| |
| |||||||
Log-Analyse und Auswertung: Bluescreen und langsamer PC nach anklicken von 1&1 phishing MailWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.12.2014, 22:20
| #1 |
| |  Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Hallo, ich habe vor ein paar Tagen eine 1&1 Email bekommen, die sich als Phishing Mail herausgestellt hat. Blöderweise habe ich den link in der mail angeklickt. Dann hat nur etwas geflasht, nichts ist aber sichtbar passiert. Ich habe aber bemerkt, daß der Rechner die Tage danach langsamer geworden ist, manchmal eingefroren und als ich dann noch einen bluescreen bekam habe ich den Netzstecker gezogen. Ich habe mir hier nach Eurer Anleitung die log files erstellt (defogger, frst, gmer), die ich im Folgenden poste. Ich bin mir nicht sicher, was ich mir hier eingefangen habe, daher hoffe ich auf Eure Hilfe. Ich bin mit meinem Laptop bis jetzt nicht mehr online gegangen, weil ich den Schaden erst beheben möchte. Ich hoffe ihr könnt mir helfen. Außer den Logfiles habe ich bisher noch nichts unternommen. Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:30 on 28/11/2014 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by **** at 2014-11-29 20:15:12
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDB_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.37268 - Ask.com) <==== ATTENTION
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon RAW Codec (HKLM\...\Canon RAW Codec) (Version: 1.11.0.75 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
EOS USB WIA Driver (HKLM\...\EOS USB WIA Driver) (Version: 6.0.0.4 - )
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Fotosizer 2.08 (HKLM\...\Fotosizer) (Version: 2.08.0.545 - Fotosizer.com)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Home Media Center (HKLM\...\{9E3F5348-136A-4FBC-A8D4-D0B6DB871AD4}) (Version: 2.7.0 - Tomáš Pšenák)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.6 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SopCast 3.8.2 (HKLM\...\SopCast) (Version: 3.8.2 - www.sopcast.com)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VU5x86 (Version: 1.1.0 - Sony Corporation ) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
==================== Loaded Modules (whitelisted) =============
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-26 14:53 - 2014-11-26 14:53 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Admin (S-1-5-21-1638528110-3385496625-2341026817-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1638528110-3385496625-2341026817-500 - Administrator - Disabled)
Gast (S-1-5-21-1638528110-3385496625-2341026817-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1638528110-3385496625-2341026817-1002 - Limited - Enabled)
**** (S-1-5-21-1638528110-3385496625-2341026817-1000 - Limited - Enabled) => C:\Users\****
==================== Faulty Device Manager Devices =============
Name: Officejet 6300 series
Description: Officejet 6300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/29/2014 07:50:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/28/2014 09:13:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/28/2014 11:39:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2231
Error: (11/28/2014 11:39:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2231
Error: (11/28/2014 11:39:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2014 11:39:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1186
Error: (11/28/2014 11:39:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1186
Error: (11/28/2014 11:39:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2014 07:50:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/27/2014 07:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5382
System errors:
=============
Error: (11/28/2014 09:12:30 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001a (0x00041287, 0x00000024, 0x00000000, 0x00000000)C:\Windows\MEMORY.DMP112814-24117-01
Error: (11/28/2014 09:12:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.11.2014 um 21:10:44 unerwartet heruntergefahren.
Error: (11/28/2014 03:15:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/28/2014 03:15:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/28/2014 03:15:58 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/28/2014 03:15:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/28/2014 03:15:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/28/2014 03:15:57 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/28/2014 03:15:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.
Error: (11/28/2014 02:48:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) Duo CPU T2250 @ 1.73GHz
Percentage of memory in use: 41%
Total physical RAM: 2038.18 MB
Available physical RAM: 1186.52 MB
Total Pagefile: 4076.36 MB
Available Pagefile: 2896.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:326.21 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by **** (ATTENTION: The logged in user is not administrator) on ****-PC on 29-11-2014 20:14:17
Running from C:\Users\****\Desktop
Loaded Profile: **** (Available profiles: **** & Admin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2013-03-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2013-03-06] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA2B9320C9819CE01
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKU\S-1-5-21-1638528110-3385496625-2341026817-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKU\S-1-5-21-1638528110-3385496625-2341026817-1000 -> {0D5D3AA0-47A0-4354-A6A3-3837F344D6FB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=6173485f-7a53-48e0-a13e-41ffa4f7d4e2&apn_sauid=B089D1FC-6801-4992-A972-C62442CB47E6
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\25ccy1o0.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\25ccy1o0.default\Extensions\abs@avira.com [2014-11-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-04]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [957056 2012-10-26] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-02] (Avira Operations GmbH & Co. KG)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-17] (Avira GmbH)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [227328 2013-03-06] (Texas Instruments)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-29 20:14 - 2014-11-29 20:14 - 00009545 _____ () C:\Users\****\Desktop\FRST.txt
2014-11-29 20:13 - 2014-11-29 20:14 - 00000000 ____D () C:\FRST
2014-11-29 20:13 - 2014-11-29 20:12 - 01109504 _____ (Farbar) C:\Users\****\Desktop\FRST.exe
2014-11-29 20:11 - 2014-11-29 20:09 - 02117632 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-11-28 22:30 - 2014-11-28 22:31 - 00000472 _____ () C:\Users\****\Desktop\defogger_disable.log
2014-11-28 22:30 - 2014-11-28 22:30 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-11-28 22:29 - 2014-11-28 22:23 - 00380416 _____ () C:\Users\****\Desktop\Gmer-19357.exe
2014-11-28 22:29 - 2014-11-28 22:21 - 00050477 _____ () C:\Users\****\Desktop\Defogger.exe
2014-11-28 21:12 - 2014-11-28 21:12 - 186265379 _____ () C:\Windows\MEMORY.DMP
