB8987CF17A977C3433 ] VMC302 C:\Windows\system32\Drivers\VMC302.sys
23:04:01.0474 0x0874 VMC302 - ok
23:04:01.0512 0x0874 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:04:01.0537 0x0874 volmgr - ok
23:04:01.0675 0x0874 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:04:01.0830 0x0874 volmgrx - ok
23:04:02.0011 0x0874 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:04:02.0146 0x0874 volsnap - ok
23:04:02.0199 0x0874 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:04:02.0226 0x0874 vsmraid - ok
23:04:02.0511 0x0874 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
23:04:03.0227 0x0874 VSS - ok
23:04:03.0309 0x0874 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
23:04:03.0373 0x0874 W32Time - ok
23:04:03.0416 0x0874 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:04:03.0471 0x0874 WacomPen - ok
23:04:03.0518 0x0874 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:04:03.0597 0x0874 Wanarp - ok
23:04:03.0602 0x0874 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:04:03.0651 0x0874 Wanarpv6 - ok
23:04:03.0797 0x0874 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:04:03.0898 0x0874 wcncsvc - ok
23:04:04.0094 0x0874 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:04:04.0233 0x0874 WcsPlugInService - ok
23:04:04.0286 0x0874 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
23:04:04.0306 0x0874 Wd - ok
23:04:04.0366 0x0874 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:04:04.0495 0x0874 Wdf01000 - ok
23:04:04.0537 0x0874 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:04:04.0585 0x0874 WdiServiceHost - ok
23:04:04.0592 0x0874 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:04:04.0627 0x0874 WdiSystemHost - ok
23:04:04.0702 0x0874 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
23:04:04.0816 0x0874 WebClient - ok
23:04:04.0865 0x0874 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:04:04.0967 0x0874 Wecsvc - ok
23:04:05.0023 0x0874 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:04:05.0089 0x0874 wercplsupport - ok
23:04:05.0144 0x0874 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
23:04:05.0185 0x0874 WerSvc - ok
23:04:05.0240 0x0874 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:04:05.0303 0x0874 WinDefend - ok
23:04:05.0312 0x0874 WinHttpAutoProxySvc - ok
23:04:05.0409 0x0874 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:04:05.0448 0x0874 Winmgmt - ok
23:04:05.0568 0x0874 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
23:04:05.0726 0x0874 WinRM - ok
23:04:05.0858 0x0874 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:04:06.0033 0x0874 Wlansvc - ok
23:04:06.0067 0x0874 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:04:06.0157 0x0874 WmiAcpi - ok
23:04:06.0224 0x0874 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:04:06.0314 0x0874 wmiApSrv - ok
23:04:06.0419 0x0874 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:04:06.0693 0x0874 WMPNetworkSvc - ok
23:04:06.0760 0x0874 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:04:06.0883 0x0874 WPCSvc - ok
23:04:06.0943 0x0874 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:04:07.0085 0x0874 WPDBusEnum - ok
23:04:07.0211 0x0874 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:04:07.0373 0x0874 WPFFontCache_v0400 - ok
23:04:07.0399 0x0874 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:04:07.0437 0x0874 ws2ifsl - ok
23:04:07.0486 0x0874 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
23:04:07.0521 0x0874 wscsvc - ok
23:04:07.0532 0x0874 WSearch - ok
23:04:07.0653 0x0874 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
23:04:08.0088 0x0874 wuauserv - ok
23:04:08.0136 0x0874 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:04:08.0209 0x0874 WudfPf - ok
23:04:08.0242 0x0874 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:04:08.0313 0x0874 WUDFRd - ok
23:04:08.0351 0x0874 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:04:08.0378 0x0874 wudfsvc - ok
23:04:08.0445 0x0874 [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
23:04:08.0521 0x0874 yukonwlh - ok
23:04:08.0566 0x0874 ================ Scan global ===============================
23:04:08.0586 0x0874 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
23:04:08.0675 0x0874 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:04:08.0792 0x0874 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:04:08.0896 0x0874 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
23:04:08.0919 0x0874 [ Global ] - ok
23:04:08.0920 0x0874 ================ Scan MBR ==================================
23:04:08.0939 0x0874 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
23:04:18.0425 0x0874 \Device\Harddisk0\DR0 - ok
23:04:18.0433 0x0874 ================ Scan VBR ==================================
23:04:18.0447 0x0874 [ 92662BA4944BDDB29F269A6305E6DC4A ] \Device\Harddisk0\DR0\Partition1
23:04:18.0490 0x0874 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
23:04:18.0490 0x0874 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
23:04:20.0957 0x0874 [ 0B745129D14217F6C7E838A788B3FDA7 ] \Device\Harddisk0\DR0\Partition2
23:04:21.0047 0x0874 \Device\Harddisk0\DR0\Partition2 - ok
23:04:21.0047 0x0874 ================ Scan generic autorun ======================
23:04:21.0106 0x0874 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
23:04:21.0225 0x0874 Windows Defender - ok
23:04:21.0230 0x0874 NvCplDaemon - ok
23:04:21.0234 0x0874 NvMediaCenter - ok
23:04:21.0730 0x0874 [ EB57A9927A39EB86194D664E781633B7, 673F5A8D2ACFE11CAA95FBDDB4962445CCFBBBF3547DDFFB820A335F4F6B1D13 ] C:\Windows\RtHDVCpl.exe
23:04:22.0889 0x0874 RtHDVCpl - ok
23:04:23.0276 0x0874 [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
23:04:23.0413 0x0874 SynTPEnh - ok
23:04:23.0456 0x0874 [ B2B2FE2671DD98A322B0AD7079C0B2B2, A9148336C9A6E44A089514C9BDA22704EB5EFC4069F07ED31E75330D48B4DF97 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
23:04:23.0477 0x0874 RemoteControl - ok
23:04:23.0518 0x0874 [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
23:04:23.0551 0x0874 LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
23:04:26.0029 0x0874 Detect skipped due to KSN trusted
23:04:26.0029 0x0874 LanguageShortcut - ok
23:04:26.0779 0x0874 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
23:04:26.0877 0x0874 avgnt - ok
23:04:27.0188 0x0874 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:04:27.0344 0x0874 Adobe ARM - ok
23:04:27.0622 0x0874 [ 1E873743DEC469609C35275C5557B34D, EC8952601B4643B9B82DA5B7C5A85DD19CC1F07889A2B69E4FCCDCAC296A9FA1 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
23:04:27.0670 0x0874 Avira Systray - ok
23:04:28.0074 0x0874 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
23:04:28.0896 0x0874 Sidebar - ok
23:04:29.0140 0x0874 [ 6DE8F3D91387412AC2E869FFA0F6ABA6, 68202B155995F14471377E1F0080916B31D6F99F7DA9E5E147399B2E1BA933CE ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
23:04:30.0720 0x0874 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
23:04:33.0095 0x0874 Detect skipped due to KSN trusted
23:04:33.0095 0x0874 LightScribe Control Panel - ok
23:04:33.0159 0x0874 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
23:04:33.0186 0x0874 ehTray.exe - ok
23:04:33.0344 0x0874 [ C08A050F4DC32F8BD1C49D8741A4B795, 855A63C0BF09287861B01B09AB62686F6224913386B19D43A7AF39942CF95B24 ] C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe
23:04:33.0355 0x0874 Suspicious file ( NoAccess ): C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe. md5: C08A050F4DC32F8BD1C49D8741A4B795, sha256: 855A63C0BF09287861B01B09AB62686F6224913386B19D43A7AF39942CF95B24
23:04:33.0356 0x0874 Ryagyna - detected LockedFile.Multi.Generic ( 1 )
23:04:35.0773 0x0874 Ryagyna ( LockedFile.Multi.Generic ) - warning
23:04:38.0232 0x0874 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
23:04:38.0278 0x0874 Win FW state via NFP2: enabled
23:04:40.0678 0x0874 ============================================================
23:04:40.0678 0x0874 Scan finished
23:04:40.0678 0x0874 ============================================================
23:04:40.0690 0x0974 Detected object count: 3
23:04:40.0690 0x0974 Actual detected object count: 3
23:07:27.0553 0x0974 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:27.0553 0x0974 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:07:27.0553 0x0974 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
23:07:27.0553 0x0974 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
23:07:27.0555 0x0974 Ryagyna ( LockedFile.Multi.Generic ) - skipped by user
23:07:27.0556 0x0974 Ryagyna ( LockedFile.Multi.Generic ) - User select action: Skip
Gruß, Heinz Pardon, der letzte Satz hat nicht gestimmt. Avira hat yvigi.exe zum Verschieben in die Quarantäne vorgeschlagen. Das habe ich erst nach dem letzten Eintrag hier gemacht. Das Programm taucht nun nicht mehr im Task-Manager auf. Die vielen iexplore.exe sind jedoch auch nach Neustart wieder da. Gruß, Heinz. |
|
08.08.2014, 16:32
| #6 |
| /// the machine /// TB-Ausbilder | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread. Jetzt bitte nochmal einen Suchlauf mit TDSSKiller machen, das Logfile posten.
__________________ --> Vista - viele iexplore.exe-Prozesse, Rechner wird langsam |
|
08.08.2014, 17:31
| #7 |
| | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hallo. Jetzt habe ich AVIRA und die Internetverbindung vorher deaktiviert. Es wurden 7 Threats gefunden, davon 6 unsigned files, für die Skip als default angemarkert war. "Cure" stand nur bei "Rootkit.Boot.Cidox.b". Hab's so gelassen. Das wirst Du ja sicher auch dem Log entnehmen. Gruß, Heinz. Hallo. Hier das Log von Scan und Cure: Code:
ATTFilter 18:18:31.0381 0x1460 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:18:35.0624 0x1460 ============================================================
18:18:35.0624 0x1460 Current date / time: 2014/08/08 18:18:35.0624
18:18:35.0624 0x1460 SystemInfo:
18:18:35.0624 0x1460
18:18:35.0624 0x1460 OS Version: 6.0.6002 ServicePack: 2.0
18:18:35.0624 0x1460 Product type: Workstation
18:18:35.0624 0x1460 ComputerName: C-NOTEBOOK
18:18:35.0624 0x1460 UserName: *********************
18:18:35.0624 0x1460 Windows directory: C:\Windows
18:18:35.0624 0x1460 System windows directory: C:\Windows
18:18:35.0624 0x1460 Processor architecture: Intel x86
18:18:35.0624 0x1460 Number of processors: 2
18:18:35.0624 0x1460 Page size: 0x1000
18:18:35.0624 0x1460 Boot type: Normal boot
18:18:35.0624 0x1460 ============================================================
18:18:35.0827 0x1460 KLMD registered as C:\Windows\system32\drivers\09105042.sys
18:18:36.0201 0x1460 System UUID: {6C8A1B6B-9CE8-2C1D-B0BF-C248C8B2BB4B}
18:18:36.0778 0x1460 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:18:36.0778 0x1460 ============================================================
18:18:36.0778 0x1460 \Device\Harddisk0\DR0:
18:18:36.0778 0x1460 MBR partitions:
18:18:36.0778 0x1460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x1202E000
18:18:36.0778 0x1460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1342E800, BlocksNum 0x11FFF800
18:18:36.0778 0x1460 ============================================================
18:18:36.0856 0x1460 C: <-> \Device\Harddisk0\DR0\Partition1
18:18:36.0903 0x1460 D: <-> \Device\Harddisk0\DR0\Partition2
18:18:36.0903 0x1460 ============================================================
18:18:36.0903 0x1460 Initialize success
18:18:36.0903 0x1460 ============================================================
18:19:30.0627 0x172c ============================================================
18:19:30.0627 0x172c Scan started
18:19:30.0627 0x172c Mode: Manual; SigCheck; TDLFS;
18:19:30.0627 0x172c ============================================================
18:19:30.0627 0x172c KSN ping started
18:19:30.0659 0x172c KSN ping finished: false
18:19:31.0501 0x172c ================ Scan system memory ========================
18:19:31.0501 0x172c System memory - ok
18:19:31.0501 0x172c ================ Scan services =============================
18:19:31.0626 0x172c [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
18:19:31.0719 0x172c AAV UpdateService - ok
18:19:32.0359 0x172c [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:19:32.0390 0x172c ACPI - ok
18:19:32.0499 0x172c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:19:32.0499 0x172c AdobeARMservice - ok
18:19:32.0593 0x172c [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:19:32.0640 0x172c adp94xx - ok
18:19:32.0687 0x172c [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:19:32.0733 0x172c adpahci - ok
18:19:32.0765 0x172c [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:19:32.0811 0x172c adpu160m - ok
18:19:32.0843 0x172c [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:19:32.0874 0x172c adpu320 - ok
18:19:32.0936 0x172c [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:19:33.0061 0x172c AeLookupSvc - ok
18:19:33.0123 0x172c [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
18:19:33.0201 0x172c AFD - ok
18:19:33.0311 0x172c [ CE91B158FA490CF4C4D487A4130F4660, C343AEB125B15E6FC8428499E1C48390EF5073FACB0DC9BAB9040EFB170D04A5 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:19:33.0482 0x172c AgereSoftModem - ok
18:19:33.0513 0x172c [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:19:33.0529 0x172c agp440 - ok
18:19:33.0560 0x172c [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:19:33.0576 0x172c aic78xx - ok
18:19:33.0638 0x172c [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
18:19:33.0857 0x172c ALG - ok
18:19:33.0888 0x172c [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
18:19:33.0903 0x172c aliide - ok
18:19:33.0919 0x172c [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:19:33.0935 0x172c amdagp - ok
18:19:33.0997 0x172c [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
18:19:34.0013 0x172c amdide - ok
18:19:34.0091 0x172c [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:19:34.0153 0x172c AmdK7 - ok
18:19:34.0278 0x172c [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:19:34.0340 0x172c AmdK8 - ok
18:19:34.0434 0x172c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:19:34.0449 0x172c AntiVirSchedulerService - ok
18:19:34.0512 0x172c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:19:34.0527 0x172c AntiVirService - ok
18:19:34.0590 0x172c [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
18:19:34.0637 0x172c Appinfo - ok
18:19:34.0699 0x172c [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
18:19:34.0715 0x172c arc - ok
18:19:34.0761 0x172c [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:19:34.0761 0x172c arcsas - ok
18:19:35.0245 0x172c [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:19:35.0385 0x172c aspnet_state - ok
18:19:35.0417 0x172c [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:19:35.0479 0x172c AsyncMac - ok
18:19:35.0495 0x172c [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
18:19:35.0510 0x172c atapi - ok
18:19:35.0573 0x172c [ 91E15B0A1D6F7B99ACE55D04C6D1544A, 23988261D07D009437F6AD78641E44E690058E85A5C81568DAE999679EE58112 ] athr C:\Windows\system32\DRIVERS\athr.sys
18:19:35.0682 0x172c athr - ok
18:19:35.0729 0x172c [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:19:35.0760 0x172c AudioEndpointBuilder - ok
18:19:35.0822 0x172c [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:19:35.0853 0x172c Audiosrv - ok
18:19:35.0900 0x172c [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:19:35.0916 0x172c avgntflt - ok
18:19:35.0978 0x172c [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:19:35.0994 0x172c avipbb - ok
18:19:36.0119 0x172c [ 8F9FB2E345549C1432249BDB8B9C1C0A, 337370238116022987D3CA957CFDAC9D953990F2AC513ACBFBA2D05E35A5F400 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
18:19:36.0134 0x172c Avira.OE.ServiceHost - ok
18:19:36.0181 0x172c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:19:36.0197 0x172c avkmgr - ok
18:19:36.0259 0x172c [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
18:19:36.0462 0x172c bcm4sbxp - ok
18:19:36.0555 0x172c [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:19:36.0571 0x172c BcmSqlStartupSvc - ok
18:19:36.0633 0x172c [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
18:19:36.0696 0x172c Beep - ok
18:19:36.0758 0x172c [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
