| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 7: Malware im BootsektorWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.09.2014, 15:54
| #1 |
| |  Win 7: Malware im Bootsektor Hallo, Ich habe eine mittelschwere Katastrophe mit meinem Laptop. Erstmal Vorab: Windows 7 Home 64 bit Ich hab mir Wahrscheinlich bei dem Download von Plugins für Adobe Photoshop ein fieses Virus gefangen. (waren auch garkeine Plugins, war eine .exe datei). Jedenfalls ist mein Laptop seit dem unglaublich langsam geworden, und der Taskmanager zeigt an, das der Internet explorer Dauerhaft ausgeführt wird. Avira sagt genau "Es wurde ein Virus oder unerwünschtes programm im Masteboot sektor "boo/cidox.b" gefunden. Ich hab avira jetzt des öfteren durchlaufen lassen, und es jedes mal entfernt, leider ohne erfolg. Nach kurzer Google suche habe ich mir "sophos Anto rootkit" heruntergeladen, welches seit fast 2 Stunden meinen Laptop scannt. a Desweiteren will ich sagen, das ich mich 0 mit dem Spaß auskenne, und euch bitten mir nicht böse zu sein wenn ich etwas nicht sofort verstehe.  und hier mal dieses frst dingen: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Josh (administrator) on JOSH-HP on 08-09-2014 17:04:26
Running from C:\Users\Josh\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Spotify Ltd) C:\Users\Josh\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-08] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586808 2011-04-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [Spotify] => C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-25] (Spotify Ltd)
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [Spotify Web Helper] => C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-25] (Spotify Ltd)
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [YbcbPack] => regsvr32.exe C:\Users\Josh\AppData\Local\YbcbPack\dsbpodkrvasg.dll <===== ATTENTION
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [WerFaultSecure] => "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe"
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\RunOnce: [WerFaultSecure] => "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe"
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Policies\Explorer: [Run] "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe"
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Command Processor: "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe" <===== ATTENTION!
IFEO\earegister.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WerFaultSecure.lnk
ShortcutTarget: WerFaultSecure.lnk -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe (No File)
ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM - {DC7D9CAC-98D4-480A-A614-05D459A05BB1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {DC7D9CAC-98D4-480A-A614-05D459A05BB1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {DC7D9CAC-98D4-480A-A614-05D459A05BB1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C6A6BEBD-105F-46A3-9323-8897A19279E1}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{D597288F-B011-433F-9FF3-4350A0811147}: [NameServer] 8.8.8.8,8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\faststartff@gmail.com [2014-08-30]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\ich@maltegoetz.de [2014-03-08]
FF Extension: YouTube Unblocker - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-20]
FF Extension: Font Property Page - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\{0BD64A0D-DD26-96BF-46A3-8D319EFB73C3} [2014-08-30]
FF Extension: Adblock Plus - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\extensions\faststartff@gmail.com
Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q"
CHR NewTab: Default -> "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchProvider: Default -> webssearches
CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Font Property Page) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-30]
CHR Extension: (Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google-Suche) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Quick start) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-30]
CHR Extension: (Google Mail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-29] (Disc Soft Ltd)
S3 MEMSWEEP2; C:\Windows\system32\CFCE.tmp [6144 2009-06-18] (Sophos Plc) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-08 17:04 - 2014-09-08 17:04 - 00021934 _____ () C:\Users\Josh\Downloads\FRST.txt
2014-09-08 17:04 - 2014-09-08 17:04 - 00000000 ____D () C:\FRST
2014-09-08 17:03 - 2014-09-08 17:04 - 02105344 _____ (Farbar) C:\Users\Josh\Downloads\FRST64.exe
2014-09-08 16:53 - 2014-09-08 16:53 - 00013597 _____ () C:\Users\Josh\Desktop\Ereignisse.rar
2014-09-08 16:45 - 2014-09-08 16:45 - 00705232 _____ () C:\Users\Josh\Desktop\Ereignisse.txt
2014-09-08 16:42 - 2014-09-08 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Josh\Downloads\SpyHunter-installer.exe
2014-09-08 15:39 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\Windows\system32\CFCE.tmp
2014-09-08 15:32 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\Windows\system32\F161.tmp
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-08 15:26 - 2014-09-08 15:26 - 01101648 _____ () C:\Users\Josh\Downloads\Sophos Anti Rootkit - CHIP-Installer.exe
2014-09-05 23:27 - 2014-09-05 23:27 - 00000746 _____ () C:\Users\Josh\Desktop\VueScan.lnk
2014-09-05 23:27 - 2014-09-05 23:27 - 00000000 ____D () C:\Program Files\DIFX
2014-09-05 23:26 - 2014-09-05 23:27 - 00000000 ____D () C:\Program Files\VueScan
2014-09-05 23:25 - 2014-09-05 23:26 - 00000000 ____D () C:\Users\Josh\Downloads\SilverFast Ai
2014-09-05 23:25 - 2014-09-05 23:25 - 00000000 ____D () C:\Users\Josh\Downloads\VueScan Pro 9.4.28 (x86x64) Multilanguage Pre-Activated
2014-09-05 23:11 - 2014-09-05 23:27 - 00015274 _____ () C:\Windows\DPINST.LOG
2014-09-05 23:11 - 2014-09-05 23:11 - 00000000 ____D () C:\Program Files (x86)\VueScan
2014-09-05 23:09 - 2014-09-05 23:10 - 08322592 _____ (Hamrick Software) C:\Users\Josh\Downloads\vuex329442.exe
2014-09-05 17:22 - 2008-11-25 00:00 - 00065793 _____ () C:\Windows\system32\esfw8b.bin
2014-09-05 17:22 - 2008-06-19 00:00 - 00207360 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxuin8b.dll
2014-09-05 17:22 - 2008-06-19 00:00 - 00204800 _____ (SEIKO EPSON CORP.) C:\Windows\SysWOW64\esint8b.dll
2014-09-05 17:22 - 2007-12-28 00:00 - 00084992 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwia8b.dll
2014-09-05 17:22 - 2006-03-10 00:00 - 00004608 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwiaml.dll
2014-09-05 17:19 - 2014-09-05 17:20 - 11557888 _____ () C:\Users\Josh\Downloads\epson324868eu.exe
2014-09-05 17:12 - 2014-09-05 17:22 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-05 17:12 - 2014-09-05 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-09-05 17:12 - 2012-05-22 00:00 - 00465920 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2014-09-05 17:12 - 2009-10-16 00:00 - 00132560 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2014-09-05 17:12 - 2009-10-16 00:00 - 00013824 _____ (Seiko Epson Corporation) C:\Windows\system32\esxcdev.dll
2014-09-05 17:11 - 2014-09-05 17:11 - 17927680 _____ () C:\Users\Josh\Downloads\epson374212eu.exe
2014-09-05 17:01 - 2014-09-05 17:06 - 00001462 _____ () C:\Users\Josh\Sti_Trace.log
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Users\Josh\Downloads\BetterDS3_1.5.3.zip
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Program Files (x86)\BetterDS3_1.5.3.zip
2014-09-03 12:47 - 2014-09-03 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 22:44 - 2014-09-03 23:02 - 00000000 ____D () C:\Users\Josh\Desktop\Essen mit s50 und schwalbe
2014-09-01 16:38 - 2014-09-01 16:56 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen, Nebel
2014-08-31 00:29 - 2014-09-06 18:36 - 00000000 ____D () C:\Users\Josh\Desktop\Neuer Ordner
2014-08-30 19:35 - 2014-08-30 19:36 - 00000000 ____D () C:\Users\Josh\Documents\BFBC2
2014-08-30 19:28 - 2014-08-30 19:28 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-30 19:28 - 2014-08-30 19:28 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-30 17:11 - 2014-08-30 17:11 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-08-30 16:56 - 2014-09-05 11:08 - 00000000 ____D () C:\Users\Josh\AppData\Local\Ahfzworks
2014-08-30 16:56 - 2014-08-30 16:57 - 00000000 ____D () C:\Users\Josh\AppData\Local\YbcbPack
2014-08-30 16:50 - 2014-08-30 16:50 - 00000000 ____D () C:\Users\Josh\AppData\Local\Cool_Mirage
2014-08-30 15:23 - 2014-08-30 15:28 - 00000128 ____H () C:\ProgramData\V93GE
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\LaserSoft Imaging
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\EPSON
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Program Files (x86)\epson
2014-08-30 14:09 - 2014-09-05 17:02 - 00000000 ____D () C:\VueScan
2014-08-30 11:48 - 2014-08-30 12:03 - 00000000 ____D () C:\Users\Josh\Downloads\Battlefield.Bad.Company.2-RELOADED
2014-08-30 10:34 - 2014-08-30 10:40 - 00000000 ____D () C:\Users\Josh\Desktop\Battlefield 2
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-30 10:13 - 2009-08-20 17:24 - 51331352 _____ () C:\Users\Josh\Desktop\Objects_server.zip
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-08-26 12:49 - 2014-08-26 12:50 - 00000000 ____D () C:\Users\Josh\Documents\GTA San Andreas User Files
2014-08-26 12:49 - 2014-08-26 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-08-26 11:45 - 2014-08-26 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BF2 Unlock Weapons Mods
2014-08-26 11:08 - 2014-08-26 11:10 - 00000000 ____D () C:\Users\Josh\Documents\Battlefield 2
2014-08-25 23:15 - 2014-08-25 23:15 - 00000000 ____D () C:\Users\Josh\Desktop\Blog Backup
2014-08-25 19:53 - 2014-08-25 19:55 - 00000000 ____D () C:\Users\Josh\Desktop\Lightroom Presets
2014-08-25 13:01 - 2014-09-08 14:35 - 00000000 ____D () C:\Users\Josh\AppData\Local\Spotify
2014-08-25 13:01 - 2014-08-25 13:01 - 00001785 _____ () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-25 12:56 - 2014-09-08 16:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Spotify
2014-08-22 23:34 - 2014-09-08 14:33 - 00011444 _____ () C:\Windows\PFRO.log
2014-08-22 23:01 - 2014-09-08 14:33 - 00005264 _____ () C:\Windows\setupact.log
2014-08-22 23:01 - 2014-08-22 23:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-17 23:27 - 2014-08-22 22:50 - 00000000 ____D () C:\Windows\Minidump
2014-08-17 18:44 - 2014-08-17 18:44 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:44 - 00000000 ____D () C:\Users\Josh\AppData\Local\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 01101648 _____ () C:\Users\Josh\Better DS3 - CHIP-Installer.exe
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-14 20:45 - 2014-08-14 20:47 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf Flughafen - Basti
2014-08-13 23:47 - 2014-08-15 17:02 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf - Marius, Basti
2014-08-11 21:37 - 2014-08-15 15:45 - 00000000 ____D () C:\Users\Josh\Desktop\Heiligenhaus - Basti
2014-08-09 22:44 - 2014-08-29 21:15 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen x Essen - Schwalbe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-08 17:04 - 2014-09-08 17:04 - 00021934 _____ () C:\Users\Josh\Downloads\FRST.txt
2014-09-08 17:04 - 2014-09-08 17:04 - 00000000 ____D () C:\FRST
2014-09-08 17:04 - 2014-09-08 17:03 - 02105344 _____ (Farbar) C:\Users\Josh\Downloads\FRST64.exe
2014-09-08 16:53 - 2014-09-08 16:53 - 00013597 _____ () C:\Users\Josh\Desktop\Ereignisse.rar
2014-09-08 16:45 - 2014-09-08 16:45 - 00705232 _____ () C:\Users\Josh\Desktop\Ereignisse.txt
2014-09-08 16:42 - 2014-09-08 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Josh\Downloads\SpyHunter-installer.exe
2014-09-08 16:23 - 2014-08-25 12:56 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Spotify
2014-09-08 16:23 - 2013-12-18 16:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-08 15:26 - 2014-09-08 15:26 - 01101648 _____ () C:\Users\Josh\Downloads\Sophos Anti Rootkit - CHIP-Installer.exe
2014-09-08 14:52 - 2013-12-30 00:52 - 00000000 ____D () C:\Users\Josh\AppData\Local\CrashDumps
2014-09-08 14:46 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 14:46 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 14:45 - 2012-03-07 11:18 - 01719697 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 14:44 - 2014-06-29 15:42 - 00000000 ____D () C:\Users\Josh\AppData\Local\Adobe
2014-09-08 14:39 - 2013-12-18 16:11 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5649FCFD-068A-46CF-A4DE-B11D56617AFA}
2014-09-08 14:35 - 2014-08-25 13:01 - 00000000 ____D () C:\Users\Josh\AppData\Local\Spotify
2014-09-08 14:35 - 2014-06-17 19:20 - 00000000 ___RD () C:\Users\Josh\Dropbox
2014-09-08 14:35 - 2014-06-17 19:18 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Dropbox
2014-09-08 14:33 - 2014-08-22 23:34 - 00011444 _____ () C:\Windows\PFRO.log
2014-09-08 14:33 - 2014-08-22 23:01 - 00005264 _____ () C:\Windows\setupact.log
2014-09-08 14:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-06 18:36 - 2014-08-31 00:29 - 00000000 ____D () C:\Users\Josh\Desktop\Neuer Ordner
2014-09-06 00:42 - 2013-12-29 20:51 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\BitTorrent
2014-09-05 23:27 - 2014-09-05 23:27 - 00000746 _____ () C:\Users\Josh\Desktop\VueScan.lnk
2014-09-05 23:27 - 2014-09-05 23:27 - 00000000 ____D () C:\Program Files\DIFX
2014-09-05 23:27 - 2014-09-05 23:26 - 00000000 ____D () C:\Program Files\VueScan
2014-09-05 23:27 - 2014-09-05 23:11 - 00015274 _____ () C:\Windows\DPINST.LOG
2014-09-05 23:26 - 2014-09-05 23:25 - 00000000 ____D () C:\Users\Josh\Downloads\SilverFast Ai
2014-09-05 23:25 - 2014-09-05 23:25 - 00000000 ____D () C:\Users\Josh\Downloads\VueScan Pro 9.4.28 (x86x64) Multilanguage Pre-Activated
2014-09-05 23:11 - 2014-09-05 23:11 - 00000000 ____D () C:\Program Files (x86)\VueScan
2014-09-05 23:10 - 2014-09-05 23:09 - 08322592 _____ (Hamrick Software) C:\Users\Josh\Downloads\vuex329442.exe
2014-09-05 17:22 - 2014-09-05 17:12 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-05 17:20 - 2014-09-05 17:19 - 11557888 _____ () C:\Users\Josh\Downloads\epson324868eu.exe
2014-09-05 17:12 - 2014-09-05 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-09-05 17:11 - 2014-09-05 17:11 - 17927680 _____ () C:\Users\Josh\Downloads\epson374212eu.exe
2014-09-05 17:06 - 2014-09-05 17:01 - 00001462 _____ () C:\Users\Josh\Sti_Trace.log
2014-09-05 17:02 - 2014-08-30 14:09 - 00000000 ____D () C:\VueScan
2014-09-05 17:01 - 2013-12-18 16:06 - 00000000 ____D () C:\Users\Josh
2014-09-05 11:46 - 2013-12-29 03:32 - 00000000 ____D () C:\Users\Josh\Documents\FIFA 12
2014-09-05 11:08 - 2014-08-30 16:56 - 00000000 ____D () C:\Users\Josh\AppData\Local\Ahfzworks
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Users\Josh\Downloads\BetterDS3_1.5.3.zip
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Program Files (x86)\BetterDS3_1.5.3.zip
2014-09-04 18:51 - 2013-12-18 16:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-03 23:02 - 2014-09-01 22:44 - 00000000 ____D () C:\Users\Josh\Desktop\Essen mit s50 und schwalbe
2014-09-03 12:47 - 2014-09-03 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 16:56 - 2014-09-01 16:38 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen, Nebel
2014-08-30 19:36 - 2014-08-30 19:35 - 00000000 ____D () C:\Users\Josh\Documents\BFBC2