2014-11-28 21:12 - 2014-11-28 21:12 - 00000000 ____D () C:\Windows\Minidump
2014-11-26 14:53 - 2014-11-26 14:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-22 19:52 - 2014-11-22 19:52 - 00000000 ____D () C:\Users\****\.dvdcss
2014-11-21 22:35 - 2014-11-22 21:37 - 00000000 ____D () C:\ProgramData\PMS
2014-11-21 22:35 - 2014-11-21 22:35 - 00000964 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
2014-11-21 22:35 - 2014-11-21 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-11-21 22:35 - 2014-11-21 22:35 - 00000000 ____D () C:\Program Files\PS3 Media Server
2014-11-21 22:33 - 2014-11-21 22:34 - 00000000 ____D () C:\Users\Admin\Downloads\pms-1.90.1-setup-full
2014-11-21 22:31 - 2014-11-21 22:33 - 107506905 _____ () C:\Users\Admin\Downloads\pms-1.90.1-setup-full.zip
2014-11-21 22:29 - 2014-11-21 22:29 - 01125200 _____ () C:\Users\****\Downloads\PS3 Media Server - CHIP-Installer.exe
2014-11-21 21:53 - 2014-11-21 21:58 - 00000000 ____D () C:\Users\****\AppData\Roaming\Home Media Center
2014-11-21 21:53 - 2014-11-21 21:53 - 00003041 _____ () C:\Users\****\Desktop\Home Media Center.lnk
2014-11-21 21:53 - 2014-11-21 21:53 - 00003001 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Media Center.lnk
2014-11-21 21:53 - 2014-11-21 21:53 - 00000100 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-11-21 21:53 - 2014-11-21 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-11-21 21:53 - 2014-11-21 21:53 - 00000000 ____D () C:\Program Files\Home Media Center
2014-11-21 21:53 - 2014-11-21 21:53 - 00000000 ____D () C:\Program Files\ffdshow
2014-11-21 21:53 - 2014-02-09 20:36 - 00112640 _____ () C:\Windows\system32\ff_vfw.dll
2014-11-21 21:51 - 2014-11-21 21:52 - 27667063 _____ () C:\Users\****\Downloads\HomeMediaCenterSetupX86.exe
2014-11-21 21:44 - 2014-11-21 21:45 - 19282712 _____ (PacketVideo) C:\Users\****\Downloads\42pfl6007k_12_wtm_.exe
2014-11-21 21:24 - 2014-11-21 21:24 - 00000000 ____D () C:\Users\****\AppData\Roaming\TwonkyMedia
2014-11-21 21:05 - 2014-11-21 21:37 - 00000000 ____D () C:\ProgramData\twonkyclient
2014-11-21 21:03 - 2014-11-21 21:03 - 00000011 _____ () C:\ProgramData\.tv7
2014-11-21 21:01 - 2014-11-21 21:01 - 19282712 _____ (PacketVideo) C:\Users\****\Downloads\32pfl5507k_12_wtm_.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-29 20:14 - 2010-11-20 22:01 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-29 20:03 - 2013-02-18 21:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-29 19:57 - 2009-07-14 05:34 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-29 19:57 - 2009-07-14 05:34 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-29 19:53 - 2013-02-16 18:12 - 01729614 _____ () C:\Windows\WindowsUpdate.log
2014-11-29 19:49 - 2013-06-29 11:27 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-29 19:49 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-29 19:49 - 2009-07-14 05:39 - 00051594 _____ () C:\Windows\setupact.log
2014-11-28 22:30 - 2013-02-17 13:02 - 00000000 ____D () C:\Users\Admin
2014-11-28 22:17 - 2013-06-29 11:27 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-28 21:12 - 2013-02-16 21:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-27 19:48 - 2010-11-20 22:48 - 00074072 _____ () C:\Windows\PFRO.log
2014-11-26 19:56 - 2013-02-18 21:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 19:56 - 2013-02-18 21:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-22 19:52 - 2013-02-16 18:46 - 00000000 ____D () C:\Users\****
2014-11-21 22:23 - 2013-03-12 23:23 - 00000000 ____D () C:\Users\****\AppData\Roaming\vlc
2014-11-21 22:10 - 2010-11-21 01:46 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-18 21:03 - 2013-02-18 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-16 10:43 - 2014-09-26 20:40 - 00241120 _____ () C:\Users\****\Documents\offcejet
2014-11-07 11:01 - 2014-08-18 08:05 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-07 11:00 - 2014-09-12 20:07 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 11:00 - 2013-02-17 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 11:00 - 2013-02-17 16:48 - 00000000 ____D () C:\Program Files\Avira
2014-11-03 15:34 - 2009-07-14 05:53 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-30 10:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe
C:\Users\****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpygjeer.dll
C:\Users\****\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\****\AppData\Local\Temp\jna2742885216751578482.dll
C:\Users\****\AppData\Local\Temp\jna7240504456644862758.dll
C:\Users\****\AppData\Local\Temp\jna7372095625293796002.dll
C:\Users\****\AppData\Local\Temp\mpegc.dll
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-12-12 21:28:08
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD5000LPVT-22G33T0 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\axdiifow.sys
---- System - GMER 2.1 ----
SSDT 8DDAA94E ZwCreateSection
SSDT 8DDAA958 ZwRequestWaitReplyPort
SSDT 8DDAA953 ZwSetContextThread
SSDT 8DDAA95D ZwSetSecurityObject
SSDT 8DDAA962 ZwSystemDebugControl
SSDT 8DDAA8EF ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82C4CA15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C86212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82C8D58C 4 Bytes [4E, A9, DA, 8D]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82C8D8E8 4 Bytes [58, A9, DA, 8D]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82C8D92C 4 Bytes [53, A9, DA, 8D]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82C8D9A8 4 Bytes [5D, A9, DA, 8D]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82C8D9FC 4 Bytes JMP DAA96282
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- EOF - GMER 2.1 ----
Ich bedanke mich schon jetzt für Eure Hilfe uns warte auf eine Antwort, damit ich weiß wie ich weiter vorgehen soll. Herzlichen Dank Viele Grüße Frank |
|
12.12.2014, 22:43
| #2 |
| /// the machine /// TB-Ausbilder    | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail hi,
__________________unsere Tools brauchen immer Adminrechte!! Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
14.12.2014, 00:04
| #3 |
| | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Hallo,
__________________vielen Dank für die schnelle Antwort. Ich habe den Rechner als Admin gestartet und die Punkte unten durchgeführt. Revo Uninstaller hat kein Avira SearchFree Toolbar angezeigt?!? Ich bin dann zu TDSS übergegangen. Log File ist folgendes: Code:
ATTFilter 23:18:05.0373 0x165c TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
23:18:44.0186 0x165c ============================================================
23:18:44.0186 0x165c Current date / time: 2014/12/13 23:18:44.0186
23:18:44.0186 0x165c SystemInfo:
23:18:44.0186 0x165c
23:18:44.0186 0x165c OS Version: 6.1.7601 ServicePack: 1.0
23:18:44.0186 0x165c Product type: Workstation
23:18:44.0186 0x165c ComputerName: ****-PC
23:18:44.0202 0x165c UserName: Admin
23:18:44.0202 0x165c Windows directory: C:\Windows
23:18:44.0202 0x165c System windows directory: C:\Windows
23:18:44.0202 0x165c Processor architecture: Intel x86