18:19:36.0867 0x172c BFE - ok
18:19:36.0961 0x172c [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
18:19:37.0055 0x172c BITS - ok
18:19:37.0101 0x172c [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:19:37.0148 0x172c blbdrive - ok
18:19:37.0179 0x172c [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:19:37.0226 0x172c bowser - ok
18:19:37.0242 0x172c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:19:37.0257 0x172c BrFiltLo - ok
18:19:37.0273 0x172c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:19:37.0335 0x172c BrFiltUp - ok
18:19:37.0351 0x172c [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
18:19:37.0398 0x172c Browser - ok
18:19:37.0476 0x172c [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:19:37.0569 0x172c Brserid - ok
18:19:37.0601 0x172c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:19:37.0663 0x172c BrSerWdm - ok
18:19:37.0679 0x172c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:19:37.0741 0x172c BrUsbMdm - ok
18:19:37.0772 0x172c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:19:37.0850 0x172c BrUsbSer - ok
18:19:37.0897 0x172c [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
18:19:37.0913 0x172c BthEnum - ok
18:19:37.0959 0x172c [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:19:38.0006 0x172c BTHMODEM - ok
18:19:38.0022 0x172c [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:19:38.0100 0x172c BthPan - ok
18:19:38.0147 0x172c [ 671134053D59E23704F08DB19F11E10B, 7AFE5B6646B9A38EFAF127B7C820463CC06C4B8B82BC76259DA346B51377EA0B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:19:38.0209 0x172c BTHPORT - ok
18:19:38.0240 0x172c [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
18:19:38.0271 0x172c BthServ - ok
18:19:38.0287 0x172c [ 93D7007E2C660DFCCA6AE72622740B14, 3483FD5060CE7FB9208A8016D5D79EC88DA63BF6C656EFC476AAA3D912DB451F ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:19:38.0334 0x172c BTHUSB - ok
18:19:38.0381 0x172c [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1, 4AF75222BF49EBFA93C98DF206D715DFE2B5EB742BDE06622256F628A756AAD6 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:19:38.0396 0x172c btwaudio - ok
18:19:38.0412 0x172c [ 195872E48A7FB01F8BC9B800F70F4054, 5F37D7CE44F00791241911BA1E77AD5DAD22C08584F19367BBE27BBFA3484616 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:19:38.0443 0x172c btwavdt - ok
18:19:38.0474 0x172c [ 0724E7D6C9B6A289EDDDA33FA8176E80, 836BFED3A4A374AB1C699D950D87A0709F529FD65B860890699584640490DBE8 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:19:38.0490 0x172c btwrchid - ok
18:19:38.0786 0x172c catchme - ok
18:19:38.0817 0x172c [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:19:38.0895 0x172c cdfs - ok
18:19:38.0958 0x172c [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:19:39.0005 0x172c cdrom - ok
18:19:39.0051 0x172c [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
18:19:39.0145 0x172c CertPropSvc - ok
18:19:39.0176 0x172c [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
18:19:39.0207 0x172c circlass - ok
18:19:39.0270 0x172c [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
18:19:39.0301 0x172c CLFS - ok
18:19:39.0363 0x172c [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:19:39.0379 0x172c clr_optimization_v2.0.50727_32 - ok
18:19:39.0457 0x172c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:19:39.0504 0x172c clr_optimization_v4.0.30319_32 - ok
18:19:39.0597 0x172c [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:19:39.0644 0x172c CmBatt - ok
18:19:39.0675 0x172c [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:19:39.0707 0x172c cmdide - ok
18:19:39.0722 0x172c [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:19:39.0738 0x172c Compbatt - ok
18:19:39.0738 0x172c COMSysApp - ok
18:19:39.0753 0x172c [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:19:39.0769 0x172c crcdisk - ok
18:19:39.0785 0x172c [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:19:39.0847 0x172c Crusoe - ok
18:19:39.0941 0x172c [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:19:40.0003 0x172c CryptSvc - ok
18:19:40.0081 0x172c [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:19:40.0190 0x172c DcomLaunch - ok
18:19:40.0237 0x172c [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:19:40.0346 0x172c DfsC - ok
18:19:40.0455 0x172c [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
18:19:40.0643 0x172c DFSR - ok
18:19:40.0705 0x172c [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:19:40.0736 0x172c Dhcp - ok
18:19:40.0783 0x172c [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
18:19:40.0799 0x172c disk - ok
18:19:40.0845 0x172c [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:19:40.0908 0x172c Dnscache - ok
18:19:40.0986 0x172c [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
18:19:41.0048 0x172c dot3svc - ok
18:19:41.0079 0x172c [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
18:19:41.0111 0x172c DPS - ok
18:19:41.0142 0x172c [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:19:41.0189 0x172c drmkaud - ok
18:19:41.0251 0x172c [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:19:41.0282 0x172c DXGKrnl - ok
18:19:41.0345 0x172c [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:19:41.0376 0x172c E1G60 - ok
18:19:41.0438 0x172c [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
18:19:41.0501 0x172c EapHost - ok
18:19:41.0547 0x172c [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
18:19:41.0563 0x172c Ecache - ok
18:19:41.0641 0x172c [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:19:41.0688 0x172c ehRecvr - ok
18:19:41.0703 0x172c [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
18:19:41.0750 0x172c ehSched - ok
18:19:41.0781 0x172c [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
18:19:41.0813 0x172c ehstart - ok
18:19:41.0844 0x172c [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:19:41.0891 0x172c elxstor - ok
18:19:42.0015 0x172c [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:19:42.0125 0x172c EMDMgmt - ok
18:19:42.0187 0x172c [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:19:42.0218 0x172c ErrDev - ok
18:19:42.0296 0x172c [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
18:19:42.0359 0x172c EventSystem - ok
18:19:42.0483 0x172c [ 87BFD4EF2F43399DA37B48B42A84A749, DCD62246CBD60708C0F97F403F557410FBD09E726A1FA2F87351EB38F5A32CC8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:19:42.0546 0x172c EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
18:19:42.0624 0x172c EvtEng ( UnsignedFile.Multi.Generic ) - warning
18:19:42.0717 0x172c [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
18:19:42.0764 0x172c exfat - ok
18:19:42.0795 0x172c [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:19:42.0811 0x172c fastfat - ok
18:19:42.0842 0x172c [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:19:42.0889 0x172c fdc - ok
18:19:42.0936 0x172c [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
18:19:42.0967 0x172c fdPHost - ok
18:19:42.0998 0x172c [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
18:19:43.0061 0x172c FDResPub - ok
18:19:43.0092 0x172c [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:19:43.0107 0x172c FileInfo - ok
18:19:43.0123 0x172c [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:19:43.0154 0x172c Filetrace - ok
18:19:43.0185 0x172c [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:19:43.0201 0x172c flpydisk - ok
18:19:43.0263 0x172c [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:19:43.0279 0x172c FltMgr - ok
18:19:43.0404 0x172c [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
18:19:43.0529 0x172c FontCache - ok
18:19:43.0607 0x172c [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:19:43.0622 0x172c FontCache3.0.0.0 - ok
18:19:43.0669 0x172c [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:19:43.0700 0x172c Fs_Rec - ok
18:19:43.0731 0x172c [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:19:43.0747 0x172c gagp30kx - ok
18:19:43.0794 0x172c [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
18:19:43.0903 0x172c gpsvc - ok
18:19:43.0981 0x172c [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:19:44.0028 0x172c HdAudAddService - ok
18:19:44.0121 0x172c [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:19:44.0215 0x172c HDAudBus - ok
18:19:44.0246 0x172c [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:19:44.0293 0x172c HidBth - ok
18:19:44.0324 0x172c [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
18:19:44.0387 0x172c HidIr - ok
18:19:44.0433 0x172c [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
18:19:44.0465 0x172c hidserv - ok
18:19:44.0496 0x172c [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:19:44.0543 0x172c HidUsb - ok
18:19:44.0574 0x172c [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
18:19:44.0636 0x172c hkmsvc - ok
18:19:44.0683 0x172c [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:19:44.0699 0x172c HpCISSs - ok
18:19:44.0808 0x172c [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:19:44.0917 0x172c HTTP - ok
18:19:45.0026 0x172c [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:19:45.0073 0x172c hwdatacard - ok
18:19:45.0120 0x172c [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:19:45.0151 0x172c i2omp - ok
18:19:45.0198 0x172c [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:19:45.0260 0x172c i8042prt - ok
18:19:45.0525 0x172c [ 496DB78E6A0C4C44023D9A92B4A7AC31, 2B44213C39F05090D2057E3A21C1718DFC4478E976D44255B6FA5C3B8CF20FFF ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
18:19:45.0697 0x172c ialm - ok
18:19:45.0728 0x172c [ F263A9036F8897FFA2AE54685E03AD60, 8286D4BE1F684E2B0DB5258ADBBD679A9A9D95CC435FA6B7D394A9E94B0FBE89 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:19:45.0744 0x172c iaStor - ok
18:19:45.0806 0x172c [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:19:45.0837 0x172c iaStorV - ok
18:19:45.0962 0x172c [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:19:46.0040 0x172c idsvc - ok
18:19:46.0118 0x172c [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:19:46.0134 0x172c iirsp - ok
18:19:46.0181 0x172c [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
18:19:46.0259 0x172c IKEEXT - ok
18:19:46.0383 0x172c [ FFD2B3BC042596ABE785D3C15F51AB46, C2CA6E15FE95ADE211325CA907FBC213DB3B5E871DBD22CC485837FAB4E9BCEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:19:46.0461 0x172c IntcAzAudAddService - ok
18:19:46.0524 0x172c [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
18:19:46.0539 0x172c intelide - ok
18:19:46.0571 0x172c [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:19:46.0602 0x172c intelppm - ok
18:19:46.0633 0x172c [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:19:46.0680 0x172c IPBusEnum - ok
18:19:46.0711 0x172c [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:19:46.0742 0x172c IpFilterDriver - ok
18:19:46.0805 0x172c [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:19:46.0836 0x172c iphlpsvc - ok
18:19:46.0851 0x172c IpInIp - ok
18:19:46.0867 0x172c [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:19:46.0898 0x172c IPMIDRV - ok
18:19:46.0914 0x172c [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:19:46.0945 0x172c IPNAT - ok
18:19:46.0976 0x172c [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:19:47.0007 0x172c IRENUM - ok
18:19:47.0023 0x172c [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:19:47.0039 0x172c isapnp - ok
18:19:47.0101 0x172c [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:19:47.0117 0x172c iScsiPrt - ok
18:19:47.0148 0x172c [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:19:47.0163 0x172c iteatapi - ok
18:19:47.0195 0x172c [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:19:47.0195 0x172c iteraid - ok
18:19:47.0226 0x172c [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:19:47.0241 0x172c kbdclass - ok
18:19:47.0273 0x172c [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:19:47.0319 0x172c kbdhid - ok
18:19:47.0351 0x172c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
18:19:47.0397 0x172c KeyIso - ok
18:19:47.0429 0x172c [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
18:19:47.0444 0x172c KMDFMEMIO - ok
18:19:47.0522 0x172c [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:19:47.0553 0x172c KSecDD - ok
18:19:47.0600 0x172c [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:19:47.0663 0x172c KtmRm - ok
18:19:47.0709 0x172c [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
18:19:47.0787 0x172c LanmanServer - ok
18:19:47.0834 0x172c [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:19:47.0881 0x172c LanmanWorkstation - ok
18:19:47.0943 0x172c [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:19:47.0975 0x172c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:19:47.0975 0x172c LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:19:47.0990 0x172c [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:19:48.0021 0x172c lltdio - ok
18:19:48.0084 0x172c [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:19:48.0115 0x172c lltdsvc - ok
18:19:48.0131 0x172c [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:19:48.0177 0x172c lmhosts - ok
18:19:48.0193 0x172c [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:19:48.0224 0x172c LSI_FC - ok
18:19:48.0240 0x172c [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:19:48.0255 0x172c LSI_SAS - ok
18:19:48.0271 0x172c [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:19:48.0287 0x172c LSI_SCSI - ok
18:19:48.0302 0x172c [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
18:19:48.0365 0x172c luafv - ok
18:19:48.0411 0x172c [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:19:48.0458 0x172c Mcx2Svc - ok
18:19:48.0521 0x172c [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
18:19:48.0536 0x172c megasas - ok
18:19:48.0567 0x172c [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:19:48.0599 0x172c MegaSR - ok
18:19:48.0630 0x172c [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
18:19:48.0677 0x172c MMCSS - ok
18:19:48.0692 0x172c [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
18:19:48.0723 0x172c Modem - ok
18:19:48.0786 0x172c [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:19:48.0817 0x172c monitor - ok
18:19:48.0833 0x172c [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:19:48.0848 0x172c mouclass - ok
18:19:48.0864 0x172c [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:19:48.0989 0x172c mouhid - ok
18:19:49.0004 0x172c [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:19:49.0020 0x172c MountMgr - ok
18:19:49.0129 0x172c [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:19:49.0160 0x172c MozillaMaintenance - ok
18:19:49.0223 0x172c [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:19:49.0238 0x172c mpio - ok
18:19:49.0269 0x172c [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:19:49.0301 0x172c mpsdrv - ok
18:19:49.0379 0x172c [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:19:49.0488 0x172c MpsSvc - ok
18:19:49.0503 0x172c [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:19:49.0519 0x172c Mraid35x - ok
18:19:49.0581 0x172c [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:19:49.0628 0x172c MRxDAV - ok
18:19:49.0675 0x172c [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:19:49.0722 0x172c mrxsmb - ok
18:19:49.0784 0x172c [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:19:49.0847 0x172c mrxsmb10 - ok
18:19:49.0893 0x172c [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:19:49.0940 0x172c mrxsmb20 - ok
18:19:50.0018 0x172c [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci C:\Windows\system32\drivers\msahci.sys
18:19:50.0034 0x172c msahci - ok
18:19:50.0065 0x172c [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:19:50.0081 0x172c msdsm - ok
18:19:50.0112 0x172c [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
18:19:50.0143 0x172c MSDTC - ok
18:19:50.0205 0x172c [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:19:50.0237 0x172c Msfs - ok
18:19:50.0299 0x172c [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:19:50.0315 0x172c msisadrv - ok
18:19:50.0377 0x172c [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:19:50.0439 0x172c MSiSCSI - ok
18:19:50.0455 0x172c msiserver - ok
18:19:50.0486 0x172c [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:19:50.0517 0x172c MSKSSRV - ok
