| |
| |||||||
Log-Analyse und Auswertung: Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.11.2014, 23:41
| #1 |
| |  Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen Zur Erklärung der Rechnername "KING OF VIENNA" stammt nicht von mir!! Verdachtserregendes Symptom: ----------------------------- (warum ich glaube, daß malware aktiv ist) ----------------------------------------- Ich verwende für email "thebat" in der letzten 4er Version (ja ist etwas alt geb ich zu) unter win7. Gestern Abend kamen auf 3 voneinander unabhängigen email-konten (aon.at, yahoo.de, mein webhoster) bei der POP-Abfrage emails herein, die einen Absender (3x derselbe) aus meinem Adressbuch hatten + offensichtlicher Spam waren mit einem vermutlich schädlichen link + und eines der mails war sogar als gesendet über eine email-liste gekennzeichnet [im Betreff] (hab inzwischen beim webhoster im webmail die Nachricht auch gefunden - die ging tatsächlich übers netz - war nicht nur lokal auf meinem Rechner in die POP-Abfrage eingeschleust), einer Liste die ziemlich exotisch ist und mit der vorgegebenen Absenderin garnix zu tun hat. Die angebliche Absenderin hat noch nie von dieser email-liste gehört und kennt auch meine 2 anderen email-Adressen nicht (ist eine kleine Liste ehemaliger Studenten einer Studienrichtung an einer Uni in Wien - die angeblich sendende Freundin hat von der erwartungsemäss nochnie gehört und auch von meinen anderen beiden email-adressen nicht - also die Informationen kommen nur auf meinem Rechner zusammen und daher bin ich mir recht sicher, dass auf meinem Rechner malware aktiv ist. Wenn irgendwer/was in den Rechner/Account der angeblichen Absenderin eingedrungen wär - dann wärs so gut wie ausgeschlossen dass damit über diese sehr spezifische email-liste was verschickt wird. Geschweige dem dass noch dazu an 2 weitere meiner accounts (auf die sie glaub ich garnicht kennt) ein gleichartiges mail gleichzeitig auch von Ihrer Adresse geht. Da die Verbindung der 3 mails also (abgesehen vom gleichzeitigen auftreten) an meine Konten gingen die wohl nur in meinem lokalen "the bat" zusammenkommen (glaub kaum dassirgendwer mir schon auf alle 3 dieser Adressen gemailt hat) - fürchte ich, dass das nur erklärbar ist mit einer Malware die Zugang zu meinem lokalen email-Programm, "the bat" hat. Die 3 emailadressen verwende ich ganz unabhängig voneinander und eines davon wurde auch schon etwas länger (Tage/wochen?) nciht abgefragt, oder genutzt. Oder könnte irgendwas in die Kommunikation zwischen dem Programm "the bat" und dem Internet eingedrungen sein? Inzwischen halt ich es für unwahrscheinlich, dass die malware, nur in die Kommunikation (POP) von "the bat" eingreift, da ich grad eine der mails auch per webinterface direkt auf dem mailserver gelesen habe (die beiden anderen Konten kann ich derzeit nicht pruefen weil mir grad die passwoerter fehlen). Wundern tut mich, dass "the bat" angegriffen wird, da das ja ein sehr wenig verbreitetes Programm ist. Allerdings liessen sich die verwendeten email-Adressen wohl auch auf 2 weniger spezifische Wege auf meinem Rechner abgreifen: 1) Speichert "the bat" diese Daten wohl im Klartext auf der Platte 2) hab ich wohl die Adress-listen auch gelegentlich als Klartext auf der Platte gesichert. Weiteres erwähnenswertes Verhalten: ----------------------------------- (GMER scannt irgendwas schon beim Start bevor es überhaupt möglich ist Hakerln zu setzen oder wegzunehmen, oder einen Button zu klicken - fuer ca. 1 Minute. Ichnehm an das gehört so?) BLUESCREEN: Nachdem der erste Versuch mit GMER schon mehr als 10 min gedauert hatte, bin ich weggegangen - ca. 3 Stunden kam ich zu einem Bluescreen zurück. Nach neuem Hochfahren lief GMER (ca. eine halbe Stunde) und meldete auch erfolgreichen Abschluss. Gespeichertes LOG häng ich hier an. Ich lass den Rechner jetzt laufen und schau ob der nach ein paar Stunden wieder einen Bluescreen zeigt (könnt ja auch beim Versuch führen in den Energiesparmodus zu gehen oder ähnliches...) JA Bluescreen kam nochmal - mit unterschiedlichem STOP-Code - siehe JPG attachments. Jetzt veruch ich nochmal die Zeit bis Energiesparen kürzer anzusetzen und zuzuschauen. edit: Hat jetzt 2x funktioniert, dass der Rechner in Energiesparmodus geht und ich ihn wieder aufwecke. Jetzt lass ich ihn einfach untätig laufen und schaue ob dabei ein Bluescreen kommt. --- in den 2 Fällen siehe JPG Attachments: BCCode: 109 0x00000109 Bug Check 0x109: CRITICAL_STRUCTURE_CORRUPTION The CRITICAL_STRUCTURE_CORRUPTION bug check has a value of 0x00000109. This indicates that the kernel has detected critical kernel code or data corruption. --- "0x0000009F" Stop-Fehler in Windows 7 oder Windows Server 2008 R2, wenn der Computer ein oder aus dem Energiestatus (S5) schaltet. Erster Versuch mit desinfect lieferte nix: ------------------------------------------ desinfect: hab das 2014-12 jetzt mit standardeinstellungen und avira + bitdefender drüberlaufen lassen - findet nix. Ich werds jetzt mit ca. 16 Stunden Verzögerung und somit aktuelleren Virendateien nochmal starten. War aber auch nix. Möglichkeiten was zu tun: ------------------------- Ich könnt in Win7 noch den MRT (Malicious Software Removal Tool) von Microsoft selbst innerhalb Windows laufen lassen (sucht das eigentlich auch nach Spuren von Malware in den Austostarts / Registry / etc ?). Allerdigns ist die aktuelle Version schon alt (jeweils am 2. Dienstag im Monat kommt das neue raus). Hat hier irgendwer noch Ideen wie ich den Rechner überprüfen kann? Oder was die Ursache sein könnte. Vielleicht irre ich mich ja in meinen Annahmen. DANKE War leider zu lang - ich musste das GMER-Log als Attachment anhängen: defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:41 on 07/11/2014 (KING OF VIENNA)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
-=E.O.F=-
FRST: [CODE] FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by KING OF VIENNA (administrator) on KINGOFVIENNA-PC on 07-11-2014 17:44:48
Running from C:\Users\KING OF VIENNA\Downloads\Desktop\malware check 2014-11-07
Loaded Profile: KING OF VIENNA (Available profiles: KING OF VIENNA & WDTV)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Dropbox, Inc.) C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Scooter Software) C:\Program Files (x86)\Beyond Compare 3\BCompare.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Users\KING OF VIENNA\Downloads\Desktop\malware check 2011-11-07\FRST64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103576 2012-06-09] (VMware, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\MobileWiFi\MobileWiFi
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e37e-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e389-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e3aa-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e435-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1e2fad77-a28f-11e2-a05b-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29cdf6-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29cdf8-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29cdfe-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce02-67d3-11e3-9b63-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce08-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce26-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce40-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {bfe79ea3-9ff4-11e2-bfb7-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {d8032bda-a247-11e2-bddd-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac7a-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac91-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac94-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac99-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {e1801c9e-2cf0-11e4-8fce-005056c00008} - G:\AutoRun.exe
Startup: C:\Users\KING OF VIENNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
URLSearchHook: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {98CF2D9A-B59C-4D04-89D1-F2BC8C414A80} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {98CF2D9A-B59C-4D04-89D1-F2BC8C414A80} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-11-13] (EasyBits Software Corp.)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FireFox:
========
FF ProfilePath: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.4 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\amazon-oesterreich.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\ebayat-durchsuchen.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Session Manager - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-12-11]
FF Extension: NoScript - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-11]
FF Extension: Adblock Plus - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-11]
FF Extension: DownThemAll! - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-11]
FF Extension: Save Complete - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\savecomplete@perlprogrammer.com [2010-07-20]
FF Extension: WOT - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-15]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-09]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-06-17]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-15]
FF Extension: Firebug - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\l4augfjv.dwnld 2010-07\Extensions\firebug@software.joehewitt.com [2010-08-12]
FF Extension: FlashGot - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\l4augfjv.dwnld 2010-07\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-09-15]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\l4augfjv.dwnld 2010-07\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-09-23]
FF Extension: Session Manager - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\mc4zw8ji.small\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2011-02-21]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\mc4zw8ji.small\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-02-21]
FF Extension: Adblock Plus - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\mc4zw8ji.small\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-01-18]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-02]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\imageblock@hemantvats.com.xpi [2013-04-11]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-04-10]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2011-09-12]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-11-03]
FF Extension: StumbleUpon - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-08-01]
FF Extension: Adblock Plus - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-27]
FF Extension: DownThemAll! - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-11]
FF Extension: Show Picture - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\LDshowpicture_plashcor@gmail.com [2014-08-26]
FF Extension: Flashblock - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\imageblock@hemantvats.com.xpi [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\jid0-W5zY771zDsu5o7dTJ8KHm38w1xs@jetpack.xpi [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-11-03]
FF Extension: NoScript - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010-07-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-09]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2011-02-22] (PC Tools)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-06-08] (VMware, Inc.) [File not signed]
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-06-09] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-17] (DT Soft Ltd)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [26200 2010-12-23] (JMicron Technology Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
R3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
R1 truecrypt; C:\Windows\SysWow64\drivers\truecrypt.sys [222160 2010-07-18] (TrueCrypt Foundation)
S3 ALSysIO; \??\C:\Users\KINGOF~1\AppData\Local\Temp\ALSysIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-07 17:43 - 2014-11-07 17:45 - 00000000 ____D () C:\FRST
2014-11-07 17:41 - 2014-11-07 17:41 - 00000168 _____ () C:\Users\KING OF VIENNA\defogger_reenable
2014-11-02 16:08 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-11-02 16:08 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-11-02 16:08 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-02 16:08 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-02 16:04 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-02 16:04 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 13:11 - 2014-10-17 13:11 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\JAM Software
2014-10-15 10:56 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:55 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:54 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:54 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:54 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:54 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:54 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:54 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:54 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:54 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:54 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:54 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:54 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:54 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:54 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:54 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:54 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:54 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:54 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:54 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:54 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:54 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:54 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:54 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:54 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:54 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:54 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:54 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:54 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:54 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:54 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:54 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:54 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:54 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:54 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:54 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:54 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:54 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:54 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:54 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:54 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:54 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:54 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:54 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:54 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:54 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:54 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:54 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:54 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:54 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:54 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:54 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:54 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:54 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:54 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:54 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:54 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:54 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:53 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:53 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:53 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 10:52 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:52 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:52 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:52 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:52 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:52 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:52 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:52 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-07 17:41 - 2010-04-16 00:17 - 00000000 ____D () C:\Users\KING OF VIENNA
2014-11-07 17:40 - 2009-07-14 05:51 - 00782346 _____ () C:\Windows\setupact.log
2014-11-07 17:24 - 2010-01-24 01:18 - 01185861 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 14:02 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 14:02 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 13:55 - 2010-07-18 15:18 - 00000000 ____D () C:\ProgramData\VMware
2014-11-07 13:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 13:51 - 2009-07-14 05:45 - 04998328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-06 02:54 - 2010-11-04 16:20 - 00000000 ___RD () C:\Users\KING OF VIENNA\Documents\My Dropbox
2014-11-06 02:52 - 2010-07-26 16:53 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\vlc
2014-11-06 02:40 - 2010-07-22 00:34 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\Skype
2014-11-05 13:52 - 2011-03-29 03:03 - 00000000 ____D () C:\Program Files (x86)\ThreatFire
2014-11-04 17:56 - 2010-07-19 14:13 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\VoipBuster
2014-11-03 12:06 - 2009-11-13 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-03 11:58 - 2013-08-08 23:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-03 11:51 - 2010-07-19 08:54 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-02 12:30 - 2012-04-27 13:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-02 12:30 - 2011-05-18 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-02 12:30 - 2010-07-18 20:24 - 00000000 ____D () C:\tbat
2014-11-02 12:28 - 2014-06-12 12:54 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Local\Adobe
2014-11-02 12:26 - 2010-11-04 16:19 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox
2014-11-01 20:59 - 2012-01-21 03:18 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\BOM
2014-10-30 12:25 - 2010-04-16 14:13 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 17:23 - 2010-07-29 12:06 - 00001456 _____ () C:\Users\KING OF VIENNA\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-10-24 19:08 - 2010-08-03 11:08 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Local\CrashDumps
Files to move or delete:
====================
C:\Users\Public\installer.exe
C:\Users\Public\Lightroom_3_LS11_win_3_2.exe
Some content of TEMP:
====================
C:\Users\KING OF VIENNA\AppData\Local\Temp\bitool.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcop66g.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\Extract.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\f0sdhpwm.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\HPQSi.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\InstallAX.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\InstallPlugin.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\ose00000.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\ResetDevice.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\Resource.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\setupa2.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\SetupAC.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\sfamcc00001.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\sfextra.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\SkypeSetup.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\SP47470.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\SP48392.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\UninstallHPTCA.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-02-01 19:56
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Addition: [CODE] FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by KING OF VIENNA at 2014-11-07 17:46:18
Running from C:\Users\KING OF VIENNA\Downloads\Desktop\malware check 2014-11-07
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe CS5 German Speech Analysis Models (HKLM-x32\...\{4355EE3F-2FDD-4EF4-83EA-2465FBF95B16}) (Version: 1 - Adobe Systems Incorporated)
Adobe Encore CS5 Third Party Royalty Content (HKLM-x32\...\{0E3C6C75-872D-4B0D-B0B2-31C717250691}) (Version: 5.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Media Encoder CS5 Dolby X64 (HKLM-x32\...\{5DDABB74-A879-4BE7-A4C6-FD41793942DB}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS5 PCI X64 (HKLM-x32\...\{F9C71630-0EE3-475C-9E2B-ED95AE197DBD}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe OnLocation CS5 Royalty Content (HKLM-x32\...\{5AF84E15-9A23-4295-8508-F2901A923E83}) (Version: 5.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe)
Adobe Premiere Pro CS5 Third Party Royalty Content (HKLM-x32\...\{235B2E58-96B8-475E-B7C2-0FA89135E964}) (Version: 5.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.7.609 - Adobe Systems, Inc.)
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Beyond Compare Version 3.2.3 (HKLM-x32\...\BeyondCompare3_is1) (Version: - Scooter Software)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.9 (HKLM-x32\...\DPP) (Version: 3.9.2.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.21 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HOFER Bestellclient 4.6 (HKLM-x32\...\HOFER Bestellclient) (Version: 4.6 - ORWO Net)
HP 3D DriveGuard (HKLM\...\{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3402 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.1.2125 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.1.2206 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3405 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HWiNFO32 Version 3.55 (HKLM-x32\...\HWiNFO32_is1) (Version: 3.55 - Martin Malík - REALiX)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
inSSIDer (HKLM-x32\...\{C7DEE429-4C9B-4126-894F-50B4F54FF196}) (Version: 1.2.8 - MetaGeek, LLC)
InterVoip (HKLM-x32\...\InterVoip_is1) (Version: 4.05 build 579 - Finarea S.A. Switzerland)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.09.02.00 - Huawei Technologies Co.,Ltd)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
NTFS Undelete v0.94 (HKLM-x32\...\NTFS Undelete_is1) (Version: 0.94 - Atola Technology)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
smartmontools (HKLM-x32\...\smartmontools) (Version: 6.1 2013-03-16 r3800 (sf-6.1-1) - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Bat! Professional v4.2.44 (HKLM-x32\...\{8DFCF805-87AE-4969-9D85-9A0F9EDDC17F}) (Version: 4.2.4 - Ritlabs)
ThreatFire (HKLM-x32\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version: - PC Tools)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.3a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.4.30409 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.4.30409 - VMware, Inc.) Hidden
VoipBuster (HKLM-x32\...\VoipBuster_is1) (Version: 4.05 build 579 - Finarea S.A. Switzerland)
Vuze_Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version: - )
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.2.0w5 - Wacom Technology Corp.)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.4 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WinDFT (HKLM-x32\...\{065F384A-5C64-4532-814A-A24BA5374503}) (Version: 1.0.0 - HGST)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-02-01 17:53 - 2014-02-01 17:53 - 00001492 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns-5.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 hl2rcv.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0D34A2FE-4AC0-4922-A142-9B7ECA15A389} - System32\Tasks\{A6A8B3A4-C77D-4FE6-B95B-81C1DDC33C27} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {1293D6B9-DB26-4CA9-9E42-B835EAB8BD98} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-10-06] (CL)
Task: {2B2DDC00-A63C-4AE6-A4E5-330D42B3D22E} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {4381926F-3BCF-4247-BC20-8ADDCF246635} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-10-06] (CyberLink Corp.)
Task: {4B46F04F-8EFF-47FE-9DDA-B0116DA632E2} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-10-06] (CL)
Task: {81BDB8BD-8983-4908-93AD-3540A51A82ED} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {8245CCD3-7EE8-4CBB-941D-92AC8CC09393} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-05] (CyberLink)
Task: {B1C2C6D7-F92A-4B44-8B9D-B59F6BB07887} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {C54C702F-44B8-41B5-A99F-E53D15786958} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-10-06] (CL)
Task: {FC1B3CBA-214F-40F0-86B9-5B897C052AB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
==================== Loaded Modules (whitelisted) =============
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2009-11-13 17:47 - 2009-07-06 20:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-03-05 03:56 - 2012-01-23 08:38 - 01184632 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-20 00:46 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-08-25 09:48 - 2009-08-25 09:48 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-07-01 15:44 - 2009-07-01 15:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 15:46 - 2009-10-02 15:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-01-24 01:16 - 2010-01-24 01:16 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-06-09 00:21 - 2012-06-09 00:21 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-11-07 14:08 - 2014-11-07 14:08 - 00043008 _____ () c:\Users\KING OF VIENNA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcop66g.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\libcef.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00120232 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00279976 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00464168 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
2009-10-05 23:08 - 2009-10-05 23:08 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2011-01-04 20:47 - 2009-07-06 13:33 - 00178176 _____ () C:\Program Files (x86)\Beyond Compare 3\unrar.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\KING OF VIENNA\Cookies:MCteOn6DcpAHMAFwWq6xgJ
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2587909452-1153870455-2939713168-500 - Administrator - Disabled)
BackUpAdmin (S-1-5-21-2587909452-1153870455-2939713168-1005 - Administrator - Enabled)
Gast (S-1-5-21-2587909452-1153870455-2939713168-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2587909452-1153870455-2939713168-1016 - Limited - Enabled)
KING OF VIENNA (S-1-5-21-2587909452-1153870455-2939713168-1000 - Administrator - Enabled) => C:\Users\KING OF VIENNA
WDTV (S-1-5-21-2587909452-1153870455-2939713168-1017 - Limited - Enabled) => C:\Users\WDTV
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/07/2014 02:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/07/2014 01:55:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/07/2014 01:55:41 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2014-11-07T13:55:41.260+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (11/03/2014 07:37:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/03/2014 04:47:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/03/2014 00:02:59 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (11/03/2014 11:58:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/02/2014 04:03:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TFService.exe, Version: 4.11.2.22, Zeitstempel: 0x4d63252f
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000094
Fehleroffset: 0x000485fe
ID des fehlerhaften Prozesses: 0xa80
Startzeit der fehlerhaften Anwendung: 0xTFService.exe0
Pfad der fehlerhaften Anwendung: TFService.exe1
Pfad des fehlerhaften Moduls: TFService.exe2
Berichtskennung: TFService.exe3
Error: (11/02/2014 00:27:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/02/2014 00:23:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
System errors:
=============
Error: (11/07/2014 05:24:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.187.1285.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (11/07/2014 05:14:01 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (11/07/2014 04:53:05 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.187.1285.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (11/07/2014 04:42:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (11/07/2014 02:08:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.187.1285.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (11/07/2014 01:55:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (11/07/2014 01:55:18 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (11/07/2014 01:51:08 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (11/07/2014 01:49:34 PM) (Source: volsnap) (EventID: 27) (User: )
Description: Die Schattenkopien von Volume "C:" wurden während der Ermittlung abgebrochen, weil eine kritische Steuerungsdatei nicht geöffnet werden konnte.