23:18:44.0202 0x165c Number of processors: 2
23:18:44.0202 0x165c Page size: 0x1000
23:18:44.0202 0x165c Boot type: Normal boot
23:18:44.0202 0x165c ============================================================
23:18:45.0746 0x165c KLMD registered as C:\Windows\system32\drivers\81636463.sys
23:18:46.0011 0x165c System UUID: {4C1BB72A-8816-BBC1-CC71-63C5861EFA37}
23:18:46.0542 0x165c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:18:46.0542 0x165c Drive \Device\Harddisk3\DR6 - Size: 0x1DEC00000 ( 7.48 Gb ), SectorSize: 0x200, Cylinders: 0x3D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:18:46.0542 0x165c ============================================================
23:18:46.0542 0x165c \Device\Harddisk0\DR0:
23:18:46.0542 0x165c MBR partitions:
23:18:46.0542 0x165c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:18:46.0542 0x165c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
23:18:46.0542 0x165c \Device\Harddisk3\DR6:
23:18:46.0542 0x165c MBR partitions:
23:18:46.0542 0x165c \Device\Harddisk3\DR6\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xEF4000
23:18:46.0542 0x165c ============================================================
23:18:46.0573 0x165c C: <-> \Device\Harddisk0\DR0\Partition2
23:18:46.0573 0x165c ============================================================
23:18:46.0573 0x165c Initialize success
23:18:46.0573 0x165c ============================================================
23:19:39.0004 0x054c ============================================================
23:19:39.0004 0x054c Scan started
23:19:39.0004 0x054c Mode: Manual; SigCheck; TDLFS;
23:19:39.0004 0x054c ============================================================
23:19:39.0004 0x054c KSN ping started
23:19:39.0114 0x054c KSN ping finished: false
23:19:39.0878 0x054c ================ Scan system memory ========================
23:19:39.0878 0x054c System memory - ok
23:19:39.0878 0x054c ================ Scan services =============================
23:19:40.0050 0x054c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:19:40.0159 0x054c 1394ohci - ok
23:19:40.0190 0x054c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:19:40.0221 0x054c ACPI - ok
23:19:40.0252 0x054c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:19:40.0284 0x054c AcpiPmi - ok
23:19:40.0393 0x054c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:19:40.0424 0x054c AdobeARMservice - ok
23:19:40.0502 0x054c [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:19:40.0533 0x054c AdobeFlashPlayerUpdateSvc - ok
23:19:40.0580 0x054c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:19:40.0627 0x054c adp94xx - ok
23:19:40.0642 0x054c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:19:40.0674 0x054c adpahci - ok
23:19:40.0689 0x054c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:19:40.0720 0x054c adpu320 - ok
23:19:40.0752 0x054c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:19:40.0845 0x054c AeLookupSvc - ok
23:19:40.0908 0x054c [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
23:19:40.0954 0x054c AFD - ok
23:19:40.0986 0x054c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:19:41.0017 0x054c agp440 - ok
23:19:41.0048 0x054c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:19:41.0064 0x054c aic78xx - ok
23:19:41.0110 0x054c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
23:19:41.0142 0x054c ALG - ok
23:19:41.0173 0x054c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
23:19:41.0188 0x054c aliide - ok
23:19:41.0220 0x054c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:19:41.0251 0x054c amdagp - ok
23:19:41.0266 0x054c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
23:19:41.0282 0x054c amdide - ok
23:19:41.0298 0x054c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:19:41.0329 0x054c AmdK8 - ok
23:19:41.0329 0x054c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:19:41.0360 0x054c AmdPPM - ok
23:19:41.0376 0x054c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:19:41.0391 0x054c amdsata - ok
23:19:41.0423 0x054c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:19:41.0438 0x054c amdsbs - ok
23:19:41.0454 0x054c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:19:41.0469 0x054c amdxata - ok
23:19:41.0563 0x054c [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:19:41.0594 0x054c AntiVirSchedulerService - ok
23:19:41.0641 0x054c [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:19:41.0688 0x054c AntiVirService - ok
23:19:41.0735 0x054c [ 7C2F57BCE81FA74933F0E1C84A97C9DB, FC84A1B09379B74CEA8AFED4F1AF5F8609DE46AB89B42E4EE70D286FB256F4D7 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
23:19:41.0766 0x054c ApfiltrService - ok
23:19:41.0813 0x054c [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
23:19:41.0844 0x054c AppID - ok
23:19:41.0891 0x054c [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:19:41.0937 0x054c AppIDSvc - ok
23:19:41.0984 0x054c [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
23:19:42.0031 0x054c Appinfo - ok
23:19:42.0078 0x054c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:19:42.0093 0x054c Apple Mobile Device - ok
23:19:42.0125 0x054c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
23:19:42.0171 0x054c arc - ok
23:19:42.0171 0x054c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:19:42.0203 0x054c arcsas - ok
23:19:42.0312 0x054c [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:19:42.0327 0x054c aspnet_state - ok
23:19:42.0359 0x054c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:19:42.0405 0x054c AsyncMac - ok
23:19:42.0421 0x054c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
23:19:42.0437 0x054c atapi - ok
23:19:42.0515 0x054c [ 614A60AEE03A6151FDCBAC295854A9CB, 0453BD59AEF21F2EFD6E1E39F1CF691E694BC778073843111AE5FA2BB1DEF31B ] athr C:\Windows\system32\DRIVERS\athr.sys
23:19:42.0624 0x054c athr - ok
23:19:42.0686 0x054c [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:19:42.0749 0x054c AudioEndpointBuilder - ok
23:19:42.0780 0x054c [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:19:42.0842 0x054c Audiosrv - ok
23:19:42.0889 0x054c [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:19:42.0920 0x054c avgntflt - ok
23:19:42.0951 0x054c [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:19:42.0967 0x054c avipbb - ok
23:19:43.0061 0x054c [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
23:19:43.0092 0x054c Avira.OE.ServiceHost - ok
23:19:43.0107 0x054c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:19:43.0123 0x054c avkmgr - ok
23:19:43.0170 0x054c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:19:43.0232 0x054c AxInstSV - ok
23:19:43.0279 0x054c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
23:19:43.0341 0x054c b06bdrv - ok
23:19:43.0373 0x054c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:19:43.0404 0x054c b57nd60x - ok
23:19:43.0435 0x054c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
23:19:43.0466 0x054c BDESVC - ok
23:19:43.0482 0x054c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
23:19:43.0529 0x054c Beep - ok