2014-08-30 19:33 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-30 19:28 - 2014-08-30 19:28 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-30 19:28 - 2014-08-30 19:28 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-30 17:11 - 2014-08-30 17:11 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-08-30 16:57 - 2014-08-30 16:56 - 00000000 ____D () C:\Users\Josh\AppData\Local\YbcbPack
2014-08-30 16:50 - 2014-08-30 16:50 - 00000000 ____D () C:\Users\Josh\AppData\Local\Cool_Mirage
2014-08-30 16:50 - 2013-12-18 16:22 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-30 16:50 - 2013-12-18 16:11 - 00001609 _____ () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 15:28 - 2014-08-30 15:23 - 00000128 ____H () C:\ProgramData\V93GE
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\LaserSoft Imaging
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\EPSON
2014-08-30 14:12 - 2014-05-05 00:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 14:12 - 2014-05-05 00:37 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Program Files (x86)\epson
2014-08-30 12:03 - 2014-08-30 11:48 - 00000000 ____D () C:\Users\Josh\Downloads\Battlefield.Bad.Company.2-RELOADED
2014-08-30 10:41 - 2013-12-31 15:49 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2014-08-30 10:40 - 2014-08-30 10:34 - 00000000 ____D () C:\Users\Josh\Desktop\Battlefield 2
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-29 22:29 - 2014-05-05 00:37 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-29 22:29 - 2014-05-05 00:37 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-29 21:15 - 2014-08-09 22:44 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen x Essen - Schwalbe
2014-08-26 23:21 - 2011-07-15 06:01 - 00699700 _____ () C:\Windows\system32\perfh007.dat
2014-08-26 23:21 - 2011-07-15 06:01 - 00149550 _____ () C:\Windows\system32\perfc007.dat
2014-08-26 23:21 - 2009-07-14 07:13 - 01620440 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-08-26 14:44 - 2011-07-14 20:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-26 12:50 - 2014-08-26 12:49 - 00000000 ____D () C:\Users\Josh\Documents\GTA San Andreas User Files
2014-08-26 12:49 - 2014-08-26 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-08-26 12:49 - 2013-12-30 00:07 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-26 12:49 - 2013-12-23 18:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-08-26 12:49 - 2013-12-23 18:28 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-26 11:45 - 2014-08-26 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BF2 Unlock Weapons Mods
2014-08-26 11:10 - 2014-08-26 11:08 - 00000000 ____D () C:\Users\Josh\Documents\Battlefield 2
2014-08-25 23:15 - 2014-08-25 23:15 - 00000000 ____D () C:\Users\Josh\Desktop\Blog Backup
2014-08-25 19:55 - 2014-08-25 19:53 - 00000000 ____D () C:\Users\Josh\Desktop\Lightroom Presets
2014-08-25 13:01 - 2014-08-25 13:01 - 00001785 _____ () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-23 22:50 - 2013-12-21 17:30 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\vlc
2014-08-22 23:34 - 2014-06-23 00:24 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-22 23:01 - 2014-08-22 23:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-22 23:00 - 2014-05-20 17:30 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-22 23:00 - 2014-05-20 17:28 - 00000000 ____D () C:\ProgramData\Origin
2014-08-22 22:58 - 2014-08-03 14:37 - 00000000 ____D () C:\Users\Josh\AppData\Local\Unity
2014-08-22 22:50 - 2014-08-17 23:27 - 00000000 ____D () C:\Windows\Minidump
2014-08-17 23:27 - 2014-06-23 20:26 - 04942288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 19:21 - 2013-12-30 00:07 - 00000000 ____D () C:\Users\Josh\AppData\Local\NFS Underground 2
2014-08-17 18:45 - 2014-06-23 20:28 - 00072168 _____ () C:\Users\Josh\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-17 18:44 - 2014-08-17 18:44 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-17 18:44 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Josh\AppData\Local\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 01101648 _____ () C:\Users\Josh\Better DS3 - CHIP-Installer.exe
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-15 17:02 - 2014-08-13 23:47 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf - Marius, Basti
2014-08-15 16:02 - 2014-07-20 00:14 - 00000000 ____D () C:\Users\Josh\Desktop\Essen - Denito, Nils
2014-08-15 15:54 - 2014-02-05 23:19 - 00000000 ____D () C:\Users\Josh\Desktop\Bewerbung
2014-08-15 15:53 - 2014-04-15 19:32 - 00000000 ____D () C:\Users\Josh\Desktop\10-17
2014-08-15 15:45 - 2014-08-11 21:37 - 00000000 ____D () C:\Users\Josh\Desktop\Heiligenhaus - Basti
2014-08-14 20:47 - 2014-08-14 20:45 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf Flughafen - Basti
2014-08-14 20:45 - 2014-06-17 19:18 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-13 10:51 - 2013-12-18 16:48 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Adobe
Files to move or delete:
====================
C:\Users\Josh\Better DS3 - CHIP-Installer.exe
Some content of TEMP:
====================
C:\Users\Josh\AppData\Local\Temp\avgnt.exe
C:\Users\Josh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmc9lc3.dll
C:\Users\Josh\AppData\Local\Temp\htmlayout.dll
C:\Users\Josh\AppData\Local\Temp\tmpBA78.exe
C:\Users\Josh\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-29 15:40
==================== End Of Log ============================
--- --- --- und hier das addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Josh at 2014-09-08 17:05:11
Running from C:\Users\Josh\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
CPU-Control (HKLM-x32\...\CPU-Control_is1) (Version: - Koma-Code)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4119 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Graffiti Studio 2.0 (HKLM-x32\...\Graffiti Studio 2.0_is1) (Version: - Less Rain)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}) (Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}) (Version: 2.4.3 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B446137B-18A1-4FAE-B0E4-ABE8F09705F1}) (Version: 4.1.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{A2E24035-9B11-4E1D-9FBC-FA7F20C16832}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed Most Wanted Black Edition (HKLM-x32\...\Need for Speed Most Wanted Black Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.7 - Google)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.01.0 - Ralink)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Roller Coaster Tycoon 3 Platinum - CarlesNeo ! (HKLM-x32\...\Roller Coaster Tycoon 3 Platinum - CarlesNeo !) (Version: - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Sophos Anti-Rootkit 1.5.0 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.0 - Sophos Plc)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7C8BBDE-FE98-11E1-87C9-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Driver Package - Hamrick Software Image (08/21/2006 1.0.0.6) (HKLM\...\8471012B3F8399ABE3245A7CFC97D18A077429A1) (Version: 08/21/2006 1.0.0.6 - Hamrick Software)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-30 17:11 - 00001394 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
79.142.66.242 www.google-analytics.com.
79.142.66.242 google-analytics.com.
79.142.66.242 connect.facebook.net.
193.107.16.138 www.google-analytics.com.
193.107.16.138 google-analytics.com.
193.107.16.138 connect.facebook.net.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B676187-6AA2-481D-8594-9D9388CDFACE} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Control Panel\srspanel_64.exe [2011-01-14] (SRS Labs, Inc.)
Task: {292241CE-EED8-4FE9-8BCE-EEDE3054C8DD} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {30416528-78D7-4AF7-87C7-8FED569850A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {30BC4EF7-D3BA-4453-AAB0-9C23EC0F956C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {3CF68B91-F0C2-4AF3-8039-A9B778710918} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {4475C269-913C-4D7D-8367-6345F3E347FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {5EA60DD9-7225-48F4-ADA2-96B95A51EE23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {62840F14-A950-4738-9226-2E2ED18FA8CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {6B5E1FA7-97CE-46FB-B145-0A7E1B415950} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {85950537-EA1B-47C7-B023-FFC531BF53E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {A121561D-312C-42D7-AD78-EA743316F125} - System32\Tasks\{35AA11B3-F3E0-450C-9585-BB2D031BBC03} => C:\Program Files (x86)\EA GAMES\Need for Speed Undercover\nfs.exe
Task: {A574F939-BD43-4887-893F-461CEE6C70EC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {A743E416-46D4-4E8A-8510-0DFEFB497FDF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B2B08077-B8E8-4E31-8942-7B7175FECC5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {BBE7E9AE-5E70-4D1F-8BA3-01E61BC93733} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {DB192EB6-67F6-4FF3-802D-810F4223549D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {EAFB8D74-901F-4666-B391-28C88DFE1E6F} - System32\Tasks\AdobeAAMUpdater-1.0-Josh-HP-Josh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-30 16:56 - 2014-08-30 16:56 - 02576896 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll
2014-08-30 16:56 - 2014-08-30 16:56 - 02162688 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-05-07 01:40 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-03-20 15:44 - 2014-03-20 15:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-05-10 19:56 - 2011-05-10 19:56 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00610872 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-30 16:57 - 2014-08-30 16:57 - 00806912 _____ () C:\Users\Josh\AppData\Local\YbcbPack\dsbpodkrvasg.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 36966968 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\libcef.dll
2014-09-08 14:35 - 2014-09-08 14:35 - 00043008 _____ () c:\users\josh\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmc9lc3.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Josh\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00867896 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00886840 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00108600 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\libegl.dll
2014-02-12 12:50 - 2014-02-12 12:50 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2012-03-07 11:16 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-03 12:47 - 2014-09-03 12:47 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 04:23 - 2014-07-09 04:23 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4
AlternateDataStreams: C:\Users\Josh\Cookies:jhpVjgGHP1EYOihgcVrIUuL
AlternateDataStreams: C:\Users\Josh\Lokale Einstellungen:JuPKmyHSwWiNqODTE
AlternateDataStreams: C:\Users\Josh\AppData\Local:JuPKmyHSwWiNqODTE
AlternateDataStreams: C:\Users\Josh\AppData\Local\Anwendungsdaten:JuPKmyHSwWiNqODTE
AlternateDataStreams: C:\Users\Josh\AppData\Local\Temp:NubSTJuWxaRjo74tCKWa43R
AlternateDataStreams: C:\Users\Josh\AppData\Local\Temporary Internet Files:mbsb9FYt6pMKic6HLeAel
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Josh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk => C:\Windows\pss\Need for Speed™ Undercover Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Josh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk => C:\Windows\pss\Real Desktop.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Real Desktop => "C:\Program Files (x86)\Real Desktop\rdesc.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spotify => "C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2014 05:05:13 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (09/08/2014 05:05:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (09/08/2014 04:35:25 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 16
Snapshotkontext: 16
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (09/08/2014 04:35:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 16
Snapshotkontext: 16
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (09/08/2014 03:08:43 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 16
Snapshotkontext: 16
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (09/08/2014 03:08:43 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 16
Snapshotkontext: 16
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (09/08/2014 02:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe, Version: 14.0.1000.275, Zeitstempel: 0x532ae230
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000108c5
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0xTuneUpSystemStatusCheck.exe0
Pfad der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe1
Pfad des fehlerhaften Moduls: TuneUpSystemStatusCheck.exe2
Berichtskennung: TuneUpSystemStatusCheck.exe3
Error: (09/08/2014 02:34:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/06/2014 07:33:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004751d
ID des fehlerhaften Prozesses: 0x524
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (09/06/2014 07:21:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/08/2014 04:51:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/08/2014 04:51:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/08/2014 04:51:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/08/2014 04:51:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/08/2014 04:51:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/08/2014 04:51:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/08/2014 04:51:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/08/2014 04:51:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/08/2014 03:39:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/08/2014 03:39:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-09-08 16:51:44.512
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:44.474
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:43.139
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:43.100
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:42.461
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:42.414
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:40.850
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 16:51:40.798
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 15:39:36.630
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 15:39:36.588
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 6091.86 MB
Available physical RAM: 3471.22 MB
Total Pagefile: 12183.72 MB
Available Pagefile: 8723.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446 GB) (Free:323.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.6 GB) (Free:1.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.95 GB) FAT32
Drive h: (BFBC2) (CDROM) (Total:5.42 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1A644923)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End Of Log ============================
Geändert von Joshunk (08.09.2014 um 16:08 Uhr) |
|
08.09.2014, 16:06
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7: Malware im Bootsektor Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
08.09.2014, 16:17
| #3 |
| | Win 7: Malware im Bootsektor Hallo, danke für die schnelle antwort, aber die Logfiles sind doch als code im Beitrag?