Error: (11/07/2014 01:49:32 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Microsoft Office Sessions:
=========================
Error: (12/23/2013 08:20:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 454842 seconds with 9120 seconds of active time. This session ended with a crash.
Error: (10/01/2013 11:11:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1026049 seconds with 360 seconds of active time. This session ended with a crash.
Error: (08/13/2013 03:40:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/10/2013 03:15:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 403 seconds with 60 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: AMD Turion(tm) II Dual-Core Mobile M520
Percentage of memory in use: 28%
Total physical RAM: 8188.2 MB
Available physical RAM: 5861.18 MB
Total Pagefile: 9483.66 MB
Available Pagefile: 6906.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:451.79 GB) (Free:2.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.68 GB) (Free:1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Removable) (Total:0.95 GB) (Free:0.8 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 726396AC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 980 MB) (Disk ID: 92CE1A87)
Partition 1: (Active) - (Size=979 MB) - (Type=0B)
==================== End Of Log ============================
Geändert von zapf (08.11.2014 um 00:17 Uhr) Grund: Verständlichkeit |
|
08.11.2014, 07:17
| #2 |
| /// the machine /// TB-Ausbilder    | Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.11.2014, 21:01
| #3 |
| | TDSSKiller Log DANKE!!!!
__________________Hier ist das Log: Code:
ATTFilter 20:37:12.0084 0x0380 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:37:19.0665 0x0380 ============================================================
20:37:19.0665 0x0380 Current date / time: 2014/11/08 20:37:19.0665
20:37:19.0665 0x0380 SystemInfo:
20:37:19.0665 0x0380
20:37:19.0665 0x0380 OS Version: 6.1.7601 ServicePack: 1.0
20:37:19.0665 0x0380 Product type: Workstation
20:37:19.0665 0x0380 ComputerName: KINGOFVIENNA-PC
20:37:19.0665 0x0380 UserName: KING OF VIENNA
20:37:19.0665 0x0380 Windows directory: C:\Windows
20:37:19.0665 0x0380 System windows directory: C:\Windows
20:37:19.0665 0x0380 Running under WOW64
20:37:19.0665 0x0380 Processor architecture: Intel x64
20:37:19.0665 0x0380 Number of processors: 2
20:37:19.0665 0x0380 Page size: 0x1000
20:37:19.0665 0x0380 Boot type: Normal boot
20:37:19.0665 0x0380 ============================================================
20:37:22.0395 0x0380 KLMD registered as C:\Windows\system32\drivers\19689376.sys
20:37:22.0583 0x0380 System UUID: {DD8CEF35-F649-37C7-E6F9-B13D823C2BCB}
20:37:22.0988 0x0380 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:37:22.0988 0x0380 Drive \Device\Harddisk1\DR1 - Size: 0x3D3FFE00 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:37:23.0004 0x0380 ============================================================
20:37:23.0004 0x0380 \Device\Harddisk0\DR0:
20:37:23.0004 0x0380 MBR partitions:
20:37:23.0004 0x0380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:37:23.0004 0x0380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38793800
20:37:23.0004 0x0380 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x387F7800, BlocksNum 0x1B5A800
20:37:23.0004 0x0380 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
20:37:23.0004 0x0380 \Device\Harddisk1\DR1:
20:37:23.0004 0x0380 MBR partitions:
20:37:23.0004 0x0380 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3E, BlocksNum 0x1E9B02
20:37:23.0004 0x0380 ============================================================
20:37:23.0019 0x0380 C: <-> \Device\Harddisk0\DR0\Partition2
20:37:23.0051 0x0380 D: <-> \Device\Harddisk0\DR0\Partition3
20:37:23.0066 0x0380 E: <-> \Device\Harddisk0\DR0\Partition4
20:37:23.0066 0x0380 ============================================================
20:37:23.0066 0x0380 Initialize success
20:37:23.0066 0x0380 ============================================================
20:38:17.0105 0x0ca0 ============================================================
20:38:17.0105 0x0ca0 Scan started
20:38:17.0105 0x0ca0 Mode: Manual; SigCheck; TDLFS;
20:38:17.0105 0x0ca0 ============================================================
20:38:17.0105 0x0ca0 KSN ping started
20:38:19.0772 0x0ca0 KSN ping finished: false
20:38:20.0849 0x0ca0 ================ Scan system memory ========================
20:38:20.0849 0x0ca0 System memory - ok
20:38:20.0849 0x0ca0 ================ Scan services =============================
20:38:21.0114 0x0ca0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:38:21.0223 0x0ca0 1394ohci - ok
20:38:21.0285 0x0ca0 [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883 C:\Windows\system32\DRIVERS\61883.sys
20:38:21.0332 0x0ca0 61883 - ok
20:38:21.0379 0x0ca0 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
20:38:21.0395 0x0ca0 Accelerometer - ok
20:38:21.0473 0x0ca0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:38:21.0504 0x0ca0 ACPI - ok
20:38:21.0551 0x0ca0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:38:21.0629 0x0ca0 AcpiPmi - ok
20:38:21.0769 0x0ca0 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:38:21.0816 0x0ca0 AdobeARMservice - ok
20:38:21.0909 0x0ca0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:38:21.0925 0x0ca0 adp94xx - ok
20:38:22.0003 0x0ca0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:38:22.0034 0x0ca0 adpahci - ok
20:38:22.0050 0x0ca0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:38:22.0065 0x0ca0 adpu320 - ok
20:38:22.0097 0x0ca0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:38:22.0221 0x0ca0 AeLookupSvc - ok
20:38:22.0331 0x0ca0 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
20:38:22.0440 0x0ca0 AESTFilters - ok
20:38:22.0533 0x0ca0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:38:22.0580 0x0ca0 AFD - ok
20:38:22.0689 0x0ca0 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
20:38:22.0814 0x0ca0 AgereSoftModem - ok
20:38:22.0877 0x0ca0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:38:22.0908 0x0ca0 agp440 - ok
20:38:22.0970 0x0ca0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:38:23.0048 0x0ca0 ALG - ok
20:38:23.0111 0x0ca0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:38:23.0142 0x0ca0 aliide - ok
20:38:23.0610 0x0ca0 ALSysIO - ok
20:38:23.0813 0x0ca0 [ BCC32BF5EBB5DFD4380FA053D3651949, 72799B17EFB11836FEA241AD844C8D5EEF62656084CE89077DAF8FC30706A019 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:38:23.0875 0x0ca0 AMD External Events Utility - ok
20:38:23.0953 0x0ca0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:38:23.0984 0x0ca0 amdide - ok
20:38:24.0047 0x0ca0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:38:24.0125 0x0ca0 AmdK8 - ok
20:38:24.0171 0x0ca0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:38:24.0234 0x0ca0 AmdPPM - ok
20:38:24.0281 0x0ca0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:38:24.0312 0x0ca0 amdsata - ok
20:38:24.0343 0x0ca0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:38:24.0359 0x0ca0 amdsbs - ok
20:38:24.0405 0x0ca0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:38:24.0421 0x0ca0 amdxata - ok
20:38:24.0499 0x0ca0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:38:24.0593 0x0ca0 AppID - ok
20:38:24.0624 0x0ca0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:38:24.0671 0x0ca0 AppIDSvc - ok
20:38:24.0717 0x0ca0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:38:24.0811 0x0ca0 Appinfo - ok
20:38:24.0889 0x0ca0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:38:24.0920 0x0ca0 arc - ok
20:38:24.0936 0x0ca0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:38:24.0951 0x0ca0 arcsas - ok
20:38:25.0092 0x0ca0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:38:25.0170 0x0ca0 aspnet_state - ok
20:38:25.0201 0x0ca0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:38:25.0263 0x0ca0 AsyncMac - ok
20:38:25.0310 0x0ca0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:38:25.0326 0x0ca0 atapi - ok
20:38:25.0497 0x0ca0 [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:38:25.0700 0x0ca0 athr - ok
20:38:25.0778 0x0ca0 [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:38:25.0794 0x0ca0 AtiHdmiService - ok
20:38:26.0043 0x0ca0 [ A29087680A1C3B049E3C05438E8FF2B8, 8895C480DE55078A0B0BDF105A745940E02A8A7545EA5EE84FB675634620AD89 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:38:26.0293 0x0ca0 atikmdag - ok
20:38:26.0371 0x0ca0 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:38:26.0387 0x0ca0 AtiPcie - ok
20:38:26.0465 0x0ca0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:38:26.0543 0x0ca0 AudioEndpointBuilder - ok
20:38:26.0558 0x0ca0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:38:26.0621 0x0ca0 AudioSrv - ok
20:38:26.0683 0x0ca0 [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc C:\Windows\system32\DRIVERS\avc.sys
20:38:26.0714 0x0ca0 Avc - ok
20:38:26.0745 0x0ca0 [ 155F536D6181508929F4FE177F4167CE, 479B100DA05EDFADEDC6853B561FF3AC6A00403AB8A54F83887B8D0BB4D76886 ] AVCSTRM C:\Windows\system32\DRIVERS\avcstrm.sys
20:38:26.0777 0x0ca0 AVCSTRM - ok
20:38:26.0839 0x0ca0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:38:26.0917 0x0ca0 AxInstSV - ok
20:38:26.0995 0x0ca0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:38:27.0073 0x0ca0 b06bdrv - ok
20:38:27.0151 0x0ca0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:38:27.0167 0x0ca0 b57nd60a - ok
20:38:27.0291 0x0ca0 [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:38:27.0307 0x0ca0 BBSvc - ok
20:38:27.0385 0x0ca0 [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:38:27.0401 0x0ca0 BBUpdate - ok
20:38:27.0447 0x0ca0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:38:27.0510 0x0ca0 BDESVC - ok
20:38:27.0541 0x0ca0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:38:27.0603 0x0ca0 Beep - ok
20:38:27.0697 0x0ca0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:38:27.0744 0x0ca0 BFE - ok
20:38:27.0837 0x0ca0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:38:27.0931 0x0ca0 BITS - ok
20:38:27.0978 0x0ca0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:38:28.0025 0x0ca0 blbdrive - ok
20:38:28.0087 0x0ca0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:38:28.0118 0x0ca0 bowser - ok
20:38:28.0181 0x0ca0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:38:28.0227 0x0ca0 BrFiltLo - ok
20:38:28.0259 0x0ca0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:38:28.0290 0x0ca0 BrFiltUp - ok
20:38:28.0321 0x0ca0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:38:28.0399 0x0ca0 Browser - ok
20:38:28.0446 0x0ca0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:38:28.0508 0x0ca0 Brserid - ok
20:38:28.0524 0x0ca0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:38:28.0571 0x0ca0 BrSerWdm - ok
20:38:28.0586 0x0ca0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:38:28.0633 0x0ca0 BrUsbMdm - ok
20:38:28.0664 0x0ca0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:38:28.0680 0x0ca0 BrUsbSer - ok
20:38:28.0758 0x0ca0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
20:38:28.0836 0x0ca0 BthEnum - ok
20:38:28.0898 0x0ca0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:38:28.0945 0x0ca0 BTHMODEM - ok
20:38:28.0992 0x0ca0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:38:29.0039 0x0ca0 BthPan - ok
20:38:29.0101 0x0ca0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:38:29.0179 0x0ca0 BTHPORT - ok
20:38:29.0226 0x0ca0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:38:29.0319 0x0ca0 bthserv - ok
20:38:29.0351 0x0ca0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:38:29.0382 0x0ca0 BTHUSB - ok
20:38:29.0429 0x0ca0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:38:29.0522 0x0ca0 cdfs - ok
20:38:29.0616 0x0ca0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:38:29.0678 0x0ca0 cdrom - ok
20:38:29.0725 0x0ca0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:38:29.0787 0x0ca0 CertPropSvc - ok
20:38:29.0850 0x0ca0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:38:29.0912 0x0ca0 circlass - ok
20:38:29.0959 0x0ca0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:38:29.0990 0x0ca0 CLFS - ok
20:38:30.0068 0x0ca0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:38:30.0099 0x0ca0 clr_optimization_v2.0.50727_32 - ok
20:38:30.0162 0x0ca0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:38:30.0209 0x0ca0 clr_optimization_v2.0.50727_64 - ok
20:38:30.0318 0x0ca0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:38:30.0396 0x0ca0 clr_optimization_v4.0.30319_32 - ok
20:38:30.0427 0x0ca0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:38:30.0443 0x0ca0 clr_optimization_v4.0.30319_64 - ok
20:38:30.0505 0x0ca0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:38:30.0552 0x0ca0 CmBatt - ok
20:38:30.0614 0x0ca0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:38:30.0661 0x0ca0 cmdide - ok
20:38:30.0801 0x0ca0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
20:38:30.0864 0x0ca0 CNG - ok
20:38:30.0973 0x0ca0 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
20:38:30.0989 0x0ca0 Com4QLBEx - ok
20:38:31.0035 0x0ca0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:38:31.0067 0x0ca0 Compbatt - ok
20:38:31.0129 0x0ca0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:38:31.0207 0x0ca0 CompositeBus - ok
20:38:31.0223 0x0ca0 COMSysApp - ok
20:38:31.0269 0x0ca0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:38:31.0285 0x0ca0 crcdisk - ok
20:38:31.0363 0x0ca0 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:38:31.0441 0x0ca0 CryptSvc - ok
20:38:31.0535 0x0ca0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:38:31.0613 0x0ca0 DcomLaunch - ok
20:38:31.0628 0x0ca0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:38:31.0706 0x0ca0 defragsvc - ok
20:38:31.0753 0x0ca0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:38:31.0831 0x0ca0 DfsC - ok
20:38:31.0878 0x0ca0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:38:31.0940 0x0ca0 Dhcp - ok
20:38:31.0956 0x0ca0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:38:32.0003 0x0ca0 discache - ok
20:38:32.0081 0x0ca0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:38:32.0112 0x0ca0 Disk - ok
20:38:32.0159 0x0ca0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:38:32.0252 0x0ca0 Dnscache - ok
20:38:32.0330 0x0ca0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:38:32.0424 0x0ca0 dot3svc - ok
20:38:32.0486 0x0ca0 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:38:32.0533 0x0ca0 Dot4 - ok
20:38:32.0564 0x0ca0 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:38:32.0595 0x0ca0 Dot4Print - ok
20:38:32.0611 0x0ca0 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:38:32.0658 0x0ca0 dot4usb - ok
20:38:32.0689 0x0ca0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:38:32.0751 0x0ca0 DPS - ok
20:38:32.0814 0x0ca0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:38:32.0829 0x0ca0 drmkaud - ok
20:38:32.0892 0x0ca0 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:38:32.0923 0x0ca0 dtsoftbus01 - ok
20:38:32.0985 0x0ca0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:38:33.0048 0x0ca0 DXGKrnl - ok
20:38:33.0110 0x0ca0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:38:33.0173 0x0ca0 EapHost - ok
20:38:33.0297 0x0ca0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:38:33.0469 0x0ca0 ebdrv - ok
20:38:33.0500 0x0ca0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
20:38:33.0563 0x0ca0 EFS - ok
20:38:33.0703 0x0ca0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:38:33.0797 0x0ca0 ehRecvr - ok
20:38:33.0828 0x0ca0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:38:33.0890 0x0ca0 ehSched - ok
20:38:33.0953 0x0ca0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:38:33.0984 0x0ca0 elxstor - ok
20:38:34.0062 0x0ca0 [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
20:38:34.0093 0x0ca0 enecir - ok
20:38:34.0124 0x0ca0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:38:34.0171 0x0ca0 ErrDev - ok
20:38:34.0249 0x0ca0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:38:34.0296 0x0ca0 EventSystem - ok
20:38:34.0374 0x0ca0 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
20:38:34.0421 0x0ca0 ew_hwusbdev - ok
20:38:34.0483 0x0ca0 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
20:38:34.0530 0x0ca0 ew_usbenumfilter - ok
20:38:34.0561 0x0ca0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:38:34.0639 0x0ca0 exfat - ok
20:38:34.0670 0x0ca0 ezSharedSvc - ok
20:38:34.0717 0x0ca0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:38:34.0779 0x0ca0 fastfat - ok
20:38:34.0842 0x0ca0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:38:34.0935 0x0ca0 Fax - ok
20:38:34.0951 0x0ca0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:38:34.0967 0x0ca0 fdc - ok
20:38:35.0029 0x0ca0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:38:35.0138 0x0ca0 fdPHost - ok
20:38:35.0169 0x0ca0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:38:35.0247 0x0ca0 FDResPub - ok
20:38:35.0279 0x0ca0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:38:35.0294 0x0ca0 FileInfo - ok
20:38:35.0310 0x0ca0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:38:35.0388 0x0ca0 Filetrace - ok
20:38:35.0419 0x0ca0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:38:35.0466 0x0ca0 flpydisk - ok
20:38:35.0528 0x0ca0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:38:35.0559 0x0ca0 FltMgr - ok
20:38:35.0684 0x0ca0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:38:35.0747 0x0ca0 FontCache - ok
20:38:35.0856 0x0ca0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:38:35.0887 0x0ca0 FontCache3.0.0.0 - ok
20:38:35.0918 0x0ca0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:38:35.0934 0x0ca0 FsDepends - ok
20:38:35.0981 0x0ca0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:38:36.0012 0x0ca0 Fs_Rec - ok
20:38:36.0074 0x0ca0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:38:36.0105 0x0ca0 fvevol - ok
20:38:36.0152 0x0ca0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:38:36.0183 0x0ca0 gagp30kx - ok
20:38:36.0261 0x0ca0 [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:38:36.0308 0x0ca0 GameConsoleService - ok
20:38:36.0402 0x0ca0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:38:36.0480 0x0ca0 gpsvc - ok
20:38:36.0558 0x0ca0 [ ADB4348DA1345877B04E22203AFC8993, D85FC268D1994944CED570A84B0B2E4F3EBFBE59823BE57285CB6CDDDF607358 ] hcmon C:\Windows\system32\drivers\hcmon.sys
20:38:36.0605 0x0ca0 hcmon - ok
20:38:36.0620 0x0ca0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:38:36.0636 0x0ca0 hcw85cir - ok
20:38:36.0714 0x0ca0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:38:36.0761 0x0ca0 HdAudAddService - ok