23:19:43.0575 0x054c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
23:19:43.0638 0x054c BFE - ok
23:19:43.0685 0x054c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
23:19:43.0778 0x054c BITS - ok
23:19:43.0794 0x054c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:19:43.0825 0x054c blbdrive - ok
23:19:43.0919 0x054c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:19:43.0965 0x054c Bonjour Service - ok
23:19:43.0997 0x054c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:19:44.0043 0x054c bowser - ok
23:19:44.0059 0x054c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:19:44.0090 0x054c BrFiltLo - ok
23:19:44.0106 0x054c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:19:44.0137 0x054c BrFiltUp - ok
23:19:44.0168 0x054c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
23:19:44.0199 0x054c Browser - ok
23:19:44.0231 0x054c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:19:44.0293 0x054c Brserid - ok
23:19:44.0309 0x054c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:19:44.0340 0x054c BrSerWdm - ok
23:19:44.0355 0x054c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:19:44.0371 0x054c BrUsbMdm - ok
23:19:44.0387 0x054c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:19:44.0402 0x054c BrUsbSer - ok
23:19:44.0418 0x054c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:19:44.0465 0x054c BTHMODEM - ok
23:19:44.0496 0x054c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
23:19:44.0543 0x054c bthserv - ok
23:19:44.0558 0x054c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:19:44.0605 0x054c cdfs - ok
23:19:44.0652 0x054c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:19:44.0683 0x054c cdrom - ok
23:19:44.0714 0x054c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
23:19:44.0761 0x054c CertPropSvc - ok
23:19:44.0792 0x054c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
23:19:44.0808 0x054c circlass - ok
23:19:44.0839 0x054c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
23:19:44.0870 0x054c CLFS - ok
23:19:44.0933 0x054c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:19:44.0964 0x054c clr_optimization_v2.0.50727_32 - ok
23:19:45.0026 0x054c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:19:45.0057 0x054c clr_optimization_v4.0.30319_32 - ok
23:19:45.0073 0x054c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:19:45.0089 0x054c CmBatt - ok
23:19:45.0120 0x054c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:19:45.0135 0x054c cmdide - ok
23:19:45.0182 0x054c [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
23:19:45.0245 0x054c CNG - ok
23:19:45.0291 0x054c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:19:45.0307 0x054c Compbatt - ok
23:19:45.0323 0x054c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:19:45.0354 0x054c CompositeBus - ok
23:19:45.0369 0x054c COMSysApp - ok
23:19:45.0385 0x054c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:19:45.0401 0x054c crcdisk - ok
23:19:45.0447 0x054c [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:19:46.0134 0x054c CryptSvc - ok
23:19:46.0181 0x054c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
23:19:46.0243 0x054c DcomLaunch - ok
23:19:46.0290 0x054c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
23:19:46.0368 0x054c defragsvc - ok
23:19:46.0399 0x054c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:19:46.0430 0x054c DfsC - ok
23:19:46.0477 0x054c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:19:46.0524 0x054c Dhcp - ok
23:19:46.0539 0x054c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
23:19:46.0586 0x054c discache - ok
23:19:46.0633 0x054c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
23:19:46.0649 0x054c Disk - ok
23:19:46.0680 0x054c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:19:47.0538 0x054c Dnscache - ok
23:19:47.0569 0x054c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
23:19:47.0616 0x054c dot3svc - ok
23:19:47.0647 0x054c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
23:19:47.0694 0x054c DPS - ok
23:19:47.0725 0x054c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:19:47.0756 0x054c drmkaud - ok
23:19:47.0834 0x054c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:19:47.0897 0x054c DXGKrnl - ok
23:19:47.0928 0x054c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
23:19:47.0975 0x054c EapHost - ok
23:19:48.0162 0x054c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
23:19:48.0380 0x054c ebdrv - ok
23:19:48.0443 0x054c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
23:19:48.0505 0x054c EFS - ok
23:19:48.0583 0x054c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:19:48.0692 0x054c ehRecvr - ok
23:19:48.0723 0x054c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
23:19:48.0739 0x054c ehSched - ok
23:19:48.0801 0x054c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:19:48.0848 0x054c elxstor - ok
23:19:48.0864 0x054c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:19:48.0895 0x054c ErrDev - ok
23:19:48.0942 0x054c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
23:19:48.0989 0x054c EventSystem - ok
23:19:49.0004 0x054c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
23:19:49.0067 0x054c exfat - ok
23:19:49.0098 0x054c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:19:49.0145 0x054c fastfat - ok
23:19:49.0207 0x054c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
23:19:49.0285 0x054c Fax - ok
23:19:49.0301 0x054c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys
23:19:49.0316 0x054c fdc - ok
23:19:49.0332 0x054c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
23:19:49.0363 0x054c fdPHost - ok
23:19:49.0379 0x054c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
23:19:49.0425 0x054c FDResPub - ok
23:19:49.0457 0x054c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:19:49.0488 0x054c FileInfo - ok
23:19:49.0503 0x054c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:19:49.0535 0x054c Filetrace - ok
23:19:49.0566 0x054c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:19:49.0581 0x054c flpydisk - ok
23:19:49.0613 0x054c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:19:49.0644 0x054c FltMgr - ok
23:19:49.0722 0x054c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
23:19:49.0831 0x054c FontCache - ok
23:19:49.0893 0x054c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:19:49.0940 0x054c FontCache3.0.0.0 - ok
23:19:49.0956 0x054c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:19:49.0971 0x054c FsDepends - ok
23:19:49.0987 0x054c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:19:50.0018 0x054c Fs_Rec - ok
23:19:50.0065 0x054c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:19:50.0096 0x054c fvevol - ok
23:19:50.0127 0x054c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:19:50.0159 0x054c gagp30kx - ok
23:19:50.0190 0x054c [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:19:50.0205 0x054c GEARAspiWDM - ok
23:19:50.0252 0x054c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
23:19:50.0330 0x054c gpsvc - ok
23:19:50.0408 0x054c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:19:50.0424 0x054c gupdate - ok