18:19:50.0564 0x172c [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:19:50.0595 0x172c MSPCLOCK - ok
18:19:50.0642 0x172c [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:19:50.0689 0x172c MSPQM - ok
18:19:50.0751 0x172c [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:19:50.0783 0x172c MsRPC - ok
18:19:50.0829 0x172c [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:19:50.0845 0x172c mssmbios - ok
18:19:50.0939 0x172c MSSQL$MSSMLBIZ - ok
18:19:50.0970 0x172c [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:19:50.0985 0x172c MSSQLServerADHelper - ok
18:19:51.0048 0x172c [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:19:51.0110 0x172c MSTEE - ok
18:19:51.0141 0x172c [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
18:19:51.0173 0x172c Mup - ok
18:19:51.0266 0x172c [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
18:19:51.0329 0x172c napagent - ok
18:19:51.0422 0x172c [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:19:51.0438 0x172c NativeWifiP - ok
18:19:51.0563 0x172c [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:19:51.0641 0x172c NDIS - ok
18:19:51.0672 0x172c [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:19:51.0719 0x172c NdisTapi - ok
18:19:51.0765 0x172c [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:19:51.0812 0x172c Ndisuio - ok
18:19:51.0875 0x172c [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:19:51.0937 0x172c NdisWan - ok
18:19:51.0953 0x172c [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:19:51.0984 0x172c NDProxy - ok
18:19:52.0046 0x172c [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:19:52.0093 0x172c NetBIOS - ok
18:19:52.0265 0x172c [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:19:52.0296 0x172c netbt - ok
18:19:52.0327 0x172c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
18:19:52.0343 0x172c Netlogon - ok
18:19:52.0389 0x172c [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
18:19:52.0452 0x172c Netman - ok
18:19:52.0499 0x172c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:52.0561 0x172c NetMsmqActivator - ok
18:19:52.0577 0x172c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:52.0592 0x172c NetPipeActivator - ok
18:19:52.0655 0x172c [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
18:19:52.0733 0x172c netprofm - ok
18:19:52.0748 0x172c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:52.0764 0x172c NetTcpActivator - ok
18:19:52.0811 0x172c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:52.0842 0x172c NetTcpPortSharing - ok
18:19:53.0169 0x172c [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
18:19:53.0731 0x172c NETw3v32 - ok
18:19:54.0261 0x172c [ 0B214C6A4728F085FB64A29ED9C4DE94, 5AB06F2D2826482BCD72A9D7574C1DD86FDE68DD67E7D4435F94B86817D4BC40 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
18:19:54.0901 0x172c NETw5v32 - ok
18:19:54.0948 0x172c [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:19:54.0979 0x172c nfrd960 - ok
18:19:55.0026 0x172c [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
18:19:55.0057 0x172c NlaSvc - ok
18:19:55.0135 0x172c [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:19:55.0182 0x172c Npfs - ok
18:19:55.0307 0x172c [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
18:19:55.0322 0x172c nsi - ok
18:19:55.0385 0x172c [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:19:55.0431 0x172c nsiproxy - ok
18:19:55.0619 0x172c [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:19:55.0853 0x172c Ntfs - ok
18:19:55.0884 0x172c [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:19:55.0946 0x172c ntrigdigi - ok
18:19:55.0977 0x172c [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
18:19:56.0040 0x172c Null - ok
18:19:56.0711 0x172c [ 440690DA4358D9682DBCC56DA7D419AB, C6958DF3769665DCF59B39B499AE110253E2482B9E4F3C7A2BC3A75776E4E3EA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:19:58.0286 0x172c nvlddmkm - ok
18:19:58.0349 0x172c [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:19:58.0380 0x172c nvraid - ok
18:19:58.0395 0x172c [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:19:58.0411 0x172c nvstor - ok
18:19:58.0489 0x172c [ 11E1DC466C3E384C1A697B95DC5AA785, F411BB0554A2F19252A4E2B32113C6E9836DFC56C6E856FAEB1A44F562309F98 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:19:58.0536 0x172c nvsvc - ok
18:19:58.0551 0x172c [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:19:58.0583 0x172c nv_agp - ok
18:19:58.0583 0x172c NwlnkFlt - ok
18:19:58.0583 0x172c NwlnkFwd - ok
18:19:58.0801 0x172c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:19:58.0879 0x172c odserv - ok
18:19:58.0926 0x172c [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:19:58.0988 0x172c ohci1394 - ok
18:19:59.0082 0x172c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:19:59.0160 0x172c ose - ok
18:19:59.0253 0x172c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:19:59.0394 0x172c p2pimsvc - ok
18:19:59.0472 0x172c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
18:19:59.0519 0x172c p2psvc - ok
18:19:59.0550 0x172c [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
18:19:59.0612 0x172c Parport - ok
18:19:59.0659 0x172c [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:19:59.0675 0x172c partmgr - ok
18:19:59.0706 0x172c [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:19:59.0784 0x172c Parvdm - ok
18:19:59.0831 0x172c [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
18:19:59.0940 0x172c PcaSvc - ok
18:20:00.0002 0x172c [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
18:20:00.0033 0x172c pci - ok
18:20:00.0111 0x172c [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
18:20:00.0127 0x172c pciide - ok
18:20:00.0205 0x172c [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:20:00.0236 0x172c pcmcia - ok
18:20:00.0345 0x172c [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:20:00.0517 0x172c PEAUTH - ok
18:20:00.0704 0x172c [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
18:20:00.0985 0x172c pla - ok
18:20:01.0032 0x172c [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:20:01.0079 0x172c PlugPlay - ok
18:20:01.0141 0x172c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:20:01.0188 0x172c PNRPAutoReg - ok
18:20:01.0266 0x172c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:20:01.0313 0x172c PNRPsvc - ok
18:20:01.0437 0x172c [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:20:01.0562 0x172c PolicyAgent - ok
18:20:01.0609 0x172c [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:20:01.0656 0x172c PptpMiniport - ok
18:20:01.0687 0x172c [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
18:20:01.0749 0x172c Processor - ok
18:20:01.0812 0x172c [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
18:20:01.0843 0x172c ProfSvc - ok
18:20:01.0843 0x172c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
18:20:01.0859 0x172c ProtectedStorage - ok
18:20:01.0905 0x172c [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:20:01.0952 0x172c PSched - ok
18:20:02.0139 0x172c [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:20:02.0405 0x172c ql2300 - ok
18:20:02.0436 0x172c [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:20:02.0451 0x172c ql40xx - ok
18:20:02.0498 0x172c [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
18:20:02.0545 0x172c QWAVE - ok
18:20:02.0561 0x172c [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:20:02.0592 0x172c QWAVEdrv - ok
18:20:02.0639 0x172c [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:20:02.0670 0x172c RasAcd - ok
18:20:02.0717 0x172c [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
18:20:02.0779 0x172c RasAuto - ok
18:20:02.0795 0x172c [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:20:02.0888 0x172c Rasl2tp - ok
18:20:02.0966 0x172c [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
18:20:03.0013 0x172c RasMan - ok
18:20:03.0060 0x172c [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:20:03.0091 0x172c RasPppoe - ok
18:20:03.0153 0x172c [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:20:03.0169 0x172c RasSstp - ok
18:20:03.0278 0x172c [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:20:03.0419 0x172c rdbss - ok
18:20:03.0450 0x172c [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:20:03.0497 0x172c RDPCDD - ok
18:20:03.0528 0x172c [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:20:03.0575 0x172c rdpdr - ok
18:20:03.0637 0x172c [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:20:03.0699 0x172c RDPENCDD - ok
18:20:03.0793 0x172c [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:20:03.0855 0x172c RDPWD - ok
18:20:03.0949 0x172c [ 3C109EFD0CEF1B540ED3C7F573594BFD, 3AAC865732972E19CD2583209D047D176259A7CB0E8ACEB1E6D91DB82A58DCA7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:20:03.0996 0x172c RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
18:20:03.0996 0x172c RegSrvc ( UnsignedFile.Multi.Generic ) - warning
18:20:04.0058 0x172c [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
18:20:04.0105 0x172c RemoteAccess - ok
18:20:04.0167 0x172c [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:20:04.0245 0x172c RemoteRegistry - ok
18:20:04.0292 0x172c [ 10536B0AD6F416FC7F1149977C28CCDC, F0CE929BBA996762D59570338AC2E7DCC920E76E2E945FEB629E8EBE1B311D19 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:20:04.0386 0x172c RFCOMM - ok
18:20:04.0526 0x172c [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:20:04.0542 0x172c RichVideo - ok
18:20:04.0589 0x172c [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
18:20:04.0651 0x172c RpcLocator - ok
18:20:04.0729 0x172c [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
18:20:04.0776 0x172c RpcSs - ok
18:20:04.0838 0x172c [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:20:04.0885 0x172c rspndr - ok
18:20:04.0901 0x172c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
18:20:04.0916 0x172c SamSs - ok
18:20:05.0072 0x172c [ A9D840FA78F65857EB554229914F855C, AC3BD980ABDAECFE7D824DF71CCBA7D84749B9AD51460D130A9AA9C7B2DE3D3E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
18:20:05.0103 0x172c Samsung Update Plus - detected UnsignedFile.Multi.Generic ( 1 )
18:20:05.0103 0x172c Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
18:20:05.0166 0x172c [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:20:05.0197 0x172c sbp2port - ok
18:20:05.0259 0x172c [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:20:05.0306 0x172c SCardSvr - ok
18:20:05.0447 0x172c [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
18:20:05.0649 0x172c Schedule - ok
18:20:05.0665 0x172c [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
18:20:05.0681 0x172c SCPolicySvc - ok
18:20:05.0727 0x172c [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:20:05.0759 0x172c sdbus - ok
18:20:05.0790 0x172c [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:20:05.0868 0x172c SDRSVC - ok
18:20:05.0946 0x172c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:20:06.0024 0x172c secdrv - ok
18:20:06.0055 0x172c [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
18:20:06.0102 0x172c seclogon - ok
18:20:06.0133 0x172c [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
18:20:06.0164 0x172c SENS - ok
18:20:06.0211 0x172c [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:20:06.0289 0x172c Serenum - ok
18:20:06.0305 0x172c [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
18:20:06.0367 0x172c Serial - ok
18:20:06.0383 0x172c [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:20:06.0414 0x172c sermouse - ok
18:20:06.0461 0x172c [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
18:20:06.0507 0x172c SessionEnv - ok
18:20:06.0523 0x172c [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:20:06.0554 0x172c sffdisk - ok
18:20:06.0570 0x172c [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:20:06.0632 0x172c sffp_mmc - ok
18:20:06.0648 0x172c [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:20:06.0710 0x172c sffp_sd - ok
18:20:06.0741 0x172c [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:20:06.0804 0x172c sfloppy - ok
18:20:06.0851 0x172c [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:20:06.0913 0x172c SharedAccess - ok
18:20:06.0975 0x172c [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:20:07.0053 0x172c ShellHWDetection - ok
18:20:07.0085 0x172c [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:20:07.0116 0x172c sisagp - ok
18:20:07.0131 0x172c [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:20:07.0147 0x172c SiSRaid2 - ok
18:20:07.0178 0x172c [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:20:07.0194 0x172c SiSRaid4 - ok
18:20:07.0615 0x172c [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
18:20:08.0130 0x172c slsvc - ok
18:20:08.0177 0x172c [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:20:08.0223 0x172c SLUINotify - ok
18:20:08.0270 0x172c [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:20:08.0348 0x172c Smb - ok
18:20:08.0379 0x172c [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:20:08.0395 0x172c SNMPTRAP - ok
18:20:08.0426 0x172c [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
18:20:08.0442 0x172c spldr - ok
18:20:08.0489 0x172c [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
18:20:08.0551 0x172c Spooler - ok
18:20:08.0629 0x172c [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:20:08.0645 0x172c SQLBrowser - ok
18:20:08.0691 0x172c [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:20:08.0707 0x172c SQLWriter - ok
18:20:08.0785 0x172c [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
18:20:08.0941 0x172c srv - ok
18:20:09.0003 0x172c [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:20:09.0081 0x172c srv2 - ok
18:20:09.0097 0x172c [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:20:09.0191 0x172c srvnet - ok
18:20:09.0222 0x172c [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:20:09.0269 0x172c SSDPSRV - ok
18:20:09.0315 0x172c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
18:20:09.0315 0x172c ssmdrv - ok
18:20:09.0347 0x172c [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:20:09.0487 0x172c SstpSvc - ok
18:20:09.0596 0x172c [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
18:20:09.0690 0x172c stisvc - ok
18:20:09.0752 0x172c [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:20:09.0768 0x172c swenum - ok
18:20:09.0830 0x172c [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
18:20:09.0893 0x172c swprv - ok
18:20:09.0908 0x172c [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:20:09.0924 0x172c Symc8xx - ok
18:20:09.0939 0x172c [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:20:09.0955 0x172c Sym_hi - ok
18:20:09.0986 0x172c [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:20:10.0002 0x172c Sym_u3 - ok
18:20:10.0049 0x172c [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:20:10.0064 0x172c SynTP - ok
18:20:10.0173 0x172c [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
18:20:10.0283 0x172c SysMain - ok
18:20:10.0314 0x172c [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:20:10.0392 0x172c TabletInputService - ok
18:20:10.0454 0x172c [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:20:10.0501 0x172c TapiSrv - ok
18:20:10.0548 0x172c [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
18:20:10.0595 0x172c TBS - ok
18:20:10.0735 0x172c [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:20:10.0844 0x172c Tcpip - ok
18:20:10.0953 0x172c [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:20:11.0031 0x172c Tcpip6 - ok
18:20:11.0063 0x172c [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:20:11.0125 0x172c tcpipreg - ok
18:20:11.0141 0x172c [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:20:11.0219 0x172c TDPIPE - ok
18:20:11.0250 0x172c [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:20:11.0297 0x172c TDTCP - ok
18:20:11.0343 0x172c [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:20:11.0390 0x172c tdx - ok
18:20:11.0453 0x172c [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:20:11.0453 0x172c TermDD - ok
18:20:11.0562 0x172c [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
18:20:11.0624 0x172c TermService - ok
18:20:11.0687 0x172c [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
18:20:11.0702 0x172c Themes - ok