20:38:36.0807 0x0ca0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:38:36.0854 0x0ca0 HDAudBus - ok
20:38:36.0885 0x0ca0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:38:36.0901 0x0ca0 HidBatt - ok
20:38:36.0917 0x0ca0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:38:36.0948 0x0ca0 HidBth - ok
20:38:36.0995 0x0ca0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:38:37.0041 0x0ca0 HidIr - ok
20:38:37.0073 0x0ca0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:38:37.0135 0x0ca0 hidserv - ok
20:38:37.0182 0x0ca0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:38:37.0213 0x0ca0 HidUsb - ok
20:38:37.0275 0x0ca0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:38:37.0338 0x0ca0 hkmsvc - ok
20:38:37.0385 0x0ca0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:38:37.0431 0x0ca0 HomeGroupListener - ok
20:38:37.0494 0x0ca0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:38:37.0541 0x0ca0 HomeGroupProvider - ok
20:38:37.0681 0x0ca0 [ 45A12CACB97B4F15858FCFD59355A1E9, E4D671F1E413D1C45CC797C93FC042FEC9B0AE9F7039C82E516A410AD49100AA ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
20:38:37.0712 0x0ca0 HP Health Check Service - ok
20:38:37.0790 0x0ca0 [ F55442690A70A0278A7EED4FAAEBF576, 9BE7A30A08DB05D38994B14F53C9178552DE5898DB016B171E20E3046046B296 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:38:37.0837 0x0ca0 HPDrvMntSvc.exe - ok
20:38:37.0884 0x0ca0 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
20:38:37.0899 0x0ca0 hpdskflt - ok
20:38:37.0962 0x0ca0 [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:38:38.0009 0x0ca0 HpqKbFiltr - ok
20:38:38.0102 0x0ca0 [ 640E51DB253265C3EAC075866B3D2B33, 3408C908AADCA784BA7C0C044CC50B3759E2B142013D4B12B05E97A141036E15 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:38:38.0133 0x0ca0 hpqwmiex - ok
20:38:38.0211 0x0ca0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:38:38.0243 0x0ca0 HpSAMD - ok
20:38:38.0258 0x0ca0 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
20:38:38.0274 0x0ca0 hpsrv - ok
20:38:38.0367 0x0ca0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:38:38.0461 0x0ca0 HTTP - ok
20:38:38.0508 0x0ca0 [ 4DBBFCE863FE1B64C770EB53A3BA5860, DA77FB5D865779834CDCEE74200B9346FA3A4D0465F7A49C877ED6F786232CEF ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
20:38:38.0570 0x0ca0 huawei_cdcacm - ok
20:38:38.0633 0x0ca0 [ F80E301136A4101814385A3B934AB4CD, 20A6B74CF9E93C3F1A9E3273C41C04582C34F7C40250AB4B69C25CAD36A00775 ] huawei_cdcecm C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
20:38:38.0695 0x0ca0 huawei_cdcecm - ok
20:38:38.0742 0x0ca0 [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
20:38:38.0804 0x0ca0 huawei_enumerator - ok
20:38:38.0867 0x0ca0 [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
20:38:38.0913 0x0ca0 huawei_ext_ctrl - ok
20:38:39.0194 0x0ca0 [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
20:38:39.0225 0x0ca0 HWDeviceService64.exe - ok
20:38:39.0272 0x0ca0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:38:39.0319 0x0ca0 hwpolicy - ok
20:38:39.0381 0x0ca0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:38:39.0413 0x0ca0 i8042prt - ok
20:38:39.0491 0x0ca0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:38:39.0537 0x0ca0 iaStorV - ok
20:38:39.0631 0x0ca0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:38:39.0678 0x0ca0 idsvc - ok
20:38:39.0693 0x0ca0 IEEtwCollectorService - ok
20:38:39.0943 0x0ca0 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:38:40.0224 0x0ca0 igfx - ok
20:38:40.0286 0x0ca0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:38:40.0302 0x0ca0 iirsp - ok
20:38:40.0380 0x0ca0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:38:40.0442 0x0ca0 IKEEXT - ok
20:38:40.0489 0x0ca0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:38:40.0505 0x0ca0 intelide - ok
20:38:40.0551 0x0ca0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:38:40.0598 0x0ca0 intelppm - ok
20:38:40.0645 0x0ca0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:38:40.0707 0x0ca0 IPBusEnum - ok
20:38:40.0754 0x0ca0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:38:40.0801 0x0ca0 IpFilterDriver - ok
20:38:40.0863 0x0ca0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:38:40.0910 0x0ca0 iphlpsvc - ok
20:38:41.0019 0x0ca0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:38:41.0097 0x0ca0 IPMIDRV - ok
20:38:41.0191 0x0ca0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:38:41.0285 0x0ca0 IPNAT - ok
20:38:41.0331 0x0ca0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:38:41.0363 0x0ca0 IRENUM - ok
20:38:41.0409 0x0ca0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:38:41.0425 0x0ca0 isapnp - ok
20:38:41.0487 0x0ca0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:38:41.0503 0x0ca0 iScsiPrt - ok
20:38:41.0565 0x0ca0 [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:38:41.0628 0x0ca0 JMCR - ok
20:38:41.0706 0x0ca0 [ 38BD6037FD2A6243A7606C0E87B847E5, 59EA889596F306FD0D67D94D97E2470006D1404F62A771415F10529A39F655D9 ] johci C:\Windows\system32\DRIVERS\johci.sys
20:38:41.0737 0x0ca0 johci - ok
20:38:41.0784 0x0ca0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:38:41.0799 0x0ca0 kbdclass - ok
20:38:41.0846 0x0ca0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:38:41.0893 0x0ca0 kbdhid - ok
20:38:41.0909 0x0ca0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
20:38:41.0924 0x0ca0 KeyIso - ok
20:38:41.0987 0x0ca0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:38:42.0002 0x0ca0 KSecDD - ok
20:38:42.0018 0x0ca0 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:38:42.0033 0x0ca0 KSecPkg - ok
20:38:42.0065 0x0ca0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:38:42.0111 0x0ca0 ksthunk - ok
20:38:42.0158 0x0ca0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:38:42.0221 0x0ca0 KtmRm - ok
20:38:42.0299 0x0ca0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:38:42.0361 0x0ca0 LanmanServer - ok
20:38:42.0423 0x0ca0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:38:42.0501 0x0ca0 LanmanWorkstation - ok
20:38:42.0611 0x0ca0 [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:38:42.0657 0x0ca0 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:38:42.0751 0x0ca0 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:38:42.0751 0x0ca0 Force sending object to P2P due to detect: LightScribeService
20:38:42.0751 0x0ca0 Object send P2P result: false
20:38:42.0782 0x0ca0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:38:42.0845 0x0ca0 lltdio - ok
20:38:42.0891 0x0ca0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:38:42.0954 0x0ca0 lltdsvc - ok
20:38:42.0985 0x0ca0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:38:43.0032 0x0ca0 lmhosts - ok
20:38:43.0094 0x0ca0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:38:43.0110 0x0ca0 LSI_FC - ok
20:38:43.0141 0x0ca0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:38:43.0157 0x0ca0 LSI_SAS - ok
20:38:43.0172 0x0ca0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:38:43.0188 0x0ca0 LSI_SAS2 - ok
20:38:43.0203 0x0ca0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:38:43.0219 0x0ca0 LSI_SCSI - ok
20:38:43.0235 0x0ca0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:38:43.0313 0x0ca0 luafv - ok
20:38:43.0359 0x0ca0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:38:43.0406 0x0ca0 Mcx2Svc - ok
20:38:43.0453 0x0ca0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:38:43.0469 0x0ca0 megasas - ok
20:38:43.0500 0x0ca0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:38:43.0531 0x0ca0 MegaSR - ok
20:38:43.0640 0x0ca0 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:38:43.0671 0x0ca0 Microsoft Office Groove Audit Service - ok
20:38:43.0718 0x0ca0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:38:43.0781 0x0ca0 MMCSS - ok
20:38:43.0812 0x0ca0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:38:43.0859 0x0ca0 Modem - ok
20:38:43.0905 0x0ca0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:38:43.0968 0x0ca0 monitor - ok
20:38:44.0015 0x0ca0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:38:44.0030 0x0ca0 mouclass - ok
20:38:44.0077 0x0ca0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:38:44.0108 0x0ca0 mouhid - ok
20:38:44.0155 0x0ca0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:38:44.0186 0x0ca0 mountmgr - ok
20:38:44.0280 0x0ca0 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:38:44.0311 0x0ca0 MozillaMaintenance - ok
20:38:44.0358 0x0ca0 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:38:44.0389 0x0ca0 MpFilter - ok
20:38:44.0420 0x0ca0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:38:44.0436 0x0ca0 mpio - ok
20:38:44.0483 0x0ca0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:38:44.0529 0x0ca0 mpsdrv - ok
20:38:44.0607 0x0ca0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:38:44.0670 0x0ca0 MpsSvc - ok
20:38:44.0717 0x0ca0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:38:44.0795 0x0ca0 MRxDAV - ok
20:38:44.0857 0x0ca0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:38:44.0919 0x0ca0 mrxsmb - ok
20:38:44.0982 0x0ca0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:38:45.0029 0x0ca0 mrxsmb10 - ok
20:38:45.0060 0x0ca0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:38:45.0075 0x0ca0 mrxsmb20 - ok
20:38:45.0122 0x0ca0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:38:45.0153 0x0ca0 msahci - ok
20:38:45.0200 0x0ca0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:38:45.0216 0x0ca0 msdsm - ok
20:38:45.0247 0x0ca0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:38:45.0278 0x0ca0 MSDTC - ok
20:38:45.0325 0x0ca0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:38:45.0387 0x0ca0 Msfs - ok
20:38:45.0419 0x0ca0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:38:45.0512 0x0ca0 mshidkmdf - ok
20:38:45.0543 0x0ca0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:38:45.0559 0x0ca0 msisadrv - ok
20:38:45.0575 0x0ca0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:38:45.0637 0x0ca0 MSiSCSI - ok
20:38:45.0637 0x0ca0 msiserver - ok
20:38:45.0684 0x0ca0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:38:45.0731 0x0ca0 MSKSSRV - ok
20:38:45.0871 0x0ca0 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:38:45.0902 0x0ca0 MsMpSvc - ok
20:38:45.0933 0x0ca0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:38:45.0996 0x0ca0 MSPCLOCK - ok
20:38:46.0043 0x0ca0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:38:46.0089 0x0ca0 MSPQM - ok
20:38:46.0152 0x0ca0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:38:46.0167 0x0ca0 MsRPC - ok
20:38:46.0230 0x0ca0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:38:46.0261 0x0ca0 mssmbios - ok
20:38:46.0308 0x0ca0 [ 966EC55988D580B9823C453781309450, 52942A68A3DE6C6A9730D27667A0AAA35B65889C37B243B83CC9B54DFAFE4A2D ] MSTAPE C:\Windows\system32\DRIVERS\mstape.sys
20:38:46.0339 0x0ca0 MSTAPE - ok
20:38:46.0355 0x0ca0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:38:46.0401 0x0ca0 MSTEE - ok
20:38:46.0417 0x0ca0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:38:46.0464 0x0ca0 MTConfig - ok
20:38:46.0511 0x0ca0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:38:46.0542 0x0ca0 Mup - ok
20:38:46.0620 0x0ca0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:38:46.0698 0x0ca0 napagent - ok
20:38:46.0760 0x0ca0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:38:46.0823 0x0ca0 NativeWifiP - ok
20:38:46.0932 0x0ca0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:38:46.0979 0x0ca0 NDIS - ok
20:38:46.0994 0x0ca0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:38:47.0057 0x0ca0 NdisCap - ok
20:38:47.0103 0x0ca0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:38:47.0150 0x0ca0 NdisTapi - ok
20:38:47.0197 0x0ca0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:38:47.0259 0x0ca0 Ndisuio - ok
20:38:47.0306 0x0ca0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:38:47.0353 0x0ca0 NdisWan - ok
20:38:47.0400 0x0ca0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:38:47.0462 0x0ca0 NDProxy - ok
20:38:47.0509 0x0ca0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:38:47.0571 0x0ca0 NetBIOS - ok
20:38:47.0618 0x0ca0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:38:47.0696 0x0ca0 NetBT - ok
20:38:47.0727 0x0ca0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
20:38:47.0743 0x0ca0 Netlogon - ok
20:38:47.0774 0x0ca0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:38:47.0852 0x0ca0 Netman - ok
20:38:47.0899 0x0ca0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:47.0993 0x0ca0 NetMsmqActivator - ok
20:38:48.0024 0x0ca0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:48.0055 0x0ca0 NetPipeActivator - ok
20:38:48.0102 0x0ca0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:38:48.0164 0x0ca0 netprofm - ok
20:38:48.0211 0x0ca0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:48.0227 0x0ca0 NetTcpActivator - ok
20:38:48.0242 0x0ca0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:48.0258 0x0ca0 NetTcpPortSharing - ok
20:38:48.0492 0x0ca0 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:38:48.0726 0x0ca0 netw5v64 - ok
20:38:48.0773 0x0ca0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:38:48.0788 0x0ca0 nfrd960 - ok
20:38:48.0835 0x0ca0 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:38:48.0851 0x0ca0 NisDrv - ok
20:38:48.0913 0x0ca0 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:38:48.0944 0x0ca0 NisSrv - ok
20:38:48.0975 0x0ca0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:38:49.0022 0x0ca0 NlaSvc - ok
20:38:49.0053 0x0ca0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:38:49.0116 0x0ca0 Npfs - ok
20:38:49.0147 0x0ca0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:38:49.0209 0x0ca0 nsi - ok
20:38:49.0241 0x0ca0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:38:49.0319 0x0ca0 nsiproxy - ok
20:38:49.0428 0x0ca0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:38:49.0490 0x0ca0 Ntfs - ok
20:38:49.0521 0x0ca0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:38:49.0553 0x0ca0 Null - ok
20:38:49.0615 0x0ca0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:38:49.0631 0x0ca0 nvraid - ok
20:38:49.0646 0x0ca0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:38:49.0662 0x0ca0 nvstor - ok
20:38:49.0709 0x0ca0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:38:49.0740 0x0ca0 nv_agp - ok
20:38:49.0865 0x0ca0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:38:49.0896 0x0ca0 odserv - ok
20:38:49.0911 0x0ca0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:38:49.0927 0x0ca0 ohci1394 - ok
20:38:49.0989 0x0ca0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:38:50.0021 0x0ca0 ose - ok
20:38:50.0067 0x0ca0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:38:50.0130 0x0ca0 p2pimsvc - ok
20:38:50.0177 0x0ca0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:38:50.0208 0x0ca0 p2psvc - ok
20:38:50.0223 0x0ca0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:38:50.0239 0x0ca0 Parport - ok
20:38:50.0286 0x0ca0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:38:50.0301 0x0ca0 partmgr - ok
20:38:50.0317 0x0ca0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:38:50.0364 0x0ca0 PcaSvc - ok
20:38:50.0411 0x0ca0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:38:50.0442 0x0ca0 pci - ok
20:38:50.0489 0x0ca0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:38:50.0520 0x0ca0 pciide - ok
20:38:50.0551 0x0ca0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:38:50.0582 0x0ca0 pcmcia - ok
20:38:50.0598 0x0ca0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:38:50.0613 0x0ca0 pcw - ok
20:38:50.0785 0x0ca0 [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
20:38:50.0832 0x0ca0 PDF Architect Helper Service - ok
20:38:50.0879 0x0ca0 [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
20:38:50.0910 0x0ca0 PDF Architect Service - ok
20:38:50.0941 0x0ca0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:38:51.0019 0x0ca0 PEAUTH - ok
20:38:51.0113 0x0ca0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:38:51.0159 0x0ca0 PerfHost - ok
20:38:51.0253 0x0ca0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:38:51.0362 0x0ca0 pla - ok
20:38:51.0550 0x0ca0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:38:51.0674 0x0ca0 PlugPlay - ok
20:38:51.0706 0x0ca0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:38:51.0737 0x0ca0 PNRPAutoReg - ok
20:38:51.0768 0x0ca0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:38:51.0799 0x0ca0 PNRPsvc - ok
20:38:51.0877 0x0ca0 [ 33328FA8A580885AB0065BE6DB266E9F, 645A1B1702ADB0D3F784B998CDF17524CC6C4891594AA075D538A0656BAE69B8 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:38:51.0908 0x0ca0 Point64 - ok
20:38:52.0002 0x0ca0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:38:52.0080 0x0ca0 PolicyAgent - ok
20:38:52.0111 0x0ca0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:38:52.0174 0x0ca0 Power - ok
20:38:52.0236 0x0ca0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:38:52.0298 0x0ca0 PptpMiniport - ok
20:38:52.0330 0x0ca0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:38:52.0361 0x0ca0 Processor - ok
20:38:52.0423 0x0ca0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
20:38:52.0486 0x0ca0 ProfSvc - ok
20:38:52.0517 0x0ca0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:38:52.0532 0x0ca0 ProtectedStorage - ok
20:38:52.0595 0x0ca0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:38:52.0657 0x0ca0 Psched - ok
20:38:52.0720 0x0ca0 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:38:52.0751 0x0ca0 PxHlpa64 - ok
20:38:52.0813 0x0ca0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:38:52.0876 0x0ca0 ql2300 - ok
20:38:52.0891 0x0ca0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:38:52.0907 0x0ca0 ql40xx - ok
20:38:52.0938 0x0ca0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:38:52.0985 0x0ca0 QWAVE - ok
20:38:53.0032 0x0ca0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:38:53.0063 0x0ca0 QWAVEdrv - ok
20:38:53.0094 0x0ca0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:38:53.0156 0x0ca0 RasAcd - ok
20:38:53.0203 0x0ca0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:38:53.0234 0x0ca0 RasAgileVpn - ok
20:38:53.0250 0x0ca0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:38:53.0297 0x0ca0 RasAuto - ok
20:38:53.0359 0x0ca0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:38:53.0437 0x0ca0 Rasl2tp - ok
20:38:53.0468 0x0ca0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:38:53.0515 0x0ca0 RasMan - ok
20:38:53.0531 0x0ca0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:38:53.0578 0x0ca0 RasPppoe - ok
20:38:53.0609 0x0ca0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:38:53.0671 0x0ca0 RasSstp - ok