23:19:50.0439 0x054c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:19:50.0471 0x054c gupdatem - ok
23:19:50.0486 0x054c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:19:50.0517 0x054c hcw85cir - ok
23:19:50.0595 0x054c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:19:50.0642 0x054c HdAudAddService - ok
23:19:50.0673 0x054c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:19:50.0705 0x054c HDAudBus - ok
23:19:50.0720 0x054c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:19:50.0751 0x054c HidBatt - ok
23:19:50.0767 0x054c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:19:50.0798 0x054c HidBth - ok
23:19:50.0814 0x054c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
23:19:50.0829 0x054c HidIr - ok
23:19:50.0861 0x054c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
23:19:50.0907 0x054c hidserv - ok
23:19:50.0939 0x054c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:19:50.0970 0x054c HidUsb - ok
23:19:51.0001 0x054c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
23:19:51.0032 0x054c hkmsvc - ok
23:19:51.0063 0x054c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:19:51.0110 0x054c HomeGroupListener - ok
23:19:51.0141 0x054c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:19:51.0157 0x054c HomeGroupProvider - ok
23:19:51.0282 0x054c [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:19:51.0313 0x054c hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0422 0x054c hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:19:51.0438 0x054c [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:19:51.0453 0x054c hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0453 0x054c hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:19:51.0500 0x054c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:19:51.0516 0x054c HpSAMD - ok
23:19:51.0594 0x054c [ 79737E0F7D25DE8405CB34D4C9882253, 798E44BAE6CD4ECBC801ACE4089E18388ABD18744B901F53452D8103081DE967 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:19:51.0656 0x054c HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0656 0x054c HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
23:19:51.0703 0x054c [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:19:51.0797 0x054c HTTP - ok
23:19:51.0828 0x054c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:19:51.0843 0x054c hwpolicy - ok
23:19:51.0859 0x054c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:19:51.0890 0x054c i8042prt - ok
23:19:51.0953 0x054c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:19:51.0984 0x054c iaStorV - ok
23:19:52.0077 0x054c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:19:52.0155 0x054c idsvc - ok
23:19:52.0187 0x054c IEEtwCollectorService - ok
23:19:52.0436 0x054c [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:19:52.0748 0x054c igfx - ok
23:19:52.0811 0x054c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:19:52.0826 0x054c iirsp - ok
23:19:52.0889 0x054c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
23:19:52.0951 0x054c IKEEXT - ok
23:19:53.0076 0x054c [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:19:53.0185 0x054c IntcAzAudAddService - ok
23:19:53.0232 0x054c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
23:19:53.0247 0x054c intelide - ok
23:19:53.0263 0x054c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:19:53.0279 0x054c intelppm - ok
23:19:53.0310 0x054c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:19:53.0372 0x054c IPBusEnum - ok
23:19:53.0388 0x054c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:19:53.0435 0x054c IpFilterDriver - ok
23:19:53.0513 0x054c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:19:53.0575 0x054c iphlpsvc - ok
23:19:53.0606 0x054c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:19:53.0622 0x054c IPMIDRV - ok
23:19:53.0653 0x054c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:19:53.0700 0x054c IPNAT - ok
23:19:53.0825 0x054c [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:19:53.0871 0x054c iPod Service - ok
23:19:53.0903 0x054c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:19:53.0918 0x054c IRENUM - ok
23:19:53.0949 0x054c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:19:53.0965 0x054c isapnp - ok
23:19:54.0012 0x054c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:19:54.0043 0x054c iScsiPrt - ok
23:19:54.0059 0x054c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:19:54.0090 0x054c kbdclass - ok
23:19:54.0090 0x054c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:19:54.0121 0x054c kbdhid - ok
23:19:54.0137 0x054c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
23:19:54.0152 0x054c KeyIso - ok
23:19:54.0183 0x054c [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:19:54.0199 0x054c KSecDD - ok
23:19:54.0230 0x054c [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:19:54.0246 0x054c KSecPkg - ok
23:19:54.0293 0x054c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:19:54.0371 0x054c KtmRm - ok
23:19:54.0417 0x054c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:19:54.0464 0x054c LanmanServer - ok
23:19:54.0495 0x054c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:19:54.0542 0x054c LanmanWorkstation - ok
23:19:54.0589 0x054c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:19:54.0620 0x054c lltdio - ok
23:19:54.0651 0x054c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:19:54.0714 0x054c lltdsvc - ok
23:19:54.0729 0x054c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:19:54.0776 0x054c lmhosts - ok
23:19:54.0807 0x054c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:19:54.0823 0x054c LSI_FC - ok
23:19:54.0839 0x054c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:19:54.0870 0x054c LSI_SAS - ok
23:19:54.0870 0x054c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:19:54.0885 0x054c LSI_SAS2 - ok
23:19:54.0901 0x054c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:19:54.0932 0x054c LSI_SCSI - ok
23:19:54.0963 0x054c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
23:19:55.0010 0x054c luafv - ok
23:19:55.0026 0x054c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:19:55.0057 0x054c Mcx2Svc - ok
23:19:55.0073 0x054c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
23:19:55.0088 0x054c megasas - ok
23:19:55.0104 0x054c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:19:55.0135 0x054c MegaSR - ok
23:19:55.0166 0x054c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
23:19:55.0213 0x054c MMCSS - ok
23:19:55.0229 0x054c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
23:19:55.0275 0x054c Modem - ok
23:19:55.0291 0x054c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:19:55.0307 0x054c monitor - ok
23:19:55.0322 0x054c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:19:55.0353 0x054c mouclass - ok
23:19:55.0369 0x054c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:19:55.0385 0x054c mouhid - ok
23:19:55.0416 0x054c [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:19:55.0431 0x054c mountmgr - ok