18:20:11.0718 0x172c [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
18:20:11.0749 0x172c THREADORDER - ok
18:20:11.0811 0x172c [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
18:20:11.0858 0x172c TrkWks - ok
18:20:11.0952 0x172c [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:20:11.0967 0x172c TrustedInstaller - ok
18:20:12.0014 0x172c [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:20:12.0092 0x172c tssecsrv - ok
18:20:12.0139 0x172c [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:20:12.0201 0x172c tunmp - ok
18:20:12.0264 0x172c [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:20:12.0295 0x172c tunnel - ok
18:20:12.0326 0x172c [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:20:12.0357 0x172c uagp35 - ok
18:20:12.0404 0x172c [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:20:12.0467 0x172c udfs - ok
18:20:12.0513 0x172c [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:20:12.0560 0x172c UI0Detect - ok
18:20:12.0591 0x172c [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:20:12.0623 0x172c uliagpkx - ok
18:20:12.0654 0x172c [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:20:12.0685 0x172c uliahci - ok
18:20:12.0701 0x172c [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:20:12.0732 0x172c UlSata - ok
18:20:12.0763 0x172c [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:20:12.0779 0x172c ulsata2 - ok
18:20:12.0794 0x172c [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:20:12.0841 0x172c umbus - ok
18:20:12.0919 0x172c [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
18:20:12.0997 0x172c upnphost - ok
18:20:13.0091 0x172c [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:20:13.0122 0x172c usbccgp - ok
18:20:13.0153 0x172c [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:20:13.0231 0x172c usbcir - ok
18:20:13.0293 0x172c [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:20:13.0293 0x172c usbehci - ok
18:20:13.0387 0x172c [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:20:13.0418 0x172c usbhub - ok
18:20:13.0481 0x172c [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:20:13.0559 0x172c usbohci - ok
18:20:13.0574 0x172c [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:20:13.0637 0x172c usbprint - ok
18:20:13.0699 0x172c [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:20:13.0715 0x172c usbscan - ok
18:20:13.0777 0x172c [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:20:13.0824 0x172c USBSTOR - ok
18:20:13.0855 0x172c [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:20:13.0871 0x172c usbuhci - ok
18:20:13.0949 0x172c [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:20:14.0011 0x172c usbvideo - ok
18:20:14.0073 0x172c [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
18:20:14.0136 0x172c UxSms - ok
18:20:14.0261 0x172c [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
18:20:14.0385 0x172c vds - ok
18:20:14.0417 0x172c [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:20:14.0448 0x172c vga - ok
18:20:14.0463 0x172c [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:20:14.0495 0x172c VgaSave - ok
18:20:14.0510 0x172c [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:20:14.0526 0x172c viaagp - ok
18:20:14.0557 0x172c [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:20:14.0604 0x172c ViaC7 - ok
18:20:14.0619 0x172c [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
18:20:14.0635 0x172c viaide - ok
18:20:14.0729 0x172c [ 2B0970A8C0A65874EFF4AA436E651D85, 5674DB79019960E527CE7AE79F7866AFFAA5AE9DAB625EB8987CF17A977C3433 ] VMC302 C:\Windows\system32\Drivers\VMC302.sys
18:20:14.0853 0x172c VMC302 - ok
18:20:14.0916 0x172c [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:20:14.0931 0x172c volmgr - ok
18:20:15.0025 0x172c [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:20:15.0072 0x172c volmgrx - ok
18:20:15.0150 0x172c [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:20:15.0181 0x172c volsnap - ok
18:20:15.0228 0x172c [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:20:15.0259 0x172c vsmraid - ok
18:20:15.0399 0x172c [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
18:20:15.0680 0x172c VSS - ok
18:20:15.0774 0x172c [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
18:20:15.0805 0x172c W32Time - ok
18:20:15.0852 0x172c [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:20:15.0899 0x172c WacomPen - ok
18:20:15.0914 0x172c [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:20:15.0961 0x172c Wanarp - ok
18:20:15.0961 0x172c [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:20:15.0977 0x172c Wanarpv6 - ok
18:20:16.0101 0x172c [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:20:16.0195 0x172c wcncsvc - ok
18:20:16.0226 0x172c [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:20:16.0289 0x172c WcsPlugInService - ok
18:20:16.0304 0x172c [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
18:20:16.0320 0x172c Wd - ok
18:20:16.0429 0x172c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:20:16.0491 0x172c Wdf01000 - ok
18:20:16.0538 0x172c [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:20:16.0585 0x172c WdiServiceHost - ok
18:20:16.0601 0x172c [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:20:16.0632 0x172c WdiSystemHost - ok
18:20:16.0679 0x172c [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
18:20:16.0725 0x172c WebClient - ok
18:20:16.0803 0x172c [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:20:16.0866 0x172c Wecsvc - ok
18:20:16.0913 0x172c [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:20:16.0928 0x172c wercplsupport - ok
18:20:16.0991 0x172c [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
18:20:17.0022 0x172c WerSvc - ok
18:20:17.0100 0x172c [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:20:17.0147 0x172c WinDefend - ok
18:20:17.0162 0x172c WinHttpAutoProxySvc - ok
18:20:17.0303 0x172c [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:20:17.0334 0x172c Winmgmt - ok
18:20:17.0474 0x172c [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
18:20:17.0817 0x172c WinRM - ok
18:20:17.0880 0x172c [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:20:18.0036 0x172c Wlansvc - ok
18:20:18.0083 0x172c [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:20:18.0145 0x172c WmiAcpi - ok
18:20:18.0207 0x172c [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:20:18.0301 0x172c wmiApSrv - ok
18:20:18.0457 0x172c [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:20:18.0582 0x172c WMPNetworkSvc - ok
18:20:18.0644 0x172c [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:20:18.0769 0x172c WPCSvc - ok
18:20:18.0831 0x172c [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:20:18.0894 0x172c WPDBusEnum - ok
18:20:19.0050 0x172c [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:20:19.0081 0x172c WPFFontCache_v0400 - ok
18:20:19.0112 0x172c [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:20:19.0143 0x172c ws2ifsl - ok
18:20:19.0190 0x172c [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
18:20:19.0221 0x172c wscsvc - ok
18:20:19.0221 0x172c WSearch - ok
18:20:19.0549 0x172c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
18:20:19.0955 0x172c wuauserv - ok
18:20:20.0048 0x172c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:20:20.0064 0x172c WudfPf - ok
18:20:20.0126 0x172c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:20:20.0204 0x172c WUDFRd - ok
18:20:20.0251 0x172c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:20:20.0282 0x172c wudfsvc - ok
18:20:20.0391 0x172c [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
18:20:20.0547 0x172c yukonwlh - ok
18:20:20.0547 0x172c ================ Scan global ===============================
18:20:20.0594 0x172c [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
18:20:20.0672 0x172c [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:20:20.0719 0x172c [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:20:20.0797 0x172c [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
18:20:20.0813 0x172c [ Global ] - ok
18:20:20.0813 0x172c ================ Scan MBR ==================================
18:20:20.0844 0x172c [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
18:20:22.0919 0x172c \Device\Harddisk0\DR0 - ok
18:20:22.0919 0x172c ================ Scan VBR ==================================
18:20:22.0934 0x172c [ 92662BA4944BDDB29F269A6305E6DC4A ] \Device\Harddisk0\DR0\Partition1
18:20:23.0012 0x172c \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
18:20:23.0012 0x172c \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
18:20:23.0043 0x172c [ 0B745129D14217F6C7E838A788B3FDA7 ] \Device\Harddisk0\DR0\Partition2
18:20:23.0121 0x172c \Device\Harddisk0\DR0\Partition2 - ok
18:20:23.0121 0x172c ================ Scan generic autorun ======================
18:20:23.0246 0x172c [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
18:20:23.0355 0x172c Windows Defender - ok
18:20:23.0355 0x172c NvCplDaemon - ok
18:20:23.0355 0x172c NvMediaCenter - ok
18:20:24.0011 0x172c [ EB57A9927A39EB86194D664E781633B7, 673F5A8D2ACFE11CAA95FBDDB4962445CCFBBBF3547DDFFB820A335F4F6B1D13 ] C:\Windows\RtHDVCpl.exe
18:20:26.0117 0x172c RtHDVCpl - ok
18:20:26.0288 0x172c [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:20:26.0351 0x172c SynTPEnh - ok
18:20:26.0444 0x172c [ B2B2FE2671DD98A322B0AD7079C0B2B2, A9148336C9A6E44A089514C9BDA22704EB5EFC4069F07ED31E75330D48B4DF97 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
18:20:26.0460 0x172c RemoteControl - ok
18:20:26.0507 0x172c [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
18:20:26.0538 0x172c LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
18:20:26.0538 0x172c LanguageShortcut ( UnsignedFile.Multi.Generic ) - warning
18:20:26.0741 0x172c [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
18:20:26.0787 0x172c avgnt - ok
18:20:26.0959 0x172c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:20:27.0053 0x172c Adobe ARM - ok
18:20:27.0209 0x172c [ 1E873743DEC469609C35275C5557B34D, EC8952601B4643B9B82DA5B7C5A85DD19CC1F07889A2B69E4FCCDCAC296A9FA1 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
18:20:27.0224 0x172c Avira Systray - ok
18:20:27.0411 0x172c [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
18:20:27.0567 0x172c Sidebar - ok
18:20:27.0864 0x172c [ 6DE8F3D91387412AC2E869FFA0F6ABA6, 68202B155995F14471377E1F0080916B31D6F99F7DA9E5E147399B2E1BA933CE ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
18:20:28.0176 0x172c LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
18:20:28.0176 0x172c LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - warning
18:20:28.0254 0x172c [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
18:20:28.0269 0x172c ehTray.exe - ok
18:20:28.0441 0x172c Ryagyna - ok
18:20:28.0519 0x172c AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
18:20:28.0535 0x172c Win FW state via NFP2: enabled
18:20:28.0535 0x172c ============================================================
18:20:28.0535 0x172c Scan finished
18:20:28.0535 0x172c ============================================================
18:20:28.0535 0x1724 Detected object count: 7
18:20:28.0535 0x1724 Actual detected object count: 7
18:24:32.0955 0x1724 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:32.0955 0x1724 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:24:32.0955 0x1724 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:32.0955 0x1724 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:24:32.0955 0x1724 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:32.0955 0x1724 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:24:32.0955 0x1724 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:32.0955 0x1724 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:24:33.0049 0x1724 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
18:24:33.0080 0x1724 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
18:24:33.0111 0x1724 \Device\Harddisk0\DR0\Partition1 - ok
18:24:33.0111 0x1724 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
18:24:33.0111 0x1724 LanguageShortcut ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:33.0111 0x1724 LanguageShortcut ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:24:33.0111 0x1724 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - skipped by user
18:24:33.0111 0x1724 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:24:33.0158 0x1724 KLMD registered as C:\Windows\system32\drivers\33320859.sys
18:24:44.0328 0x1458 Deinitialize success
|
|
08.08.2014, 17:44
| #8 |
| | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hallo Schrauber. Hier das Log vom Scan danach: Code:
ATTFilter 18:33:30.0862 0x06bc TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:33:34.0184 0x06bc ============================================================
18:33:34.0184 0x06bc Current date / time: 2014/08/08 18:33:34.0184
18:33:34.0184 0x06bc SystemInfo:
18:33:34.0184 0x06bc
18:33:34.0184 0x06bc OS Version: 6.0.6002 ServicePack: 2.0
18:33:34.0184 0x06bc Product type: Workstation
18:33:34.0184 0x06bc ComputerName: C-NOTEBOOK
18:33:34.0184 0x06bc UserName: ********************
18:33:34.0184 0x06bc Windows directory: C:\Windows
18:33:34.0184 0x06bc System windows directory: C:\Windows
18:33:34.0184 0x06bc Processor architecture: Intel x86
18:33:34.0184 0x06bc Number of processors: 2
18:33:34.0184 0x06bc Page size: 0x1000
18:33:34.0184 0x06bc Boot type: Normal boot
18:33:34.0184 0x06bc ============================================================
18:33:34.0216 0x06bc BG loaded
18:33:34.0294 0x06bc System UUID: {6C8A1B6B-9CE8-2C1D-B0BF-C248C8B2BB4B}
18:33:34.0746 0x06bc Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:34.0762 0x06bc ============================================================
18:33:34.0762 0x06bc \Device\Harddisk0\DR0:
18:33:34.0762 0x06bc MBR partitions:
18:33:34.0762 0x06bc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x1202E000
18:33:34.0762 0x06bc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1342E800, BlocksNum 0x11FFF800
18:33:34.0762 0x06bc ============================================================
18:33:34.0824 0x06bc C: <-> \Device\Harddisk0\DR0\Partition1
18:33:34.0918 0x06bc D: <-> \Device\Harddisk0\DR0\Partition2
18:33:34.0918 0x06bc ============================================================
18:33:34.0918 0x06bc Initialize success
18:33:34.0918 0x06bc ============================================================
18:33:42.0905 0x10a0 ============================================================
18:33:42.0905 0x10a0 Scan started
18:33:42.0905 0x10a0 Mode: Manual; SigCheck; TDLFS;
18:33:42.0905 0x10a0 ============================================================
18:33:42.0905 0x10a0 KSN ping started
18:33:42.0920 0x10a0 KSN ping finished: false
18:33:43.0638 0x10a0 ================ Scan system memory ========================
18:33:43.0638 0x10a0 System memory - ok
18:33:43.0638 0x10a0 ================ Scan services =============================
18:33:43.0841 0x10a0 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
18:33:43.0934 0x10a0 AAV UpdateService - ok
18:33:44.0231 0x10a0 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:33:44.0246 0x10a0 ACPI - ok
18:33:44.0340 0x10a0 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:33:44.0356 0x10a0 AdobeARMservice - ok
18:33:44.0465 0x10a0 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:33:44.0512 0x10a0 adp94xx - ok
18:33:44.0558 0x10a0 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:33:44.0574 0x10a0 adpahci - ok
18:33:44.0605 0x10a0 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:33:44.0621 0x10a0 adpu160m - ok
18:33:44.0652 0x10a0 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:33:44.0668 0x10a0 adpu320 - ok
18:33:44.0730 0x10a0 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:33:44.0855 0x10a0 AeLookupSvc - ok
18:33:44.0902 0x10a0 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
18:33:44.0995 0x10a0 AFD - ok
18:33:45.0136 0x10a0 [ CE91B158FA490CF4C4D487A4130F4660, C343AEB125B15E6FC8428499E1C48390EF5073FACB0DC9BAB9040EFB170D04A5 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:33:45.0292 0x10a0 AgereSoftModem - ok
18:33:45.0354 0x10a0 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:33:45.0370 0x10a0 agp440 - ok
18:33:45.0385 0x10a0 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:33:45.0401 0x10a0 aic78xx - ok