__________________oder sind damit die ergebnisse von Avira gemeint? die lassen sich nicht als code einfügen.. |
|
08.09.2014, 19:05
| #4 |
| /// the machine /// TB-Ausbilder | Win 7: Malware im Bootsektor hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.09.2014, 21:56
| #5 |
| | Win 7: Malware im Bootsektor Bitteschön  h:Code:
ATTFilter 22:52:47.0749 0x21a0 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:52:56.0647 0x21a0 ============================================================
22:52:56.0647 0x21a0 Current date / time: 2014/09/08 22:52:56.0647
22:52:56.0647 0x21a0 SystemInfo:
22:52:56.0647 0x21a0
22:52:56.0647 0x21a0 OS Version: 6.1.7601 ServicePack: 1.0
22:52:56.0647 0x21a0 Product type: Workstation
22:52:56.0647 0x21a0 ComputerName: JOSH-HP
22:52:56.0647 0x21a0 UserName: Josh
22:52:56.0647 0x21a0 Windows directory: C:\Windows
22:52:56.0647 0x21a0 System windows directory: C:\Windows
22:52:56.0647 0x21a0 Running under WOW64
22:52:56.0647 0x21a0 Processor architecture: Intel x64
22:52:56.0647 0x21a0 Number of processors: 4
22:52:56.0647 0x21a0 Page size: 0x1000
22:52:56.0647 0x21a0 Boot type: Normal boot
22:52:56.0647 0x21a0 ============================================================
22:52:57.0067 0x21a0 KLMD registered as C:\Windows\system32\drivers\78333833.sys
22:52:57.0300 0x21a0 System UUID: {A509F6F4-1269-C24B-6566-27A0CBDA2B33}
22:52:57.0747 0x21a0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:52:57.0750 0x21a0 ============================================================
22:52:57.0750 0x21a0 \Device\Harddisk0\DR0:
22:52:57.0751 0x21a0 MBR partitions:
22:52:57.0751 0x21a0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:52:57.0751 0x21a0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C01000
22:52:57.0751 0x21a0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37C65000, BlocksNum 0x1F31000
22:52:57.0751 0x21a0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
22:52:57.0751 0x21a0 ============================================================
22:52:57.0781 0x21a0 C: <-> \Device\Harddisk0\DR0\Partition2
22:52:57.0844 0x21a0 D: <-> \Device\Harddisk0\DR0\Partition3
22:52:57.0855 0x21a0 E: <-> \Device\Harddisk0\DR0\Partition4
22:52:57.0855 0x21a0 ============================================================
22:52:57.0855 0x21a0 Initialize success
22:52:57.0855 0x21a0 ============================================================
22:52:59.0347 0x0efc ============================================================
22:52:59.0347 0x0efc Scan started
22:52:59.0347 0x0efc Mode: Manual;
22:52:59.0347 0x0efc ============================================================
22:52:59.0347 0x0efc KSN ping started
22:53:13.0084 0x0efc KSN ping finished: true
22:53:14.0118 0x0efc ================ Scan system memory ========================
22:53:14.0118 0x0efc System memory - ok
22:53:14.0118 0x0efc ================ Scan services =============================
22:53:14.0276 0x0efc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:53:14.0285 0x0efc 1394ohci - ok
22:53:14.0318 0x0efc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:53:14.0330 0x0efc ACPI - ok
22:53:14.0359 0x0efc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:53:14.0362 0x0efc AcpiPmi - ok
22:53:14.0480 0x0efc [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:14.0491 0x0efc AdobeFlashPlayerUpdateSvc - ok
22:53:14.0522 0x0efc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:53:14.0534 0x0efc adp94xx - ok
22:53:14.0570 0x0efc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:53:14.0579 0x0efc adpahci - ok
22:53:14.0604 0x0efc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:53:14.0611 0x0efc adpu320 - ok
22:53:14.0650 0x0efc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:53:14.0655 0x0efc AeLookupSvc - ok
22:53:14.0693 0x0efc [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
22:53:14.0707 0x0efc AFD - ok
22:53:14.0734 0x0efc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:53:14.0738 0x0efc agp440 - ok
22:53:14.0760 0x0efc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:53:14.0765 0x0efc ALG - ok
22:53:14.0786 0x0efc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:53:14.0789 0x0efc aliide - ok
22:53:14.0796 0x0efc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:53:14.0800 0x0efc amdide - ok
22:53:14.0826 0x0efc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:53:14.0831 0x0efc AmdK8 - ok
22:53:14.0845 0x0efc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:53:14.0850 0x0efc AmdPPM - ok
22:53:14.0861 0x0efc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:53:14.0867 0x0efc amdsata - ok
22:53:14.0889 0x0efc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:53:14.0896 0x0efc amdsbs - ok
22:53:14.0910 0x0efc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:53:14.0914 0x0efc amdxata - ok
22:53:15.0007 0x0efc [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:53:15.0020 0x0efc AntiVirSchedulerService - ok
22:53:15.0062 0x0efc [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:53:15.0074 0x0efc AntiVirService - ok
22:53:15.0121 0x0efc [ CA9E51B4456B64A92FE60A592EE7DE61, 358B95623C8577A158D789FB03910ECB86EE746031C78EC97A6A8EE9A5B0086B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:53:15.0147 0x0efc AntiVirWebService - ok
22:53:15.0167 0x0efc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
22:53:15.0171 0x0efc AppID - ok
22:53:15.0192 0x0efc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:53:15.0198 0x0efc AppIDSvc - ok
22:53:15.0229 0x0efc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
22:53:15.0235 0x0efc Appinfo - ok
22:53:15.0262 0x0efc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
22:53:15.0268 0x0efc arc - ok
22:53:15.0277 0x0efc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:53:15.0282 0x0efc arcsas - ok
22:53:15.0379 0x0efc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:53:15.0385 0x0efc aspnet_state - ok
22:53:15.0408 0x0efc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:15.0411 0x0efc AsyncMac - ok
22:53:15.0438 0x0efc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:53:15.0441 0x0efc atapi - ok
22:53:15.0480 0x0efc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:53:15.0498 0x0efc AudioEndpointBuilder - ok
22:53:15.0546 0x0efc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:53:15.0558 0x0efc AudioSrv - ok
22:53:15.0577 0x0efc [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:53:15.0584 0x0efc avgntflt - ok
22:53:15.0601 0x0efc [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:53:15.0609 0x0efc avipbb - ok
22:53:15.0631 0x0efc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:53:15.0635 0x0efc avkmgr - ok
22:53:15.0645 0x0efc [ 09036D9F85BE6B659D375D2F0BAD0AD2, CCF4D28F60CF8E2B0F781D41F9E9FA84739AC6F948C09203D2498D64222CF990 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:53:15.0650 0x0efc avnetflt - ok
22:53:15.0670 0x0efc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:53:15.0679 0x0efc AxInstSV - ok
22:53:15.0716 0x0efc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:53:15.0728 0x0efc b06bdrv - ok
22:53:15.0750 0x0efc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:53:15.0759 0x0efc b57nd60a - ok
22:53:15.0809 0x0efc [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
22:53:15.0836 0x0efc BCM43XX - ok
22:53:15.0861 0x0efc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:53:15.0869 0x0efc BDESVC - ok
22:53:15.0885 0x0efc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:53:15.0887 0x0efc Beep - ok
22:53:15.0916 0x0efc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:53:15.0948 0x0efc BFE - ok
22:53:16.0006 0x0efc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:53:16.0083 0x0efc BITS - ok
22:53:16.0093 0x0efc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:53:16.0099 0x0efc blbdrive - ok
22:53:16.0107 0x0efc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:53:16.0115 0x0efc bowser - ok
22:53:16.0143 0x0efc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:53:16.0147 0x0efc BrFiltLo - ok
22:53:16.0162 0x0efc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:53:16.0166 0x0efc BrFiltUp - ok
22:53:16.0183 0x0efc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:53:16.0191 0x0efc Browser - ok
22:53:16.0216 0x0efc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:53:16.0229 0x0efc Brserid - ok
22:53:16.0239 0x0efc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:53:16.0245 0x0efc BrSerWdm - ok
22:53:16.0259 0x0efc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:53:16.0263 0x0efc BrUsbMdm - ok
22:53:16.0275 0x0efc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:53:16.0278 0x0efc BrUsbSer - ok
22:53:16.0288 0x0efc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:53:16.0295 0x0efc BTHMODEM - ok
22:53:16.0324 0x0efc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:53:16.0332 0x0efc bthserv - ok
22:53:16.0355 0x0efc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:53:16.0362 0x0efc cdfs - ok
22:53:16.0381 0x0efc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:53:16.0390 0x0efc cdrom - ok
22:53:16.0407 0x0efc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:53:16.0417 0x0efc CertPropSvc - ok
22:53:16.0437 0x0efc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
22:53:16.0443 0x0efc circlass - ok
22:53:16.0467 0x0efc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
22:53:16.0489 0x0efc CLFS - ok
22:53:16.0555 0x0efc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:53:16.0562 0x0efc clr_optimization_v2.0.50727_32 - ok
22:53:16.0600 0x0efc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:53:16.0608 0x0efc clr_optimization_v2.0.50727_64 - ok
22:53:16.0649 0x0efc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:53:16.0656 0x0efc clr_optimization_v4.0.30319_32 - ok
22:53:16.0667 0x0efc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:53:16.0675 0x0efc clr_optimization_v4.0.30319_64 - ok
22:53:16.0697 0x0efc [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
22:53:16.0702 0x0efc clwvd - ok
22:53:16.0721 0x0efc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:53:16.0725 0x0efc CmBatt - ok
22:53:16.0755 0x0efc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:53:16.0759 0x0efc cmdide - ok
22:53:16.0801 0x0efc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
22:53:16.0845 0x0efc CNG - ok
22:53:16.0850 0x0efc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:53:16.0854 0x0efc Compbatt - ok
22:53:16.0858 0x0efc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:53:16.0864 0x0efc CompositeBus - ok
22:53:16.0867 0x0efc COMSysApp - ok
22:53:16.0883 0x0efc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:53:16.0888 0x0efc crcdisk - ok
22:53:16.0917 0x0efc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:53:16.0925 0x0efc CryptSvc - ok
22:53:17.0003 0x0efc [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:53:17.0068 0x0efc cvhsvc - ok
22:53:17.0113 0x0efc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:53:17.0123 0x0efc DcomLaunch - ok
22:53:17.0155 0x0efc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:53:17.0166 0x0efc defragsvc - ok
22:53:17.0182 0x0efc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:53:17.0190 0x0efc DfsC - ok
22:53:17.0211 0x0efc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:53:17.0232 0x0efc Dhcp - ok
22:53:17.0248 0x0efc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:53:17.0252 0x0efc discache - ok
22:53:17.0266 0x0efc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
22:53:17.0273 0x0efc Disk - ok
22:53:17.0302 0x0efc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:53:17.0310 0x0efc Dnscache - ok
22:53:17.0333 0x0efc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:53:17.0348 0x0efc dot3svc - ok
22:53:17.0368 0x0efc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:53:17.0376 0x0efc DPS - ok
22:53:17.0396 0x0efc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:53:17.0400 0x0efc drmkaud - ok
22:53:17.0437 0x0efc [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:53:17.0450 0x0efc dtsoftbus01 - ok
22:53:17.0507 0x0efc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:53:17.0554 0x0efc DXGKrnl - ok
22:53:17.0600 0x0efc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:53:17.0607 0x0efc EapHost - ok
22:53:17.0731 0x0efc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:53:17.0877 0x0efc ebdrv - ok
22:53:17.0922 0x0efc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
22:53:17.0926 0x0efc EFS - ok
22:53:18.0007 0x0efc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:53:18.0068 0x0efc ehRecvr - ok
22:53:18.0093 0x0efc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:53:18.0102 0x0efc ehSched - ok
22:53:18.0135 0x0efc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:53:18.0165 0x0efc elxstor - ok
22:53:18.0174 0x0efc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:53:18.0177 0x0efc ErrDev - ok
22:53:18.0219 0x0efc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:53:18.0241 0x0efc EventSystem - ok
22:53:18.0267 0x0efc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:53:18.0275 0x0efc exfat - ok
22:53:18.0280 0x0efc ezSharedSvc - ok
22:53:18.0297 0x0efc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:53:18.0306 0x0efc fastfat - ok
22:53:18.0335 0x0efc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:53:18.0368 0x0efc Fax - ok
22:53:18.0381 0x0efc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
22:53:18.0387 0x0efc fdc - ok
22:53:18.0396 0x0efc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:53:18.0399 0x0efc fdPHost - ok
22:53:18.0413 0x0efc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:53:18.0419 0x0efc FDResPub - ok
22:53:18.0424 0x0efc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:53:18.0430 0x0efc FileInfo - ok
22:53:18.0447 0x0efc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:53:18.0452 0x0efc Filetrace - ok
22:53:18.0456 0x0efc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:53:18.0460 0x0efc flpydisk - ok
22:53:18.0475 0x0efc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:53:18.0489 0x0efc FltMgr - ok
22:53:18.0547 0x0efc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
22:53:18.0623 0x0efc FontCache - ok
22:53:18.0667 0x0efc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:53:18.0673 0x0efc FontCache3.0.0.0 - ok
22:53:18.0695 0x0efc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:53:18.0701 0x0efc FsDepends - ok
22:53:18.0726 0x0efc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:53:18.0729 0x0efc Fs_Rec - ok
22:53:18.0752 0x0efc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:53:18.0767 0x0efc fvevol - ok
22:53:18.0780 0x0efc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:53:18.0787 0x0efc gagp30kx - ok
22:53:18.0843 0x0efc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:53:18.0875 0x0efc gpsvc - ok
22:53:18.0914 0x0efc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:18.0923 0x0efc gupdate - ok
22:53:18.0936 0x0efc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:18.0939 0x0efc gupdatem - ok
22:53:18.0957 0x0efc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:53:18.0962 0x0efc hcw85cir - ok
22:53:18.0980 0x0efc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:53:18.0995 0x0efc HdAudAddService - ok
22:53:19.0012 0x0efc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:53:19.0021 0x0efc HDAudBus - ok
22:53:19.0041 0x0efc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:53:19.0045 0x0efc HidBatt - ok
22:53:19.0068 0x0efc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:53:19.0074 0x0efc HidBth - ok
22:53:19.0088 0x0efc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
22:53:19.0094 0x0efc HidIr - ok
22:53:19.0113 0x0efc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:53:19.0119 0x0efc hidserv - ok
22:53:19.0148 0x0efc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:53:19.0153 0x0efc HidUsb - ok
22:53:19.0178 0x0efc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:53:19.0187 0x0efc hkmsvc - ok
22:53:19.0206 0x0efc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:53:19.0223 0x0efc HomeGroupListener - ok
22:53:19.0266 0x0efc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:53:19.0274 0x0efc HomeGroupProvider - ok
22:53:19.0351 0x0efc [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
22:53:19.0398 0x0efc HPAuto - ok
22:53:19.0440 0x0efc [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
22:53:19.0457 0x0efc HPClientSvc - ok
22:53:19.0530 0x0efc [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559, FCC28D44C1E3F6FF65C596CDA9BF09C03D4EF3EEFCDB628954A07B0D3E182F3B ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:53:19.0563 0x0efc hpqwmiex - ok
22:53:19.0587 0x0efc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:53:19.0594 0x0efc HpSAMD - ok
22:53:19.0621 0x0efc [ 28E15C3D39DCD27A79251BA0BF216A11, DF6CEA842B84148CCB90CA5DB02265BE71BA95CCDE0E186DD72191E0EFA14C11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
22:53:19.0625 0x0efc HPWMISVC - ok
22:53:19.0653 0x0efc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:53:19.0674 0x0efc HTTP - ok
22:53:19.0684 0x0efc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:53:19.0687 0x0efc hwpolicy - ok
22:53:19.0704 0x0efc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:53:19.0712 0x0efc i8042prt - ok
22:53:19.0755 0x0efc [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:53:19.0764 0x0efc iaStor - ok
22:53:19.0809 0x0efc [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:53:19.0812 0x0efc IAStorDataMgrSvc - ok
22:53:19.0840 0x0efc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:53:19.0856 0x0efc iaStorV - ok
22:53:19.0967 0x0efc [ D22D82D74FD1B6C77E7556DBDC3EA9D2, D18B461034A2ECF76E87D13EADA8F9292E44D441B99519D382B29CF99875E5AD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:53:20.0122 0x0efc IconMan_R - ok
22:53:20.0172 0x0efc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:53:20.0181 0x0efc IDriverT - ok
22:53:20.0237 0x0efc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:53:20.0312 0x0efc idsvc - ok
22:53:20.0316 0x0efc IEEtwCollectorService - ok
22:53:20.0707 0x0efc [ 6383899C5F964D71B0F96B81FBE59BB8, 780B2B5945CF266CD0807B6F91177A558EC1E568F9D7D850C172A137414394E6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:53:21.0117 0x0efc igfx - ok
22:53:21.0146 0x0efc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:53:21.0152 0x0efc iirsp - ok
22:53:21.0205 0x0efc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:53:21.0242 0x0efc IKEEXT - ok