23:19:55.0494 0x054c [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:19:55.0509 0x054c MozillaMaintenance - ok
23:19:55.0525 0x054c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
23:19:55.0556 0x054c mpio - ok
23:19:55.0572 0x054c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:19:55.0619 0x054c mpsdrv - ok
23:19:55.0650 0x054c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:19:55.0743 0x054c MpsSvc - ok
23:19:55.0790 0x054c [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:19:55.0853 0x054c MRxDAV - ok
23:19:55.0884 0x054c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:19:55.0931 0x054c mrxsmb - ok
23:19:55.0962 0x054c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:19:55.0993 0x054c mrxsmb10 - ok
23:19:56.0040 0x054c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:19:56.0071 0x054c mrxsmb20 - ok
23:19:56.0102 0x054c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
23:19:56.0118 0x054c msahci - ok
23:19:56.0149 0x054c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:19:56.0180 0x054c msdsm - ok
23:19:56.0211 0x054c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
23:19:56.0243 0x054c MSDTC - ok
23:19:56.0274 0x054c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:19:56.0321 0x054c Msfs - ok
23:19:56.0321 0x054c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:19:56.0367 0x054c mshidkmdf - ok
23:19:56.0383 0x054c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:19:56.0399 0x054c msisadrv - ok
23:19:56.0430 0x054c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:19:56.0477 0x054c MSiSCSI - ok
23:19:56.0492 0x054c msiserver - ok
23:19:56.0523 0x054c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:19:56.0555 0x054c MSKSSRV - ok
23:19:56.0586 0x054c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:19:56.0633 0x054c MSPCLOCK - ok
23:19:56.0648 0x054c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:19:56.0695 0x054c MSPQM - ok
23:19:56.0711 0x054c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:19:56.0742 0x054c MsRPC - ok
23:19:56.0757 0x054c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:19:56.0789 0x054c mssmbios - ok
23:19:56.0789 0x054c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:19:56.0835 0x054c MSTEE - ok
23:19:56.0851 0x054c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:19:56.0882 0x054c MTConfig - ok
23:19:56.0898 0x054c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
23:19:56.0913 0x054c Mup - ok
23:19:56.0976 0x054c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
23:19:57.0038 0x054c napagent - ok
23:19:57.0101 0x054c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:19:57.0132 0x054c NativeWifiP - ok
23:19:57.0194 0x054c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:19:57.0257 0x054c NDIS - ok
23:19:57.0288 0x054c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:19:57.0350 0x054c NdisCap - ok
23:19:57.0366 0x054c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:19:57.0397 0x054c NdisTapi - ok
23:19:57.0428 0x054c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:19:57.0459 0x054c Ndisuio - ok
23:19:57.0491 0x054c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:19:57.0537 0x054c NdisWan - ok
23:19:57.0553 0x054c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:19:57.0584 0x054c NDProxy - ok
23:19:57.0647 0x054c [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:19:57.0678 0x054c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:19:57.0678 0x054c Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:19:57.0725 0x054c [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
23:19:57.0771 0x054c Netaapl - ok
23:19:57.0818 0x054c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:19:57.0865 0x054c NetBIOS - ok
23:19:57.0881 0x054c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:19:57.0927 0x054c NetBT - ok
23:19:57.0959 0x054c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
23:19:57.0974 0x054c Netlogon - ok
23:19:58.0005 0x054c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
23:19:58.0068 0x054c Netman - ok
23:19:58.0115 0x054c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0146 0x054c NetMsmqActivator - ok
23:19:58.0161 0x054c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0177 0x054c NetPipeActivator - ok
23:19:58.0224 0x054c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
23:19:58.0286 0x054c netprofm - ok
23:19:58.0302 0x054c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0317 0x054c NetTcpActivator - ok
23:19:58.0333 0x054c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0364 0x054c NetTcpPortSharing - ok
23:19:58.0411 0x054c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:19:58.0427 0x054c nfrd960 - ok
23:19:58.0473 0x054c [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:19:58.0505 0x054c NlaSvc - ok
23:19:58.0520 0x054c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:19:58.0567 0x054c Npfs - ok
23:19:58.0583 0x054c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
23:19:58.0629 0x054c nsi - ok
23:19:58.0645 0x054c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:19:58.0676 0x054c nsiproxy - ok
23:19:58.0785 0x054c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:19:58.0863 0x054c Ntfs - ok
23:19:58.0895 0x054c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
23:19:58.0941 0x054c Null - ok
23:19:58.0988 0x054c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:19:59.0004 0x054c nvraid - ok
23:19:59.0035 0x054c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:19:59.0066 0x054c nvstor - ok
23:19:59.0082 0x054c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:19:59.0097 0x054c nv_agp - ok
23:19:59.0191 0x054c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:19:59.0238 0x054c odserv - ok
23:19:59.0253 0x054c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:19:59.0300 0x054c ohci1394 - ok
23:19:59.0331 0x054c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:19:59.0347 0x054c ose - ok
23:19:59.0394 0x054c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:19:59.0441 0x054c p2pimsvc - ok
23:19:59.0487 0x054c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
23:19:59.0534 0x054c p2psvc - ok
23:19:59.0597 0x054c [ DCA942C0A19A0AD2ABCD9ACF94EB4B10, AB0C6D4DC5B1F393291C8739A1DE799A288E94F01C00E4B7C70D129CADA63E3F ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS
23:19:59.0675 0x054c PAC207 - ok
23:19:59.0721 0x054c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
23:19:59.0753 0x054c Parport - ok
23:19:59.0784 0x054c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:19:59.0799 0x054c partmgr - ok
23:19:59.0815 0x054c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:19:59.0831 0x054c Parvdm - ok
23:19:59.0877 0x054c [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:19:59.0909 0x054c PcaSvc - ok
23:19:59.0924 0x054c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
23:19:59.0955 0x054c pci - ok
23:19:59.0971 0x054c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
23:19:59.0987 0x054c pciide - ok
23:20:00.0018 0x054c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:20:00.0049 0x054c pcmcia - ok