20:38:53.0718 0x0ca0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:38:53.0765 0x0ca0 rdbss - ok
20:38:53.0796 0x0ca0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:38:53.0827 0x0ca0 rdpbus - ok
20:38:53.0858 0x0ca0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:38:53.0890 0x0ca0 RDPCDD - ok
20:38:53.0952 0x0ca0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:38:54.0014 0x0ca0 RDPENCDD - ok
20:38:54.0046 0x0ca0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:38:54.0077 0x0ca0 RDPREFMP - ok
20:38:54.0186 0x0ca0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:38:54.0248 0x0ca0 RdpVideoMiniport - ok
20:38:54.0280 0x0ca0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:38:54.0326 0x0ca0 RDPWD - ok
20:38:54.0389 0x0ca0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:38:54.0420 0x0ca0 rdyboost - ok
20:38:54.0436 0x0ca0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:38:54.0498 0x0ca0 RemoteAccess - ok
20:38:54.0529 0x0ca0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:38:54.0592 0x0ca0 RemoteRegistry - ok
20:38:54.0654 0x0ca0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:38:54.0701 0x0ca0 RFCOMM - ok
20:38:54.0779 0x0ca0 [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:38:54.0794 0x0ca0 RichVideo - ok
20:38:54.0810 0x0ca0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:38:54.0841 0x0ca0 RpcEptMapper - ok
20:38:54.0857 0x0ca0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:38:54.0872 0x0ca0 RpcLocator - ok
20:38:54.0935 0x0ca0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:38:54.0982 0x0ca0 RpcSs - ok
20:38:55.0060 0x0ca0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:38:55.0122 0x0ca0 rspndr - ok
20:38:55.0200 0x0ca0 [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:38:55.0247 0x0ca0 RTL8167 - ok
20:38:55.0325 0x0ca0 [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
20:38:55.0372 0x0ca0 RTL8187 - ok
20:38:55.0387 0x0ca0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
20:38:55.0403 0x0ca0 SamSs - ok
20:38:55.0450 0x0ca0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:38:55.0465 0x0ca0 sbp2port - ok
20:38:55.0496 0x0ca0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:38:55.0559 0x0ca0 SCardSvr - ok
20:38:55.0606 0x0ca0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:38:55.0684 0x0ca0 scfilter - ok
20:38:55.0762 0x0ca0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:38:55.0840 0x0ca0 Schedule - ok
20:38:55.0886 0x0ca0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:38:55.0918 0x0ca0 SCPolicySvc - ok
20:38:55.0980 0x0ca0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:38:56.0027 0x0ca0 sdbus - ok
20:38:56.0058 0x0ca0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:38:56.0136 0x0ca0 SDRSVC - ok
20:38:56.0198 0x0ca0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:38:56.0230 0x0ca0 secdrv - ok
20:38:56.0245 0x0ca0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:38:56.0292 0x0ca0 seclogon - ok
20:38:56.0323 0x0ca0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:38:56.0386 0x0ca0 SENS - ok
20:38:56.0432 0x0ca0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:38:56.0464 0x0ca0 SensrSvc - ok
20:38:56.0479 0x0ca0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:38:56.0495 0x0ca0 Serenum - ok
20:38:56.0510 0x0ca0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:38:56.0557 0x0ca0 Serial - ok
20:38:56.0588 0x0ca0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:38:56.0651 0x0ca0 sermouse - ok
20:38:56.0729 0x0ca0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:38:56.0807 0x0ca0 SessionEnv - ok
20:38:56.0838 0x0ca0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:38:56.0916 0x0ca0 sffdisk - ok
20:38:56.0932 0x0ca0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:38:56.0978 0x0ca0 sffp_mmc - ok
20:38:56.0994 0x0ca0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:38:57.0025 0x0ca0 sffp_sd - ok
20:38:57.0056 0x0ca0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:38:57.0088 0x0ca0 sfloppy - ok
20:38:57.0150 0x0ca0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:38:57.0244 0x0ca0 SharedAccess - ok
20:38:57.0290 0x0ca0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:38:57.0337 0x0ca0 ShellHWDetection - ok
20:38:57.0384 0x0ca0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:38:57.0431 0x0ca0 SiSRaid2 - ok
20:38:57.0431 0x0ca0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:38:57.0446 0x0ca0 SiSRaid4 - ok
20:38:57.0524 0x0ca0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:38:57.0556 0x0ca0 SkypeUpdate - ok
20:38:57.0618 0x0ca0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:38:57.0680 0x0ca0 Smb - ok
20:38:57.0727 0x0ca0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:38:57.0790 0x0ca0 SNMPTRAP - ok
20:38:57.0852 0x0ca0 [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan C:\Windows\syswow64\speedfan.sys
20:38:57.0868 0x0ca0 speedfan - ok
20:38:57.0883 0x0ca0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:38:57.0899 0x0ca0 spldr - ok
20:38:57.0992 0x0ca0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:38:58.0070 0x0ca0 Spooler - ok
20:38:58.0258 0x0ca0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:38:58.0445 0x0ca0 sppsvc - ok
20:38:58.0476 0x0ca0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:38:58.0538 0x0ca0 sppuinotify - ok
20:38:58.0616 0x0ca0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:38:58.0679 0x0ca0 srv - ok
20:38:58.0726 0x0ca0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:38:58.0772 0x0ca0 srv2 - ok
20:38:58.0819 0x0ca0 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:38:58.0835 0x0ca0 SrvHsfHDA - ok
20:38:58.0897 0x0ca0 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:38:58.0960 0x0ca0 SrvHsfV92 - ok
20:38:59.0006 0x0ca0 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:38:59.0038 0x0ca0 SrvHsfWinac - ok
20:38:59.0069 0x0ca0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:38:59.0100 0x0ca0 srvnet - ok
20:38:59.0131 0x0ca0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:38:59.0209 0x0ca0 SSDPSRV - ok
20:38:59.0225 0x0ca0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:38:59.0272 0x0ca0 SstpSvc - ok
20:38:59.0334 0x0ca0 [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
20:38:59.0381 0x0ca0 ss_bus - ok
20:38:59.0412 0x0ca0 [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
20:38:59.0428 0x0ca0 ss_mdfl - ok
20:38:59.0459 0x0ca0 [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
20:38:59.0474 0x0ca0 ss_mdm - ok
20:38:59.0615 0x0ca0 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
20:38:59.0677 0x0ca0 STacSV - ok
20:38:59.0708 0x0ca0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:38:59.0724 0x0ca0 stexstor - ok
20:38:59.0802 0x0ca0 [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:38:59.0864 0x0ca0 STHDA - ok
20:38:59.0958 0x0ca0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:39:00.0020 0x0ca0 stisvc - ok
20:39:00.0067 0x0ca0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:39:00.0098 0x0ca0 swenum - ok
20:39:00.0286 0x0ca0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:39:00.0317 0x0ca0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:39:00.0317 0x0ca0 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:39:00.0348 0x0ca0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:39:00.0426 0x0ca0 swprv - ok
20:39:00.0535 0x0ca0 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:39:00.0566 0x0ca0 SynTP - ok
20:39:00.0707 0x0ca0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:39:00.0800 0x0ca0 SysMain - ok
20:39:00.0863 0x0ca0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:39:00.0910 0x0ca0 TabletInputService - ok
20:39:01.0284 0x0ca0 [ B9E475AB1AABB21F278EA74965F918B9, 7563C990E44954190BCD796174D1E4636319F6D799B2EE1362D27604C3C0F89F ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
20:39:01.0565 0x0ca0 TabletServiceWacom - ok
20:39:01.0627 0x0ca0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:39:01.0705 0x0ca0 TapiSrv - ok
20:39:01.0783 0x0ca0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:39:01.0861 0x0ca0 TBS - ok
20:39:02.0111 0x0ca0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:39:02.0189 0x0ca0 Tcpip - ok
20:39:02.0267 0x0ca0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:39:02.0345 0x0ca0 TCPIP6 - ok
20:39:02.0392 0x0ca0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:39:02.0438 0x0ca0 tcpipreg - ok
20:39:02.0485 0x0ca0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:39:02.0501 0x0ca0 TDPIPE - ok
20:39:02.0563 0x0ca0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:39:02.0594 0x0ca0 TDTCP - ok
20:39:02.0641 0x0ca0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:39:02.0688 0x0ca0 tdx - ok
20:39:02.0735 0x0ca0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:39:02.0750 0x0ca0 TermDD - ok
20:39:02.0813 0x0ca0 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
20:39:02.0860 0x0ca0 TermService - ok
20:39:02.0922 0x0ca0 [ FA5BFB71E561D279EDAE7E118435C1C9, 8010CEB7A06B9EEED425BD7048411A1BCB70975CF53974E0E0914B9D34AA98A3 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
20:39:02.0938 0x0ca0 TfFsMon - ok
20:39:02.0953 0x0ca0 [ FA8400D74345EC4BF10E476CA0AAA2DF, 1F600075736083491ADDBBF75ED7A95757B8A3FF123B36190F0DA154B121C9D7 ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
20:39:02.0953 0x0ca0 TfNetMon - ok
20:39:03.0016 0x0ca0 [ F11AA1A704A4C027E5E8E0F355523834, 235150D847D07BC6B11282C01243EBD01570FA079A2798CACC34F8DFE6BEBC00 ] TfSysMon C:\Windows\system32\drivers\TfSysMon.sys
20:39:03.0031 0x0ca0 TfSysMon - ok
20:39:03.0062 0x0ca0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:39:03.0094 0x0ca0 Themes - ok
20:39:03.0140 0x0ca0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:39:03.0172 0x0ca0 THREADORDER - ok
20:39:03.0187 0x0ca0 ThreatFire - ok
20:39:03.0250 0x0ca0 [ B8F4A8AFFAAE521A20E8D2AF3F487124, F5B03312337AA0BE75F8EE26FEFDE25C0013A5E5BD33EC1AF85C33C6E75829EA ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
20:39:03.0281 0x0ca0 TouchServiceWacom - ok
20:39:03.0296 0x0ca0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:39:03.0343 0x0ca0 TrkWks - ok
20:39:03.0406 0x0ca0 [ C6A1A2B4E8A7B92C11CA038369BD7DBE, DD8176FECD8034734995CCA62EF392804FCF9E7F1286D2FFDAFDBF2403161C0C ] truecrypt C:\Windows\syswow64\drivers\truecrypt.sys
20:39:03.0437 0x0ca0 truecrypt - ok
20:39:03.0499 0x0ca0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:39:03.0577 0x0ca0 TrustedInstaller - ok
20:39:03.0608 0x0ca0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:39:03.0640 0x0ca0 tssecsrv - ok
20:39:03.0686 0x0ca0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:39:03.0749 0x0ca0 TsUsbFlt - ok
20:39:03.0796 0x0ca0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:39:03.0889 0x0ca0 tunnel - ok
20:39:03.0920 0x0ca0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:39:03.0920 0x0ca0 uagp35 - ok
20:39:03.0983 0x0ca0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:39:04.0045 0x0ca0 udfs - ok
20:39:04.0092 0x0ca0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:39:04.0123 0x0ca0 UI0Detect - ok
20:39:04.0170 0x0ca0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:39:04.0201 0x0ca0 uliagpkx - ok
20:39:04.0264 0x0ca0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:39:04.0295 0x0ca0 umbus - ok
20:39:04.0357 0x0ca0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:39:04.0404 0x0ca0 UmPass - ok
20:39:04.0451 0x0ca0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:39:04.0513 0x0ca0 upnphost - ok
20:39:04.0576 0x0ca0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:39:04.0638 0x0ca0 usbaudio - ok
20:39:04.0669 0x0ca0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:39:04.0747 0x0ca0 usbccgp - ok
20:39:04.0778 0x0ca0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:39:04.0825 0x0ca0 usbcir - ok
20:39:04.0872 0x0ca0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:39:04.0919 0x0ca0 usbehci - ok
20:39:04.0966 0x0ca0 [ 44D9C773FEBFF10593B50DDFC2D6BC27, 17D76961C77476FAFC4487C03A9748C378FA7C3858F764DD87B4B127504E7E1F ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
20:39:04.0997 0x0ca0 usbfilter - ok
20:39:05.0075 0x0ca0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:39:05.0137 0x0ca0 usbhub - ok
20:39:05.0153 0x0ca0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:39:05.0200 0x0ca0 usbohci - ok
20:39:05.0231 0x0ca0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:39:05.0278 0x0ca0 usbprint - ok
20:39:05.0340 0x0ca0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:39:05.0418 0x0ca0 usbscan - ok
20:39:05.0449 0x0ca0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:39:05.0496 0x0ca0 USBSTOR - ok
20:39:05.0558 0x0ca0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:39:05.0590 0x0ca0 usbuhci - ok
20:39:05.0621 0x0ca0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:39:05.0683 0x0ca0 usbvideo - ok
20:39:05.0714 0x0ca0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:39:05.0792 0x0ca0 UxSms - ok
20:39:05.0839 0x0ca0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
20:39:05.0839 0x0ca0 VaultSvc - ok
20:39:05.0886 0x0ca0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:39:05.0902 0x0ca0 vdrvroot - ok
20:39:05.0980 0x0ca0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:39:06.0073 0x0ca0 vds - ok
20:39:06.0120 0x0ca0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:39:06.0151 0x0ca0 vga - ok
20:39:06.0167 0x0ca0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:39:06.0229 0x0ca0 VgaSave - ok
20:39:06.0292 0x0ca0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:39:06.0307 0x0ca0 vhdmp - ok
20:39:06.0370 0x0ca0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:39:06.0401 0x0ca0 viaide - ok
20:39:06.0463 0x0ca0 [ 1562A089B46C821487AFF8D01EE5547E, D033AF4C8EAFFB1860DDB71A15FE300BB387385F35B95364763A0821CD769988 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
20:39:06.0510 0x0ca0 VMAuthdService - detected UnsignedFile.Multi.Generic ( 1 )
20:39:06.0510 0x0ca0 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
20:39:06.0510 0x0ca0 Force sending object to P2P due to detect: VMAuthdService
20:39:06.0510 0x0ca0 Object send P2P result: false
20:39:06.0572 0x0ca0 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4, ED1B1B1DDEAA776E3CBFFDE4B8FC7FDD44A6DECEE8DEFC96EAFBFAB1ADF68A29 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
20:39:06.0604 0x0ca0 vmci - ok
20:39:06.0666 0x0ca0 [ DE41918B7ABAE9056EB1E62540D229D3, 4F17B24F1B8AA60DB141ABCBCEBE7F9D60CF9A7A8DB03269920062931758D96F ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
20:39:06.0697 0x0ca0 vmkbd - ok
20:39:06.0744 0x0ca0 [ B259C31378BC855AFD1B53F59311C251, 5FEDEC6EBA72652B89F57E275B25CC6333BE78FB2B74DEADDD588CE1089DCE89 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
20:39:06.0760 0x0ca0 VMnetAdapter - ok
20:39:06.0806 0x0ca0 [ DEC4CE720FFEDA939CF1BA315CFBD993, B06BB836B824FC682F5FD84E1D6B313A4E99089A5CED2C14CC721D172C1E3C51 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
20:39:06.0838 0x0ca0 VMnetBridge - ok
20:39:06.0869 0x0ca0 VMnetDHCP - ok
20:39:06.0884 0x0ca0 [ 41F8BFC7A658FF4FA27AC10E9C5D14A7, EB84709E4BC614812DEC9DBE3A98220B6BB38DC3E44FD8B0DA5C27445554F1AE ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
20:39:06.0900 0x0ca0 VMnetuserif - ok
20:39:06.0962 0x0ca0 [ 415B167695C4B5960A13098622EF3D80, E68AE845A6967E68FB22EB0F4D95631D041DA906801202F7662B22EAD34B2371 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
20:39:06.0994 0x0ca0 vmusb - ok
20:39:07.0150 0x0ca0 [ 18903CA7936912C337C9D28858880CF2, 6A3CF68E62AAF7DC22A299ADF7037D408CEB554BC36CD72C4C37AFEA16B84915 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
20:39:07.0196 0x0ca0 VMUSBArbService - ok
20:39:07.0228 0x0ca0 VMware NAT Service - ok
20:39:07.0664 0x0ca0 [ 09895634295862AE7087C08BBF17B346, C5759AA26E47559C81E11C6D869339C538086A6C4538EEB43974A9DD7B54B483 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
20:39:08.0210 0x0ca0 VMwareHostd - detected UnsignedFile.Multi.Generic ( 1 )
20:39:08.0210 0x0ca0 VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
20:39:08.0304 0x0ca0 [ 61B270C2437EE87455864E4EEDD8867D, 9E0E18A78E839F2722BFC821CFA25D9E4D6FD48BE1A5EAEB3FB644A0D14E0B51 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
20:39:08.0351 0x0ca0 vmx86 - ok
20:39:08.0398 0x0ca0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:39:08.0429 0x0ca0 volmgr - ok
20:39:08.0476 0x0ca0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:39:08.0507 0x0ca0 volmgrx - ok
20:39:08.0538 0x0ca0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:39:08.0569 0x0ca0 volsnap - ok
20:39:08.0616 0x0ca0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:39:08.0647 0x0ca0 vsmraid - ok
20:39:08.0756 0x0ca0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:39:08.0881 0x0ca0 VSS - ok
20:39:08.0944 0x0ca0 [ 6107E33A30C0B923F31C872E1980D2D1, 5094C193997CDD50EEB15CB7AF96F2106BDE0BC675FDF83D7C3CE3F7299EE286 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
20:39:08.0959 0x0ca0 vstor2-mntapi10-shared - ok
20:39:08.0990 0x0ca0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:39:09.0022 0x0ca0 vwifibus - ok
20:39:09.0022 0x0ca0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:39:09.0053 0x0ca0 vwififlt - ok
20:39:09.0100 0x0ca0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:39:09.0115 0x0ca0 vwifimp - ok
20:39:09.0146 0x0ca0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:39:09.0224 0x0ca0 W32Time - ok
20:39:09.0287 0x0ca0 [ FE75777289278A4941FE6139E82B3BD9, 4B0F3117C7D905240DB54EEE376404757258051CC5F8F312CAF748E1811368C6 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:39:09.0318 0x0ca0 wacmoumonitor - ok
20:39:09.0380 0x0ca0 [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:39:09.0380 0x0ca0 wacommousefilter - ok
20:39:09.0412 0x0ca0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:39:09.0427 0x0ca0 WacomPen - ok
20:39:09.0427 0x0ca0 [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
20:39:09.0443 0x0ca0 wacomvhid - ok
20:39:09.0521 0x0ca0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:39:09.0568 0x0ca0 WANARP - ok
20:39:09.0583 0x0ca0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:39:09.0614 0x0ca0 Wanarpv6 - ok
20:39:09.0724 0x0ca0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:39:09.0770 0x0ca0 WatAdminSvc - ok
20:39:09.0880 0x0ca0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:39:09.0958 0x0ca0 wbengine - ok
20:39:09.0989 0x0ca0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:39:10.0020 0x0ca0 WbioSrvc - ok
20:39:10.0082 0x0ca0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:39:10.0129 0x0ca0 wcncsvc - ok
20:39:10.0160 0x0ca0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:39:10.0176 0x0ca0 WcsPlugInService - ok