18:33:45.0432 0x10a0 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
18:33:45.0494 0x10a0 ALG - ok
18:33:45.0526 0x10a0 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
18:33:45.0541 0x10a0 aliide - ok
18:33:45.0572 0x10a0 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:33:45.0588 0x10a0 amdagp - ok
18:33:45.0604 0x10a0 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
18:33:45.0619 0x10a0 amdide - ok
18:33:45.0666 0x10a0 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:33:45.0760 0x10a0 AmdK7 - ok
18:33:45.0791 0x10a0 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:33:45.0853 0x10a0 AmdK8 - ok
18:33:46.0321 0x10a0 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:33:46.0337 0x10a0 AntiVirSchedulerService - ok
18:33:46.0477 0x10a0 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:33:46.0508 0x10a0 AntiVirService - ok
18:33:46.0633 0x10a0 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
18:33:46.0742 0x10a0 Appinfo - ok
18:33:46.0805 0x10a0 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
18:33:46.0820 0x10a0 arc - ok
18:33:46.0914 0x10a0 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:33:46.0930 0x10a0 arcsas - ok
18:33:47.0460 0x10a0 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:33:47.0476 0x10a0 aspnet_state - ok
18:33:47.0522 0x10a0 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:47.0616 0x10a0 AsyncMac - ok
18:33:47.0678 0x10a0 [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
18:33:47.0694 0x10a0 atapi - ok
18:33:48.0053 0x10a0 [ 91E15B0A1D6F7B99ACE55D04C6D1544A, 23988261D07D009437F6AD78641E44E690058E85A5C81568DAE999679EE58112 ] athr C:\Windows\system32\DRIVERS\athr.sys
18:33:48.0162 0x10a0 athr - ok
18:33:48.0302 0x10a0 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:48.0334 0x10a0 AudioEndpointBuilder - ok
18:33:48.0396 0x10a0 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:33:48.0412 0x10a0 Audiosrv - ok
18:33:48.0505 0x10a0 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:33:48.0536 0x10a0 avgntflt - ok
18:33:48.0646 0x10a0 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:33:48.0661 0x10a0 avipbb - ok
18:33:48.0848 0x10a0 [ 8F9FB2E345549C1432249BDB8B9C1C0A, 337370238116022987D3CA957CFDAC9D953990F2AC513ACBFBA2D05E35A5F400 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
18:33:48.0864 0x10a0 Avira.OE.ServiceHost - ok
18:33:48.0926 0x10a0 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:33:48.0942 0x10a0 avkmgr - ok
18:33:49.0082 0x10a0 [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
18:33:49.0160 0x10a0 bcm4sbxp - ok
18:33:49.0394 0x10a0 [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:33:49.0394 0x10a0 BcmSqlStartupSvc - ok
18:33:49.0472 0x10a0 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
18:33:49.0535 0x10a0 Beep - ok
18:33:49.0675 0x10a0 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
18:33:49.0753 0x10a0 BFE - ok
18:33:50.0003 0x10a0 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
18:33:50.0081 0x10a0 BITS - ok
18:33:50.0159 0x10a0 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:33:50.0206 0x10a0 blbdrive - ok
18:33:50.0268 0x10a0 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:33:50.0330 0x10a0 bowser - ok
18:33:50.0596 0x10a0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:33:50.0642 0x10a0 BrFiltLo - ok
18:33:50.0674 0x10a0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:33:50.0752 0x10a0 BrFiltUp - ok
18:33:50.0814 0x10a0 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
18:33:50.0908 0x10a0 Browser - ok
18:33:50.0986 0x10a0 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:33:51.0126 0x10a0 Brserid - ok
18:33:51.0173 0x10a0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:33:51.0235 0x10a0 BrSerWdm - ok
18:33:51.0266 0x10a0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:33:51.0329 0x10a0 BrUsbMdm - ok
18:33:51.0329 0x10a0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:33:51.0407 0x10a0 BrUsbSer - ok
18:33:51.0500 0x10a0 [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
18:33:51.0578 0x10a0 BthEnum - ok
18:33:51.0672 0x10a0 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:33:51.0734 0x10a0 BTHMODEM - ok
18:33:51.0797 0x10a0 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:33:51.0844 0x10a0 BthPan - ok
18:33:51.0984 0x10a0 [ 671134053D59E23704F08DB19F11E10B, 7AFE5B6646B9A38EFAF127B7C820463CC06C4B8B82BC76259DA346B51377EA0B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:33:52.0046 0x10a0 BTHPORT - ok
18:33:52.0093 0x10a0 [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
18:33:52.0156 0x10a0 BthServ - ok
18:33:52.0187 0x10a0 [ 93D7007E2C660DFCCA6AE72622740B14, 3483FD5060CE7FB9208A8016D5D79EC88DA63BF6C656EFC476AAA3D912DB451F ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:33:52.0249 0x10a0 BTHUSB - ok
18:33:52.0405 0x10a0 [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1, 4AF75222BF49EBFA93C98DF206D715DFE2B5EB742BDE06622256F628A756AAD6 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:33:52.0421 0x10a0 btwaudio - ok
18:33:52.0452 0x10a0 [ 195872E48A7FB01F8BC9B800F70F4054, 5F37D7CE44F00791241911BA1E77AD5DAD22C08584F19367BBE27BBFA3484616 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:33:52.0468 0x10a0 btwavdt - ok
18:33:52.0530 0x10a0 [ 0724E7D6C9B6A289EDDDA33FA8176E80, 836BFED3A4A374AB1C699D950D87A0709F529FD65B860890699584640490DBE8 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:33:52.0546 0x10a0 btwrchid - ok
18:33:52.0982 0x10a0 catchme - ok
18:33:53.0045 0x10a0 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:33:53.0107 0x10a0 cdfs - ok
18:33:53.0201 0x10a0 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:33:53.0248 0x10a0 cdrom - ok
18:33:53.0341 0x10a0 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
18:33:53.0419 0x10a0 CertPropSvc - ok
18:33:53.0450 0x10a0 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
18:33:53.0528 0x10a0 circlass - ok
18:33:53.0591 0x10a0 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
18:33:53.0606 0x10a0 CLFS - ok
18:33:53.0762 0x10a0 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:53.0778 0x10a0 clr_optimization_v2.0.50727_32 - ok
18:33:53.0856 0x10a0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:33:53.0887 0x10a0 clr_optimization_v4.0.30319_32 - ok
18:33:53.0996 0x10a0 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:54.0043 0x10a0 CmBatt - ok
18:33:54.0090 0x10a0 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:33:54.0090 0x10a0 cmdide - ok
18:33:54.0137 0x10a0 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:33:54.0152 0x10a0 Compbatt - ok
18:33:54.0152 0x10a0 COMSysApp - ok
18:33:54.0168 0x10a0 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:33:54.0184 0x10a0 crcdisk - ok
18:33:54.0215 0x10a0 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:33:54.0262 0x10a0 Crusoe - ok
18:33:54.0324 0x10a0 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:33:54.0402 0x10a0 CryptSvc - ok
18:33:54.0558 0x10a0 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:33:54.0589 0x10a0 DcomLaunch - ok
18:33:54.0636 0x10a0 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:33:54.0698 0x10a0 DfsC - ok
18:33:55.0088 0x10a0 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
18:33:55.0244 0x10a0 DFSR - ok
18:33:55.0354 0x10a0 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:33:55.0385 0x10a0 Dhcp - ok
18:33:55.0478 0x10a0 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
18:33:55.0478 0x10a0 disk - ok
18:33:55.0572 0x10a0 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:33:55.0619 0x10a0 Dnscache - ok
18:33:55.0697 0x10a0 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
18:33:55.0744 0x10a0 dot3svc - ok
18:33:55.0853 0x10a0 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
18:33:55.0900 0x10a0 DPS - ok
18:33:56.0009 0x10a0 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:33:56.0118 0x10a0 drmkaud - ok
18:33:56.0227 0x10a0 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:33:56.0274 0x10a0 DXGKrnl - ok
18:33:56.0368 0x10a0 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:33:56.0414 0x10a0 E1G60 - ok
18:33:56.0524 0x10a0 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
18:33:56.0570 0x10a0 EapHost - ok
18:33:56.0695 0x10a0 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
18:33:56.0711 0x10a0 Ecache - ok
18:33:56.0882 0x10a0 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:33:56.0960 0x10a0 ehRecvr - ok
18:33:57.0023 0x10a0 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
18:33:57.0116 0x10a0 ehSched - ok
18:33:57.0179 0x10a0 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
18:33:57.0226 0x10a0 ehstart - ok
18:33:57.0366 0x10a0 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:33:57.0397 0x10a0 elxstor - ok
18:33:57.0522 0x10a0 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:33:57.0631 0x10a0 EMDMgmt - ok
18:33:57.0725 0x10a0 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:33:57.0787 0x10a0 ErrDev - ok
18:33:57.0881 0x10a0 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
18:33:57.0912 0x10a0 EventSystem - ok
18:33:58.0146 0x10a0 [ 87BFD4EF2F43399DA37B48B42A84A749, DCD62246CBD60708C0F97F403F557410FBD09E726A1FA2F87351EB38F5A32CC8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:33:58.0208 0x10a0 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
18:33:58.0286 0x10a0 EvtEng ( UnsignedFile.Multi.Generic ) - warning
18:33:58.0380 0x10a0 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
18:33:58.0427 0x10a0 exfat - ok
18:33:58.0458 0x10a0 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:33:58.0474 0x10a0 fastfat - ok
18:33:58.0520 0x10a0 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:33:58.0552 0x10a0 fdc - ok
18:33:58.0583 0x10a0 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
18:33:58.0614 0x10a0 fdPHost - ok
18:33:58.0645 0x10a0 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
18:33:58.0708 0x10a0 FDResPub - ok
18:33:58.0754 0x10a0 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:33:58.0754 0x10a0 FileInfo - ok
18:33:58.0786 0x10a0 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:33:58.0848 0x10a0 Filetrace - ok
18:33:58.0864 0x10a0 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:58.0895 0x10a0 flpydisk - ok
18:33:58.0942 0x10a0 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:33:58.0957 0x10a0 FltMgr - ok
18:33:59.0160 0x10a0 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
18:33:59.0222 0x10a0 FontCache - ok
18:33:59.0285 0x10a0 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:33:59.0300 0x10a0 FontCache3.0.0.0 - ok
18:33:59.0332 0x10a0 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:33:59.0410 0x10a0 Fs_Rec - ok
18:33:59.0472 0x10a0 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:33:59.0488 0x10a0 gagp30kx - ok
18:33:59.0581 0x10a0 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
18:33:59.0659 0x10a0 gpsvc - ok
18:33:59.0722 0x10a0 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:33:59.0768 0x10a0 HdAudAddService - ok
18:33:59.0878 0x10a0 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:33:59.0987 0x10a0 HDAudBus - ok
18:34:00.0034 0x10a0 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:34:00.0065 0x10a0 HidBth - ok
18:34:00.0096 0x10a0 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
18:34:00.0174 0x10a0 HidIr - ok
18:34:00.0221 0x10a0 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
18:34:00.0283 0x10a0 hidserv - ok
18:34:00.0299 0x10a0 [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:34:00.0346 0x10a0 HidUsb - ok
18:34:00.0377 0x10a0 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
18:34:00.0424 0x10a0 hkmsvc - ok
18:34:00.0439 0x10a0 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:34:00.0455 0x10a0 HpCISSs - ok
18:34:00.0533 0x10a0 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:34:00.0626 0x10a0 HTTP - ok
18:34:00.0689 0x10a0 [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:34:00.0720 0x10a0 hwdatacard - ok
18:34:00.0767 0x10a0 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:34:00.0782 0x10a0 i2omp - ok
18:34:00.0845 0x10a0 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:34:00.0876 0x10a0 i8042prt - ok
18:34:01.0001 0x10a0 [ 496DB78E6A0C4C44023D9A92B4A7AC31, 2B44213C39F05090D2057E3A21C1718DFC4478E976D44255B6FA5C3B8CF20FFF ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
18:34:01.0110 0x10a0 ialm - ok
18:34:01.0188 0x10a0 [ F263A9036F8897FFA2AE54685E03AD60, 8286D4BE1F684E2B0DB5258ADBBD679A9A9D95CC435FA6B7D394A9E94B0FBE89 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:34:01.0204 0x10a0 iaStor - ok
18:34:01.0219 0x10a0 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:34:01.0235 0x10a0 iaStorV - ok
18:34:01.0391 0x10a0 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:34:01.0438 0x10a0 idsvc - ok
18:34:01.0484 0x10a0 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:34:01.0484 0x10a0 iirsp - ok
18:34:01.0609 0x10a0 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
18:34:01.0672 0x10a0 IKEEXT - ok
18:34:01.0890 0x10a0 [ FFD2B3BC042596ABE785D3C15F51AB46, C2CA6E15FE95ADE211325CA907FBC213DB3B5E871DBD22CC485837FAB4E9BCEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:34:02.0030 0x10a0 IntcAzAudAddService - ok
18:34:02.0077 0x10a0 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
18:34:02.0093 0x10a0 intelide - ok
18:34:02.0108 0x10a0 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:34:02.0155 0x10a0 intelppm - ok
18:34:02.0186 0x10a0 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:34:02.0264 0x10a0 IPBusEnum - ok
18:34:02.0296 0x10a0 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:02.0327 0x10a0 IpFilterDriver - ok
18:34:02.0389 0x10a0 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:34:02.0483 0x10a0 iphlpsvc - ok
18:34:02.0483 0x10a0 IpInIp - ok
18:34:02.0514 0x10a0 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:34:02.0545 0x10a0 IPMIDRV - ok
18:34:02.0623 0x10a0 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:34:02.0654 0x10a0 IPNAT - ok
18:34:02.0717 0x10a0 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:34:02.0732 0x10a0 IRENUM - ok
18:34:02.0764 0x10a0 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:34:02.0779 0x10a0 isapnp - ok
18:34:02.0888 0x10a0 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:34:02.0904 0x10a0 iScsiPrt - ok
18:34:02.0951 0x10a0 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:34:02.0966 0x10a0 iteatapi - ok
18:34:03.0013 0x10a0 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:34:03.0013 0x10a0 iteraid - ok
18:34:03.0060 0x10a0 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:34:03.0060 0x10a0 kbdclass - ok
18:34:03.0091 0x10a0 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:34:03.0154 0x10a0 kbdhid - ok
18:34:03.0185 0x10a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
18:34:03.0200 0x10a0 KeyIso - ok
18:34:03.0232 0x10a0 [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
18:34:03.0263 0x10a0 KMDFMEMIO - ok
18:34:03.0325 0x10a0 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:34:03.0372 0x10a0 KSecDD - ok
18:34:03.0434 0x10a0 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:34:03.0497 0x10a0 KtmRm - ok
18:34:03.0544 0x10a0 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
18:34:03.0606 0x10a0 LanmanServer - ok
18:34:03.0653 0x10a0 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:34:03.0715 0x10a0 LanmanWorkstation - ok
18:34:03.0824 0x10a0 [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:34:03.0840 0x10a0 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:34:03.0840 0x10a0 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:34:03.0856 0x10a0 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:34:03.0887 0x10a0 lltdio - ok
18:34:03.0965 0x10a0 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:34:04.0027 0x10a0 lltdsvc - ok
18:34:04.0043 0x10a0 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:34:04.0090 0x10a0 lmhosts - ok
18:34:04.0136 0x10a0 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:34:04.0152 0x10a0 LSI_FC - ok
18:34:04.0183 0x10a0 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:34:04.0199 0x10a0 LSI_SAS - ok
18:34:04.0292 0x10a0 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:34:04.0308 0x10a0 LSI_SCSI - ok
18:34:04.0339 0x10a0 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