22:53:21.0270 0x0efc [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:53:21.0283 0x0efc IntcDAud - ok
22:53:21.0311 0x0efc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:53:21.0315 0x0efc intelide - ok
22:53:21.0331 0x0efc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:53:21.0337 0x0efc intelppm - ok
22:53:21.0360 0x0efc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:53:21.0371 0x0efc IPBusEnum - ok
22:53:21.0386 0x0efc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:53:21.0393 0x0efc IpFilterDriver - ok
22:53:21.0427 0x0efc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:53:21.0460 0x0efc iphlpsvc - ok
22:53:21.0477 0x0efc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:53:21.0484 0x0efc IPMIDRV - ok
22:53:21.0494 0x0efc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:53:21.0501 0x0efc IPNAT - ok
22:53:21.0519 0x0efc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:53:21.0523 0x0efc IRENUM - ok
22:53:21.0540 0x0efc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:53:21.0545 0x0efc isapnp - ok
22:53:21.0579 0x0efc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:53:21.0593 0x0efc iScsiPrt - ok
22:53:21.0648 0x0efc [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
22:53:21.0658 0x0efc jhi_service - ok
22:53:21.0685 0x0efc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:53:21.0692 0x0efc kbdclass - ok
22:53:21.0705 0x0efc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:53:21.0710 0x0efc kbdhid - ok
22:53:21.0719 0x0efc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
22:53:21.0720 0x0efc KeyIso - ok
22:53:21.0741 0x0efc [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:53:21.0749 0x0efc KSecDD - ok
22:53:21.0766 0x0efc [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:53:21.0776 0x0efc KSecPkg - ok
22:53:21.0786 0x0efc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:53:21.0791 0x0efc ksthunk - ok
22:53:21.0834 0x0efc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:53:21.0851 0x0efc KtmRm - ok
22:53:21.0880 0x0efc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:53:21.0891 0x0efc LanmanServer - ok
22:53:21.0917 0x0efc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:53:21.0925 0x0efc LanmanWorkstation - ok
22:53:21.0936 0x0efc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:53:21.0943 0x0efc lltdio - ok
22:53:21.0968 0x0efc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:53:21.0985 0x0efc lltdsvc - ok
22:53:21.0998 0x0efc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:53:22.0002 0x0efc lmhosts - ok
22:53:22.0043 0x0efc [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:53:22.0063 0x0efc LMS - ok
22:53:22.0090 0x0efc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:53:22.0097 0x0efc LSI_FC - ok
22:53:22.0103 0x0efc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:53:22.0109 0x0efc LSI_SAS - ok
22:53:22.0127 0x0efc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:53:22.0135 0x0efc LSI_SAS2 - ok
22:53:22.0148 0x0efc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:53:22.0156 0x0efc LSI_SCSI - ok
22:53:22.0173 0x0efc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:53:22.0183 0x0efc luafv - ok
22:53:22.0218 0x0efc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:53:22.0228 0x0efc Mcx2Svc - ok
22:53:22.0244 0x0efc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
22:53:22.0250 0x0efc megasas - ok
22:53:22.0268 0x0efc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:53:22.0282 0x0efc MegaSR - ok
22:53:22.0306 0x0efc [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:53:22.0312 0x0efc MEIx64 - ok
22:53:22.0349 0x0efc [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2 C:\Windows\system32\CFCE.tmp
22:53:22.0352 0x0efc MEMSWEEP2 - ok
22:53:22.0376 0x0efc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:53:22.0382 0x0efc MMCSS - ok
22:53:22.0394 0x0efc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:53:22.0399 0x0efc Modem - ok
22:53:22.0426 0x0efc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:53:22.0430 0x0efc monitor - ok
22:53:22.0462 0x0efc [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
22:53:22.0471 0x0efc MotioninJoyXFilter - ok
22:53:22.0496 0x0efc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:53:22.0502 0x0efc mouclass - ok
22:53:22.0508 0x0efc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:53:22.0513 0x0efc mouhid - ok
22:53:22.0526 0x0efc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:53:22.0534 0x0efc mountmgr - ok
22:53:22.0570 0x0efc [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:53:22.0579 0x0efc MozillaMaintenance - ok
22:53:22.0597 0x0efc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:53:22.0607 0x0efc mpio - ok
22:53:22.0624 0x0efc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:53:22.0631 0x0efc mpsdrv - ok
22:53:22.0681 0x0efc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:53:22.0717 0x0efc MpsSvc - ok
22:53:22.0739 0x0efc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:53:22.0749 0x0efc MRxDAV - ok
22:53:22.0782 0x0efc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:53:22.0793 0x0efc mrxsmb - ok
22:53:22.0808 0x0efc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:53:22.0824 0x0efc mrxsmb10 - ok
22:53:22.0830 0x0efc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:53:22.0838 0x0efc mrxsmb20 - ok
22:53:22.0853 0x0efc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:53:22.0856 0x0efc msahci - ok
22:53:22.0880 0x0efc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:53:22.0889 0x0efc msdsm - ok
22:53:22.0905 0x0efc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:53:22.0916 0x0efc MSDTC - ok
22:53:22.0922 0x0efc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:53:22.0925 0x0efc Msfs - ok
22:53:22.0936 0x0efc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:53:22.0939 0x0efc mshidkmdf - ok
22:53:22.0942 0x0efc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:53:22.0946 0x0efc msisadrv - ok
22:53:22.0973 0x0efc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:53:22.0986 0x0efc MSiSCSI - ok
22:53:22.0989 0x0efc msiserver - ok
22:53:23.0000 0x0efc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:53:23.0003 0x0efc MSKSSRV - ok
22:53:23.0015 0x0efc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:53:23.0018 0x0efc MSPCLOCK - ok
22:53:23.0034 0x0efc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:53:23.0038 0x0efc MSPQM - ok
22:53:23.0059 0x0efc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:53:23.0070 0x0efc MsRPC - ok
22:53:23.0081 0x0efc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:53:23.0086 0x0efc mssmbios - ok
22:53:23.0104 0x0efc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:53:23.0107 0x0efc MSTEE - ok
22:53:23.0117 0x0efc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:53:23.0121 0x0efc MTConfig - ok
22:53:23.0137 0x0efc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:53:23.0143 0x0efc Mup - ok
22:53:23.0183 0x0efc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:53:23.0216 0x0efc napagent - ok
22:53:23.0240 0x0efc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:53:23.0255 0x0efc NativeWifiP - ok
22:53:23.0311 0x0efc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
22:53:23.0362 0x0efc NDIS - ok
22:53:23.0391 0x0efc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:53:23.0396 0x0efc NdisCap - ok
22:53:23.0417 0x0efc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:53:23.0422 0x0efc NdisTapi - ok
22:53:23.0434 0x0efc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:53:23.0440 0x0efc Ndisuio - ok
22:53:23.0466 0x0efc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:53:23.0476 0x0efc NdisWan - ok
22:53:23.0485 0x0efc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:53:23.0489 0x0efc NDProxy - ok
22:53:23.0495 0x0efc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:53:23.0499 0x0efc NetBIOS - ok
22:53:23.0575 0x0efc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:53:23.0588 0x0efc NetBT - ok
22:53:23.0601 0x0efc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
22:53:23.0602 0x0efc Netlogon - ok
22:53:23.0636 0x0efc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:53:23.0658 0x0efc Netman - ok
22:53:23.0678 0x0efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0686 0x0efc NetMsmqActivator - ok
22:53:23.0700 0x0efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0703 0x0efc NetPipeActivator - ok
22:53:23.0735 0x0efc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:53:23.0763 0x0efc netprofm - ok
22:53:23.0829 0x0efc [ 5758FD37BF31E759F8610311E4D08ECA, 4F502E4DBD7725F2929CACD6D5E68018C5F7C10A9D12CD131CC69E72530DEA5F ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
22:53:23.0915 0x0efc netr28x - ok
22:53:23.0931 0x0efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0934 0x0efc NetTcpActivator - ok
22:53:23.0941 0x0efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0944 0x0efc NetTcpPortSharing - ok
22:53:23.0969 0x0efc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:53:23.0976 0x0efc nfrd960 - ok
22:53:24.0012 0x0efc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:53:24.0024 0x0efc NlaSvc - ok
22:53:24.0096 0x0efc [ 91FC7F4BB192639E8893A9733E1F0E82, 095A807ACE813A8954018293D65294DFAFA2B1A66DCAFBCFDACA8654FF062C31 ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
22:53:24.0103 0x0efc nlsX86cc - ok
22:53:24.0120 0x0efc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:53:24.0124 0x0efc Npfs - ok
22:53:24.0145 0x0efc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:53:24.0150 0x0efc nsi - ok
22:53:24.0159 0x0efc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:53:24.0162 0x0efc nsiproxy - ok
22:53:24.0232 0x0efc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:53:24.0351 0x0efc Ntfs - ok
22:53:24.0381 0x0efc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:53:24.0383 0x0efc Null - ok
22:53:24.0408 0x0efc [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
22:53:24.0423 0x0efc NVENETFD - ok
22:53:24.0430 0x0efc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:53:24.0438 0x0efc nvraid - ok
22:53:24.0464 0x0efc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:53:24.0474 0x0efc nvstor - ok
22:53:24.0487 0x0efc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:53:24.0495 0x0efc nv_agp - ok
22:53:24.0571 0x0efc [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:53:24.0592 0x0efc odserv - ok
22:53:24.0638 0x0efc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:53:24.0644 0x0efc ohci1394 - ok
22:53:24.0672 0x0efc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:53:24.0683 0x0efc ose - ok
22:53:24.0894 0x0efc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:53:25.0114 0x0efc osppsvc - ok
22:53:25.0163 0x0efc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:53:25.0185 0x0efc p2pimsvc - ok
22:53:25.0215 0x0efc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:53:25.0243 0x0efc p2psvc - ok
22:53:25.0266 0x0efc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
22:53:25.0273 0x0efc Parport - ok
22:53:25.0297 0x0efc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:53:25.0304 0x0efc partmgr - ok
22:53:25.0339 0x0efc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
22:53:25.0348 0x0efc PcaSvc - ok
22:53:25.0369 0x0efc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:53:25.0395 0x0efc pci - ok
22:53:25.0414 0x0efc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:53:25.0418 0x0efc pciide - ok
22:53:25.0445 0x0efc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:53:25.0457 0x0efc pcmcia - ok
22:53:25.0461 0x0efc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:53:25.0466 0x0efc pcw - ok
22:53:25.0498 0x0efc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:53:25.0536 0x0efc PEAUTH - ok
22:53:25.0552 0x0efc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:53:25.0558 0x0efc PerfHost - ok
22:53:25.0632 0x0efc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:53:25.0719 0x0efc pla - ok
22:53:25.0749 0x0efc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:53:25.0770 0x0efc PlugPlay - ok
22:53:25.0778 0x0efc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:53:25.0785 0x0efc PNRPAutoReg - ok
22:53:25.0802 0x0efc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:53:25.0808 0x0efc PNRPsvc - ok
22:53:25.0851 0x0efc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:53:25.0885 0x0efc PolicyAgent - ok
22:53:25.0918 0x0efc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:53:25.0926 0x0efc Power - ok
22:53:25.0954 0x0efc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:53:25.0962 0x0efc PptpMiniport - ok
22:53:25.0979 0x0efc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
22:53:25.0985 0x0efc Processor - ok
22:53:26.0015 0x0efc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
22:53:26.0026 0x0efc ProfSvc - ok
22:53:26.0044 0x0efc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:53:26.0045 0x0efc ProtectedStorage - ok
22:53:26.0062 0x0efc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:53:26.0069 0x0efc Psched - ok
22:53:26.0094 0x0efc [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:53:26.0100 0x0efc PxHlpa64 - ok
22:53:26.0184 0x0efc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:53:26.0326 0x0efc ql2300 - ok
22:53:26.0341 0x0efc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:53:26.0349 0x0efc ql40xx - ok
22:53:26.0376 0x0efc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:53:26.0391 0x0efc QWAVE - ok
22:53:26.0406 0x0efc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:53:26.0411 0x0efc QWAVEdrv - ok
22:53:26.0432 0x0efc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:53:26.0436 0x0efc RasAcd - ok
22:53:26.0453 0x0efc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:53:26.0459 0x0efc RasAgileVpn - ok
22:53:26.0475 0x0efc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:53:26.0484 0x0efc RasAuto - ok
22:53:26.0490 0x0efc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:53:26.0498 0x0efc Rasl2tp - ok
22:53:26.0532 0x0efc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:53:26.0555 0x0efc RasMan - ok
22:53:26.0568 0x0efc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:53:26.0576 0x0efc RasPppoe - ok
22:53:26.0581 0x0efc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:53:26.0587 0x0efc RasSstp - ok
22:53:26.0608 0x0efc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:53:26.0623 0x0efc rdbss - ok
22:53:26.0643 0x0efc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:53:26.0647 0x0efc rdpbus - ok
22:53:26.0662 0x0efc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:53:26.0665 0x0efc RDPCDD - ok
22:53:26.0670 0x0efc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:53:26.0672 0x0efc RDPENCDD - ok
22:53:26.0677 0x0efc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:53:26.0680 0x0efc RDPREFMP - ok
22:53:26.0718 0x0efc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:53:26.0725 0x0efc RDPWD - ok
22:53:26.0748 0x0efc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:53:26.0760 0x0efc rdyboost - ok
22:53:26.0797 0x0efc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:53:26.0806 0x0efc RemoteAccess - ok
22:53:26.0837 0x0efc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:53:26.0847 0x0efc RemoteRegistry - ok
22:53:26.0861 0x0efc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:53:26.0867 0x0efc RpcEptMapper - ok
22:53:26.0892 0x0efc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:53:26.0896 0x0efc RpcLocator - ok
22:53:26.0918 0x0efc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
22:53:26.0927 0x0efc RpcSs - ok
22:53:26.0967 0x0efc [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
22:53:26.0980 0x0efc RSPCIESTOR - ok
22:53:27.0006 0x0efc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:53:27.0013 0x0efc rspndr - ok
22:53:27.0042 0x0efc [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:53:27.0057 0x0efc RTL8167 - ok
22:53:27.0100 0x0efc [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
22:53:27.0107 0x0efc RzKLService - ok
22:53:27.0122 0x0efc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
22:53:27.0123 0x0efc SamSs - ok
22:53:27.0152 0x0efc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:53:27.0160 0x0efc sbp2port - ok
22:53:27.0195 0x0efc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:53:27.0208 0x0efc SCardSvr - ok
22:53:27.0220 0x0efc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:53:27.0225 0x0efc scfilter - ok
22:53:27.0266 0x0efc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
22:53:27.0329 0x0efc Schedule - ok
22:53:27.0346 0x0efc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:53:27.0348 0x0efc SCPolicySvc - ok
22:53:27.0361 0x0efc [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:53:27.0366 0x0efc sdbus - ok
22:53:27.0386 0x0efc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:53:27.0400 0x0efc SDRSVC - ok
22:53:27.0413 0x0efc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:53:27.0416 0x0efc secdrv - ok
22:53:27.0424 0x0efc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
22:53:27.0430 0x0efc seclogon - ok
22:53:27.0443 0x0efc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:53:27.0449 0x0efc SENS - ok
22:53:27.0464 0x0efc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:53:27.0472 0x0efc SensrSvc - ok
22:53:27.0486 0x0efc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:53:27.0491 0x0efc Serenum - ok
22:53:27.0509 0x0efc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
22:53:27.0516 0x0efc Serial - ok
22:53:27.0530 0x0efc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:53:27.0534 0x0efc sermouse - ok
22:53:27.0558 0x0efc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:53:27.0569 0x0efc SessionEnv - ok
22:53:27.0582 0x0efc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:53:27.0586 0x0efc sffdisk - ok
22:53:27.0595 0x0efc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:53:27.0599 0x0efc sffp_mmc - ok
22:53:27.0608 0x0efc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:53:27.0612 0x0efc sffp_sd - ok
22:53:27.0623 0x0efc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:53:27.0627 0x0efc sfloppy - ok
22:53:27.0675 0x0efc [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
22:53:27.0740 0x0efc Sftfs - ok
22:53:27.0780 0x0efc [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:53:27.0793 0x0efc Sftplay - ok
22:53:27.0813 0x0efc [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:53:27.0818 0x0efc Sftredir - ok