20:39:10.0192 0x0ca0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:39:10.0207 0x0ca0 Wd - ok
20:39:10.0285 0x0ca0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:39:10.0332 0x0ca0 Wdf01000 - ok
20:39:10.0379 0x0ca0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:39:10.0472 0x0ca0 WdiServiceHost - ok
20:39:10.0472 0x0ca0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:39:10.0504 0x0ca0 WdiSystemHost - ok
20:39:10.0550 0x0ca0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:39:10.0582 0x0ca0 WebClient - ok
20:39:10.0613 0x0ca0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:39:10.0675 0x0ca0 Wecsvc - ok
20:39:10.0706 0x0ca0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:39:10.0769 0x0ca0 wercplsupport - ok
20:39:10.0816 0x0ca0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:39:10.0878 0x0ca0 WerSvc - ok
20:39:10.0925 0x0ca0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:39:10.0972 0x0ca0 WfpLwf - ok
20:39:10.0987 0x0ca0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:39:11.0003 0x0ca0 WIMMount - ok
20:39:11.0034 0x0ca0 WinDefend - ok
20:39:11.0065 0x0ca0 WinHttpAutoProxySvc - ok
20:39:11.0128 0x0ca0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:39:11.0190 0x0ca0 Winmgmt - ok
20:39:11.0330 0x0ca0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
20:39:11.0471 0x0ca0 WinRM - ok
20:39:11.0549 0x0ca0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:39:11.0596 0x0ca0 WinUsb - ok
20:39:11.0689 0x0ca0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:39:11.0752 0x0ca0 Wlansvc - ok
20:39:11.0798 0x0ca0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:39:11.0845 0x0ca0 WmiAcpi - ok
20:39:11.0876 0x0ca0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:39:11.0923 0x0ca0 wmiApSrv - ok
20:39:11.0970 0x0ca0 WMPNetworkSvc - ok
20:39:11.0986 0x0ca0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:39:12.0048 0x0ca0 WPCSvc - ok
20:39:12.0110 0x0ca0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:39:12.0142 0x0ca0 WPDBusEnum - ok
20:39:12.0188 0x0ca0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:39:12.0344 0x0ca0 ws2ifsl - ok
20:39:12.0360 0x0ca0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:39:12.0391 0x0ca0 wscsvc - ok
20:39:12.0407 0x0ca0 WSearch - ok
20:39:12.0547 0x0ca0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
20:39:12.0641 0x0ca0 wuauserv - ok
20:39:12.0688 0x0ca0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:39:12.0766 0x0ca0 WudfPf - ok
20:39:12.0844 0x0ca0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:39:12.0890 0x0ca0 WUDFRd - ok
20:39:12.0922 0x0ca0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:39:12.0953 0x0ca0 wudfsvc - ok
20:39:13.0000 0x0ca0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:39:13.0046 0x0ca0 WwanSvc - ok
20:39:13.0124 0x0ca0 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:39:13.0171 0x0ca0 yukonw7 - ok
20:39:13.0234 0x0ca0 ================ Scan global ===============================
20:39:13.0265 0x0ca0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:39:13.0327 0x0ca0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:39:13.0358 0x0ca0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:39:13.0374 0x0ca0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:39:13.0421 0x0ca0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:39:13.0421 0x0ca0 [ Global ] - ok
20:39:13.0421 0x0ca0 ================ Scan MBR ==================================
20:39:13.0436 0x0ca0 [ BC7BF3BD0ABC8DCFC8F335FCAEC7E15E ] \Device\Harddisk0\DR0
20:39:13.0780 0x0ca0 \Device\Harddisk0\DR0 - ok
20:39:13.0795 0x0ca0 [ 0958E97B3AB14A63B915EFE6013A9D24 ] \Device\Harddisk1\DR1
20:39:13.0951 0x0ca0 \Device\Harddisk1\DR1 - ok
20:39:13.0951 0x0ca0 ================ Scan VBR ==================================
20:39:13.0951 0x0ca0 [ 96915FB0A803DAF81897552E957CA8BD ] \Device\Harddisk0\DR0\Partition1
20:39:13.0951 0x0ca0 \Device\Harddisk0\DR0\Partition1 - ok
20:39:13.0951 0x0ca0 [ 071EF073644F02EAEE0501641588CA11 ] \Device\Harddisk0\DR0\Partition2
20:39:13.0951 0x0ca0 \Device\Harddisk0\DR0\Partition2 - ok
20:39:13.0967 0x0ca0 [ 8229F4BBEEBAB2F3265478B28DF7D0CF ] \Device\Harddisk0\DR0\Partition3
20:39:13.0967 0x0ca0 \Device\Harddisk0\DR0\Partition3 - ok
20:39:13.0967 0x0ca0 [ C25E8DBA3C450EE68047002D200055CC ] \Device\Harddisk0\DR0\Partition4
20:39:13.0967 0x0ca0 \Device\Harddisk0\DR0\Partition4 - ok
20:39:13.0967 0x0ca0 [ 088CA80E21C0689A91E66D530BA26557 ] \Device\Harddisk1\DR1\Partition1
20:39:13.0982 0x0ca0 \Device\Harddisk1\DR1\Partition1 - ok
20:39:13.0982 0x0ca0 ================ Scan generic autorun ======================
20:39:13.0982 0x0ca0 SynTPEnh - ok
20:39:14.0060 0x0ca0 [ 59E58A7A5388E00BB4347AEBBDCC84FE, 9B06344F13C8F8831549410B78E084BFEA9EC2E181ECA49FF9586424999CE758 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
20:39:14.0092 0x0ca0 SmartMenu - ok
20:39:14.0263 0x0ca0 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:39:14.0294 0x0ca0 AdobeAAMUpdater-1.0 - ok
20:39:14.0372 0x0ca0 [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
20:39:14.0419 0x0ca0 SysTrayApp - ok
20:39:14.0622 0x0ca0 [ 0080231EC57D26B380F630CC790DAB85, CA59ED2E67D03C70A77AB0D605C6172B72B8238A42425D0F75C1C891DB89FF9A ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
20:39:14.0700 0x0ca0 IntelliPoint - ok
20:39:14.0872 0x0ca0 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
20:39:14.0934 0x0ca0 MSC - ok
20:39:14.0981 0x0ca0 [ E29DD25C9AAC2C5D626F0DF8A6A9468B, A39471F13A39FF0E82778CAFD01D51C35FE10F12FC21BDAD837C93F9FD72D46C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:39:15.0012 0x0ca0 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
20:39:15.0012 0x0ca0 StartCCC ( UnsignedFile.Multi.Generic ) - warning
20:39:15.0074 0x0ca0 [ 019D774B725DCFD9A188F07764A32214, D9926C2664754AB2FED379AE203A8D290C65FA78518B37385642F8D654EC011E ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
20:39:15.0106 0x0ca0 QlbCtrl.exe - ok
20:39:15.0121 0x0ca0 [ 15657931FB7CA61FA1B72B955E1799E7, 1B25DFE965CC6BB59817097A37ABE77A3B27269915FFA64B16F9ABF65F511FF9 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
20:39:15.0152 0x0ca0 Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
20:39:15.0152 0x0ca0 Easybits Recovery ( UnsignedFile.Multi.Generic ) - warning
20:39:15.0199 0x0ca0 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
20:39:15.0230 0x0ca0 HP Software Update - ok
20:39:15.0355 0x0ca0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:39:15.0464 0x0ca0 Sidebar - ok
20:39:15.0496 0x0ca0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:39:15.0527 0x0ca0 mctadmin - ok
20:39:15.0574 0x0ca0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:39:15.0620 0x0ca0 Sidebar - ok
20:39:15.0620 0x0ca0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:39:15.0652 0x0ca0 mctadmin - ok
20:39:15.0761 0x0ca0 [ A5F78606A9BA8F0C4C8FF9DED6ED5107, 57583EFF4FBC0B31A47ED6C7BC58E575470F9BF4F12D8E05648507ACA6741965 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
20:39:15.0808 0x0ca0 HPADVISOR - ok
20:39:15.0917 0x0ca0 Mobile Partner - ok
20:39:16.0026 0x0ca0 [ E02E715FA2BC8D88FF9362374E309D76, A10E4D4B02F147A38364A2DEBF9691771BD381B8FC1E672EF96C0509DD919EDE ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
20:39:16.0135 0x0ca0 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
20:39:16.0135 0x0ca0 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - warning
20:39:16.0135 0x0ca0 Force sending object to P2P due to detect: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
20:39:16.0151 0x0ca0 Object send P2P result: false
20:39:16.0166 0x0ca0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
20:39:16.0182 0x0ca0 Win FW state via NFP2: enabled
20:39:16.0182 0x0ca0 ============================================================
20:39:16.0182 0x0ca0 Scan finished
20:39:16.0182 0x0ca0 ============================================================
20:39:16.0182 0x0cd4 Detected object count: 7
20:39:16.0198 0x0cd4 Actual detected object count: 7
Servus aus Wien |
|
09.11.2014, 08:29
| #4 |
| /// the machine /// TB-Ausbilder | Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen Nein das Log ist nicht vollständig. Nochmal posten, zur Not bitte nochmal scannen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.11.2014, 15:11
| #5 |
| | Hab nochmal gescannt - zur sicherheit... ...hier hoffe das ist vollständig: Code:
ATTFilter 14:41:41.0766 0x0e50 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
14:41:46.0087 0x0e50 ============================================================
14:41:46.0087 0x0e50 Current date / time: 2014/11/09 14:41:46.0087
14:41:46.0087 0x0e50 SystemInfo:
14:41:46.0087 0x0e50
14:41:46.0087 0x0e50 OS Version: 6.1.7601 ServicePack: 1.0
14:41:46.0087 0x0e50 Product type: Workstation
14:41:46.0087 0x0e50 ComputerName: KINGOFVIENNA-PC
14:41:46.0087 0x0e50 UserName: KING OF VIENNA
14:41:46.0087 0x0e50 Windows directory: C:\Windows
14:41:46.0087 0x0e50 System windows directory: C:\Windows
14:41:46.0087 0x0e50 Running under WOW64
14:41:46.0087 0x0e50 Processor architecture: Intel x64
14:41:46.0087 0x0e50 Number of processors: 2
14:41:46.0087 0x0e50 Page size: 0x1000
14:41:46.0087 0x0e50 Boot type: Normal boot
14:41:46.0087 0x0e50 ============================================================
14:41:48.0645 0x0e50 KLMD registered as C:\Windows\system32\drivers\93093372.sys
14:41:48.0848 0x0e50 System UUID: {DD8CEF35-F649-37C7-E6F9-B13D823C2BCB}
14:41:49.0254 0x0e50 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:41:49.0269 0x0e50 Drive \Device\Harddisk1\DR2 - Size: 0x3D3FFE00 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:41:49.0269 0x0e50 ============================================================
14:41:49.0269 0x0e50 \Device\Harddisk0\DR0:
14:41:49.0269 0x0e50 MBR partitions:
14:41:49.0269 0x0e50 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:41:49.0269 0x0e50 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38793800
14:41:49.0269 0x0e50 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x387F7800, BlocksNum 0x1B5A800
14:41:49.0269 0x0e50 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:41:49.0269 0x0e50 \Device\Harddisk1\DR2:
14:41:49.0269 0x0e50 MBR partitions:
14:41:49.0269 0x0e50 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3E, BlocksNum 0x1E9B02
14:41:49.0269 0x0e50 ============================================================
14:41:49.0285 0x0e50 C: <-> \Device\Harddisk0\DR0\Partition2
14:41:49.0332 0x0e50 D: <-> \Device\Harddisk0\DR0\Partition3
14:41:49.0347 0x0e50 E: <-> \Device\Harddisk0\DR0\Partition4
14:41:49.0347 0x0e50 ============================================================
14:41:49.0347 0x0e50 Initialize success
14:41:49.0347 0x0e50 ============================================================
14:42:23.0854 0x0b48 ============================================================
14:42:23.0854 0x0b48 Scan started
14:42:23.0854 0x0b48 Mode: Manual; SigCheck; TDLFS;
14:42:23.0854 0x0b48 ============================================================
14:42:23.0854 0x0b48 KSN ping started
14:42:26.0522 0x0b48 KSN ping finished: false
14:42:27.0552 0x0b48 ================ Scan system memory ========================
14:42:27.0552 0x0b48 System memory - ok
14:42:27.0552 0x0b48 ================ Scan services =============================
14:42:27.0817 0x0b48 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:42:27.0879 0x0b48 1394ohci - ok
14:42:27.0942 0x0b48 [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883 C:\Windows\system32\DRIVERS\61883.sys
14:42:27.0973 0x0b48 61883 - ok
14:42:28.0035 0x0b48 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
14:42:28.0051 0x0b48 Accelerometer - ok
14:42:28.0113 0x0b48 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:42:28.0129 0x0b48 ACPI - ok
14:42:28.0176 0x0b48 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:42:28.0191 0x0b48 AcpiPmi - ok
14:42:28.0363 0x0b48 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:28.0378 0x0b48 AdobeARMservice - ok
14:42:28.0441 0x0b48 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:42:28.0472 0x0b48 adp94xx - ok
14:42:28.0534 0x0b48 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:42:28.0550 0x0b48 adpahci - ok
14:42:28.0581 0x0b48 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:42:28.0597 0x0b48 adpu320 - ok
14:42:28.0644 0x0b48 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:42:28.0675 0x0b48 AeLookupSvc - ok
14:42:28.0815 0x0b48 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
14:42:28.0831 0x0b48 AESTFilters - ok
14:42:28.0909 0x0b48 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:42:28.0940 0x0b48 AFD - ok
14:42:29.0034 0x0b48 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:42:29.0080 0x0b48 AgereSoftModem - ok
14:42:29.0143 0x0b48 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:42:29.0158 0x0b48 agp440 - ok
14:42:29.0205 0x0b48 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:42:29.0236 0x0b48 ALG - ok
14:42:29.0299 0x0b48 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:42:29.0314 0x0b48 aliide - ok
14:42:29.0767 0x0b48 ALSysIO - ok
14:42:29.0954 0x0b48 [ BCC32BF5EBB5DFD4380FA053D3651949, 72799B17EFB11836FEA241AD844C8D5EEF62656084CE89077DAF8FC30706A019 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:42:29.0970 0x0b48 AMD External Events Utility - ok
14:42:30.0032 0x0b48 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:42:30.0048 0x0b48 amdide - ok
14:42:30.0110 0x0b48 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:42:30.0141 0x0b48 AmdK8 - ok
14:42:30.0188 0x0b48 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:42:30.0219 0x0b48 AmdPPM - ok
14:42:30.0266 0x0b48 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:42:30.0282 0x0b48 amdsata - ok
14:42:30.0313 0x0b48 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:42:30.0328 0x0b48 amdsbs - ok
14:42:30.0375 0x0b48 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:42:30.0406 0x0b48 amdxata - ok
14:42:30.0469 0x0b48 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
14:42:30.0531 0x0b48 AppID - ok
14:42:30.0562 0x0b48 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:42:30.0594 0x0b48 AppIDSvc - ok
14:42:30.0656 0x0b48 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:42:30.0687 0x0b48 Appinfo - ok
14:42:30.0734 0x0b48 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:42:30.0750 0x0b48 arc - ok
14:42:30.0765 0x0b48 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:42:30.0781 0x0b48 arcsas - ok
14:42:30.0921 0x0b48 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:42:30.0968 0x0b48 aspnet_state - ok
14:42:31.0015 0x0b48 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:31.0062 0x0b48 AsyncMac - ok
14:42:31.0124 0x0b48 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:42:31.0155 0x0b48 atapi - ok
14:42:31.0358 0x0b48 [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:42:31.0483 0x0b48 athr - ok
14:42:31.0623 0x0b48 [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:42:31.0654 0x0b48 AtiHdmiService - ok
14:42:31.0920 0x0b48 [ A29087680A1C3B049E3C05438E8FF2B8, 8895C480DE55078A0B0BDF105A745940E02A8A7545EA5EE84FB675634620AD89 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:32.0122 0x0b48 atikmdag - ok
14:42:32.0185 0x0b48 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
14:42:32.0185 0x0b48 AtiPcie - ok
14:42:32.0278 0x0b48 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:42:32.0341 0x0b48 AudioEndpointBuilder - ok
14:42:32.0372 0x0b48 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:42:32.0419 0x0b48 AudioSrv - ok
14:42:32.0497 0x0b48 [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc C:\Windows\system32\DRIVERS\avc.sys
14:42:32.0528 0x0b48 Avc - ok
14:42:32.0559 0x0b48 [ 155F536D6181508929F4FE177F4167CE, 479B100DA05EDFADEDC6853B561FF3AC6A00403AB8A54F83887B8D0BB4D76886 ] AVCSTRM C:\Windows\system32\DRIVERS\avcstrm.sys
14:42:32.0575 0x0b48 AVCSTRM - ok
14:42:32.0653 0x0b48 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:42:32.0700 0x0b48 AxInstSV - ok
14:42:32.0793 0x0b48 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:42:32.0824 0x0b48 b06bdrv - ok
14:42:32.0887 0x0b48 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:42:32.0918 0x0b48 b57nd60a - ok
14:42:33.0027 0x0b48 [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:42:33.0058 0x0b48 BBSvc - ok
14:42:33.0136 0x0b48 [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:42:33.0168 0x0b48 BBUpdate - ok
14:42:33.0183 0x0b48 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:42:33.0214 0x0b48 BDESVC - ok
14:42:33.0246 0x0b48 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:42:33.0292 0x0b48 Beep - ok
14:42:33.0402 0x0b48 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:42:33.0433 0x0b48 BFE - ok
14:42:33.0542 0x0b48 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:42:33.0604 0x0b48 BITS - ok
14:42:33.0698 0x0b48 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:33.0729 0x0b48 blbdrive - ok
14:42:33.0792 0x0b48 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:42:33.0807 0x0b48 bowser - ok
14:42:33.0870 0x0b48 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:42:33.0901 0x0b48 BrFiltLo - ok
14:42:33.0932 0x0b48 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:42:33.0948 0x0b48 BrFiltUp - ok
14:42:34.0010 0x0b48 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:42:34.0041 0x0b48 Browser - ok
14:42:34.0057 0x0b48 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:42:34.0088 0x0b48 Brserid - ok
14:42:34.0104 0x0b48 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:34.0119 0x0b48 BrSerWdm - ok
14:42:34.0135 0x0b48 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:34.0150 0x0b48 BrUsbMdm - ok
14:42:34.0166 0x0b48 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:34.0182 0x0b48 BrUsbSer - ok
14:42:34.0244 0x0b48 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
14:42:34.0291 0x0b48 BthEnum - ok
14:42:34.0338 0x0b48 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:42:34.0353 0x0b48 BTHMODEM - ok
14:42:34.0384 0x0b48 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:42:34.0416 0x0b48 BthPan - ok
14:42:34.0478 0x0b48 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:42:34.0509 0x0b48 BTHPORT - ok
14:42:34.0540 0x0b48 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:42:34.0572 0x0b48 bthserv - ok
14:42:34.0618 0x0b48 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:42:34.0650 0x0b48 BTHUSB - ok
14:42:34.0696 0x0b48 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:42:34.0759 0x0b48 cdfs - ok
14:42:34.0837 0x0b48 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:42:34.0868 0x0b48 cdrom - ok
14:42:34.0930 0x0b48 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:42:34.0977 0x0b48 CertPropSvc - ok