18:34:04.0386 0x10a0 luafv - ok
18:34:04.0433 0x10a0 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:34:04.0464 0x10a0 Mcx2Svc - ok
18:34:04.0495 0x10a0 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
18:34:04.0511 0x10a0 megasas - ok
18:34:04.0542 0x10a0 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:34:04.0589 0x10a0 MegaSR - ok
18:34:04.0604 0x10a0 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
18:34:04.0651 0x10a0 MMCSS - ok
18:34:04.0667 0x10a0 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
18:34:04.0698 0x10a0 Modem - ok
18:34:04.0729 0x10a0 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:34:04.0776 0x10a0 monitor - ok
18:34:04.0792 0x10a0 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:34:04.0807 0x10a0 mouclass - ok
18:34:04.0901 0x10a0 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:34:04.0916 0x10a0 mouhid - ok
18:34:04.0948 0x10a0 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:34:04.0963 0x10a0 MountMgr - ok
18:34:05.0026 0x10a0 [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:34:05.0041 0x10a0 MozillaMaintenance - ok
18:34:05.0119 0x10a0 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:34:05.0135 0x10a0 mpio - ok
18:34:05.0213 0x10a0 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:34:05.0228 0x10a0 mpsdrv - ok
18:34:05.0291 0x10a0 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:34:05.0384 0x10a0 MpsSvc - ok
18:34:05.0400 0x10a0 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:34:05.0416 0x10a0 Mraid35x - ok
18:34:05.0447 0x10a0 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:34:05.0494 0x10a0 MRxDAV - ok
18:34:05.0540 0x10a0 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:05.0556 0x10a0 mrxsmb - ok
18:34:05.0603 0x10a0 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:05.0650 0x10a0 mrxsmb10 - ok
18:34:05.0650 0x10a0 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:05.0665 0x10a0 mrxsmb20 - ok
18:34:05.0712 0x10a0 [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci C:\Windows\system32\drivers\msahci.sys
18:34:05.0728 0x10a0 msahci - ok
18:34:05.0743 0x10a0 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:34:05.0759 0x10a0 msdsm - ok
18:34:05.0821 0x10a0 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
18:34:05.0884 0x10a0 MSDTC - ok
18:34:05.0915 0x10a0 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:34:05.0946 0x10a0 Msfs - ok
18:34:05.0977 0x10a0 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:34:05.0993 0x10a0 msisadrv - ok
18:34:06.0008 0x10a0 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:34:06.0040 0x10a0 MSiSCSI - ok
18:34:06.0055 0x10a0 msiserver - ok
18:34:06.0102 0x10a0 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:34:06.0149 0x10a0 MSKSSRV - ok
18:34:06.0180 0x10a0 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:06.0211 0x10a0 MSPCLOCK - ok
18:34:06.0211 0x10a0 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:34:06.0258 0x10a0 MSPQM - ok
18:34:06.0320 0x10a0 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:34:06.0336 0x10a0 MsRPC - ok
18:34:06.0352 0x10a0 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:34:06.0367 0x10a0 mssmbios - ok
18:34:06.0461 0x10a0 MSSQL$MSSMLBIZ - ok
18:34:06.0586 0x10a0 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:34:06.0586 0x10a0 MSSQLServerADHelper - ok
18:34:06.0648 0x10a0 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:34:06.0664 0x10a0 MSTEE - ok
18:34:06.0710 0x10a0 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
18:34:06.0726 0x10a0 Mup - ok
18:34:06.0788 0x10a0 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
18:34:06.0835 0x10a0 napagent - ok
18:34:06.0898 0x10a0 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:34:06.0913 0x10a0 NativeWifiP - ok
18:34:06.0976 0x10a0 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:34:07.0007 0x10a0 NDIS - ok
18:34:07.0054 0x10a0 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:07.0116 0x10a0 NdisTapi - ok
18:34:07.0132 0x10a0 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:07.0147 0x10a0 Ndisuio - ok
18:34:07.0178 0x10a0 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:07.0210 0x10a0 NdisWan - ok
18:34:07.0225 0x10a0 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:34:07.0241 0x10a0 NDProxy - ok
18:34:07.0241 0x10a0 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:34:07.0272 0x10a0 NetBIOS - ok
18:34:07.0319 0x10a0 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:34:07.0381 0x10a0 netbt - ok
18:34:07.0412 0x10a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
18:34:07.0428 0x10a0 Netlogon - ok
18:34:07.0490 0x10a0 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
18:34:07.0537 0x10a0 Netman - ok
18:34:07.0600 0x10a0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:34:07.0615 0x10a0 NetMsmqActivator - ok
18:34:07.0662 0x10a0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:34:07.0678 0x10a0 NetPipeActivator - ok
18:34:07.0724 0x10a0 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
18:34:07.0771 0x10a0 netprofm - ok
18:34:07.0787 0x10a0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:34:07.0802 0x10a0 NetTcpActivator - ok
18:34:07.0818 0x10a0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:34:07.0849 0x10a0 NetTcpPortSharing - ok
18:34:07.0990 0x10a0 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
18:34:08.0146 0x10a0 NETw3v32 - ok
18:34:08.0489 0x10a0 [ 0B214C6A4728F085FB64A29ED9C4DE94, 5AB06F2D2826482BCD72A9D7574C1DD86FDE68DD67E7D4435F94B86817D4BC40 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
18:34:08.0707 0x10a0 NETw5v32 - ok
18:34:08.0723 0x10a0 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:34:08.0738 0x10a0 nfrd960 - ok
18:34:08.0785 0x10a0 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
18:34:08.0816 0x10a0 NlaSvc - ok
18:34:08.0894 0x10a0 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:34:08.0957 0x10a0 Npfs - ok
18:34:08.0972 0x10a0 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
18:34:09.0004 0x10a0 nsi - ok
18:34:09.0035 0x10a0 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:34:09.0082 0x10a0 nsiproxy - ok
18:34:09.0160 0x10a0 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:34:09.0222 0x10a0 Ntfs - ok
18:34:09.0238 0x10a0 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:34:09.0284 0x10a0 ntrigdigi - ok
18:34:09.0300 0x10a0 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
18:34:09.0331 0x10a0 Null - ok
18:34:10.0002 0x10a0 [ 440690DA4358D9682DBCC56DA7D419AB, C6958DF3769665DCF59B39B499AE110253E2482B9E4F3C7A2BC3A75776E4E3EA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:34:10.0423 0x10a0 nvlddmkm - ok
18:34:10.0454 0x10a0 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:34:10.0470 0x10a0 nvraid - ok
18:34:10.0486 0x10a0 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:34:10.0501 0x10a0 nvstor - ok
18:34:10.0579 0x10a0 [ 11E1DC466C3E384C1A697B95DC5AA785, F411BB0554A2F19252A4E2B32113C6E9836DFC56C6E856FAEB1A44F562309F98 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:34:10.0642 0x10a0 nvsvc - ok
18:34:10.0657 0x10a0 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:34:10.0673 0x10a0 nv_agp - ok
18:34:10.0673 0x10a0 NwlnkFlt - ok
18:34:10.0673 0x10a0 NwlnkFwd - ok
18:34:10.0766 0x10a0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:34:10.0782 0x10a0 odserv - ok
18:34:10.0844 0x10a0 [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:34:10.0876 0x10a0 ohci1394 - ok
18:34:10.0922 0x10a0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:10.0938 0x10a0 ose - ok
18:34:11.0078 0x10a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:34:11.0156 0x10a0 p2pimsvc - ok
18:34:11.0203 0x10a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
18:34:11.0250 0x10a0 p2psvc - ok
18:34:11.0328 0x10a0 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
18:34:11.0375 0x10a0 Parport - ok
18:34:11.0422 0x10a0 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:34:11.0437 0x10a0 partmgr - ok
18:34:11.0453 0x10a0 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:34:11.0515 0x10a0 Parvdm - ok
18:34:11.0562 0x10a0 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
18:34:11.0593 0x10a0 PcaSvc - ok
18:34:11.0656 0x10a0 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
18:34:11.0671 0x10a0 pci - ok
18:34:11.0687 0x10a0 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
18:34:11.0702 0x10a0 pciide - ok
18:34:11.0765 0x10a0 [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:34:11.0780 0x10a0 pcmcia - ok
18:34:11.0843 0x10a0 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:34:11.0968 0x10a0 PEAUTH - ok
18:34:12.0217 0x10a0 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
18:34:12.0326 0x10a0 pla - ok
18:34:12.0389 0x10a0 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:34:12.0436 0x10a0 PlugPlay - ok
18:34:12.0467 0x10a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:34:12.0560 0x10a0 PNRPAutoReg - ok
18:34:12.0623 0x10a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:34:12.0670 0x10a0 PNRPsvc - ok
18:34:12.0716 0x10a0 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:34:12.0794 0x10a0 PolicyAgent - ok
18:34:12.0826 0x10a0 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:34:12.0872 0x10a0 PptpMiniport - ok
18:34:12.0888 0x10a0 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
18:34:12.0950 0x10a0 Processor - ok
18:34:12.0966 0x10a0 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
18:34:12.0982 0x10a0 ProfSvc - ok
18:34:13.0028 0x10a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
18:34:13.0044 0x10a0 ProtectedStorage - ok
18:34:13.0091 0x10a0 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:34:13.0122 0x10a0 PSched - ok
18:34:13.0372 0x10a0 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:34:13.0481 0x10a0 ql2300 - ok
18:34:13.0512 0x10a0 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:34:13.0528 0x10a0 ql40xx - ok
18:34:13.0606 0x10a0 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
18:34:13.0621 0x10a0 QWAVE - ok
18:34:13.0652 0x10a0 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:34:13.0668 0x10a0 QWAVEdrv - ok
18:34:13.0715 0x10a0 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:34:13.0746 0x10a0 RasAcd - ok
18:34:13.0793 0x10a0 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
18:34:13.0824 0x10a0 RasAuto - ok
18:34:13.0855 0x10a0 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:13.0886 0x10a0 Rasl2tp - ok
18:34:13.0949 0x10a0 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
18:34:13.0996 0x10a0 RasMan - ok
18:34:14.0027 0x10a0 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:14.0058 0x10a0 RasPppoe - ok
18:34:14.0120 0x10a0 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:34:14.0136 0x10a0 RasSstp - ok
18:34:14.0198 0x10a0 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:34:14.0261 0x10a0 rdbss - ok
18:34:14.0276 0x10a0 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:14.0308 0x10a0 RDPCDD - ok
18:34:14.0339 0x10a0 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:34:14.0370 0x10a0 rdpdr - ok
18:34:14.0432 0x10a0 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:34:14.0464 0x10a0 RDPENCDD - ok
18:34:14.0510 0x10a0 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:34:14.0557 0x10a0 RDPWD - ok
18:34:14.0620 0x10a0 [ 3C109EFD0CEF1B540ED3C7F573594BFD, 3AAC865732972E19CD2583209D047D176259A7CB0E8ACEB1E6D91DB82A58DCA7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:34:14.0666 0x10a0 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
18:34:14.0666 0x10a0 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
18:34:14.0666 0x10a0 Force sending object to P2P due to detect: RegSrvc
18:34:14.0682 0x10a0 Object send P2P result: false
18:34:14.0713 0x10a0 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
18:34:14.0760 0x10a0 RemoteAccess - ok
18:34:14.0807 0x10a0 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:34:14.0854 0x10a0 RemoteRegistry - ok
18:34:14.0885 0x10a0 [ 10536B0AD6F416FC7F1149977C28CCDC, F0CE929BBA996762D59570338AC2E7DCC920E76E2E945FEB629E8EBE1B311D19 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:34:14.0916 0x10a0 RFCOMM - ok
18:34:15.0041 0x10a0 [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:34:15.0056 0x10a0 RichVideo - ok
18:34:15.0103 0x10a0 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
18:34:15.0134 0x10a0 RpcLocator - ok
18:34:15.0166 0x10a0 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
18:34:15.0212 0x10a0 RpcSs - ok
18:34:15.0259 0x10a0 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:34:15.0306 0x10a0 rspndr - ok
18:34:15.0337 0x10a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
18:34:15.0353 0x10a0 SamSs - ok
18:34:15.0446 0x10a0 [ A9D840FA78F65857EB554229914F855C, AC3BD980ABDAECFE7D824DF71CCBA7D84749B9AD51460D130A9AA9C7B2DE3D3E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
18:34:15.0462 0x10a0 Samsung Update Plus - detected UnsignedFile.Multi.Generic ( 1 )
18:34:15.0462 0x10a0 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
18:34:15.0478 0x10a0 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:34:15.0493 0x10a0 sbp2port - ok
18:34:15.0540 0x10a0 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:34:15.0556 0x10a0 SCardSvr - ok
18:34:15.0634 0x10a0 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
18:34:15.0727 0x10a0 Schedule - ok
18:34:15.0774 0x10a0 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
18:34:15.0790 0x10a0 SCPolicySvc - ok
18:34:15.0868 0x10a0 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:34:15.0914 0x10a0 sdbus - ok
18:34:15.0946 0x10a0 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:34:16.0008 0x10a0 SDRSVC - ok
18:34:16.0039 0x10a0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:34:16.0086 0x10a0 secdrv - ok
18:34:16.0102 0x10a0 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
18:34:16.0148 0x10a0 seclogon - ok
18:34:16.0164 0x10a0 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
18:34:16.0195 0x10a0 SENS - ok
18:34:16.0211 0x10a0 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:34:16.0258 0x10a0 Serenum - ok
18:34:16.0273 0x10a0 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
18:34:16.0336 0x10a0 Serial - ok
18:34:16.0351 0x10a0 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:34:16.0382 0x10a0 sermouse - ok
18:34:16.0414 0x10a0 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
18:34:16.0476 0x10a0 SessionEnv - ok
18:34:16.0507 0x10a0 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:34:16.0523 0x10a0 sffdisk - ok
18:34:16.0554 0x10a0 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:34:16.0585 0x10a0 sffp_mmc - ok
18:34:16.0616 0x10a0 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:34:16.0663 0x10a0 sffp_sd - ok
18:34:16.0694 0x10a0 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:34:16.0726 0x10a0 sfloppy - ok
18:34:16.0835 0x10a0 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:34:16.0897 0x10a0 SharedAccess - ok
18:34:16.0944 0x10a0 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:16.0975 0x10a0 ShellHWDetection - ok
18:34:17.0006 0x10a0 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:34:17.0022 0x10a0 sisagp - ok
18:34:17.0038 0x10a0 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:34:17.0053 0x10a0 SiSRaid2 - ok
18:34:17.0069 0x10a0 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:34:17.0084 0x10a0 SiSRaid4 - ok
18:34:17.0303 0x10a0 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
18:34:17.0537 0x10a0 slsvc - ok
18:34:17.0584 0x10a0 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:34:17.0615 0x10a0 SLUINotify - ok
18:34:17.0662 0x10a0 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:34:17.0693 0x10a0 Smb - ok
18:34:17.0740 0x10a0 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:34:17.0740 0x10a0 SNMPTRAP - ok
18:34:17.0786 0x10a0 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
18:34:17.0802 0x10a0 spldr - ok
18:34:17.0864 0x10a0 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
18:34:17.0911 0x10a0 Spooler - ok
18:34:17.0974 0x10a0 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:34:17.0974 0x10a0 SQLBrowser - ok
18:34:18.0020 0x10a0 [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:34:18.0036 0x10a0 SQLWriter - ok
18:34:18.0145 0x10a0 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