22:53:27.0837 0x0efc [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
22:53:27.0844 0x0efc Sftvol - ok
22:53:27.0883 0x0efc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:53:27.0902 0x0efc SharedAccess - ok
22:53:27.0959 0x0efc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:53:27.0975 0x0efc ShellHWDetection - ok
22:53:28.0001 0x0efc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:53:28.0008 0x0efc SiSRaid2 - ok
22:53:28.0020 0x0efc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:53:28.0026 0x0efc SiSRaid4 - ok
22:53:28.0046 0x0efc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:53:28.0053 0x0efc Smb - ok
22:53:28.0077 0x0efc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:53:28.0083 0x0efc SNMPTRAP - ok
22:53:28.0110 0x0efc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:53:28.0113 0x0efc spldr - ok
22:53:28.0149 0x0efc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:53:28.0181 0x0efc Spooler - ok
22:53:28.0303 0x0efc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:53:28.0425 0x0efc sppsvc - ok
22:53:28.0446 0x0efc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:53:28.0455 0x0efc sppuinotify - ok
22:53:28.0485 0x0efc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:53:28.0512 0x0efc srv - ok
22:53:28.0591 0x0efc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:53:28.0619 0x0efc srv2 - ok
22:53:28.0662 0x0efc [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:53:28.0675 0x0efc SrvHsfHDA - ok
22:53:28.0735 0x0efc [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:53:28.0866 0x0efc SrvHsfV92 - ok
22:53:28.0904 0x0efc [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:53:28.0946 0x0efc SrvHsfWinac - ok
22:53:28.0968 0x0efc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:53:28.0979 0x0efc srvnet - ok
22:53:29.0014 0x0efc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:53:29.0024 0x0efc SSDPSRV - ok
22:53:29.0043 0x0efc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:53:29.0049 0x0efc SstpSvc - ok
22:53:29.0100 0x0efc [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0, AD540FB4F300731DE403FB95F110A0F3DBA25917A91EAB23966286DD88C98D17 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
22:53:29.0111 0x0efc STacSV - ok
22:53:29.0130 0x0efc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:53:29.0136 0x0efc stexstor - ok
22:53:29.0176 0x0efc [ EBA98394A7D58F7552C52192BD8FA7E6, 4238870E50132E87772300058B37E36973695CC1A5E62117EEF4B424C6A137E4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
22:53:29.0207 0x0efc STHDA - ok
22:53:29.0248 0x0efc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:53:29.0283 0x0efc stisvc - ok
22:53:29.0299 0x0efc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
22:53:29.0303 0x0efc swenum - ok
22:53:29.0360 0x0efc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:53:29.0396 0x0efc SwitchBoard - ok
22:53:29.0437 0x0efc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:53:29.0470 0x0efc swprv - ok
22:53:29.0538 0x0efc [ C447977ED2A4AE9346FE3A0579A34D7C, 35A8F13AAB57549BBC1457AD86F44FEF2394E55841A1D6D6C5E029310E02F377 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:53:29.0625 0x0efc SynTP - ok
22:53:29.0715 0x0efc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
22:53:29.0766 0x0efc SysMain - ok
22:53:29.0783 0x0efc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:53:29.0791 0x0efc TabletInputService - ok
22:53:29.0808 0x0efc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:53:29.0830 0x0efc TapiSrv - ok
22:53:29.0850 0x0efc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:53:29.0857 0x0efc TBS - ok
22:53:29.0938 0x0efc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:53:30.0056 0x0efc Tcpip - ok
22:53:30.0124 0x0efc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:53:30.0156 0x0efc TCPIP6 - ok
22:53:30.0180 0x0efc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:53:30.0186 0x0efc tcpipreg - ok
22:53:30.0212 0x0efc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:53:30.0216 0x0efc TDPIPE - ok
22:53:30.0237 0x0efc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:53:30.0242 0x0efc TDTCP - ok
22:53:30.0264 0x0efc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:53:30.0272 0x0efc tdx - ok
22:53:30.0288 0x0efc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
22:53:30.0295 0x0efc TermDD - ok
22:53:30.0339 0x0efc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
22:53:30.0403 0x0efc TermService - ok
22:53:30.0419 0x0efc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:53:30.0426 0x0efc Themes - ok
22:53:30.0442 0x0efc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:53:30.0444 0x0efc THREADORDER - ok
22:53:30.0461 0x0efc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:53:30.0468 0x0efc TrkWks - ok
22:53:30.0522 0x0efc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:53:30.0529 0x0efc TrustedInstaller - ok
22:53:30.0546 0x0efc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:53:30.0551 0x0efc tssecsrv - ok
22:53:30.0564 0x0efc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:53:30.0571 0x0efc TsUsbFlt - ok
22:53:30.0591 0x0efc [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:53:30.0596 0x0efc TsUsbGD - ok
22:53:30.0702 0x0efc [ FDD4A2791EAC764854CA2C20F611E428, CD8F6FD6A544D7A7C689EA006925962929466693BAA7947CFAA221D686531C5D ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
22:53:30.0737 0x0efc TuneUp.UtilitiesSvc - ok
22:53:30.0761 0x0efc [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
22:53:30.0765 0x0efc TuneUpUtilitiesDrv - ok
22:53:30.0778 0x0efc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:53:30.0786 0x0efc tunnel - ok
22:53:30.0807 0x0efc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:53:30.0814 0x0efc uagp35 - ok
22:53:30.0833 0x0efc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:53:30.0847 0x0efc udfs - ok
22:53:30.0884 0x0efc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:53:30.0891 0x0efc UI0Detect - ok
22:53:30.0910 0x0efc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:53:30.0916 0x0efc uliagpkx - ok
22:53:30.0928 0x0efc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:53:30.0934 0x0efc umbus - ok
22:53:30.0944 0x0efc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
22:53:30.0948 0x0efc UmPass - ok
22:53:30.0990 0x0efc [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:53:30.0993 0x0efc UnlockerDriver5 - ok
22:53:31.0115 0x0efc [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:53:31.0167 0x0efc UNS - ok
22:53:31.0209 0x0efc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:53:31.0231 0x0efc upnphost - ok
22:53:31.0252 0x0efc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:53:31.0260 0x0efc usbccgp - ok
22:53:31.0286 0x0efc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:53:31.0296 0x0efc usbcir - ok
22:53:31.0320 0x0efc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:53:31.0326 0x0efc usbehci - ok
22:53:31.0345 0x0efc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:53:31.0362 0x0efc usbhub - ok
22:53:31.0378 0x0efc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:53:31.0383 0x0efc usbohci - ok
22:53:31.0407 0x0efc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:53:31.0412 0x0efc usbprint - ok
22:53:31.0448 0x0efc [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:53:31.0454 0x0efc usbscan - ok
22:53:31.0470 0x0efc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:53:31.0478 0x0efc USBSTOR - ok
22:53:31.0482 0x0efc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:53:31.0487 0x0efc usbuhci - ok
22:53:31.0525 0x0efc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:53:31.0535 0x0efc usbvideo - ok
22:53:31.0558 0x0efc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:53:31.0564 0x0efc UxSms - ok
22:53:31.0585 0x0efc [ ED52BD327DE6B8AAFC05CF8F46B0E4FB, FBDB05197DFDBB9BE7C762B38BC35B45267D9FB68B49297BB521F2852AB80C12 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
22:53:31.0592 0x0efc UxTuneUp - ok
22:53:31.0600 0x0efc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
22:53:31.0602 0x0efc VaultSvc - ok
22:53:31.0637 0x0efc [ B0A8C5BC95689A130F9E05492341833D, 8DDC6D77B0541813919B685D2DFCDFA4F752F8DD99400DA87523F8D2E9D72D27 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:53:31.0644 0x0efc VBoxNetAdp - ok
22:53:31.0647 0x0efc VBoxNetFlt - ok
22:53:31.0672 0x0efc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:53:31.0676 0x0efc vdrvroot - ok
22:53:31.0714 0x0efc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:53:31.0744 0x0efc vds - ok
22:53:31.0759 0x0efc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:53:31.0764 0x0efc vga - ok
22:53:31.0777 0x0efc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:53:31.0782 0x0efc VgaSave - ok
22:53:31.0806 0x0efc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:53:31.0819 0x0efc vhdmp - ok
22:53:31.0842 0x0efc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:53:31.0846 0x0efc viaide - ok
22:53:31.0861 0x0efc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:53:31.0867 0x0efc volmgr - ok
22:53:31.0893 0x0efc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:53:31.0930 0x0efc volmgrx - ok
22:53:31.0950 0x0efc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:53:31.0980 0x0efc volsnap - ok
22:53:31.0998 0x0efc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:53:32.0010 0x0efc vsmraid - ok
22:53:32.0083 0x0efc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:53:32.0152 0x0efc VSS - ok
22:53:32.0170 0x0efc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:53:32.0175 0x0efc vwifibus - ok
22:53:32.0201 0x0efc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:53:32.0207 0x0efc vwififlt - ok
22:53:32.0226 0x0efc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:53:32.0248 0x0efc W32Time - ok
22:53:32.0268 0x0efc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:53:32.0273 0x0efc WacomPen - ok
22:53:32.0279 0x0efc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:53:32.0285 0x0efc WANARP - ok
22:53:32.0289 0x0efc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:53:32.0291 0x0efc Wanarpv6 - ok
22:53:32.0355 0x0efc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:53:32.0454 0x0efc wbengine - ok
22:53:32.0474 0x0efc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:53:32.0517 0x0efc WbioSrvc - ok
22:53:32.0546 0x0efc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:53:32.0563 0x0efc wcncsvc - ok
22:53:32.0577 0x0efc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:53:32.0585 0x0efc WcsPlugInService - ok
22:53:32.0615 0x0efc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
22:53:32.0620 0x0efc Wd - ok
22:53:32.0661 0x0efc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:53:32.0706 0x0efc Wdf01000 - ok
22:53:32.0731 0x0efc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:53:32.0738 0x0efc WdiServiceHost - ok
22:53:32.0744 0x0efc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:53:32.0746 0x0efc WdiSystemHost - ok
22:53:32.0780 0x0efc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
22:53:32.0795 0x0efc WebClient - ok
22:53:32.0820 0x0efc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:53:32.0835 0x0efc Wecsvc - ok
22:53:32.0849 0x0efc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:53:32.0856 0x0efc wercplsupport - ok
22:53:32.0873 0x0efc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:53:32.0876 0x0efc WerSvc - ok
22:53:32.0902 0x0efc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:53:32.0906 0x0efc WfpLwf - ok
22:53:32.0919 0x0efc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:53:32.0924 0x0efc WIMMount - ok
22:53:32.0950 0x0efc WinDefend - ok
22:53:32.0955 0x0efc WinHttpAutoProxySvc - ok
22:53:33.0019 0x0efc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:53:33.0030 0x0efc Winmgmt - ok
22:53:33.0107 0x0efc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
22:53:33.0251 0x0efc WinRM - ok
22:53:33.0279 0x0efc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:53:33.0287 0x0efc WinUsb - ok
22:53:33.0324 0x0efc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:53:33.0366 0x0efc Wlansvc - ok
22:53:33.0378 0x0efc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:53:33.0382 0x0efc WmiAcpi - ok
22:53:33.0419 0x0efc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:53:33.0430 0x0efc wmiApSrv - ok
22:53:33.0454 0x0efc WMPNetworkSvc - ok
22:53:33.0478 0x0efc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:53:33.0484 0x0efc WPCSvc - ok
22:53:33.0495 0x0efc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:53:33.0504 0x0efc WPDBusEnum - ok
22:53:33.0526 0x0efc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:53:33.0530 0x0efc ws2ifsl - ok
22:53:33.0542 0x0efc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:53:33.0549 0x0efc wscsvc - ok
22:53:33.0552 0x0efc WSearch - ok
22:53:33.0648 0x0efc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
22:53:33.0747 0x0efc wuauserv - ok
22:53:33.0766 0x0efc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:53:33.0773 0x0efc WudfPf - ok
22:53:33.0791 0x0efc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:53:33.0801 0x0efc WUDFRd - ok
22:53:33.0822 0x0efc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:53:33.0828 0x0efc wudfsvc - ok
22:53:33.0858 0x0efc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:53:33.0874 0x0efc WwanSvc - ok
22:53:33.0908 0x0efc [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
22:53:33.0916 0x0efc xusb21 - ok
22:53:33.0919 0x0efc ================ Scan global ===============================
22:53:33.0968 0x0efc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:53:33.0999 0x0efc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:53:34.0032 0x0efc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:53:34.0057 0x0efc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:53:34.0098 0x0efc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:53:34.0106 0x0efc [ Global ] - ok
22:53:34.0106 0x0efc ================ Scan MBR ==================================
22:53:34.0121 0x0efc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:53:34.0484 0x0efc \Device\Harddisk0\DR0 - ok
22:53:34.0485 0x0efc ================ Scan VBR ==================================
22:53:34.0487 0x0efc [ A4DC00C02F3683C414B1CE784E20712E ] \Device\Harddisk0\DR0\Partition1
22:53:34.0489 0x0efc \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
22:53:34.0489 0x0efc \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
22:53:37.0289 0x0efc [ C9C4119342B56580733A3024F1A669D1 ] \Device\Harddisk0\DR0\Partition2
22:53:37.0290 0x0efc \Device\Harddisk0\DR0\Partition2 - ok
22:53:37.0292 0x0efc [ 3EDD318BEF1AA489B91CE654B3892F2A ] \Device\Harddisk0\DR0\Partition3
22:53:37.0293 0x0efc \Device\Harddisk0\DR0\Partition3 - ok
22:53:37.0376 0x0efc [ EB419202B5D013C661F5D158DF2A6D69 ] \Device\Harddisk0\DR0\Partition4
22:53:37.0379 0x0efc \Device\Harddisk0\DR0\Partition4 - ok
22:53:37.0380 0x0efc ================ Scan generic autorun ======================
22:53:37.0443 0x0efc [ 7A84E598C4C11ADBBA4E99C7485B4155, 81E85FBB82C860E20B7F4BF7BCD73ED40C669596C5CFC0A6170F3EF836D70B8F ] C:\Windows\system32\igfxtray.exe
22:53:37.0451 0x0efc IgfxTray - ok
22:53:37.0483 0x0efc [ 78D3B79668EA01B205EECEF05925FB77, 00409843BBA6C0F105FCA7F5558DAD227769459853A4AC6CECA5E5764C7ECAA7 ] C:\Windows\system32\hkcmd.exe
22:53:37.0504 0x0efc HotKeysCmds - ok
22:53:37.0531 0x0efc [ A29F379B1FB9A4777A1D8174DDE4191F, 0C87D894AE43A3C06FE506FAB1837037CDAA55476839A837243F84B90368D1E1 ] C:\Windows\system32\igfxpers.exe
22:53:37.0552 0x0efc Persistence - ok
22:53:37.0553 0x0efc SynTPEnh - ok
22:53:37.0607 0x0efc [ D5A3EB5ED95E36B643E55F9F489FC8FC, 9DAE0075888E540659E6FC3FAB433108BF296CDF52DA11ECA4440E06E5187ED1 ] C:\Program Files\IDT\WDM\sttray64.exe
22:53:37.0631 0x0efc SysTrayApp - ok
22:53:37.0692 0x0efc [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:53:37.0724 0x0efc AdobeAAMUpdater-1.0 - ok
22:53:37.0783 0x0efc [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:53:37.0794 0x0efc IAStorIcon - ok
22:53:37.0841 0x0efc [ 6BC1FD51069D65F5A938468BF95871CC, 4EEF809CA11CEA8B6BF81242B8CE1AA8B280FCEF1AE98AF2AEE29DDC71167621 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
22:53:37.0858 0x0efc HP Quick Launch - ok
22:53:37.0859 0x0efc Sidebar - ok
22:53:37.0886 0x0efc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:53:37.0893 0x0efc mctadmin - ok
22:53:37.0893 0x0efc Sidebar - ok
22:53:37.0908 0x0efc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:53:37.0910 0x0efc mctadmin - ok
22:53:38.0039 0x0efc [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
22:53:38.0139 0x0efc DAEMON Tools Lite - ok
22:53:38.0397 0x0efc [ 5B30F5BF4A6EC5AD6B5075C1241A419B, A19B7C90D5BB5EB8B358CEB3C46CD1274486C016608412434ACDB3E45838F4E6 ] C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe
22:53:38.0626 0x0efc Spotify - ok
22:53:38.0688 0x0efc [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:53:38.0734 0x0efc Spotify Web Helper - ok
22:53:38.0737 0x0efc YbcbPack - ok
22:53:38.0772 0x0efc WerFaultSecure - ok
22:53:38.0831 0x0efc [ 0B21477ABA5EAB50457390823B22D793, FC31028248BC41FD73B745E22E73D0F7194FC6667B4B7EBF71B25019EFAA51B6 ] C:\Users\Josh\AppData\Local\Ahfzworks\tmp3CDD.exe
22:53:38.0842 0x0efc Ahfzworks - ok
22:53:38.0842 0x0efc WerFaultSecure - ok
22:53:38.0844 0x0efc Waiting for KSN requests completion. In queue: 48
22:53:39.0844 0x0efc Waiting for KSN requests completion. In queue: 13
22:53:40.0844 0x0efc Waiting for KSN requests completion. In queue: 13
22:53:41.0861 0x0efc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
22:53:41.0870 0x0efc Win FW state via NFP2: enabled
22:53:44.0574 0x0efc ============================================================
22:53:44.0574 0x0efc Scan finished
22:53:44.0574 0x0efc ============================================================
22:53:44.0582 0x2210 Detected object count: 1
22:53:44.0582 0x2210 Actual detected object count: 1
22:54:03.0622 0x2210 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
22:54:03.0622 0x2210 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
22:54:38.0748 0x1864 Deinitialize success
|
|
09.09.2014, 20:44
| #6 |
| /// the machine /// TB-Ausbilder | Win 7: Malware im Bootsektor Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ --> Win 7: Malware im Bootsektor |
|
09.09.2014, 21:48
| #7 |