14:42:35.0040 0x0b48 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:42:35.0071 0x0b48 circlass - ok
14:42:35.0102 0x0b48 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:42:35.0133 0x0b48 CLFS - ok
14:42:35.0196 0x0b48 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:35.0211 0x0b48 clr_optimization_v2.0.50727_32 - ok
14:42:35.0274 0x0b48 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:42:35.0289 0x0b48 clr_optimization_v2.0.50727_64 - ok
14:42:35.0414 0x0b48 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:35.0430 0x0b48 clr_optimization_v4.0.30319_32 - ok
14:42:35.0445 0x0b48 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:42:35.0461 0x0b48 clr_optimization_v4.0.30319_64 - ok
14:42:35.0508 0x0b48 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:35.0523 0x0b48 CmBatt - ok
14:42:35.0570 0x0b48 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:42:35.0586 0x0b48 cmdide - ok
14:42:35.0648 0x0b48 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
14:42:35.0679 0x0b48 CNG - ok
14:42:35.0804 0x0b48 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
14:42:35.0820 0x0b48 Com4QLBEx - ok
14:42:35.0835 0x0b48 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:42:35.0851 0x0b48 Compbatt - ok
14:42:35.0913 0x0b48 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:42:35.0944 0x0b48 CompositeBus - ok
14:42:35.0960 0x0b48 COMSysApp - ok
14:42:36.0007 0x0b48 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:42:36.0022 0x0b48 crcdisk - ok
14:42:36.0085 0x0b48 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:42:36.0100 0x0b48 CryptSvc - ok
14:42:36.0178 0x0b48 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:42:36.0225 0x0b48 DcomLaunch - ok
14:42:36.0256 0x0b48 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:42:36.0303 0x0b48 defragsvc - ok
14:42:36.0366 0x0b48 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:42:36.0397 0x0b48 DfsC - ok
14:42:36.0459 0x0b48 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:42:36.0475 0x0b48 Dhcp - ok
14:42:36.0506 0x0b48 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:42:36.0537 0x0b48 discache - ok
14:42:36.0615 0x0b48 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:42:36.0709 0x0b48 Disk - ok
14:42:36.0756 0x0b48 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:42:36.0771 0x0b48 Dnscache - ok
14:42:36.0834 0x0b48 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:42:36.0880 0x0b48 dot3svc - ok
14:42:36.0943 0x0b48 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:42:36.0974 0x0b48 Dot4 - ok
14:42:36.0990 0x0b48 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:42:37.0005 0x0b48 Dot4Print - ok
14:42:37.0021 0x0b48 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:42:37.0036 0x0b48 dot4usb - ok
14:42:37.0099 0x0b48 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:42:37.0146 0x0b48 DPS - ok
14:42:37.0208 0x0b48 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:42:37.0224 0x0b48 drmkaud - ok
14:42:37.0302 0x0b48 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:42:37.0333 0x0b48 dtsoftbus01 - ok
14:42:37.0395 0x0b48 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:42:37.0442 0x0b48 DXGKrnl - ok
14:42:37.0504 0x0b48 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:42:37.0567 0x0b48 EapHost - ok
14:42:37.0692 0x0b48 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:42:37.0801 0x0b48 ebdrv - ok
14:42:37.0894 0x0b48 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
14:42:37.0926 0x0b48 EFS - ok
14:42:38.0082 0x0b48 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:42:38.0113 0x0b48 ehRecvr - ok
14:42:38.0144 0x0b48 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:42:38.0160 0x0b48 ehSched - ok
14:42:38.0253 0x0b48 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:42:38.0284 0x0b48 elxstor - ok
14:42:38.0331 0x0b48 [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
14:42:38.0362 0x0b48 enecir - ok
14:42:38.0425 0x0b48 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:42:38.0440 0x0b48 ErrDev - ok
14:42:38.0534 0x0b48 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:42:38.0596 0x0b48 EventSystem - ok
14:42:38.0674 0x0b48 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:42:38.0706 0x0b48 ew_hwusbdev - ok
14:42:38.0752 0x0b48 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:42:38.0784 0x0b48 ew_usbenumfilter - ok
14:42:38.0830 0x0b48 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:42:38.0893 0x0b48 exfat - ok
14:42:38.0924 0x0b48 ezSharedSvc - ok
14:42:38.0955 0x0b48 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:42:38.0986 0x0b48 fastfat - ok
14:42:39.0080 0x0b48 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:42:39.0111 0x0b48 Fax - ok
14:42:39.0127 0x0b48 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:42:39.0142 0x0b48 fdc - ok
14:42:39.0205 0x0b48 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:42:39.0267 0x0b48 fdPHost - ok
14:42:39.0283 0x0b48 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:42:39.0314 0x0b48 FDResPub - ok
14:42:39.0330 0x0b48 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:42:39.0345 0x0b48 FileInfo - ok
14:42:39.0361 0x0b48 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:42:39.0408 0x0b48 Filetrace - ok
14:42:39.0423 0x0b48 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:42:39.0439 0x0b48 flpydisk - ok
14:42:39.0501 0x0b48 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:42:39.0532 0x0b48 FltMgr - ok
14:42:39.0626 0x0b48 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:42:39.0673 0x0b48 FontCache - ok
14:42:39.0751 0x0b48 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:42:39.0782 0x0b48 FontCache3.0.0.0 - ok
14:42:39.0813 0x0b48 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:42:39.0829 0x0b48 FsDepends - ok
14:42:39.0876 0x0b48 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:42:39.0907 0x0b48 Fs_Rec - ok
14:42:39.0985 0x0b48 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:42:40.0016 0x0b48 fvevol - ok
14:42:40.0078 0x0b48 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:42:40.0110 0x0b48 gagp30kx - ok
14:42:40.0203 0x0b48 [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:42:40.0234 0x0b48 GameConsoleService - ok
14:42:40.0328 0x0b48 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:42:40.0390 0x0b48 gpsvc - ok
14:42:40.0484 0x0b48 [ ADB4348DA1345877B04E22203AFC8993, D85FC268D1994944CED570A84B0B2E4F3EBFBE59823BE57285CB6CDDDF607358 ] hcmon C:\Windows\system32\drivers\hcmon.sys
14:42:40.0515 0x0b48 hcmon - ok
14:42:40.0546 0x0b48 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:42:40.0562 0x0b48 hcw85cir - ok
14:42:40.0640 0x0b48 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:42:40.0671 0x0b48 HdAudAddService - ok
14:42:40.0734 0x0b48 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:42:40.0765 0x0b48 HDAudBus - ok
14:42:40.0780 0x0b48 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:42:40.0796 0x0b48 HidBatt - ok
14:42:40.0812 0x0b48 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:42:40.0827 0x0b48 HidBth - ok
14:42:40.0858 0x0b48 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:42:40.0874 0x0b48 HidIr - ok
14:42:40.0890 0x0b48 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:42:40.0921 0x0b48 hidserv - ok
14:42:40.0983 0x0b48 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:42:41.0030 0x0b48 HidUsb - ok
14:42:41.0092 0x0b48 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:42:41.0139 0x0b48 hkmsvc - ok
14:42:41.0186 0x0b48 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:42:41.0217 0x0b48 HomeGroupListener - ok
14:42:41.0264 0x0b48 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:42:41.0280 0x0b48 HomeGroupProvider - ok
14:42:41.0436 0x0b48 [ 45A12CACB97B4F15858FCFD59355A1E9, E4D671F1E413D1C45CC797C93FC042FEC9B0AE9F7039C82E516A410AD49100AA ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
14:42:41.0467 0x0b48 HP Health Check Service - ok
14:42:41.0560 0x0b48 [ F55442690A70A0278A7EED4FAAEBF576, 9BE7A30A08DB05D38994B14F53C9178552DE5898DB016B171E20E3046046B296 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:42:41.0592 0x0b48 HPDrvMntSvc.exe - ok
14:42:41.0654 0x0b48 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
14:42:41.0685 0x0b48 hpdskflt - ok
14:42:41.0841 0x0b48 [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:42:41.0872 0x0b48 HpqKbFiltr - ok
14:42:41.0966 0x0b48 [ 640E51DB253265C3EAC075866B3D2B33, 3408C908AADCA784BA7C0C044CC50B3759E2B142013D4B12B05E97A141036E15 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:42:42.0013 0x0b48 hpqwmiex - ok
14:42:42.0091 0x0b48 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:42:42.0122 0x0b48 HpSAMD - ok
14:42:42.0138 0x0b48 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
14:42:42.0153 0x0b48 hpsrv - ok
14:42:42.0216 0x0b48 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:42:42.0278 0x0b48 HTTP - ok
14:42:42.0340 0x0b48 [ 4DBBFCE863FE1B64C770EB53A3BA5860, DA77FB5D865779834CDCEE74200B9346FA3A4D0465F7A49C877ED6F786232CEF ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:42:42.0372 0x0b48 huawei_cdcacm - ok
14:42:42.0450 0x0b48 [ F80E301136A4101814385A3B934AB4CD, 20A6B74CF9E93C3F1A9E3273C41C04582C34F7C40250AB4B69C25CAD36A00775 ] huawei_cdcecm C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
14:42:42.0465 0x0b48 huawei_cdcecm - ok
14:42:42.0496 0x0b48 [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:42:42.0512 0x0b48 huawei_enumerator - ok
14:42:42.0559 0x0b48 [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:42:42.0574 0x0b48 huawei_ext_ctrl - ok
14:42:42.0855 0x0b48 [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
14:42:42.0871 0x0b48 HWDeviceService64.exe - ok
14:42:42.0918 0x0b48 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:42:42.0933 0x0b48 hwpolicy - ok
14:42:42.0996 0x0b48 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:42:43.0027 0x0b48 i8042prt - ok
14:42:43.0089 0x0b48 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:42:43.0120 0x0b48 iaStorV - ok
14:42:43.0198 0x0b48 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:42:43.0230 0x0b48 idsvc - ok
14:42:43.0261 0x0b48 IEEtwCollectorService - ok
14:42:43.0510 0x0b48 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:42:43.0729 0x0b48 igfx - ok
14:42:43.0791 0x0b48 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:42:43.0807 0x0b48 iirsp - ok
14:42:43.0869 0x0b48 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:42:43.0916 0x0b48 IKEEXT - ok
14:42:43.0963 0x0b48 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:42:43.0978 0x0b48 intelide - ok
14:42:43.0994 0x0b48 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:42:44.0010 0x0b48 intelppm - ok
14:42:44.0072 0x0b48 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:42:44.0103 0x0b48 IPBusEnum - ok
14:42:44.0150 0x0b48 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:44.0197 0x0b48 IpFilterDriver - ok
14:42:44.0259 0x0b48 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:42:44.0290 0x0b48 iphlpsvc - ok
14:42:44.0337 0x0b48 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:42:44.0353 0x0b48 IPMIDRV - ok
14:42:44.0384 0x0b48 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:42:44.0431 0x0b48 IPNAT - ok
14:42:44.0478 0x0b48 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:42:44.0493 0x0b48 IRENUM - ok
14:42:44.0540 0x0b48 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:42:44.0556 0x0b48 isapnp - ok
14:42:44.0634 0x0b48 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:42:44.0649 0x0b48 iScsiPrt - ok
14:42:44.0696 0x0b48 [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
14:42:44.0743 0x0b48 JMCR - ok
14:42:44.0805 0x0b48 [ 38BD6037FD2A6243A7606C0E87B847E5, 59EA889596F306FD0D67D94D97E2470006D1404F62A771415F10529A39F655D9 ] johci C:\Windows\system32\DRIVERS\johci.sys
14:42:44.0836 0x0b48 johci - ok
14:42:44.0852 0x0b48 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:42:44.0852 0x0b48 kbdclass - ok
14:42:44.0914 0x0b48 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:42:44.0946 0x0b48 kbdhid - ok
14:42:44.0961 0x0b48 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
14:42:44.0977 0x0b48 KeyIso - ok
14:42:45.0039 0x0b48 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:42:45.0070 0x0b48 KSecDD - ok
14:42:45.0086 0x0b48 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:42:45.0102 0x0b48 KSecPkg - ok
14:42:45.0133 0x0b48 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:42:45.0164 0x0b48 ksthunk - ok
14:42:45.0195 0x0b48 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:42:45.0242 0x0b48 KtmRm - ok
14:42:45.0320 0x0b48 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:42:45.0398 0x0b48 LanmanServer - ok
14:42:45.0445 0x0b48 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:42:45.0476 0x0b48 LanmanWorkstation - ok
14:42:45.0601 0x0b48 [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:42:45.0617 0x0b48 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
14:42:45.0695 0x0b48 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
14:42:45.0695 0x0b48 Force sending object to P2P due to detect: LightScribeService
14:42:45.0710 0x0b48 Object send P2P result: false
14:42:45.0757 0x0b48 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:42:45.0804 0x0b48 lltdio - ok
14:42:45.0851 0x0b48 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:42:45.0897 0x0b48 lltdsvc - ok
14:42:45.0913 0x0b48 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:42:45.0960 0x0b48 lmhosts - ok
14:42:46.0022 0x0b48 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:42:46.0053 0x0b48 LSI_FC - ok
14:42:46.0085 0x0b48 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:42:46.0100 0x0b48 LSI_SAS - ok
14:42:46.0100 0x0b48 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:42:46.0116 0x0b48 LSI_SAS2 - ok
14:42:46.0147 0x0b48 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:42:46.0163 0x0b48 LSI_SCSI - ok
14:42:46.0178 0x0b48 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:42:46.0225 0x0b48 luafv - ok
14:42:46.0272 0x0b48 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:42:46.0303 0x0b48 Mcx2Svc - ok
14:42:46.0334 0x0b48 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:42:46.0350 0x0b48 megasas - ok
14:42:46.0365 0x0b48 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:42:46.0381 0x0b48 MegaSR - ok
14:42:46.0506 0x0b48 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:42:46.0537 0x0b48 Microsoft Office Groove Audit Service - ok
14:42:46.0568 0x0b48 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:42:46.0599 0x0b48 MMCSS - ok
14:42:46.0615 0x0b48 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:42:46.0646 0x0b48 Modem - ok
14:42:46.0709 0x0b48 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:42:46.0740 0x0b48 monitor - ok
14:42:46.0802 0x0b48 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:42:46.0833 0x0b48 mouclass - ok
14:42:46.0896 0x0b48 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:42:46.0927 0x0b48 mouhid - ok
14:42:46.0974 0x0b48 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:42:46.0989 0x0b48 mountmgr - ok
14:42:47.0099 0x0b48 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:42:47.0130 0x0b48 MozillaMaintenance - ok
14:42:47.0192 0x0b48 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:42:47.0208 0x0b48 MpFilter - ok
14:42:47.0239 0x0b48 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:42:47.0255 0x0b48 mpio - ok
14:42:47.0301 0x0b48 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:42:47.0364 0x0b48 mpsdrv - ok
14:42:47.0457 0x0b48 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:42:47.0535 0x0b48 MpsSvc - ok
14:42:47.0582 0x0b48 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:42:47.0613 0x0b48 MRxDAV - ok
14:42:47.0660 0x0b48 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:47.0676 0x0b48 mrxsmb - ok
14:42:47.0738 0x0b48 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:47.0769 0x0b48 mrxsmb10 - ok
14:42:47.0816 0x0b48 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:47.0832 0x0b48 mrxsmb20 - ok
14:42:47.0879 0x0b48 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:42:47.0910 0x0b48 msahci - ok
14:42:47.0972 0x0b48 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:42:47.0988 0x0b48 msdsm - ok
14:42:48.0019 0x0b48 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:42:48.0035 0x0b48 MSDTC - ok
14:42:48.0097 0x0b48 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:42:48.0144 0x0b48 Msfs - ok
14:42:48.0159 0x0b48 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:42:48.0206 0x0b48 mshidkmdf - ok
14:42:48.0253 0x0b48 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:42:48.0284 0x0b48 msisadrv - ok
14:42:48.0347 0x0b48 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:42:48.0393 0x0b48 MSiSCSI - ok
14:42:48.0409 0x0b48 msiserver - ok
14:42:48.0456 0x0b48 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:42:48.0503 0x0b48 MSKSSRV - ok
14:42:48.0643 0x0b48 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:42:48.0690 0x0b48 MsMpSvc - ok
14:42:48.0705 0x0b48 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:48.0752 0x0b48 MSPCLOCK - ok
14:42:48.0752 0x0b48 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:42:48.0799 0x0b48 MSPQM - ok
14:42:48.0877 0x0b48 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:42:48.0908 0x0b48 MsRPC - ok
14:42:48.0908 0x0b48 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:42:48.0924 0x0b48 mssmbios - ok
14:42:48.0986 0x0b48 [ 966EC55988D580B9823C453781309450, 52942A68A3DE6C6A9730D27667A0AAA35B65889C37B243B83CC9B54DFAFE4A2D ] MSTAPE C:\Windows\system32\DRIVERS\mstape.sys
14:42:49.0017 0x0b48 MSTAPE - ok
14:42:49.0033 0x0b48 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:42:49.0080 0x0b48 MSTEE - ok
14:42:49.0095 0x0b48 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:42:49.0111 0x0b48 MTConfig - ok
14:42:49.0127 0x0b48 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:42:49.0142 0x0b48 Mup - ok
14:42:49.0205 0x0b48 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:42:49.0251 0x0b48 napagent - ok
14:42:49.0314 0x0b48 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:42:49.0345 0x0b48 NativeWifiP - ok
14:42:49.0439 0x0b48 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:42:49.0485 0x0b48 NDIS - ok
14:42:49.0501 0x0b48 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:42:49.0548 0x0b48 NdisCap - ok
14:42:49.0595 0x0b48 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:42:49.0626 0x0b48 NdisTapi - ok
14:42:49.0673 0x0b48 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:42:49.0704 0x0b48 Ndisuio - ok