18:34:18.0192 0x10a0 srv - ok
18:34:18.0270 0x10a0 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:34:18.0317 0x10a0 srv2 - ok
18:34:18.0332 0x10a0 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:34:18.0395 0x10a0 srvnet - ok
18:34:18.0410 0x10a0 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:34:18.0457 0x10a0 SSDPSRV - ok
18:34:18.0488 0x10a0 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
18:34:18.0488 0x10a0 ssmdrv - ok
18:34:18.0551 0x10a0 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:34:18.0566 0x10a0 SstpSvc - ok
18:34:18.0629 0x10a0 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
18:34:18.0691 0x10a0 stisvc - ok
18:34:18.0738 0x10a0 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:34:18.0754 0x10a0 swenum - ok
18:34:18.0894 0x10a0 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
18:34:18.0956 0x10a0 swprv - ok
18:34:18.0972 0x10a0 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:34:18.0988 0x10a0 Symc8xx - ok
18:34:19.0019 0x10a0 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:34:19.0034 0x10a0 Sym_hi - ok
18:34:19.0066 0x10a0 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:34:19.0081 0x10a0 Sym_u3 - ok
18:34:19.0144 0x10a0 [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:34:19.0159 0x10a0 SynTP - ok
18:34:19.0268 0x10a0 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
18:34:19.0315 0x10a0 SysMain - ok
18:34:19.0378 0x10a0 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:19.0424 0x10a0 TabletInputService - ok
18:34:19.0502 0x10a0 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:34:19.0534 0x10a0 TapiSrv - ok
18:34:19.0565 0x10a0 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
18:34:19.0612 0x10a0 TBS - ok
18:34:19.0799 0x10a0 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:34:19.0877 0x10a0 Tcpip - ok
18:34:20.0033 0x10a0 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:34:20.0080 0x10a0 Tcpip6 - ok
18:34:20.0111 0x10a0 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:34:20.0173 0x10a0 tcpipreg - ok
18:34:20.0220 0x10a0 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:34:20.0267 0x10a0 TDPIPE - ok
18:34:20.0298 0x10a0 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:34:20.0329 0x10a0 TDTCP - ok
18:34:20.0392 0x10a0 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:34:20.0423 0x10a0 tdx - ok
18:34:20.0454 0x10a0 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:34:20.0470 0x10a0 TermDD - ok
18:34:20.0563 0x10a0 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
18:34:20.0610 0x10a0 TermService - ok
18:34:20.0657 0x10a0 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
18:34:20.0672 0x10a0 Themes - ok
18:34:20.0688 0x10a0 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
18:34:20.0719 0x10a0 THREADORDER - ok
18:34:20.0735 0x10a0 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
18:34:20.0782 0x10a0 TrkWks - ok
18:34:20.0844 0x10a0 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:20.0860 0x10a0 TrustedInstaller - ok
18:34:20.0906 0x10a0 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:20.0953 0x10a0 tssecsrv - ok
18:34:20.0984 0x10a0 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:34:21.0000 0x10a0 tunmp - ok
18:34:21.0047 0x10a0 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:34:21.0062 0x10a0 tunnel - ok
18:34:21.0078 0x10a0 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:34:21.0094 0x10a0 uagp35 - ok
18:34:21.0156 0x10a0 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:34:21.0187 0x10a0 udfs - ok
18:34:21.0203 0x10a0 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:34:21.0234 0x10a0 UI0Detect - ok
18:34:21.0265 0x10a0 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:34:21.0281 0x10a0 uliagpkx - ok
18:34:21.0296 0x10a0 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:34:21.0328 0x10a0 uliahci - ok
18:34:21.0374 0x10a0 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:34:21.0374 0x10a0 UlSata - ok
18:34:21.0515 0x10a0 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:34:21.0530 0x10a0 ulsata2 - ok
18:34:21.0546 0x10a0 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:34:21.0624 0x10a0 umbus - ok
18:34:21.0671 0x10a0 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
18:34:21.0733 0x10a0 upnphost - ok
18:34:21.0796 0x10a0 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:21.0811 0x10a0 usbccgp - ok
18:34:21.0842 0x10a0 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:34:21.0889 0x10a0 usbcir - ok
18:34:21.0952 0x10a0 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:34:21.0967 0x10a0 usbehci - ok
18:34:22.0014 0x10a0 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:34:22.0030 0x10a0 usbhub - ok
18:34:22.0076 0x10a0 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:34:22.0154 0x10a0 usbohci - ok
18:34:22.0170 0x10a0 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:34:22.0201 0x10a0 usbprint - ok
18:34:22.0248 0x10a0 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:34:22.0279 0x10a0 usbscan - ok
18:34:22.0310 0x10a0 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:22.0342 0x10a0 USBSTOR - ok
18:34:22.0373 0x10a0 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:34:22.0388 0x10a0 usbuhci - ok
18:34:22.0420 0x10a0 [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:34:22.0466 0x10a0 usbvideo - ok
18:34:22.0498 0x10a0 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
18:34:22.0544 0x10a0 UxSms - ok
18:34:22.0638 0x10a0 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
18:34:22.0747 0x10a0 vds - ok
18:34:22.0778 0x10a0 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:22.0810 0x10a0 vga - ok
18:34:22.0825 0x10a0 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:34:22.0856 0x10a0 VgaSave - ok
18:34:22.0872 0x10a0 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:34:22.0888 0x10a0 viaagp - ok
18:34:22.0903 0x10a0 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:34:22.0934 0x10a0 ViaC7 - ok
18:34:22.0966 0x10a0 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
18:34:22.0966 0x10a0 viaide - ok
18:34:23.0044 0x10a0 [ 2B0970A8C0A65874EFF4AA436E651D85, 5674DB79019960E527CE7AE79F7866AFFAA5AE9DAB625EB8987CF17A977C3433 ] VMC302 C:\Windows\system32\Drivers\VMC302.sys
18:34:23.0090 0x10a0 VMC302 - ok
18:34:23.0122 0x10a0 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:34:23.0122 0x10a0 volmgr - ok
18:34:23.0184 0x10a0 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:34:23.0215 0x10a0 volmgrx - ok
18:34:23.0278 0x10a0 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:34:23.0293 0x10a0 volsnap - ok
18:34:23.0340 0x10a0 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:34:23.0356 0x10a0 vsmraid - ok
18:34:23.0418 0x10a0 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
18:34:23.0527 0x10a0 VSS - ok
18:34:23.0558 0x10a0 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
18:34:23.0574 0x10a0 W32Time - ok
18:34:23.0636 0x10a0 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:34:23.0668 0x10a0 WacomPen - ok
18:34:23.0730 0x10a0 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:34:23.0777 0x10a0 Wanarp - ok
18:34:23.0777 0x10a0 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:34:23.0808 0x10a0 Wanarpv6 - ok
18:34:23.0839 0x10a0 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:34:23.0870 0x10a0 wcncsvc - ok
18:34:23.0902 0x10a0 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:23.0948 0x10a0 WcsPlugInService - ok
18:34:23.0980 0x10a0 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
18:34:23.0995 0x10a0 Wd - ok
18:34:24.0136 0x10a0 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:34:24.0182 0x10a0 Wdf01000 - ok
18:34:24.0214 0x10a0 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:34:24.0260 0x10a0 WdiServiceHost - ok
18:34:24.0260 0x10a0 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:34:24.0292 0x10a0 WdiSystemHost - ok
18:34:24.0338 0x10a0 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
18:34:24.0385 0x10a0 WebClient - ok
18:34:24.0432 0x10a0 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:34:24.0479 0x10a0 Wecsvc - ok
18:34:24.0510 0x10a0 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:34:24.0541 0x10a0 wercplsupport - ok
18:34:24.0588 0x10a0 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
18:34:24.0619 0x10a0 WerSvc - ok
18:34:24.0697 0x10a0 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:34:24.0713 0x10a0 WinDefend - ok
18:34:24.0728 0x10a0 WinHttpAutoProxySvc - ok
18:34:24.0916 0x10a0 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:34:24.0947 0x10a0 Winmgmt - ok
18:34:25.0118 0x10a0 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
18:34:25.0228 0x10a0 WinRM - ok
18:34:25.0321 0x10a0 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:34:25.0430 0x10a0 Wlansvc - ok
18:34:25.0477 0x10a0 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:34:25.0508 0x10a0 WmiAcpi - ok
18:34:25.0555 0x10a0 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:34:25.0618 0x10a0 wmiApSrv - ok
18:34:25.0774 0x10a0 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:34:25.0867 0x10a0 WMPNetworkSvc - ok
18:34:25.0914 0x10a0 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:34:25.0961 0x10a0 WPCSvc - ok
18:34:26.0008 0x10a0 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:34:26.0023 0x10a0 WPDBusEnum - ok
18:34:26.0257 0x10a0 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:34:26.0335 0x10a0 WPFFontCache_v0400 - ok
18:34:26.0366 0x10a0 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:34:26.0398 0x10a0 ws2ifsl - ok
18:34:26.0444 0x10a0 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
18:34:26.0476 0x10a0 wscsvc - ok
18:34:26.0476 0x10a0 WSearch - ok
18:34:26.0772 0x10a0 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
18:34:26.0881 0x10a0 wuauserv - ok
18:34:26.0912 0x10a0 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:34:26.0959 0x10a0 WudfPf - ok
18:34:26.0990 0x10a0 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:34:27.0053 0x10a0 WUDFRd - ok
18:34:27.0068 0x10a0 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:34:27.0084 0x10a0 wudfsvc - ok
18:34:27.0115 0x10a0 [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
18:34:27.0178 0x10a0 yukonwlh - ok
18:34:27.0178 0x10a0 ================ Scan global ===============================
18:34:27.0193 0x10a0 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
18:34:27.0287 0x10a0 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:34:27.0380 0x10a0 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
18:34:27.0458 0x10a0 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
18:34:27.0458 0x10a0 [ Global ] - ok
18:34:27.0458 0x10a0 ================ Scan MBR ==================================
18:34:27.0490 0x10a0 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
18:34:29.0611 0x10a0 \Device\Harddisk0\DR0 - ok
18:34:29.0611 0x10a0 ================ Scan VBR ==================================
18:34:29.0642 0x10a0 [ 211690BEDEBAA7952FFFD1854795408E ] \Device\Harddisk0\DR0\Partition1
18:34:29.0689 0x10a0 \Device\Harddisk0\DR0\Partition1 - ok
18:34:29.0720 0x10a0 [ 0B745129D14217F6C7E838A788B3FDA7 ] \Device\Harddisk0\DR0\Partition2
18:34:29.0830 0x10a0 \Device\Harddisk0\DR0\Partition2 - ok
18:34:29.0830 0x10a0 ================ Scan generic autorun ======================
18:34:29.0939 0x10a0 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
18:34:29.0986 0x10a0 Windows Defender - ok
18:34:29.0986 0x10a0 NvCplDaemon - ok
18:34:29.0986 0x10a0 NvMediaCenter - ok
18:34:30.0812 0x10a0 [ EB57A9927A39EB86194D664E781633B7, 673F5A8D2ACFE11CAA95FBDDB4962445CCFBBBF3547DDFFB820A335F4F6B1D13 ] C:\Windows\RtHDVCpl.exe
18:34:31.0140 0x10a0 RtHDVCpl - ok
18:34:31.0249 0x10a0 [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:34:31.0296 0x10a0 SynTPEnh - ok
18:34:31.0343 0x10a0 [ B2B2FE2671DD98A322B0AD7079C0B2B2, A9148336C9A6E44A089514C9BDA22704EB5EFC4069F07ED31E75330D48B4DF97 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
18:34:31.0358 0x10a0 RemoteControl - ok
18:34:31.0468 0x10a0 [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
18:34:31.0514 0x10a0 LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
18:34:31.0514 0x10a0 LanguageShortcut ( UnsignedFile.Multi.Generic ) - warning
18:34:31.0608 0x10a0 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
18:34:31.0655 0x10a0 avgnt - ok
18:34:32.0029 0x10a0 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:34:32.0076 0x10a0 Adobe ARM - ok
18:34:32.0185 0x10a0 [ 1E873743DEC469609C35275C5557B34D, EC8952601B4643B9B82DA5B7C5A85DD19CC1F07889A2B69E4FCCDCAC296A9FA1 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
18:34:32.0201 0x10a0 Avira Systray - ok
18:34:32.0513 0x10a0 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
18:34:32.0591 0x10a0 Sidebar - ok
18:34:33.0059 0x10a0 [ 6DE8F3D91387412AC2E869FFA0F6ABA6, 68202B155995F14471377E1F0080916B31D6F99F7DA9E5E147399B2E1BA933CE ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
18:34:33.0199 0x10a0 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
18:34:33.0199 0x10a0 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - warning
18:34:33.0230 0x10a0 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
18:34:33.0246 0x10a0 ehTray.exe - ok
18:34:33.0340 0x10a0 Ryagyna - ok
18:34:33.0355 0x10a0 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
18:34:33.0355 0x10a0 Win FW state via NFP2: enabled
18:34:33.0355 0x10a0 ============================================================
18:34:33.0355 0x10a0 Scan finished
18:34:33.0355 0x10a0 ============================================================
18:34:33.0371 0x10ec Detected object count: 6
18:34:33.0371 0x10ec Actual detected object count: 6
18:34:39.0034 0x10ec EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:39.0034 0x10ec EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:39.0034 0x10ec LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:39.0034 0x10ec LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:39.0034 0x10ec RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:39.0034 0x10ec RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:39.0034 0x10ec Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:39.0034 0x10ec Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:39.0034 0x10ec LanguageShortcut ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:39.0034 0x10ec LanguageShortcut ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:39.0034 0x10ec LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - skipped by user
18:34:39.0034 0x10ec LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:34:47.0848 0x1138 Deinitialize success
Im Task-Manager scheint es bei 2 iexplore.exe-Prozessen zu bleiben. Ist das normal? rundll32.exe und taskeng.exe tauchen auch 2mal auf. Der Windows Defender startet seit dem ComboFix-Versuch nicht mehr. Soweit der Stand. SIEHT GUT AUS! Gruß, Heinz. |
|
09.08.2014, 14:26
| #9 |
| /// the machine /// TB-Ausbilder | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Combofix löschen und neu laden, nochmal versuchen laufen zu lassen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.08.2014, 15:37
| #10 |
| |  Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Das hat diesmal geklappt. :-) Und die Defender-Meldung erscheint auch nicht mehr beim Hochfahren. Prima. Muss ich noch irgendwelche DVD/CD-Emulatoren aktivieren, die vom Defogger deaktiviert wurden? Viele Grüße, Heinz. Geändert von heinz69 (09.08.2014 um 15:52 Uhr) Grund: Schreibfehler |
|
10.08.2014, 05:55
| #11 |
| /// the machine /// TB-Ausbilder | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Wir sind noch nit fertig, bitte das Log von Combofix posten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.08.2014, 19:51
| #12 |
| | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Oh, pardon, da hätte ich ja fast schon zu früh gespendet.  Hier das Log: Code:
ATTFilter ComboFix 14-08-06.02 - ******************** 09.08.2014 15:49:14.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3066.1725 [GMT 2:00]
ausgeführt von:: c:\users\********************\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\CHRIST~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\********************\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-09 bis 2014-08-09 ))))))))))))))))))))))))))))))
.
.