23:20:00.0065 0x054c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
23:20:00.0096 0x054c pcw - ok
23:20:00.0143 0x054c [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:20:00.0252 0x054c PEAUTH - ok
23:20:00.0345 0x054c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
23:20:00.0486 0x054c pla - ok
23:20:00.0548 0x054c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:20:00.0611 0x054c PlugPlay - ok
23:20:00.0689 0x054c [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:20:00.0720 0x054c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:20:00.0720 0x054c Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:20:00.0767 0x054c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:20:00.0798 0x054c PNRPAutoReg - ok
23:20:00.0829 0x054c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:20:00.0860 0x054c PNRPsvc - ok
23:20:00.0923 0x054c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:20:00.0985 0x054c PolicyAgent - ok
23:20:01.0016 0x054c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
23:20:01.0063 0x054c Power - ok
23:20:01.0094 0x054c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:20:01.0141 0x054c PptpMiniport - ok
23:20:01.0157 0x054c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
23:20:01.0188 0x054c Processor - ok
23:20:01.0235 0x054c [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:20:01.0266 0x054c ProfSvc - ok
23:20:01.0281 0x054c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:20:01.0313 0x054c ProtectedStorage - ok
23:20:01.0344 0x054c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:20:01.0391 0x054c Psched - ok
23:20:01.0469 0x054c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:20:01.0562 0x054c ql2300 - ok
23:20:01.0593 0x054c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:20:01.0625 0x054c ql40xx - ok
23:20:01.0671 0x054c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
23:20:01.0703 0x054c QWAVE - ok
23:20:01.0718 0x054c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:20:01.0749 0x054c QWAVEdrv - ok
23:20:01.0765 0x054c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:20:01.0827 0x054c RasAcd - ok
23:20:01.0859 0x054c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:20:01.0905 0x054c RasAgileVpn - ok
23:20:01.0937 0x054c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
23:20:01.0983 0x054c RasAuto - ok
23:20:01.0999 0x054c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:20:02.0046 0x054c Rasl2tp - ok
23:20:02.0077 0x054c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
23:20:02.0139 0x054c RasMan - ok
23:20:02.0171 0x054c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:20:02.0202 0x054c RasPppoe - ok
23:20:02.0233 0x054c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:20:02.0280 0x054c RasSstp - ok
23:20:02.0295 0x054c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:20:02.0342 0x054c rdbss - ok
23:20:02.0358 0x054c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:20:02.0389 0x054c rdpbus - ok
23:20:02.0405 0x054c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:20:02.0451 0x054c RDPCDD - ok
23:20:02.0467 0x054c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:20:02.0514 0x054c RDPENCDD - ok
23:20:02.0529 0x054c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:20:02.0561 0x054c RDPREFMP - ok
23:20:02.0607 0x054c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:20:02.0639 0x054c RdpVideoMiniport - ok
23:20:02.0670 0x054c [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:20:02.0732 0x054c RDPWD - ok
23:20:02.0779 0x054c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:20:02.0810 0x054c rdyboost - ok
23:20:02.0841 0x054c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:20:02.0873 0x054c RemoteAccess - ok
23:20:02.0904 0x054c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:20:02.0951 0x054c RemoteRegistry - ok
23:20:03.0013 0x054c [ 0F6756EF8BDA6DFA7BE50465C83132BB, 1AE76B66F04A2AE99CD1A1368D4998C8081E89578A37D7D535D8CBCAA6136AE0 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
23:20:03.0060 0x054c RimUsb - ok
23:20:03.0091 0x054c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:20:03.0138 0x054c RpcEptMapper - ok
23:20:03.0169 0x054c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
23:20:03.0185 0x054c RpcLocator - ok
23:20:03.0216 0x054c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
23:20:03.0263 0x054c RpcSs - ok
23:20:03.0294 0x054c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:20:03.0341 0x054c rspndr - ok
23:20:03.0341 0x054c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
23:20:03.0372 0x054c SamSs - ok
23:20:03.0403 0x054c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:20:03.0419 0x054c sbp2port - ok
23:20:03.0450 0x054c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:20:03.0497 0x054c SCardSvr - ok
23:20:03.0512 0x054c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:20:03.0559 0x054c scfilter - ok
23:20:03.0621 0x054c [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
23:20:03.0715 0x054c Schedule - ok
23:20:03.0731 0x054c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:20:03.0777 0x054c SCPolicySvc - ok
23:20:03.0793 0x054c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:20:03.0855 0x054c SDRSVC - ok
23:20:03.0902 0x054c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:20:03.0949 0x054c secdrv - ok
23:20:03.0980 0x054c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
23:20:04.0043 0x054c seclogon - ok
23:20:04.0058 0x054c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
23:20:04.0089 0x054c SENS - ok
23:20:04.0105 0x054c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:20:04.0136 0x054c SensrSvc - ok
23:20:04.0167 0x054c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:20:04.0199 0x054c Serenum - ok
23:20:04.0230 0x054c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys
23:20:04.0277 0x054c Serial - ok
23:20:04.0292 0x054c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:20:04.0308 0x054c sermouse - ok
23:20:04.0339 0x054c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
23:20:04.0386 0x054c SessionEnv - ok
23:20:04.0417 0x054c [ 8B7C1768D2CDE2E02E09A66563DDFD16, F46278B914A2FD32575CC7F083BEEA039E15D30061D6B39F22E39DAEEA80DB93 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
23:20:04.0448 0x054c SFEP - ok
23:20:04.0464 0x054c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:20:04.0479 0x054c sffdisk - ok
23:20:04.0526 0x054c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:20:04.0542 0x054c sffp_mmc - ok
23:20:04.0557 0x054c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:20:04.0573 0x054c sffp_sd - ok
23:20:04.0604 0x054c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:20:04.0620 0x054c sfloppy - ok
23:20:04.0651 0x054c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:20:04.0729 0x054c SharedAccess - ok
23:20:04.0760 0x054c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:20:04.0838 0x054c ShellHWDetection - ok
23:20:04.0854 0x054c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:20:04.0885 0x054c sisagp - ok