14:42:49.0766 0x0b48 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:42:49.0813 0x0b48 NdisWan - ok
14:42:49.0860 0x0b48 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:42:49.0891 0x0b48 NDProxy - ok
14:42:49.0938 0x0b48 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:42:49.0985 0x0b48 NetBIOS - ok
14:42:50.0047 0x0b48 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:42:50.0094 0x0b48 NetBT - ok
14:42:50.0109 0x0b48 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
14:42:50.0125 0x0b48 Netlogon - ok
14:42:50.0156 0x0b48 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:42:50.0203 0x0b48 Netman - ok
14:42:50.0265 0x0b48 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0281 0x0b48 NetMsmqActivator - ok
14:42:50.0328 0x0b48 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0343 0x0b48 NetPipeActivator - ok
14:42:50.0390 0x0b48 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:42:50.0437 0x0b48 netprofm - ok
14:42:50.0484 0x0b48 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0499 0x0b48 NetTcpActivator - ok
14:42:50.0515 0x0b48 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0531 0x0b48 NetTcpPortSharing - ok
14:42:50.0749 0x0b48 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:42:50.0952 0x0b48 netw5v64 - ok
14:42:50.0999 0x0b48 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:42:51.0014 0x0b48 nfrd960 - ok
14:42:51.0077 0x0b48 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:42:51.0092 0x0b48 NisDrv - ok
14:42:51.0139 0x0b48 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:42:51.0170 0x0b48 NisSrv - ok
14:42:51.0217 0x0b48 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:42:51.0233 0x0b48 NlaSvc - ok
14:42:51.0264 0x0b48 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:42:51.0311 0x0b48 Npfs - ok
14:42:51.0326 0x0b48 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:42:51.0373 0x0b48 nsi - ok
14:42:51.0389 0x0b48 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:42:51.0420 0x0b48 nsiproxy - ok
14:42:51.0529 0x0b48 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:42:51.0591 0x0b48 Ntfs - ok
14:42:51.0607 0x0b48 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:42:51.0638 0x0b48 Null - ok
14:42:51.0701 0x0b48 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:42:51.0716 0x0b48 nvraid - ok
14:42:51.0747 0x0b48 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:42:51.0763 0x0b48 nvstor - ok
14:42:51.0794 0x0b48 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:42:51.0810 0x0b48 nv_agp - ok
14:42:51.0981 0x0b48 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:42:51.0997 0x0b48 odserv - ok
14:42:52.0075 0x0b48 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:42:52.0106 0x0b48 ohci1394 - ok
14:42:52.0215 0x0b48 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:42:52.0262 0x0b48 ose - ok
14:42:52.0293 0x0b48 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:42:52.0325 0x0b48 p2pimsvc - ok
14:42:52.0356 0x0b48 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:42:52.0387 0x0b48 p2psvc - ok
14:42:52.0403 0x0b48 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:42:52.0418 0x0b48 Parport - ok
14:42:52.0465 0x0b48 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:42:52.0512 0x0b48 partmgr - ok
14:42:52.0543 0x0b48 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
14:42:52.0559 0x0b48 PcaSvc - ok
14:42:52.0621 0x0b48 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:42:52.0652 0x0b48 pci - ok
14:42:52.0699 0x0b48 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:42:52.0715 0x0b48 pciide - ok
14:42:52.0746 0x0b48 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:42:52.0761 0x0b48 pcmcia - ok
14:42:52.0777 0x0b48 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:42:52.0793 0x0b48 pcw - ok
14:42:52.0964 0x0b48 [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
14:42:53.0011 0x0b48 PDF Architect Helper Service - ok
14:42:53.0042 0x0b48 [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
14:42:53.0073 0x0b48 PDF Architect Service - ok
14:42:53.0120 0x0b48 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:42:53.0167 0x0b48 PEAUTH - ok
14:42:53.0245 0x0b48 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:42:53.0261 0x0b48 PerfHost - ok
14:42:53.0385 0x0b48 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:42:53.0463 0x0b48 pla - ok
14:42:53.0526 0x0b48 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:42:53.0541 0x0b48 PlugPlay - ok
14:42:53.0573 0x0b48 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:42:53.0588 0x0b48 PNRPAutoReg - ok
14:42:53.0604 0x0b48 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:42:53.0635 0x0b48 PNRPsvc - ok
14:42:53.0713 0x0b48 [ 33328FA8A580885AB0065BE6DB266E9F, 645A1B1702ADB0D3F784B998CDF17524CC6C4891594AA075D538A0656BAE69B8 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
14:42:53.0729 0x0b48 Point64 - ok
14:42:53.0791 0x0b48 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:42:53.0838 0x0b48 PolicyAgent - ok
14:42:53.0869 0x0b48 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:42:53.0916 0x0b48 Power - ok
14:42:53.0978 0x0b48 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:42:54.0041 0x0b48 PptpMiniport - ok
14:42:54.0056 0x0b48 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:42:54.0072 0x0b48 Processor - ok
14:42:54.0134 0x0b48 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
14:42:54.0165 0x0b48 ProfSvc - ok
14:42:54.0165 0x0b48 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:42:54.0181 0x0b48 ProtectedStorage - ok
14:42:54.0243 0x0b48 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:42:54.0275 0x0b48 Psched - ok
14:42:54.0353 0x0b48 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:42:54.0368 0x0b48 PxHlpa64 - ok
14:42:54.0446 0x0b48 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:42:54.0493 0x0b48 ql2300 - ok
14:42:54.0524 0x0b48 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:42:54.0540 0x0b48 ql40xx - ok
14:42:54.0571 0x0b48 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:42:54.0587 0x0b48 QWAVE - ok
14:42:54.0618 0x0b48 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:42:54.0633 0x0b48 QWAVEdrv - ok
14:42:54.0649 0x0b48 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:42:54.0680 0x0b48 RasAcd - ok
14:42:54.0743 0x0b48 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:42:54.0789 0x0b48 RasAgileVpn - ok
14:42:54.0805 0x0b48 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:42:54.0852 0x0b48 RasAuto - ok
14:42:54.0899 0x0b48 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:42:54.0930 0x0b48 Rasl2tp - ok
14:42:55.0008 0x0b48 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:42:55.0055 0x0b48 RasMan - ok
14:42:55.0070 0x0b48 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:42:55.0117 0x0b48 RasPppoe - ok
14:42:55.0133 0x0b48 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:42:55.0164 0x0b48 RasSstp - ok
14:42:55.0242 0x0b48 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:42:55.0289 0x0b48 rdbss - ok
14:42:55.0320 0x0b48 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:42:55.0335 0x0b48 rdpbus - ok
14:42:55.0351 0x0b48 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:42:55.0398 0x0b48 RDPCDD - ok
14:42:55.0445 0x0b48 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:42:55.0491 0x0b48 RDPENCDD - ok
14:42:55.0507 0x0b48 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:42:55.0554 0x0b48 RDPREFMP - ok
14:42:55.0663 0x0b48 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:42:55.0694 0x0b48 RdpVideoMiniport - ok
14:42:55.0741 0x0b48 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:42:55.0772 0x0b48 RDPWD - ok
14:42:55.0850 0x0b48 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:42:55.0881 0x0b48 rdyboost - ok
14:42:55.0913 0x0b48 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:42:55.0944 0x0b48 RemoteAccess - ok
14:42:55.0975 0x0b48 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:42:56.0006 0x0b48 RemoteRegistry - ok
14:42:56.0084 0x0b48 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:42:56.0115 0x0b48 RFCOMM - ok
14:42:56.0193 0x0b48 [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:42:56.0225 0x0b48 RichVideo - ok
14:42:56.0240 0x0b48 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:42:56.0287 0x0b48 RpcEptMapper - ok
14:42:56.0287 0x0b48 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:42:56.0303 0x0b48 RpcLocator - ok
14:42:56.0396 0x0b48 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:42:56.0459 0x0b48 RpcSs - ok
14:42:56.0505 0x0b48 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:42:56.0568 0x0b48 rspndr - ok
14:42:56.0661 0x0b48 [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:42:56.0693 0x0b48 RTL8167 - ok
14:42:56.0786 0x0b48 [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
14:42:56.0833 0x0b48 RTL8187 - ok
14:42:56.0849 0x0b48 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
14:42:56.0864 0x0b48 SamSs - ok
14:42:56.0927 0x0b48 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:42:56.0942 0x0b48 sbp2port - ok
14:42:56.0989 0x0b48 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:42:57.0036 0x0b48 SCardSvr - ok
14:42:57.0083 0x0b48 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:42:57.0129 0x0b48 scfilter - ok
14:42:57.0239 0x0b48 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:42:57.0317 0x0b48 Schedule - ok
14:42:57.0363 0x0b48 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:42:57.0410 0x0b48 SCPolicySvc - ok
14:42:57.0473 0x0b48 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:42:57.0488 0x0b48 sdbus - ok
14:42:57.0535 0x0b48 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:42:57.0566 0x0b48 SDRSVC - ok
14:42:57.0613 0x0b48 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:42:57.0644 0x0b48 secdrv - ok
14:42:57.0660 0x0b48 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:42:57.0691 0x0b48 seclogon - ok
14:42:57.0722 0x0b48 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:42:57.0753 0x0b48 SENS - ok
14:42:57.0800 0x0b48 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:42:57.0816 0x0b48 SensrSvc - ok
14:42:57.0847 0x0b48 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:42:57.0894 0x0b48 Serenum - ok
14:42:57.0909 0x0b48 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:42:57.0925 0x0b48 Serial - ok
14:42:57.0972 0x0b48 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:42:57.0987 0x0b48 sermouse - ok
14:42:58.0050 0x0b48 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:42:58.0097 0x0b48 SessionEnv - ok
14:42:58.0112 0x0b48 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:42:58.0128 0x0b48 sffdisk - ok
14:42:58.0143 0x0b48 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:42:58.0159 0x0b48 sffp_mmc - ok
14:42:58.0175 0x0b48 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:42:58.0190 0x0b48 sffp_sd - ok
14:42:58.0206 0x0b48 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:42:58.0221 0x0b48 sfloppy - ok
14:42:58.0284 0x0b48 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:42:58.0331 0x0b48 SharedAccess - ok
14:42:58.0362 0x0b48 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:42:58.0409 0x0b48 ShellHWDetection - ok
14:42:58.0471 0x0b48 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:42:58.0471 0x0b48 SiSRaid2 - ok
14:42:58.0487 0x0b48 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:42:58.0502 0x0b48 SiSRaid4 - ok
14:42:58.0580 0x0b48 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:42:58.0596 0x0b48 SkypeUpdate - ok
14:42:58.0658 0x0b48 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:42:58.0705 0x0b48 Smb - ok
14:42:58.0767 0x0b48 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:42:58.0783 0x0b48 SNMPTRAP - ok
14:42:58.0845 0x0b48 [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan C:\Windows\syswow64\speedfan.sys
14:42:58.0861 0x0b48 speedfan - ok
14:42:58.0861 0x0b48 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:42:58.0877 0x0b48 spldr - ok
14:42:58.0939 0x0b48 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:42:58.0986 0x0b48 Spooler - ok
14:42:59.0142 0x0b48 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:42:59.0282 0x0b48 sppsvc - ok
14:42:59.0329 0x0b48 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:42:59.0376 0x0b48 sppuinotify - ok
14:42:59.0438 0x0b48 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:42:59.0454 0x0b48 srv - ok
14:42:59.0516 0x0b48 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:42:59.0547 0x0b48 srv2 - ok
14:42:59.0594 0x0b48 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:42:59.0625 0x0b48 SrvHsfHDA - ok
14:42:59.0688 0x0b48 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:42:59.0735 0x0b48 SrvHsfV92 - ok
14:42:59.0781 0x0b48 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:42:59.0813 0x0b48 SrvHsfWinac - ok
14:42:59.0844 0x0b48 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:42:59.0859 0x0b48 srvnet - ok
14:42:59.0891 0x0b48 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:42:59.0937 0x0b48 SSDPSRV - ok
14:42:59.0953 0x0b48 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:42:59.0984 0x0b48 SstpSvc - ok
14:43:00.0047 0x0b48 [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
14:43:00.0062 0x0b48 ss_bus - ok
14:43:00.0109 0x0b48 [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
14:43:00.0125 0x0b48 ss_mdfl - ok
14:43:00.0140 0x0b48 [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
14:43:00.0156 0x0b48 ss_mdm - ok
14:43:00.0312 0x0b48 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
14:43:00.0343 0x0b48 STacSV - ok
14:43:00.0359 0x0b48 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:43:00.0374 0x0b48 stexstor - ok
14:43:00.0452 0x0b48 [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:43:00.0499 0x0b48 STHDA - ok
14:43:00.0608 0x0b48 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:43:00.0639 0x0b48 stisvc - ok
14:43:00.0702 0x0b48 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:43:00.0717 0x0b48 swenum - ok
14:43:00.0905 0x0b48 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:43:00.0936 0x0b48 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:43:00.0936 0x0b48 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:43:00.0983 0x0b48 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:43:01.0045 0x0b48 swprv - ok
14:43:01.0139 0x0b48 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:43:01.0185 0x0b48 SynTP - ok
14:43:01.0310 0x0b48 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:43:01.0388 0x0b48 SysMain - ok
14:43:01.0435 0x0b48 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:43:01.0466 0x0b48 TabletInputService - ok
14:43:01.0887 0x0b48 [ B9E475AB1AABB21F278EA74965F918B9, 7563C990E44954190BCD796174D1E4636319F6D799B2EE1362D27604C3C0F89F ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
14:43:02.0106 0x0b48 TabletServiceWacom - ok
14:43:02.0184 0x0b48 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:43:02.0231 0x0b48 TapiSrv - ok
14:43:02.0277 0x0b48 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:43:02.0340 0x0b48 TBS - ok
14:43:02.0558 0x0b48 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:43:02.0621 0x0b48 Tcpip - ok
14:43:02.0745 0x0b48 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:43:02.0808 0x0b48 TCPIP6 - ok
14:43:02.0901 0x0b48 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:43:02.0933 0x0b48 tcpipreg - ok
14:43:02.0995 0x0b48 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:43:03.0011 0x0b48 TDPIPE - ok
14:43:03.0057 0x0b48 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:43:03.0089 0x0b48 TDTCP - ok
14:43:03.0135 0x0b48 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:43:03.0198 0x0b48 tdx - ok
14:43:03.0245 0x0b48 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:43:03.0276 0x0b48 TermDD - ok
14:43:03.0338 0x0b48 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
14:43:03.0385 0x0b48 TermService - ok
14:43:03.0447 0x0b48 [ FA5BFB71E561D279EDAE7E118435C1C9, 8010CEB7A06B9EEED425BD7048411A1BCB70975CF53974E0E0914B9D34AA98A3 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
14:43:03.0479 0x0b48 TfFsMon - ok
14:43:03.0510 0x0b48 [ FA8400D74345EC4BF10E476CA0AAA2DF, 1F600075736083491ADDBBF75ED7A95757B8A3FF123B36190F0DA154B121C9D7 ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
14:43:03.0525 0x0b48 TfNetMon - ok
14:43:03.0572 0x0b48 [ F11AA1A704A4C027E5E8E0F355523834, 235150D847D07BC6B11282C01243EBD01570FA079A2798CACC34F8DFE6BEBC00 ] TfSysMon C:\Windows\system32\drivers\TfSysMon.sys
14:43:03.0603 0x0b48 TfSysMon - ok
14:43:03.0635 0x0b48 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:43:03.0666 0x0b48 Themes - ok
14:43:03.0697 0x0b48 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:43:03.0728 0x0b48 THREADORDER - ok
14:43:03.0744 0x0b48 ThreatFire - ok
14:43:03.0837 0x0b48 [ B8F4A8AFFAAE521A20E8D2AF3F487124, F5B03312337AA0BE75F8EE26FEFDE25C0013A5E5BD33EC1AF85C33C6E75829EA ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
14:43:03.0853 0x0b48 TouchServiceWacom - ok
14:43:03.0869 0x0b48 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:43:03.0915 0x0b48 TrkWks - ok
14:43:03.0978 0x0b48 [ C6A1A2B4E8A7B92C11CA038369BD7DBE, DD8176FECD8034734995CCA62EF392804FCF9E7F1286D2FFDAFDBF2403161C0C ] truecrypt C:\Windows\syswow64\drivers\truecrypt.sys
14:43:04.0009 0x0b48 truecrypt - ok
14:43:04.0087 0x0b48 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:43:04.0149 0x0b48 TrustedInstaller - ok
14:43:04.0196 0x0b48 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:43:04.0212 0x0b48 tssecsrv - ok
14:43:04.0243 0x0b48 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:43:04.0259 0x0b48 TsUsbFlt - ok
14:43:04.0305 0x0b48 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:43:04.0352 0x0b48 tunnel - ok
14:43:04.0383 0x0b48 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:43:04.0399 0x0b48 uagp35 - ok
14:43:04.0477 0x0b48 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:43:04.0508 0x0b48 udfs - ok
14:43:04.0555 0x0b48 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:43:04.0571 0x0b48 UI0Detect - ok
14:43:04.0617 0x0b48 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:43:04.0633 0x0b48 uliagpkx - ok
14:43:04.0695 0x0b48 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:43:04.0711 0x0b48 umbus - ok
14:43:04.0773 0x0b48 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:43:04.0789 0x0b48 UmPass - ok
14:43:04.0820 0x0b48 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:43:04.0867 0x0b48 upnphost - ok
14:43:04.0929 0x0b48 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:43:04.0945 0x0b48 usbaudio - ok
14:43:04.0992 0x0b48 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:43:05.0007 0x0b48 usbccgp - ok