| | Win 7: Malware im Bootsektor läuft schon was flüssiger und avira hat bis jetzt noch nicht gemekert. iexplorer.exe*32 wird aber trotzdem noch ausgefühlt, und das mehr als 1mal. Das zieht zwar nicht viel ram, aber komisch find ichs schon da ich den internet explorer nie benutze.. hier der code: Code:
ATTFilter 22:29:51.0009 0x5678 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:29:56.0041 0x5678 ============================================================
22:29:56.0041 0x5678 Current date / time: 2014/09/09 22:29:56.0041
22:29:56.0041 0x5678 SystemInfo:
22:29:56.0041 0x5678
22:29:56.0041 0x5678 OS Version: 6.1.7601 ServicePack: 1.0
22:29:56.0041 0x5678 Product type: Workstation
22:29:56.0042 0x5678 ComputerName: JOSH-HP
22:29:56.0042 0x5678 UserName: Josh
22:29:56.0042 0x5678 Windows directory: C:\Windows
22:29:56.0042 0x5678 System windows directory: C:\Windows
22:29:56.0042 0x5678 Running under WOW64
22:29:56.0042 0x5678 Processor architecture: Intel x64
22:29:56.0042 0x5678 Number of processors: 4
22:29:56.0042 0x5678 Page size: 0x1000
22:29:56.0042 0x5678 Boot type: Normal boot
22:29:56.0042 0x5678 ============================================================
22:29:56.0708 0x5678 KLMD registered as C:\Windows\system32\drivers\91534881.sys
22:29:56.0987 0x5678 System UUID: {A509F6F4-1269-C24B-6566-27A0CBDA2B33}
22:29:57.0670 0x5678 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:29:57.0695 0x5678 ============================================================
22:29:57.0695 0x5678 \Device\Harddisk0\DR0:
22:29:57.0696 0x5678 MBR partitions:
22:29:57.0696 0x5678 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:29:57.0696 0x5678 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C01000
22:29:57.0696 0x5678 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37C65000, BlocksNum 0x1F31000
22:29:57.0696 0x5678 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
22:29:57.0696 0x5678 ============================================================
22:29:57.0759 0x5678 C: <-> \Device\Harddisk0\DR0\Partition2
22:29:57.0811 0x5678 D: <-> \Device\Harddisk0\DR0\Partition3
22:29:57.0822 0x5678 E: <-> \Device\Harddisk0\DR0\Partition4
22:29:57.0849 0x5678 ============================================================
22:29:57.0849 0x5678 Initialize success
22:29:57.0849 0x5678 ============================================================
22:31:27.0670 0x464c ============================================================
22:31:27.0670 0x464c Scan started
22:31:27.0670 0x464c Mode: Manual;
22:31:27.0670 0x464c ============================================================
22:31:27.0670 0x464c KSN ping started
22:31:30.0504 0x464c KSN ping finished: true
22:31:33.0364 0x464c ================ Scan system memory ========================
22:31:33.0364 0x464c System memory - ok
22:31:33.0366 0x464c ================ Scan services =============================
22:31:33.0521 0x464c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:31:33.0536 0x464c 1394ohci - ok
22:31:33.0586 0x464c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:31:33.0601 0x464c ACPI - ok
22:31:33.0626 0x464c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:31:33.0629 0x464c AcpiPmi - ok
22:31:33.0746 0x464c [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:31:33.0751 0x464c AdobeFlashPlayerUpdateSvc - ok
22:31:33.0779 0x464c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:31:33.0811 0x464c adp94xx - ok
22:31:33.0849 0x464c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:31:33.0864 0x464c adpahci - ok
22:31:33.0881 0x464c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:31:33.0894 0x464c adpu320 - ok
22:31:33.0939 0x464c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:31:33.0941 0x464c AeLookupSvc - ok
22:31:33.0981 0x464c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
22:31:34.0019 0x464c AFD - ok
22:31:34.0044 0x464c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:31:34.0051 0x464c agp440 - ok
22:31:34.0094 0x464c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:31:34.0099 0x464c ALG - ok
22:31:34.0129 0x464c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:31:34.0134 0x464c aliide - ok
22:31:34.0151 0x464c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:31:34.0156 0x464c amdide - ok
22:31:34.0169 0x464c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:31:34.0179 0x464c AmdK8 - ok
22:31:34.0189 0x464c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:31:34.0196 0x464c AmdPPM - ok
22:31:34.0216 0x464c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:31:34.0226 0x464c amdsata - ok
22:31:34.0244 0x464c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:31:34.0256 0x464c amdsbs - ok
22:31:34.0276 0x464c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:31:34.0281 0x464c amdxata - ok
22:31:34.0374 0x464c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:31:34.0381 0x464c AntiVirSchedulerService - ok
22:31:34.0429 0x464c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:31:34.0436 0x464c AntiVirService - ok
22:31:34.0476 0x464c [ CA9E51B4456B64A92FE60A592EE7DE61, 358B95623C8577A158D789FB03910ECB86EE746031C78EC97A6A8EE9A5B0086B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:31:34.0496 0x464c AntiVirWebService - ok
22:31:34.0521 0x464c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
22:31:34.0534 0x464c AppID - ok
22:31:34.0569 0x464c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:31:34.0576 0x464c AppIDSvc - ok
22:31:34.0606 0x464c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
22:31:34.0609 0x464c Appinfo - ok
22:31:34.0639 0x464c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
22:31:34.0649 0x464c arc - ok
22:31:34.0664 0x464c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:31:34.0674 0x464c arcsas - ok
22:31:34.0746 0x464c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:31:34.0761 0x464c aspnet_state - ok
22:31:34.0784 0x464c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:31:34.0791 0x464c AsyncMac - ok
22:31:34.0816 0x464c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:31:34.0821 0x464c atapi - ok
22:31:34.0869 0x464c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:31:34.0901 0x464c AudioEndpointBuilder - ok
22:31:34.0934 0x464c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:31:34.0946 0x464c AudioSrv - ok
22:31:34.0974 0x464c [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:31:34.0976 0x464c avgntflt - ok
22:31:35.0001 0x464c [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:31:35.0004 0x464c avipbb - ok
22:31:35.0014 0x464c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:31:35.0016 0x464c avkmgr - ok
22:31:35.0044 0x464c [ 09036D9F85BE6B659D375D2F0BAD0AD2, CCF4D28F60CF8E2B0F781D41F9E9FA84739AC6F948C09203D2498D64222CF990 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:31:35.0046 0x464c avnetflt - ok
22:31:35.0069 0x464c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:31:35.0081 0x464c AxInstSV - ok
22:31:35.0116 0x464c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:31:35.0149 0x464c b06bdrv - ok
22:31:35.0186 0x464c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:31:35.0211 0x464c b57nd60a - ok
22:31:35.0284 0x464c [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
22:31:35.0376 0x464c BCM43XX - ok
22:31:35.0404 0x464c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:31:35.0414 0x464c BDESVC - ok
22:31:35.0439 0x464c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:31:35.0441 0x464c Beep - ok
22:31:35.0481 0x464c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:31:35.0514 0x464c BFE - ok
22:31:35.0584 0x464c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:31:35.0619 0x464c BITS - ok
22:31:35.0636 0x464c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:31:35.0641 0x464c blbdrive - ok
22:31:35.0659 0x464c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:31:35.0669 0x464c bowser - ok
22:31:35.0696 0x464c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:31:35.0701 0x464c BrFiltLo - ok
22:31:35.0716 0x464c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:31:35.0719 0x464c BrFiltUp - ok
22:31:35.0759 0x464c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:31:35.0761 0x464c Browser - ok
22:31:35.0781 0x464c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:31:35.0796 0x464c Brserid - ok
22:31:35.0814 0x464c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:31:35.0821 0x464c BrSerWdm - ok
22:31:35.0834 0x464c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:31:35.0839 0x464c BrUsbMdm - ok
22:31:35.0861 0x464c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:31:35.0866 0x464c BrUsbSer - ok
22:31:35.0886 0x464c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:31:35.0891 0x464c BTHMODEM - ok
22:31:35.0921 0x464c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:31:35.0931 0x464c bthserv - ok
22:31:35.0951 0x464c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:31:35.0961 0x464c cdfs - ok
22:31:36.0001 0x464c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:31:36.0011 0x464c cdrom - ok
22:31:36.0026 0x464c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:31:36.0031 0x464c CertPropSvc - ok
22:31:36.0044 0x464c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
22:31:36.0051 0x464c circlass - ok
22:31:36.0079 0x464c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
22:31:36.0089 0x464c CLFS - ok
22:31:36.0329 0x464c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:31:36.0357 0x464c clr_optimization_v2.0.50727_32 - ok
22:31:36.0397 0x464c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:31:36.0404 0x464c clr_optimization_v2.0.50727_64 - ok
22:31:36.0457 0x464c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:31:36.0464 0x464c clr_optimization_v4.0.30319_32 - ok
22:31:36.0474 0x464c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:31:36.0479 0x464c clr_optimization_v4.0.30319_64 - ok
22:31:36.0504 0x464c [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
22:31:36.0509 0x464c clwvd - ok
22:31:36.0527 0x464c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:31:36.0532 0x464c CmBatt - ok
22:31:36.0562 0x464c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:31:36.0567 0x464c cmdide - ok
22:31:36.0622 0x464c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
22:31:36.0662 0x464c CNG - ok
22:31:36.0677 0x464c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:31:36.0682 0x464c Compbatt - ok
22:31:36.0702 0x464c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:31:36.0714 0x464c CompositeBus - ok
22:31:36.0717 0x464c COMSysApp - ok
22:31:36.0734 0x464c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:31:36.0739 0x464c crcdisk - ok
22:31:36.0779 0x464c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:31:36.0787 0x464c CryptSvc - ok
22:31:36.0877 0x464c [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:31:36.0987 0x464c cvhsvc - ok
22:31:37.0039 0x464c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:31:37.0064 0x464c DcomLaunch - ok
22:31:37.0107 0x464c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:31:37.0122 0x464c defragsvc - ok
22:31:37.0144 0x464c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:31:37.0152 0x464c DfsC - ok
22:31:37.0172 0x464c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:31:37.0182 0x464c Dhcp - ok
22:31:37.0209 0x464c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:31:37.0214 0x464c discache - ok
22:31:37.0227 0x464c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
22:31:37.0234 0x464c Disk - ok
22:31:37.0252 0x464c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:31:37.0259 0x464c Dnscache - ok
22:31:37.0284 0x464c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:31:37.0299 0x464c dot3svc - ok
22:31:37.0319 0x464c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:31:37.0324 0x464c DPS - ok
22:31:37.0357 0x464c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:31:37.0362 0x464c drmkaud - ok
22:31:37.0399 0x464c [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:31:37.0414 0x464c dtsoftbus01 - ok
22:31:37.0482 0x464c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:31:37.0549 0x464c DXGKrnl - ok
22:31:37.0584 0x464c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:31:37.0587 0x464c EapHost - ok
22:31:37.0914 0x464c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:31:38.0109 0x464c ebdrv - ok
22:31:38.0157 0x464c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
22:31:38.0159 0x464c EFS - ok
22:31:38.0262 0x464c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:31:38.0314 0x464c ehRecvr - ok
22:31:38.0339 0x464c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:31:38.0349 0x464c ehSched - ok
22:31:38.0384 0x464c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:31:38.0442 0x464c elxstor - ok
22:31:38.0454 0x464c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:31:38.0459 0x464c ErrDev - ok
22:31:38.0602 0x464c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:31:38.0622 0x464c EventSystem - ok
22:31:38.0647 0x464c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:31:38.0657 0x464c exfat - ok
22:31:38.0664 0x464c ezSharedSvc - ok
22:31:38.0687 0x464c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:31:38.0702 0x464c fastfat - ok
22:31:38.0752 0x464c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:31:38.0804 0x464c Fax - ok
22:31:38.0837 0x464c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
22:31:38.0847 0x464c fdc - ok
22:31:38.0884 0x464c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:31:38.0887 0x464c fdPHost - ok
22:31:38.0902 0x464c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:31:38.0904 0x464c FDResPub - ok
22:31:38.0927 0x464c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:31:38.0934 0x464c FileInfo - ok
22:31:38.0947 0x464c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:31:38.0957 0x464c Filetrace - ok
22:31:38.0992 0x464c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:31:39.0002 0x464c flpydisk - ok
22:31:39.0032 0x464c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:31:39.0052 0x464c FltMgr - ok
22:31:39.0117 0x464c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
22:31:39.0182 0x464c FontCache - ok
22:31:39.0222 0x464c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:31:39.0264 0x464c FontCache3.0.0.0 - ok
22:31:39.0294 0x464c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:31:39.0302 0x464c FsDepends - ok
22:31:39.0324 0x464c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:31:39.0329 0x464c Fs_Rec - ok
22:31:39.0362 0x464c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:31:39.0389 0x464c fvevol - ok
22:31:39.0424 0x464c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:31:39.0432 0x464c gagp30kx - ok
22:31:39.0487 0x464c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:31:39.0522 0x464c gpsvc - ok
22:31:39.0569 0x464c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:39.0572 0x464c gupdate - ok
22:31:39.0579 0x464c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:39.0582 0x464c gupdatem - ok
22:31:39.0599 0x464c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:31:39.0607 0x464c hcw85cir - ok
22:31:39.0634 0x464c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:31:39.0652 0x464c HdAudAddService - ok
22:31:39.0667 0x464c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:31:39.0674 0x464c HDAudBus - ok
22:31:39.0694 0x464c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:31:39.0699 0x464c HidBatt - ok
22:31:39.0722 0x464c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:31:39.0732 0x464c HidBth - ok
22:31:39.0754 0x464c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
22:31:39.0759 0x464c HidIr - ok
22:31:39.0779 0x464c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:31:39.0779 0x464c hidserv - ok
22:31:39.0802 0x464c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:31:39.0807 0x464c HidUsb - ok
22:31:39.0832 0x464c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:31:39.0834 0x464c hkmsvc - ok
22:31:39.0849 0x464c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:31:39.0869 0x464c HomeGroupListener - ok
22:31:39.0899 0x464c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:31:39.0904 0x464c HomeGroupProvider - ok
22:31:39.0984 0x464c [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
22:31:40.0037 0x464c HPAuto - ok
22:31:40.0084 0x464c [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
22:31:40.0099 0x464c HPClientSvc - ok
22:31:40.0187 0x464c [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559, FCC28D44C1E3F6FF65C596CDA9BF09C03D4EF3EEFCDB628954A07B0D3E182F3B ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:31:40.0219 0x464c hpqwmiex - ok
22:31:40.0307 0x464c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:31:40.0317 0x464c HpSAMD - ok
22:31:40.0342 0x464c [ 28E15C3D39DCD27A79251BA0BF216A11, DF6CEA842B84148CCB90CA5DB02265BE71BA95CCDE0E186DD72191E0EFA14C11 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
22:31:40.0342 0x464c HPWMISVC - ok
22:31:40.0374 0x464c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:31:40.0387 0x464c HTTP - ok
22:31:40.0414 0x464c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:31:40.0419 0x464c hwpolicy - ok
22:31:40.0447 0x464c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:40.0454 0x464c i8042prt - ok
22:31:40.0662 0x464c [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:31:40.0672 0x464c iaStor - ok
22:31:40.0717 0x464c [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:31:40.0717 0x464c IAStorDataMgrSvc - ok
22:31:40.0747 0x464c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:31:40.0764 0x464c iaStorV - ok
22:31:40.0884 0x464c [ D22D82D74FD1B6C77E7556DBDC3EA9D2, D18B461034A2ECF76E87D13EADA8F9292E44D441B99519D382B29CF99875E5AD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:31:40.0987 0x464c IconMan_R - ok
22:31:41.0057 0x464c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:31:41.0082 0x464c IDriverT - ok
22:31:41.0167 0x464c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:31:41.0239 0x464c idsvc - ok
22:31:41.0247 0x464c IEEtwCollectorService - ok
22:31:41.0652 0x464c [ 6383899C5F964D71B0F96B81FBE59BB8, 780B2B5945CF266CD0807B6F91177A558EC1E568F9D7D850C172A137414394E6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:31:42.0127 0x464c igfx - ok
22:31:42.0184 0x464c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:31:42.0192 0x464c iirsp - ok
22:31:42.0247 0x464c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:31:42.0277 0x464c IKEEXT - ok
22:31:42.0319 0x464c [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:31:42.0337 0x464c IntcDAud - ok