2014-08-09 13:57 . 2014-08-09 14:05 -------- d-----w- c:\users\********************\AppData\Local\temp
2014-08-09 13:57 . 2014-08-09 13:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-08 16:24 . 2014-08-08 16:24 -------- d-----w- C:\TDSSKiller_Quarantine
2014-08-06 20:12 . 2014-08-06 20:13 -------- d-----w- C:\FRST
2014-08-06 06:56 . 2014-08-06 07:31 -------- d-----w- c:\programdata\Package Cache
2014-08-01 22:41 . 2014-08-01 22:41 -------- d-----w- c:\programdata\WindowsSearch
2014-08-01 18:53 . 2014-08-07 21:24 -------- d-----w- c:\users\********************\AppData\Roaming\Nawuka
2014-07-30 20:56 . 2014-06-02 10:31 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-30 20:56 . 2014-06-02 10:30 983552 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-30 20:56 . 2014-06-02 10:30 965120 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-30 20:56 . 2014-06-02 10:30 937472 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-30 20:56 . 2014-06-07 02:08 1305088 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-30 20:56 . 2014-06-07 02:08 149504 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-30 20:56 . 2014-06-07 02:08 114688 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-30 20:56 . 2014-06-07 00:19 2051072 ----a-w- c:\windows\system32\win32k.sys
2014-07-30 20:56 . 2014-06-06 08:59 506880 ----a-w- c:\windows\system32\qedit.dll
2014-07-30 20:56 . 2014-05-30 06:53 273408 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-23 08:52 . 2009-10-11 17:11 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-03 18:50 . 2013-05-30 19:30 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-07-02 03:11 . 2014-08-06 06:44 8217224 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37796F18-D26C-4FDA-BCFB-B5F2603D91A0}\mpengine.dll
2014-06-08 18:29 . 2013-05-30 19:30 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-08 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-08 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-08-06 751184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-24 190032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 08:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.google.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 83.169.185.225 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Ryagyna - c:\users\********************\AppData\Roaming\Nawuka\yvigi.exe
SafeBoot-48416810.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2728)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\windows\System32\lpksetup.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe
c:\program files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\RtHDVCpl.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-09 16:12:21 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-09 14:10
.
Vor Suchlauf: 12 Verzeichnis(se), 88.507.363.328 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 89.929.859.072 Bytes frei
.
- - End Of File - - 579168338B2190E388EB8599ABB16B8F
61A349592C4728853F4A90FF78F7628E
Heinz. |
|
11.08.2014, 20:00
| #13 |
| /// the machine /// TB-Ausbilder | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Das kannst von mir aus auch schon zwischendurch  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.08.2014, 22:32
| #14 |
| | Vista - viele iexplore.exe-Prozesse, Rechner wird langsam Hier zunächst mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.08.2014 Suchlauf-Zeit: 22:36:27 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.11.08 Rootkit Datenbank: v2014.08.04.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x86 Dateisystem: NTFS Benutzer: ******************** Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 274047 Verstrichene Zeit: 7 Min, 46 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 1 PUP.Optional.SuperFish.A, HKU\S-1-5-21-3632521496-3224529923-2213790140-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, In Quarantäne, [bd97edd854272e08226f667c05fd649c], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.304 - Bericht erstellt am 11/08/2014 um 22:55:43
# Aktualisiert 08/08/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : ***************************** - C-NOTEBOOK
# Gestartet von : C:\Users\**********************\Desktop\adwcleaner_3.304.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16464
*************************
AdwCleaner[R0].txt - [852 octets] - [11/08/2014 22:54:42]
AdwCleaner[S0].txt - [774 octets] - [11/08/2014 22:55:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [833 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by **************** on 11.08.2014 at 23:10:25,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\*************\AppData\Roaming\pdfforge"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.08.2014 at 23:13:13,52
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-08-2014
Ran by ******************** (administrator) on C-NOTEBOOK on 11-08-2014 23:28:34
Running from C:\Users\********************\Downloads
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-03-17] (Hewlett-Packard Company)
HKU\S-1-5-21-3632521496-3224529923-2213790140-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
SearchScopes: HKCU - DefaultScope {FC6615C8-41BA-4D79-90FC-33DC7E42EDBA} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {5FFBB15E-0974-4A15-B630-10695677353F} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {606E1179-D5C1-4BDE-9402-FDD915F92834} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {7A598ED0-35EC-4423-970E-835672F06B02} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {B1708A82-0D53-46BD-A543-872339238259} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {FC6615C8-41BA-4D79-90FC-33DC7E42EDBA} URL = hxxp://www.google.de/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-25]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200 2008-05-23] (Intel(R) Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-05-23] (Intel(R) Corporation) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-05-23] (SAMSUNG ELECTRONICS CO., LTD.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-05-30] (Avira GmbH)
R3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242560 2008-04-05] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 23:28 - 2014-08-11 23:28 - 00010003 _____ () C:\Users\********************\Downloads\FRST.txt
2014-08-11 23:26 - 2014-08-11 23:27 - 01091584 _____ (Farbar) C:\Users\********************\Downloads\FRST.exe
2014-08-11 23:25 - 2014-08-11 23:25 - 01091584 _____ (Farbar) C:\Users\********************\Desktop\FRST.exe
2014-08-11 23:13 - 2014-08-11 23:13 - 00000753 _____ () C:\Users\********************\Desktop\JRT.txt
2014-08-11 23:05 - 2014-08-11 23:05 - 00000000 ____D () C:\Windows\ERUNT
2014-08-11 23:04 - 2014-08-11 23:04 - 01016261 _____ (Thisisu) C:\Users\********************\Desktop\JRT.exe
2014-08-11 22:54 - 2014-08-11 22:55 - 00000000 ____D () C:\AdwCleaner
2014-08-11 22:52 - 2014-08-11 22:52 - 01366203 _____ () C:\Users\********************\Desktop\adwcleaner_3.304.exe
2014-08-11 22:45 - 2014-08-11 22:53 - 00001378 _____ () C:\Users\********************\Desktop\mbam.txt
2014-08-11 22:30 - 2014-08-11 23:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 22:30 - 2014-08-11 22:30 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-11 22:30 - 2014-08-11 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-11 22:30 - 2014-08-11 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 22:30 - 2014-08-11 22:30 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-11 22:30 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-11 22:30 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-11 22:30 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-11 22:28 - 2014-08-11 22:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\********************\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-09 16:12 - 2014-08-09 16:12 - 00008523 _____ () C:\ComboFix.txt
2014-08-09 15:43 - 2014-08-09 15:43 - 05568206 ____R (Swearware) C:\Users\********************\Desktop\ComboFix.exe
2014-08-08 18:24 - 2014-08-08 18:24 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-07 22:58 - 2014-08-07 22:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\********************\Desktop\tdsskiller.exe
2014-08-07 08:52 - 2014-08-07 08:52 - 00143376 _____ () C:\Windows\Minidump\Mini080714-02.dmp
2014-08-07 08:39 - 2014-08-07 08:40 - 00143376 _____ () C:\Windows\Minidump\Mini080714-01.dmp
2014-08-07 08:34 - 2014-08-09 16:12 - 00000000 ____D () C:\Qoobox
2014-08-07 08:34 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-07 08:34 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-07 08:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-07 08:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-07 08:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-07 08:34 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-07 08:34 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-07 08:34 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-07 08:33 - 2014-08-09 16:09 - 00000000 ____D () C:\Windows\erdnt
2014-08-06 22:43 - 2014-08-06 22:43 - 00139112 _____ () C:\Windows\Minidump\Mini080614-03.dmp
2014-08-06 22:38 - 2014-08-06 22:38 - 00143376 _____ () C:\Windows\Minidump\Mini080614-02.dmp
2014-08-06 22:24 - 2014-08-07 08:52 - 299781480 _____ () C:\Windows\MEMORY.DMP
2014-08-06 22:24 - 2014-08-07 08:52 - 00000000 ____D () C:\Windows\Minidump
2014-08-06 22:24 - 2014-08-06 22:24 - 00143376 _____ () C:\Windows\Minidump\Mini080614-01.dmp
2014-08-06 22:12 - 2014-08-11 23:28 - 00000000 ____D () C:\FRST
2014-08-06 22:08 - 2014-08-06 22:08 - 00000000 _____ () C:\Users\********************\defogger_reenable
2014-08-06 09:03 - 2014-08-06 09:03 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 08:56 - 2014-08-06 09:31 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-02 00:41 - 2014-08-02 00:41 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-08-02 00:04 - 2014-08-04 21:25 - 00000680 _____ () C:\Users\********************\AppData\Local\d3d9caps.dat
2014-08-01 20:53 - 2014-08-07 23:24 - 00000000 ____D () C:\Users\********************\AppData\Roaming\Nawuka
2014-07-31 21:58 - 2014-07-31 21:58 - 00002082 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-07-30 22:56 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-30 22:56 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-30 22:56 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 23:28 - 2014-08-11 23:28 - 00010003 _____ () C:\Users\********************\Downloads\FRST.txt
2014-08-11 23:28 - 2014-08-06 22:12 - 00000000 ____D () C:\FRST
2014-08-11 23:27 - 2014-08-11 23:26 - 01091584 _____ (Farbar) C:\Users\********************\Downloads\FRST.exe
2014-08-11 23:25 - 2014-08-11 23:25 - 01091584 _____ (Farbar) C:\Users\********************\Desktop\FRST.exe
2014-08-11 23:18 - 2013-03-09 23:38 - 00101608 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-08-11 23:18 - 2006-11-02 14:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-11 23:18 - 2006-11-02 14:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-11 23:13 - 2014-08-11 23:13 - 00000753 _____ () C:\Users\********************\Desktop\JRT.txt
2014-08-11 23:10 - 2014-08-11 22:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 23:08 - 2008-07-08 16:39 - 00191289 _____ () C:\ProgramData\nvModes.001
2014-08-11 23:07 - 2009-01-10 17:17 - 00000000 ____D () C:\Users\********************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-08-11 23:07 - 2008-07-08 16:39 - 00191289 _____ () C:\ProgramData\nvModes.dat
2014-08-11 23:07 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 23:06 - 2008-10-11 04:47 - 01448725 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 23:06 - 2008-07-09 08:09 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-08-11 23:06 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-11 23:05 - 2014-08-11 23:05 - 00000000 ____D () C:\Windows\ERUNT
2014-08-11 23:04 - 2014-08-11 23:04 - 01016261 _____ (Thisisu) C:\Users\********************\Desktop\JRT.exe
2014-08-11 22:57 - 2008-01-21 04:47 - 00080762 _____ () C:\Windows\PFRO.log
2014-08-11 22:55 - 2014-08-11 22:54 - 00000000 ____D () C:\AdwCleaner
2014-08-11 22:53 - 2014-08-11 22:45 - 00001378 _____ () C:\Users\********************\Desktop\mbam.txt
2014-08-11 22:52 - 2014-08-11 22:52 - 01366203 _____ () C:\Users\********************\Desktop\adwcleaner_3.304.exe
2014-08-11 22:30 - 2014-08-11 22:30 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-11 22:30 - 2014-08-11 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-11 22:30 - 2014-08-11 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 22:30 - 2014-08-11 22:30 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-11 22:28 - 2014-08-11 22:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\********************\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-11 20:24 - 2010-08-16 18:35 - 00000000 ____D () C:\Users\********************\Documents\Gospelchor allg
2014-08-09 16:12 - 2014-08-09 16:12 - 00008523 _____ () C:\ComboFix.txt
2014-08-09 16:12 - 2014-08-07 08:34 - 00000000 ____D () C:\Qoobox
2014-08-09 16:12 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-08-09 16:12 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-08-09 16:09 - 2014-08-07 08:33 - 00000000 ____D () C:\Windows\erdnt
2014-08-09 16:04 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-08-09 15:43 - 2014-08-09 15:43 - 05568206 ____R (Swearware) C:\Users\********************\Desktop\ComboFix.exe
2014-08-08 18:24 - 2014-08-08 18:24 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-07 23:24 - 2014-08-01 20:53 - 00000000 ____D () C:\Users\********************\AppData\Roaming\Nawuka
2014-08-07 22:58 - 2014-08-07 22:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\********************\Desktop\tdsskiller.exe
2014-08-07 08:52 - 2014-08-07 08:52 - 00143376 _____ () C:\Windows\Minidump\Mini080714-02.dmp
2014-08-07 08:52 - 2014-08-06 22:24 - 299781480 _____ () C:\Windows\MEMORY.DMP
2014-08-07 08:52 - 2014-08-06 22:24 - 00000000 ____D () C:\Windows\Minidump
2014-08-07 08:40 - 2014-08-07 08:39 - 00143376 _____ () C:\Windows\Minidump\Mini080714-01.dmp
2014-08-06 22:43 - 2014-08-06 22:43 - 00139112 _____ () C:\Windows\Minidump\Mini080614-03.dmp
2014-08-06 22:38 - 2014-08-06 22:38 - 00143376 _____ () C:\Windows\Minidump\Mini080614-02.dmp
2014-08-06 22:24 - 2014-08-06 22:24 - 00143376 _____ () C:\Windows\Minidump\Mini080614-01.dmp
2014-08-06 22:08 - 2014-08-06 22:08 - 00000000 _____ () C:\Users\********************\defogger_reenable
2014-08-06 22:08 - 2009-01-10 17:17 - 00000000 ___HD () C:\Users\********************
2014-08-06 21:51 - 2006-11-02 12:33 - 01714928 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-06 09:31 - 2014-08-06 08:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-06 09:03 - 2014-08-06 09:03 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 09:03 - 2013-05-30 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-06 09:03 - 2013-05-30 21:30 - 00000000 ____D () C:\Program Files\Avira
2014-08-06 08:56 - 2013-05-30 21:30 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 21:42 - 2013-05-21 21:56 - 00000000 ____D () C:\Users\********************\Documents\Steuerfälle
2014-08-04 21:25 - 2014-08-02 00:04 - 00000680 _____ () C:\Users\********************\AppData\Local\d3d9caps.dat
2014-08-02 00:41 - 2014-08-02 00:41 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-08-01 13:56 - 2006-11-02 14:47 - 00374280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-31 22:15 - 2013-05-21 21:45 - 00000000 ____D () C:\ProgramData\AAV
2014-07-31 21:58 - 2014-07-31 21:58 - 00002082 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-07-31 21:58 - 2013-05-21 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2014-07-31 21:55 - 2013-05-21 21:46 - 00000000 ____D () C:\Program Files\Akademische Arbeitsgemeinschaft
2014-07-31 09:01 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-30 23:00 - 2013-08-16 22:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-30 22:58 - 2008-07-08 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-30 22:58 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-23 10:52 - 2009-10-11 19:11 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\********************\AppData\Local\temp\avgnt.exe
C:\Users\********************\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-11 23:14
==================== End Of Log ============================
--- --- --- Gruß, Heinz |
|
12.08.2014, 17:46
| #15 |
| /// the machine /// TB-Ausbilder | Vista - viele iexplore.exe-Prozesse, Rechner wird langsamESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Vista - viele iexplore.exe-Prozesse, Rechner wird langsam |
| adware, antivir, antivirus, bluescreen, desktop, device driver, email, entfernen, excel, home, langsam, port, realtek, registry, rundll, security, server, services.exe, software, svchost.exe, system, trojaner, virus, vista, windows, wlan |
WARNUNG an die MITLESER: 
Linear-Darstellung