14:43:05.0054 0x0b48 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:43:05.0070 0x0b48 usbcir - ok
14:43:05.0117 0x0b48 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:43:05.0132 0x0b48 usbehci - ok
14:43:05.0179 0x0b48 [ 44D9C773FEBFF10593B50DDFC2D6BC27, 17D76961C77476FAFC4487C03A9748C378FA7C3858F764DD87B4B127504E7E1F ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:43:05.0195 0x0b48 usbfilter - ok
14:43:05.0241 0x0b48 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:43:05.0273 0x0b48 usbhub - ok
14:43:05.0288 0x0b48 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:43:05.0304 0x0b48 usbohci - ok
14:43:05.0366 0x0b48 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:43:05.0382 0x0b48 usbprint - ok
14:43:05.0444 0x0b48 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
14:43:05.0460 0x0b48 usbscan - ok
14:43:05.0460 0x0b48 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:43:05.0475 0x0b48 USBSTOR - ok
14:43:05.0507 0x0b48 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:43:05.0522 0x0b48 usbuhci - ok
14:43:05.0553 0x0b48 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:43:05.0569 0x0b48 usbvideo - ok
14:43:05.0600 0x0b48 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:43:05.0647 0x0b48 UxSms - ok
14:43:05.0694 0x0b48 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
14:43:05.0709 0x0b48 VaultSvc - ok
14:43:05.0756 0x0b48 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:43:05.0772 0x0b48 vdrvroot - ok
14:43:05.0834 0x0b48 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:43:05.0881 0x0b48 vds - ok
14:43:05.0912 0x0b48 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:43:05.0928 0x0b48 vga - ok
14:43:05.0943 0x0b48 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:43:05.0990 0x0b48 VgaSave - ok
14:43:06.0037 0x0b48 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:43:06.0053 0x0b48 vhdmp - ok
14:43:06.0115 0x0b48 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:43:06.0131 0x0b48 viaide - ok
14:43:06.0193 0x0b48 [ 1562A089B46C821487AFF8D01EE5547E, D033AF4C8EAFFB1860DDB71A15FE300BB387385F35B95364763A0821CD769988 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
14:43:06.0209 0x0b48 VMAuthdService - detected UnsignedFile.Multi.Generic ( 1 )
14:43:06.0209 0x0b48 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
14:43:06.0209 0x0b48 Force sending object to P2P due to detect: VMAuthdService
14:43:06.0209 0x0b48 Object send P2P result: false
14:43:06.0255 0x0b48 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4, ED1B1B1DDEAA776E3CBFFDE4B8FC7FDD44A6DECEE8DEFC96EAFBFAB1ADF68A29 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
14:43:06.0287 0x0b48 vmci - ok
14:43:06.0349 0x0b48 [ DE41918B7ABAE9056EB1E62540D229D3, 4F17B24F1B8AA60DB141ABCBCEBE7F9D60CF9A7A8DB03269920062931758D96F ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
14:43:06.0349 0x0b48 vmkbd - ok
14:43:06.0411 0x0b48 [ B259C31378BC855AFD1B53F59311C251, 5FEDEC6EBA72652B89F57E275B25CC6333BE78FB2B74DEADDD588CE1089DCE89 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:43:06.0427 0x0b48 VMnetAdapter - ok
14:43:06.0474 0x0b48 [ DEC4CE720FFEDA939CF1BA315CFBD993, B06BB836B824FC682F5FD84E1D6B313A4E99089A5CED2C14CC721D172C1E3C51 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:43:06.0489 0x0b48 VMnetBridge - ok
14:43:06.0521 0x0b48 VMnetDHCP - ok
14:43:06.0552 0x0b48 [ 41F8BFC7A658FF4FA27AC10E9C5D14A7, EB84709E4BC614812DEC9DBE3A98220B6BB38DC3E44FD8B0DA5C27445554F1AE ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
14:43:06.0567 0x0b48 VMnetuserif - ok
14:43:06.0630 0x0b48 [ 415B167695C4B5960A13098622EF3D80, E68AE845A6967E68FB22EB0F4D95631D041DA906801202F7662B22EAD34B2371 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
14:43:06.0661 0x0b48 vmusb - ok
14:43:06.0786 0x0b48 [ 18903CA7936912C337C9D28858880CF2, 6A3CF68E62AAF7DC22A299ADF7037D408CEB554BC36CD72C4C37AFEA16B84915 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
14:43:06.0817 0x0b48 VMUSBArbService - ok
14:43:06.0848 0x0b48 VMware NAT Service - ok
14:43:07.0285 0x0b48 [ 09895634295862AE7087C08BBF17B346, C5759AA26E47559C81E11C6D869339C538086A6C4538EEB43974A9DD7B54B483 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
14:43:07.0675 0x0b48 VMwareHostd - detected UnsignedFile.Multi.Generic ( 1 )
14:43:07.0675 0x0b48 VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
14:43:07.0769 0x0b48 [ 61B270C2437EE87455864E4EEDD8867D, 9E0E18A78E839F2722BFC821CFA25D9E4D6FD48BE1A5EAEB3FB644A0D14E0B51 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
14:43:07.0815 0x0b48 vmx86 - ok
14:43:07.0878 0x0b48 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:43:07.0893 0x0b48 volmgr - ok
14:43:07.0971 0x0b48 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:43:08.0003 0x0b48 volmgrx - ok
14:43:08.0034 0x0b48 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:43:08.0049 0x0b48 volsnap - ok
14:43:08.0112 0x0b48 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:43:08.0127 0x0b48 vsmraid - ok
14:43:08.0268 0x0b48 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:43:08.0361 0x0b48 VSS - ok
14:43:08.0424 0x0b48 [ 6107E33A30C0B923F31C872E1980D2D1, 5094C193997CDD50EEB15CB7AF96F2106BDE0BC675FDF83D7C3CE3F7299EE286 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
14:43:08.0439 0x0b48 vstor2-mntapi10-shared - ok
14:43:08.0455 0x0b48 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:43:08.0471 0x0b48 vwifibus - ok
14:43:08.0486 0x0b48 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:43:08.0502 0x0b48 vwififlt - ok
14:43:08.0549 0x0b48 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:43:08.0564 0x0b48 vwifimp - ok
14:43:08.0642 0x0b48 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:43:08.0705 0x0b48 W32Time - ok
14:43:08.0783 0x0b48 [ FE75777289278A4941FE6139E82B3BD9, 4B0F3117C7D905240DB54EEE376404757258051CC5F8F312CAF748E1811368C6 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
14:43:08.0798 0x0b48 wacmoumonitor - ok
14:43:08.0861 0x0b48 [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
14:43:08.0876 0x0b48 wacommousefilter - ok
14:43:08.0907 0x0b48 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:43:08.0923 0x0b48 WacomPen - ok
14:43:08.0939 0x0b48 [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
14:43:08.0954 0x0b48 wacomvhid - ok
14:43:09.0017 0x0b48 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:43:09.0079 0x0b48 WANARP - ok
14:43:09.0079 0x0b48 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:43:09.0126 0x0b48 Wanarpv6 - ok
14:43:09.0251 0x0b48 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:43:09.0313 0x0b48 WatAdminSvc - ok
14:43:09.0469 0x0b48 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:43:09.0531 0x0b48 wbengine - ok
14:43:09.0594 0x0b48 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:43:09.0609 0x0b48 WbioSrvc - ok
14:43:09.0687 0x0b48 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:43:09.0719 0x0b48 wcncsvc - ok
14:43:09.0734 0x0b48 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:43:09.0750 0x0b48 WcsPlugInService - ok
14:43:09.0765 0x0b48 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:43:09.0781 0x0b48 Wd - ok
14:43:09.0875 0x0b48 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:43:09.0921 0x0b48 Wdf01000 - ok
14:43:09.0968 0x0b48 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:43:10.0015 0x0b48 WdiServiceHost - ok
14:43:10.0015 0x0b48 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:43:10.0031 0x0b48 WdiSystemHost - ok
14:43:10.0109 0x0b48 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:43:10.0140 0x0b48 WebClient - ok
14:43:10.0171 0x0b48 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:43:10.0218 0x0b48 Wecsvc - ok
14:43:10.0233 0x0b48 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:43:10.0280 0x0b48 wercplsupport - ok
14:43:10.0296 0x0b48 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:43:10.0343 0x0b48 WerSvc - ok
14:43:10.0374 0x0b48 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:43:10.0405 0x0b48 WfpLwf - ok
14:43:10.0421 0x0b48 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:43:10.0436 0x0b48 WIMMount - ok
14:43:10.0467 0x0b48 WinDefend - ok
14:43:10.0499 0x0b48 WinHttpAutoProxySvc - ok
14:43:10.0577 0x0b48 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:43:10.0639 0x0b48 Winmgmt - ok
14:43:10.0779 0x0b48 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
14:43:10.0873 0x0b48 WinRM - ok
14:43:10.0967 0x0b48 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:43:11.0013 0x0b48 WinUsb - ok
14:43:11.0091 0x0b48 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:43:11.0138 0x0b48 Wlansvc - ok
14:43:11.0185 0x0b48 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:43:11.0201 0x0b48 WmiAcpi - ok
14:43:11.0232 0x0b48 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:43:11.0247 0x0b48 wmiApSrv - ok
14:43:11.0310 0x0b48 WMPNetworkSvc - ok
14:43:11.0325 0x0b48 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:43:11.0357 0x0b48 WPCSvc - ok
14:43:11.0403 0x0b48 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:43:11.0435 0x0b48 WPDBusEnum - ok
14:43:11.0466 0x0b48 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:43:11.0497 0x0b48 ws2ifsl - ok
14:43:11.0513 0x0b48 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:43:11.0544 0x0b48 wscsvc - ok
14:43:11.0544 0x0b48 WSearch - ok
14:43:11.0684 0x0b48 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
14:43:11.0762 0x0b48 wuauserv - ok
14:43:11.0809 0x0b48 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:43:11.0825 0x0b48 WudfPf - ok
14:43:11.0903 0x0b48 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:43:11.0918 0x0b48 WUDFRd - ok
14:43:11.0934 0x0b48 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:43:11.0949 0x0b48 wudfsvc - ok
14:43:12.0012 0x0b48 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:43:12.0027 0x0b48 WwanSvc - ok
14:43:12.0105 0x0b48 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:43:12.0137 0x0b48 yukonw7 - ok
14:43:12.0293 0x0b48 ================ Scan global ===============================
14:43:12.0324 0x0b48 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:43:12.0386 0x0b48 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:43:12.0417 0x0b48 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:43:12.0433 0x0b48 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:43:12.0480 0x0b48 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:43:12.0495 0x0b48 [ Global ] - ok
14:43:12.0495 0x0b48 ================ Scan MBR ==================================
14:43:12.0511 0x0b48 [ BC7BF3BD0ABC8DCFC8F335FCAEC7E15E ] \Device\Harddisk0\DR0
14:43:12.0839 0x0b48 \Device\Harddisk0\DR0 - ok
14:43:12.0839 0x0b48 [ 0958E97B3AB14A63B915EFE6013A9D24 ] \Device\Harddisk1\DR2
14:43:12.0995 0x0b48 \Device\Harddisk1\DR2 - ok
14:43:12.0995 0x0b48 ================ Scan VBR ==================================
14:43:12.0995 0x0b48 [ 96915FB0A803DAF81897552E957CA8BD ] \Device\Harddisk0\DR0\Partition1
14:43:12.0995 0x0b48 \Device\Harddisk0\DR0\Partition1 - ok
14:43:12.0995 0x0b48 [ 071EF073644F02EAEE0501641588CA11 ] \Device\Harddisk0\DR0\Partition2
14:43:13.0010 0x0b48 \Device\Harddisk0\DR0\Partition2 - ok
14:43:13.0010 0x0b48 [ 8229F4BBEEBAB2F3265478B28DF7D0CF ] \Device\Harddisk0\DR0\Partition3
14:43:13.0010 0x0b48 \Device\Harddisk0\DR0\Partition3 - ok
14:43:13.0010 0x0b48 [ C25E8DBA3C450EE68047002D200055CC ] \Device\Harddisk0\DR0\Partition4
14:43:13.0010 0x0b48 \Device\Harddisk0\DR0\Partition4 - ok
14:43:13.0026 0x0b48 [ 27253B394F8C2A1EB464170554D08B83 ] \Device\Harddisk1\DR2\Partition1
14:43:13.0026 0x0b48 \Device\Harddisk1\DR2\Partition1 - ok
14:43:13.0026 0x0b48 ================ Scan generic autorun ======================
14:43:13.0026 0x0b48 SynTPEnh - ok
14:43:13.0104 0x0b48 [ 59E58A7A5388E00BB4347AEBBDCC84FE, 9B06344F13C8F8831549410B78E084BFEA9EC2E181ECA49FF9586424999CE758 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
14:43:13.0135 0x0b48 SmartMenu - ok
14:43:13.0291 0x0b48 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:43:13.0322 0x0b48 AdobeAAMUpdater-1.0 - ok
14:43:13.0385 0x0b48 [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
14:43:13.0416 0x0b48 SysTrayApp - ok
14:43:13.0587 0x0b48 [ 0080231EC57D26B380F630CC790DAB85, CA59ED2E67D03C70A77AB0D605C6172B72B8238A42425D0F75C1C891DB89FF9A ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
14:43:13.0650 0x0b48 IntelliPoint - ok
14:43:13.0790 0x0b48 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
14:43:13.0853 0x0b48 MSC - ok
14:43:13.0915 0x0b48 [ E29DD25C9AAC2C5D626F0DF8A6A9468B, A39471F13A39FF0E82778CAFD01D51C35FE10F12FC21BDAD837C93F9FD72D46C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:43:13.0931 0x0b48 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
14:43:13.0931 0x0b48 StartCCC ( UnsignedFile.Multi.Generic ) - warning
14:43:13.0931 0x0b48 Force sending object to P2P due to detect: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:43:13.0931 0x0b48 Object send P2P result: false
14:43:13.0993 0x0b48 [ 019D774B725DCFD9A188F07764A32214, D9926C2664754AB2FED379AE203A8D290C65FA78518B37385642F8D654EC011E ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
14:43:14.0009 0x0b48 QlbCtrl.exe - ok
14:43:14.0040 0x0b48 [ 15657931FB7CA61FA1B72B955E1799E7, 1B25DFE965CC6BB59817097A37ABE77A3B27269915FFA64B16F9ABF65F511FF9 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
14:43:14.0055 0x0b48 Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
14:43:14.0055 0x0b48 Easybits Recovery ( UnsignedFile.Multi.Generic ) - warning
14:43:14.0087 0x0b48 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
14:43:14.0087 0x0b48 HP Software Update - ok
14:43:14.0227 0x0b48 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:43:14.0274 0x0b48 Sidebar - ok
14:43:14.0321 0x0b48 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:43:14.0336 0x0b48 mctadmin - ok
14:43:14.0383 0x0b48 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:43:14.0430 0x0b48 Sidebar - ok
14:43:14.0430 0x0b48 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:43:14.0461 0x0b48 mctadmin - ok
14:43:14.0539 0x0b48 [ A5F78606A9BA8F0C4C8FF9DED6ED5107, 57583EFF4FBC0B31A47ED6C7BC58E575470F9BF4F12D8E05648507ACA6741965 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
14:43:14.0601 0x0b48 HPADVISOR - ok
14:43:14.0648 0x0b48 Mobile Partner - ok
14:43:14.0773 0x0b48 [ E02E715FA2BC8D88FF9362374E309D76, A10E4D4B02F147A38364A2DEBF9691771BD381B8FC1E672EF96C0509DD919EDE ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
14:43:14.0851 0x0b48 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
14:43:14.0851 0x0b48 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - warning
14:43:14.0867 0x0b48 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
14:43:14.0882 0x0b48 Win FW state via NFP2: enabled
14:43:14.0882 0x0b48 ============================================================
14:43:14.0882 0x0b48 Scan finished
14:43:14.0882 0x0b48 ============================================================
14:43:14.0898 0x1680 Detected object count: 7
14:43:14.0898 0x1680 Actual detected object count: 7
14:50:07.0529 0x1680 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0529 0x1680 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0529 0x1680 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0529 0x1680 VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680 VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0544 0x1680 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0544 0x1680 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0544 0x1680 Easybits Recovery ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0544 0x1680 Easybits Recovery ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0544 0x1680 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0544 0x1680 LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - User select action: Skip
Die mir angezeigten Funde (die ja auch am Ende vom Log aufgezählt werden) hab ich mir alle angesehen. Weiss nat. nicht ob die malware sind oder nicht - die waren alle als "unsigned file" gekennzeichnet - und als "medium risk" angegeben. Dass manche Softwareherstelle manchmal schlampen bei den "Signatures" kommt vor oder? Jedenfalls sind die alle auf dem System plausibel weil die dazugehörige Software tatsächlich installiert wurde. Aber ob die manipuliert sind - weiss ich nat. nicht. Zu meinen Symptomen: Wie gesagt waren es ja die 3 emails die in 3 Konten bei unterschiedlichen Provider eingegangen sind. Hab ich mir nohcmal angeschaut: Sind alle 3 innerhalb von 15 Minuten verschickt worden. Es ist nat. nicht ganz auszuschliessen das irgendein emai-harvest-bot (oder wie nennt man sowas) emailverkehr von mir irgendwann abgefangen hat und damit an diese emailadressen gekommen ist. Ich mache im Jahr ca. 4 Aussendungen an alle - vor Jahren is ein mal passiert, dass ich die Empfänger irrtümlich nicht im BCC hatte sondern im CC - das könnte damals nat. irgendwo gelandet sein. Ev. waren da alle 5 Adressen dabei (meine 3 email Konten, die gefälschte Absenderin - eine Freundin von mir, die email-liste zu der ich gehöre die aber sonst serh unbekannt ist und nur einem kleinen Kreis gehört). Oder falls irgendwer/etwas bei meinen letzten Aussendungen schon am Weg zu meinem SMTP-Server die Adressen abgegriffen hat. DANN WÄRS EV MÖGLICH DASS DIESE EMAIL AUCH OHNE MALWARE DIE AUF MEINEM LAPTOP LÄUFT ERKLÄRBAR WÄRE. Servus aus Wien und DANKE !!!! |
|
10.11.2014, 10:22
| #6 |
| /// the machine /// TB-Ausbilder | Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen Rechner ist sauber. Ich tippe auf Spoofing oder einfach Konto gehackt.
__________________ --> Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen |
|
11.11.2014, 13:12
| #7 |
| | Vielen DANK!! Danke für Deine Hilfe. Falls ich nochmal Fragen habe zu diesem Problem - also wos keinen Sinn macht einen neuen Thread zu beginnen - dürft ich mcih dann an Dich wenden? Und falls das OK ist - wie am besten - nochmal hier als Antwort? PN ist ja glaub ich nicht erwünscht. Ich geh jetzt nochmal genau die involvierten emails und Adressen durch. Kam alles nach Juni 2014. Servus aus Wien. |
|
12.11.2014, 10:21
| #8 |
| /// the machine /// TB-Ausbilder | Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen Einfach hier rein schreiben, ich seh das dann
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen |
| adware, bccode: 109, bccode: 109 0x00000109, bingbar, bluescreens, branding, browser, converter, desktop, device driver, excel, fehlercode 0x00000109, fehlercode 0xc0000094, fehlercode 109, flash player, hängen, installation, launch, malware, mozilla, registry, scan, server, software, spamversand, system, tablet, warum, win7 64bit, windows |
Linear-Darstellung