22:31:42.0359 0x464c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:31:42.0367 0x464c intelide - ok
22:31:42.0402 0x464c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:31:42.0409 0x464c intelppm - ok
22:31:42.0432 0x464c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:31:42.0442 0x464c IPBusEnum - ok
22:31:42.0457 0x464c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:42.0467 0x464c IpFilterDriver - ok
22:31:42.0499 0x464c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:31:42.0527 0x464c iphlpsvc - ok
22:31:42.0549 0x464c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:31:42.0557 0x464c IPMIDRV - ok
22:31:42.0577 0x464c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:31:42.0584 0x464c IPNAT - ok
22:31:42.0602 0x464c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:31:42.0607 0x464c IRENUM - ok
22:31:42.0622 0x464c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:31:42.0629 0x464c isapnp - ok
22:31:42.0662 0x464c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:31:42.0677 0x464c iScsiPrt - ok
22:31:42.0732 0x464c [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
22:31:42.0737 0x464c jhi_service - ok
22:31:42.0767 0x464c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:42.0777 0x464c kbdclass - ok
22:31:42.0787 0x464c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:42.0794 0x464c kbdhid - ok
22:31:42.0812 0x464c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
22:31:42.0814 0x464c KeyIso - ok
22:31:42.0844 0x464c [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:31:42.0854 0x464c KSecDD - ok
22:31:42.0869 0x464c [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:31:42.0882 0x464c KSecPkg - ok
22:31:42.0892 0x464c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:31:42.0894 0x464c ksthunk - ok
22:31:42.0939 0x464c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:31:42.0957 0x464c KtmRm - ok
22:31:42.0997 0x464c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:31:43.0004 0x464c LanmanServer - ok
22:31:43.0032 0x464c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:43.0037 0x464c LanmanWorkstation - ok
22:31:43.0052 0x464c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:31:43.0059 0x464c lltdio - ok
22:31:43.0094 0x464c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:31:43.0112 0x464c lltdsvc - ok
22:31:43.0124 0x464c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:31:43.0127 0x464c lmhosts - ok
22:31:43.0169 0x464c [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:31:43.0179 0x464c LMS - ok
22:31:43.0204 0x464c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:31:43.0214 0x464c LSI_FC - ok
22:31:43.0219 0x464c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:31:43.0227 0x464c LSI_SAS - ok
22:31:43.0242 0x464c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:31:43.0252 0x464c LSI_SAS2 - ok
22:31:43.0274 0x464c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:31:43.0284 0x464c LSI_SCSI - ok
22:31:43.0299 0x464c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:31:43.0314 0x464c luafv - ok
22:31:43.0467 0x464c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:31:43.0477 0x464c Mcx2Svc - ok
22:31:43.0492 0x464c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
22:31:43.0499 0x464c megasas - ok
22:31:43.0527 0x464c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:31:43.0544 0x464c MegaSR - ok
22:31:43.0564 0x464c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:31:43.0572 0x464c MEIx64 - ok
22:31:43.0607 0x464c [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2 C:\Windows\system32\CFCE.tmp
22:31:43.0627 0x464c MEMSWEEP2 - ok
22:31:43.0657 0x464c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:31:43.0659 0x464c MMCSS - ok
22:31:43.0674 0x464c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:31:43.0679 0x464c Modem - ok
22:31:43.0707 0x464c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:31:43.0707 0x464c monitor - ok
22:31:43.0732 0x464c [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
22:31:43.0742 0x464c MotioninJoyXFilter - ok
22:31:43.0764 0x464c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:31:43.0777 0x464c mouclass - ok
22:31:43.0789 0x464c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:31:43.0794 0x464c mouhid - ok
22:31:43.0807 0x464c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:31:43.0814 0x464c mountmgr - ok
22:31:43.0849 0x464c [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:31:43.0854 0x464c MozillaMaintenance - ok
22:31:43.0877 0x464c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:31:43.0889 0x464c mpio - ok
22:31:43.0904 0x464c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:31:43.0912 0x464c mpsdrv - ok
22:31:43.0962 0x464c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:31:43.0994 0x464c MpsSvc - ok
22:31:44.0019 0x464c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:31:44.0029 0x464c MRxDAV - ok
22:31:44.0064 0x464c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:44.0074 0x464c mrxsmb - ok
22:31:44.0089 0x464c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:44.0107 0x464c mrxsmb10 - ok
22:31:44.0114 0x464c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:44.0122 0x464c mrxsmb20 - ok
22:31:44.0142 0x464c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:31:44.0157 0x464c msahci - ok
22:31:44.0472 0x464c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:31:44.0479 0x464c msdsm - ok
22:31:44.0604 0x464c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:31:44.0617 0x464c MSDTC - ok
22:31:44.0624 0x464c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:31:44.0629 0x464c Msfs - ok
22:31:44.0644 0x464c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:31:44.0649 0x464c mshidkmdf - ok
22:31:44.0654 0x464c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:31:44.0662 0x464c msisadrv - ok
22:31:44.0717 0x464c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:31:44.0727 0x464c MSiSCSI - ok
22:31:44.0729 0x464c msiserver - ok
22:31:44.0774 0x464c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:31:44.0779 0x464c MSKSSRV - ok
22:31:44.0789 0x464c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:44.0794 0x464c MSPCLOCK - ok
22:31:44.0809 0x464c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:31:44.0814 0x464c MSPQM - ok
22:31:44.0879 0x464c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:31:44.0987 0x464c MsRPC - ok
22:31:45.0077 0x464c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:31:45.0089 0x464c mssmbios - ok
22:31:45.0144 0x464c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:31:45.0157 0x464c MSTEE - ok
22:31:45.0167 0x464c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:31:45.0177 0x464c MTConfig - ok
22:31:45.0199 0x464c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:31:45.0212 0x464c Mup - ok
22:31:45.0314 0x464c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:31:45.0327 0x464c napagent - ok
22:31:45.0374 0x464c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:31:45.0392 0x464c NativeWifiP - ok
22:31:45.0574 0x464c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
22:31:45.0617 0x464c NDIS - ok
22:31:45.0652 0x464c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:31:45.0662 0x464c NdisCap - ok
22:31:45.0709 0x464c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:45.0724 0x464c NdisTapi - ok
22:31:45.0837 0x464c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:45.0842 0x464c Ndisuio - ok
22:31:45.0849 0x464c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:45.0862 0x464c NdisWan - ok
22:31:45.0887 0x464c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:31:45.0894 0x464c NDProxy - ok
22:31:45.0907 0x464c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:31:45.0912 0x464c NetBIOS - ok
22:31:45.0977 0x464c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:31:45.0992 0x464c NetBT - ok
22:31:46.0004 0x464c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
22:31:46.0007 0x464c Netlogon - ok
22:31:46.0074 0x464c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:31:46.0094 0x464c Netman - ok
22:31:46.0114 0x464c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:46.0384 0x464c NetMsmqActivator - ok
22:31:46.0504 0x464c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:46.0507 0x464c NetPipeActivator - ok
22:31:46.0634 0x464c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:31:46.0654 0x464c netprofm - ok
22:31:46.0884 0x464c [ 5758FD37BF31E759F8610311E4D08ECA, 4F502E4DBD7725F2929CACD6D5E68018C5F7C10A9D12CD131CC69E72530DEA5F ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
22:31:46.0987 0x464c netr28x - ok
22:31:47.0007 0x464c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:47.0009 0x464c NetTcpActivator - ok
22:31:47.0017 0x464c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:47.0019 0x464c NetTcpPortSharing - ok
22:31:47.0044 0x464c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:31:47.0054 0x464c nfrd960 - ok
22:31:47.0137 0x464c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:31:47.0147 0x464c NlaSvc - ok
22:31:47.0577 0x464c [ 91FC7F4BB192639E8893A9733E1F0E82, 095A807ACE813A8954018293D65294DFAFA2B1A66DCAFBCFDACA8654FF062C31 ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
22:31:47.0582 0x464c nlsX86cc - ok
22:31:47.0602 0x464c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:31:47.0607 0x464c Npfs - ok
22:31:47.0627 0x464c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:31:47.0629 0x464c nsi - ok
22:31:47.0639 0x464c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:31:47.0644 0x464c nsiproxy - ok
22:31:47.0714 0x464c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:31:47.0802 0x464c Ntfs - ok
22:31:47.0839 0x464c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:31:47.0844 0x464c Null - ok
22:31:47.0867 0x464c [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
22:31:47.0884 0x464c NVENETFD - ok
22:31:47.0892 0x464c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:31:47.0902 0x464c nvraid - ok
22:31:47.0947 0x464c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:31:47.0957 0x464c nvstor - ok
22:31:47.0969 0x464c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:31:47.0977 0x464c nv_agp - ok
22:31:48.0054 0x464c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:31:48.0109 0x464c odserv - ok
22:31:48.0134 0x464c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:31:48.0277 0x464c ohci1394 - ok
22:31:48.0407 0x464c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:48.0437 0x464c ose - ok
22:31:48.0644 0x464c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:48.0867 0x464c osppsvc - ok
22:31:48.0942 0x464c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:31:48.0952 0x464c p2pimsvc - ok
22:31:48.0972 0x464c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:31:48.0994 0x464c p2psvc - ok
22:31:49.0022 0x464c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
22:31:49.0032 0x464c Parport - ok
22:31:49.0054 0x464c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:31:49.0062 0x464c partmgr - ok
22:31:49.0074 0x464c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
22:31:49.0082 0x464c PcaSvc - ok
22:31:49.0107 0x464c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:31:49.0119 0x464c pci - ok
22:31:49.0137 0x464c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:31:49.0144 0x464c pciide - ok
22:31:49.0169 0x464c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:31:49.0184 0x464c pcmcia - ok
22:31:49.0189 0x464c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:31:49.0197 0x464c pcw - ok
22:31:49.0232 0x464c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:31:49.0279 0x464c PEAUTH - ok
22:31:49.0297 0x464c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:31:49.0324 0x464c PerfHost - ok
22:31:49.0402 0x464c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:31:49.0487 0x464c pla - ok
22:31:49.0527 0x464c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:31:49.0539 0x464c PlugPlay - ok
22:31:49.0547 0x464c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:31:49.0554 0x464c PNRPAutoReg - ok
22:31:49.0579 0x464c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:31:49.0587 0x464c PNRPsvc - ok
22:31:49.0632 0x464c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:31:49.0664 0x464c PolicyAgent - ok
22:31:49.0709 0x464c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:31:49.0714 0x464c Power - ok
22:31:49.0744 0x464c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:31:49.0752 0x464c PptpMiniport - ok
22:31:49.0769 0x464c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
22:31:49.0777 0x464c Processor - ok
22:31:49.0804 0x464c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
22:31:49.0812 0x464c ProfSvc - ok
22:31:49.0822 0x464c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:49.0824 0x464c ProtectedStorage - ok
22:31:49.0842 0x464c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:31:49.0844 0x464c Psched - ok
22:31:49.0884 0x464c [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:31:49.0892 0x464c PxHlpa64 - ok
22:31:49.0964 0x464c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:31:50.0084 0x464c ql2300 - ok
22:31:50.0109 0x464c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:31:50.0119 0x464c ql40xx - ok
22:31:50.0157 0x464c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:31:50.0267 0x464c QWAVE - ok
22:31:50.0349 0x464c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:31:50.0359 0x464c QWAVEdrv - ok
22:31:50.0432 0x464c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:31:50.0437 0x464c RasAcd - ok
22:31:50.0484 0x464c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:31:50.0492 0x464c RasAgileVpn - ok
22:31:50.0519 0x464c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:31:50.0529 0x464c RasAuto - ok
22:31:50.0537 0x464c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:50.0547 0x464c Rasl2tp - ok
22:31:50.0577 0x464c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:31:50.0587 0x464c RasMan - ok
22:31:50.0599 0x464c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:50.0609 0x464c RasPppoe - ok
22:31:50.0614 0x464c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:31:50.0622 0x464c RasSstp - ok
22:31:50.0662 0x464c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:31:50.0677 0x464c rdbss - ok
22:31:50.0697 0x464c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:31:50.0702 0x464c rdpbus - ok
22:31:50.0717 0x464c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:50.0719 0x464c RDPCDD - ok
22:31:50.0724 0x464c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:31:50.0727 0x464c RDPENCDD - ok
22:31:50.0734 0x464c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:31:50.0737 0x464c RDPREFMP - ok
22:31:50.0772 0x464c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:31:50.0784 0x464c RDPWD - ok
22:31:50.0802 0x464c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:31:50.0814 0x464c rdyboost - ok
22:31:50.0852 0x464c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:31:50.0862 0x464c RemoteAccess - ok
22:31:50.0892 0x464c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:31:50.0902 0x464c RemoteRegistry - ok
22:31:50.0914 0x464c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:31:50.0919 0x464c RpcEptMapper - ok
22:31:50.0934 0x464c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:31:50.0939 0x464c RpcLocator - ok
22:31:50.0962 0x464c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
22:31:50.0972 0x464c RpcSs - ok
22:31:51.0009 0x464c [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
22:31:51.0017 0x464c RSPCIESTOR - ok
22:31:51.0039 0x464c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:31:51.0044 0x464c rspndr - ok
22:31:51.0074 0x464c [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:31:51.0089 0x464c RTL8167 - ok
22:31:51.0132 0x464c [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
22:31:51.0134 0x464c RzKLService - ok
22:31:51.0154 0x464c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
22:31:51.0154 0x464c SamSs - ok
22:31:51.0174 0x464c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:31:51.0184 0x464c sbp2port - ok
22:31:51.0217 0x464c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:31:51.0232 0x464c SCardSvr - ok
22:31:51.0252 0x464c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:31:51.0257 0x464c scfilter - ok
22:31:51.0302 0x464c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
22:31:51.0364 0x464c Schedule - ok
22:31:51.0389 0x464c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:31:51.0392 0x464c SCPolicySvc - ok
22:31:51.0414 0x464c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:31:51.0419 0x464c sdbus - ok
22:31:51.0439 0x464c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:31:51.0454 0x464c SDRSVC - ok
22:31:51.0467 0x464c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:31:51.0472 0x464c secdrv - ok
22:31:51.0489 0x464c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
22:31:51.0497 0x464c seclogon - ok
22:31:51.0507 0x464c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:31:51.0509 0x464c SENS - ok
22:31:51.0517 0x464c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:31:51.0527 0x464c SensrSvc - ok
22:31:51.0539 0x464c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:31:51.0544 0x464c Serenum - ok
22:31:51.0562 0x464c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
22:31:51.0572 0x464c Serial - ok
22:31:51.0584 0x464c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:31:51.0589 0x464c sermouse - ok
22:31:51.0612 0x464c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:31:51.0617 0x464c SessionEnv - ok
22:31:51.0637 0x464c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:31:51.0642 0x464c sffdisk - ok
22:31:51.0649 0x464c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:31:51.0654 0x464c sffp_mmc - ok
22:31:51.0662 0x464c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:31:51.0667 0x464c sffp_sd - ok
22:31:51.0677 0x464c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:31:51.0682 0x464c sfloppy - ok
22:31:51.0732 0x464c [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
22:31:51.0799 0x464c Sftfs - ok
22:31:51.0837 0x464c [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:31:51.0849 0x464c Sftplay - ok
22:31:51.0867 0x464c [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:31:51.0872 0x464c Sftredir - ok
22:31:51.0892 0x464c [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
22:31:51.0897 0x464c Sftvol - ok
22:31:51.0937 0x464c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:31:51.0957 0x464c SharedAccess - ok
22:31:52.0002 0x464c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:52.0009 0x464c ShellHWDetection - ok
22:31:52.0034 0x464c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:31:52.0039 0x464c SiSRaid2 - ok
22:31:52.0052 0x464c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:31:52.0059 0x464c SiSRaid4 - ok
22:31:52.0079 0x464c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:31:52.0084 0x464c Smb - ok
22:31:52.0109 0x464c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:31:52.0114 0x464c SNMPTRAP - ok
22:31:52.0142 0x464c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:31:52.0152 0x464c spldr - ok
22:31:52.0302 0x464c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:31:52.0379 0x464c Spooler - ok
22:31:52.0502 0x464c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:31:52.0614 0x464c sppsvc - ok
22:31:52.0632 0x464c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:31:52.0642 0x464c sppuinotify - ok
22:31:52.0672 0x464c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:31:52.0702 0x464c srv - ok
22:31:52.0719 0x464c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:31:52.0737 0x464c srv2 - ok
22:31:52.0772 0x464c [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:31:52.0787 0x464c SrvHsfHDA - ok
22:31:52.0847 0x464c [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:31:52.0934 0x464c SrvHsfV92 - ok
22:31:52.0992 0x464c [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:31:53.0044 0x464c SrvHsfWinac - ok
22:31:53.0067 0x464c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:31:53.0077 0x464c srvnet - ok
22:31:53.0122 0x464c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:31:53.0129 0x464c SSDPSRV - ok
22:31:53.0142 0x464c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:31:53.0144 0x464c SstpSvc - ok
22:31:53.0197 0x464c [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0, AD540FB4F300731DE403FB95F110A0F3DBA25917A91EAB23966286DD88C98D17 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
22:31:53.0204 0x464c STacSV - ok
22:31:53.0229 0x464c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:31:53.0234 0x464c stexstor - ok
22:31:53.0274 0x464c [ EBA98394A7D58F7552C52192BD8FA7E6, 4238870E50132E87772300058B37E36973695CC1A5E62117EEF4B424C6A137E4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
22:31:53.0307 0x464c STHDA - ok
22:31:53.0347 0x464c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:31:53.0382 0x464c stisvc - ok
22:31:53.0407 0x464c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
22:31:53.0412 0x464c swenum - ok
22:31:53.0472 0x464c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:31:53.0492 0x464c SwitchBoard - ok
22:31:53.0537 0x464c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:31:53.0569 0x464c swprv - ok
22:31:53.0637 0x464c [ C447977ED2A4AE9346FE3A0579A34D7C, 35A8F13AAB57549BBC1457AD86F44FEF2394E55841A1D6D6C5E029310E02F377 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:31:53.0729 0x464c SynTP - ok
22:31:53.0874 0x464c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
22:31:53.0947 0x464c SysMain - ok
22:31:53.0969 0x464c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:53.0974 0x464c TabletInputService - ok
22:31:53.0994 0x464c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:31:54.0002 0x464c TapiSrv - ok
22:31:54.0014 0x464c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:31:54.0024 0x464c TBS - ok
22:31:54.0112 0x464c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:31:54.0669 0x464c Tcpip - ok
22:31:54.0942 0x464c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:31:54.0982 0x464c TCPIP6 - ok
22:31:55.0027 0x464c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:31:55.0034 0x464c tcpipreg - ok
22:31:55.0057 0x464c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:31:55.0062 0x464c TDPIPE - ok
22:31:55.0084 0x464c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:31:55.0087 0x464c TDTCP - ok
22:31:55.0109 0x464c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:31:55.0119 0x464c tdx - ok
22:31:55.0134 0x464c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
22:31:55.0142 0x464c TermDD - ok
22:31:55.0199 0x464c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
22:31:55.0229 0x464c TermService - ok
22:31:55.0244 0x464c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:31:55.0252 0x464c Themes - ok
22:31:55.0289 0x464c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:31:55.0292 0x464c THREADORDER - ok
22:31:55.0319 0x464c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:31:55.0322 0x464c TrkWks - ok
22:31:55.0402 0x464c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:55.0409 0x464c TrustedInstaller - ok
22:31:55.0437 0x464c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:55.0442 0x464c tssecsrv - ok
22:31:55.0454 0x464c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:31:55.0462 0x464c TsUsbFlt - ok
22:31:55.0482 0x464c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:31:55.0487 0x464c TsUsbGD - ok
22:31:55.0597 0x464c [ FDD4A2791EAC764854CA2C20F611E428, CD8F6FD6A544D7A7C689EA006925962929466693BAA7947CFAA221D686531C5D ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
22:31:55.0684 0x464c TuneUp.UtilitiesSvc - ok
22:31:55.0717 0x464c [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
22:31:55.0722 0x464c TuneUpUtilitiesDrv - ok
22:31:55.0734 0x464c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:31:55.0744 0x464c tunnel - ok
22:31:55.0774 0x464c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:31:55.0782 0x464c uagp35 - ok
22:31:55.0812 0x464c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:31:55.0829 0x464c udfs - ok
22:31:55.0862 0x464c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:31:55.0869 0x464c UI0Detect - ok
22:31:55.0887 0x464c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:31:55.0894 0x464c uliagpkx - ok
22:31:55.0907 0x464c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:31:55.0914 0x464c umbus - ok
22:31:55.0934 0x464c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
22:31:55.0937 0x464c UmPass - ok
22:31:55.0979 0x464c [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:31:55.0984 0x464c UnlockerDriver5 - ok
22:31:56.0107 0x464c [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:31:56.0204 0x464c UNS - ok
22:31:56.0407 0x464c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:31:56.0419 0x464c upnphost - ok
22:31:56.0439 0x464c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:56.0447 0x464c usbccgp - ok
22:31:56.0474 0x464c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:31:56.0484 0x464c usbcir - ok
22:31:56.0684 0x464c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:31:56.0697 0x464c usbehci - ok
22:31:56.0762 0x464c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:31:56.0782 0x464c usbhub - ok
22:31:56.0852 0x464c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:31:56.0857 0x464c usbohci - ok
22:31:56.0882 0x464c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:31:56.0887 0x464c usbprint - ok
22:31:56.0922 0x464c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:31:56.0929 0x464c usbscan - ok
22:31:56.0944 0x464c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:56.0952 0x464c USBSTOR - ok
22:31:56.0957 0x464c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:31:56.0962 0x464c usbuhci - ok
22:31:56.0999 0x464c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:31:57.0009 0x464c usbvideo - ok
22:31:57.0032 0x464c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:31:57.0034 0x464c UxSms - ok
22:31:57.0059 0x464c [ ED52BD327DE6B8AAFC05CF8F46B0E4FB, FBDB05197DFDBB9BE7C762B38BC35B45267D9FB68B49297BB521F2852AB80C12 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
22:31:57.0064 0x464c UxTuneUp - ok
22:31:57.0074 0x464c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
22:31:57.0074 0x464c VaultSvc - ok
22:31:57.0112 0x464c [ B0A8C5BC95689A130F9E05492341833D, 8DDC6D77B0541813919B685D2DFCDFA4F752F8DD99400DA87523F8D2E9D72D27 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:31:57.0119 0x464c VBoxNetAdp - ok
22:31:57.0124 0x464c VBoxNetFlt - ok
22:31:57.0147 0x464c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:31:57.0152 0x464c vdrvroot - ok
22:31:57.0187 0x464c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:31:57.0219 0x464c vds - ok
22:31:57.0232 0x464c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:57.0237 0x464c vga - ok
22:31:57.0252 0x464c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:31:57.0257 0x464c VgaSave - ok
22:31:57.0279 0x464c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:31:57.0292 0x464c vhdmp - ok
22:31:57.0317 0x464c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:31:57.0319 0x464c viaide - ok
22:31:57.0324 0x464c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:31:57.0332 0x464c volmgr - ok
22:31:57.0357 0x464c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:31:57.0387 0x464c volmgrx - ok
22:31:57.0402 0x464c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:31:57.0432 0x464c volsnap - ok
22:31:57.0449 0x464c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:31:57.0459 0x464c vsmraid - ok
22:31:57.0537 0x464c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:31:57.0602 0x464c VSS - ok
22:31:57.0622 0x464c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:31:57.0627 0x464c vwifibus - ok
22:31:57.0652 0x464c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:31:57.0659 0x464c vwififlt - ok
22:31:57.0677 0x464c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:31:57.0689 0x464c W32Time - ok
22:31:57.0709 0x464c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:31:57.0714 0x464c WacomPen - ok
22:31:57.0719 0x464c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:31:57.0727 0x464c WANARP - ok
22:31:57.0732 0x464c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:31:57.0732 0x464c Wanarpv6 - ok
22:31:57.0807 0x464c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:31:57.0862 0x464c wbengine - ok
22:31:57.0882 0x464c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:31:57.0899 0x464c WbioSrvc - ok
22:31:57.0922 0x464c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:31:57.0939 0x464c wcncsvc - ok
22:31:57.0952 0x464c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:57.0959 0x464c WcsPlugInService - ok
22:31:57.0989 0x464c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
22:31:57.0994 0x464c Wd - ok
22:31:58.0037 0x464c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:31:58.0112 0x464c Wdf01000 - ok
22:31:58.0127 0x464c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:31:58.0132 0x464c WdiServiceHost - ok
22:31:58.0172 0x464c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:31:58.0174 0x464c WdiSystemHost - ok
22:31:58.0462 0x464c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
22:31:58.0519 0x464c WebClient - ok
22:31:58.0569 0x464c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:31:58.0657 0x464c Wecsvc - ok
22:31:58.0762 0x464c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:31:58.0767 0x464c wercplsupport - ok
22:31:58.0777 0x464c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:31:58.0779 0x464c WerSvc - ok
22:31:58.0794 0x464c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:31:58.0797 0x464c WfpLwf - ok
22:31:58.0812 0x464c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:31:58.0817 0x464c WIMMount - ok
22:31:58.0897 0x464c WinDefend - ok
22:31:58.0904 0x464c WinHttpAutoProxySvc - ok
22:31:58.0967 0x464c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:31:58.0977 0x464c Winmgmt - ok
22:31:59.0094 0x464c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
22:31:59.0209 0x464c WinRM - ok
22:31:59.0237 0x464c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:31:59.0244 0x464c WinUsb - ok
22:31:59.0317 0x464c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:31:59.0349 0x464c Wlansvc - ok
22:31:59.0359 0x464c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:31:59.0362 0x464c WmiAcpi - ok
22:31:59.0399 0x464c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:31:59.0412 0x464c wmiApSrv - ok
22:31:59.0434 0x464c WMPNetworkSvc - ok
22:31:59.0447 0x464c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:31:59.0454 0x464c WPCSvc - ok
22:31:59.0474 0x464c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:31:59.0487 0x464c WPDBusEnum - ok
22:31:59.0517 0x464c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:31:59.0522 0x464c ws2ifsl - ok
22:31:59.0544 0x464c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:31:59.0549 0x464c wscsvc - ok
22:31:59.0552 0x464c WSearch - ok
22:31:59.0654 0x464c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
22:31:59.0729 0x464c wuauserv - ok
22:31:59.0757 0x464c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:31:59.0764 0x464c WudfPf - ok
22:31:59.0782 0x464c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:59.0792 0x464c WUDFRd - ok
22:31:59.0812 0x464c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:31:59.0819 0x464c wudfsvc - ok
22:31:59.0852 0x464c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:31:59.0867 0x464c WwanSvc - ok
22:31:59.0899 0x464c [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
22:31:59.0912 0x464c xusb21 - ok
22:31:59.0914 0x464c ================ Scan global ===============================
22:31:59.0992 0x464c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:32:00.0024 0x464c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:32:00.0039 0x464c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:32:00.0069 0x464c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:32:00.0112 0x464c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:32:00.0119 0x464c [ Global ] - ok
22:32:00.0122 0x464c ================ Scan MBR ==================================
22:32:00.0134 0x464c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:32:00.0562 0x464c \Device\Harddisk0\DR0 - ok
22:32:00.0562 0x464c ================ Scan VBR ==================================
22:32:00.0577 0x464c [ A4DC00C02F3683C414B1CE784E20712E ] \Device\Harddisk0\DR0\Partition1
22:32:00.0579 0x464c \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
22:32:00.0579 0x464c \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
22:32:03.0454 0x464c [ C9C4119342B56580733A3024F1A669D1 ] \Device\Harddisk0\DR0\Partition2
22:32:03.0457 0x464c \Device\Harddisk0\DR0\Partition2 - ok
22:32:03.0484 0x464c [ 3EDD318BEF1AA489B91CE654B3892F2A ] \Device\Harddisk0\DR0\Partition3
22:32:03.0487 0x464c \Device\Harddisk0\DR0\Partition3 - ok
22:32:03.0499 0x464c [ EB419202B5D013C661F5D158DF2A6D69 ] \Device\Harddisk0\DR0\Partition4
22:32:03.0502 0x464c \Device\Harddisk0\DR0\Partition4 - ok
22:32:03.0502 0x464c ================ Scan generic autorun ======================
22:32:03.0554 0x464c [ 7A84E598C4C11ADBBA4E99C7485B4155, 81E85FBB82C860E20B7F4BF7BCD73ED40C669596C5CFC0A6170F3EF836D70B8F ] C:\Windows\system32\igfxtray.exe
22:32:03.0567 0x464c IgfxTray - ok
22:32:03.0584 0x464c [ 78D3B79668EA01B205EECEF05925FB77, 00409843BBA6C0F105FCA7F5558DAD227769459853A4AC6CECA5E5764C7ECAA7 ] C:\Windows\system32\hkcmd.exe
22:32:03.0592 0x464c HotKeysCmds - ok
22:32:03.0619 0x464c [ A29F379B1FB9A4777A1D8174DDE4191F, 0C87D894AE43A3C06FE506FAB1837037CDAA55476839A837243F84B90368D1E1 ] C:\Windows\system32\igfxpers.exe
22:32:03.0629 0x464c Persistence - ok
22:32:03.0629 0x464c SynTPEnh - ok
22:32:03.0687 0x464c [ D5A3EB5ED95E36B643E55F9F489FC8FC, 9DAE0075888E540659E6FC3FAB433108BF296CDF52DA11ECA4440E06E5187ED1 ] C:\Program Files\IDT\WDM\sttray64.exe
22:32:03.0704 0x464c SysTrayApp - ok
22:32:03.0762 0x464c [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:32:03.0784 0x464c AdobeAAMUpdater-1.0 - ok
22:32:03.0842 0x464c [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:32:03.0847 0x464c IAStorIcon - ok
22:32:03.0887 0x464c [ 6BC1FD51069D65F5A938468BF95871CC, 4EEF809CA11CEA8B6BF81242B8CE1AA8B280FCEF1AE98AF2AEE29DDC71167621 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
22:32:03.0909 0x464c HP Quick Launch - ok
22:32:03.0909 0x464c Sidebar - ok
22:32:03.0932 0x464c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:32:03.0939 0x464c mctadmin - ok
22:32:03.0942 0x464c Sidebar - ok
22:32:03.0947 0x464c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:32:03.0949 0x464c mctadmin - ok
22:32:04.0087 0x464c [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
22:32:04.0194 0x464c DAEMON Tools Lite - ok
22:32:04.0444 0x464c [ 5B30F5BF4A6EC5AD6B5075C1241A419B, A19B7C90D5BB5EB8B358CEB3C46CD1274486C016608412434ACDB3E45838F4E6 ] C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe
22:32:04.0659 0x464c Spotify - ok
22:32:04.0734 0x464c [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:32:04.0779 0x464c Spotify Web Helper - ok
22:32:04.0782 0x464c YbcbPack - ok
22:32:04.0817 0x464c WerFaultSecure - ok
22:32:04.0817 0x464c Waiting for KSN requests completion. In queue: 47
22:32:05.0817 0x464c Waiting for KSN requests completion. In queue: 47
22:32:06.0817 0x464c Waiting for KSN requests completion. In queue: 47
22:32:07.0922 0x464c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
22:32:07.0939 0x464c Win FW state via NFP2: enabled
22:32:10.0737 0x464c ============================================================
22:32:10.0737 0x464c Scan finished
22:32:10.0737 0x464c ============================================================
22:32:10.0745 0x31f0 Detected object count: 1
22:32:10.0745 0x31f0 Actual detected object count: 1
22:32:39.0332 0x31f0 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
22:32:39.0337 0x31f0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
22:32:39.0372 0x31f0 \Device\Harddisk0\DR0\Partition1 - ok
22:32:39.0372 0x31f0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
22:32:39.0470 0x31f0 KLMD registered as C:\Windows\system32\drivers\33763986.sys
22:32:44.0263 0x460c Deinitialize success
|
|
10.09.2014, 17:33
| #8 |
| /// the machine /// TB-Ausbilder | Win 7: Malware im Bootsektor Mach bitte nochmal nen neuen Scan mit TDSSKiller und poste das Log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 7: Malware im Bootsektor |
| 0x8007042, adobe, bootsektor, datei, download, dvdvideosoft ltd., entfernt, explorer, fast start, google, grand theft auto, home, internet, internet explorer, langsam, launch, malware, mas, newtab, photoshop, programm, rootkit, scan, sophos, spotify web helper, suche, taskmanager, unerwünschtes programm, virus, win, windows, windows 7 |
Linear-Darstellung