23:20:04.0932 0x054c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:20:04.0963 0x054c SiSRaid2 - ok
23:20:04.0963 0x054c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:20:04.0994 0x054c SiSRaid4 - ok
23:20:05.0041 0x054c [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:20:05.0057 0x054c SkypeUpdate - ok
23:20:05.0088 0x054c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:20:05.0119 0x054c Smb - ok
23:20:05.0166 0x054c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:20:05.0181 0x054c SNMPTRAP - ok
23:20:05.0197 0x054c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
23:20:05.0213 0x054c spldr - ok
23:20:05.0259 0x054c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
23:20:05.0322 0x054c Spooler - ok
23:20:05.0493 0x054c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
23:20:05.0727 0x054c sppsvc - ok
23:20:05.0759 0x054c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:20:05.0805 0x054c sppuinotify - ok
23:20:05.0852 0x054c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:20:05.0899 0x054c srv - ok
23:20:05.0946 0x054c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:20:05.0977 0x054c srv2 - ok
23:20:06.0008 0x054c [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:20:06.0071 0x054c SrvHsfHDA - ok
23:20:06.0149 0x054c [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:20:06.0227 0x054c SrvHsfV92 - ok
23:20:06.0273 0x054c [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
23:20:06.0351 0x054c SrvHsfWinac - ok
23:20:06.0383 0x054c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:20:06.0414 0x054c srvnet - ok
23:20:06.0445 0x054c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:20:06.0507 0x054c SSDPSRV - ok
23:20:06.0523 0x054c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:20:06.0539 0x054c ssmdrv - ok
23:20:06.0570 0x054c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:20:06.0617 0x054c SstpSvc - ok
23:20:06.0632 0x054c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:20:06.0648 0x054c stexstor - ok
23:20:06.0695 0x054c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
23:20:06.0773 0x054c StiSvc - ok
23:20:06.0788 0x054c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:20:06.0804 0x054c swenum - ok
23:20:06.0851 0x054c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
23:20:06.0913 0x054c swprv - ok
23:20:06.0991 0x054c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
23:20:07.0085 0x054c SysMain - ok
23:20:07.0100 0x054c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
23:20:07.0131 0x054c TabletInputService - ok
23:20:07.0163 0x054c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
23:20:07.0225 0x054c TapiSrv - ok
23:20:07.0225 0x054c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
23:20:07.0287 0x054c TBS - ok
23:20:07.0412 0x054c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:20:07.0506 0x054c Tcpip - ok
23:20:07.0584 0x054c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:20:07.0646 0x054c TCPIP6 - ok
23:20:07.0677 0x054c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:20:07.0709 0x054c tcpipreg - ok
23:20:07.0740 0x054c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:20:07.0771 0x054c TDPIPE - ok
23:20:07.0787 0x054c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:20:07.0833 0x054c TDTCP - ok
23:20:07.0880 0x054c [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:20:07.0911 0x054c tdx - ok
23:20:07.0943 0x054c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:20:07.0958 0x054c TermDD - ok
23:20:08.0021 0x054c [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
23:20:08.0099 0x054c TermService - ok
23:20:08.0114 0x054c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
23:20:08.0145 0x054c Themes - ok
23:20:08.0161 0x054c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
23:20:08.0208 0x054c THREADORDER - ok
23:20:08.0270 0x054c [ 7C7445B4C2BD46C56ABB3499DA52B75C, E095B4BC1F9AA4544C28962D521361DB1AD15F45CEAEFC8B764FF3A65DD2C5AC ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
23:20:08.0317 0x054c ti21sony - ok
23:20:08.0348 0x054c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
23:20:08.0395 0x054c TrkWks - ok
23:20:08.0442 0x054c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:20:08.0489 0x054c TrustedInstaller - ok
23:20:08.0520 0x054c [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:20:08.0567 0x054c tssecsrv - ok
23:20:08.0598 0x054c [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:20:08.0613 0x054c TsUsbFlt - ok
23:20:08.0645 0x054c [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:20:08.0660 0x054c TsUsbGD - ok
23:20:08.0707 0x054c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:20:08.0738 0x054c tunnel - ok
23:20:08.0754 0x054c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:20:08.0785 0x054c uagp35 - ok
23:20:08.0801 0x054c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:20:08.0863 0x054c udfs - ok
23:20:08.0894 0x054c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:20:08.0925 0x054c UI0Detect - ok
23:20:08.0941 0x054c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:20:08.0957 0x054c uliagpkx - ok
23:20:08.0972 0x054c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:20:09.0003 0x054c umbus - ok
23:20:09.0019 0x054c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:20:09.0035 0x054c UmPass - ok
23:20:09.0066 0x054c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
23:20:09.0128 0x054c upnphost - ok
23:20:09.0175 0x054c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:20:09.0206 0x054c USBAAPL - ok
23:20:09.0237 0x054c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:20:09.0269 0x054c usbccgp - ok
23:20:09.0300 0x054c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:20:09.0331 0x054c usbcir - ok
23:20:09.0378 0x054c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:20:09.0409 0x054c usbehci - ok
23:20:09.0471 0x054c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:20:09.0534 0x054c usbhub - ok
23:20:09.0565 0x054c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:20:09.0581 0x054c usbohci - ok
23:20:09.0627 0x054c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:20:09.0643 0x054c usbprint - ok
23:20:09.0674 0x054c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:20:09.0705 0x054c usbscan - ok
23:20:09.0737 0x054c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:20:09.0768 0x054c USBSTOR - ok
23:20:09.0815 0x054c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:20:09.0830 0x054c usbuhci - ok
23:20:09.0861 0x054c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
23:20:09.0908 0x054c UxSms - ok
23:20:09.0924 0x054c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
23:20:09.0939 0x054c VaultSvc - ok
23:20:09.0971 0x054c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:20:10.0002 0x054c vdrvroot - ok
23:20:10.0033 0x054c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
23:20:10.0127 0x054c vds - ok
23:20:10.0142 0x054c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:20:10.0173 0x054c vga - ok
23:20:10.0189 0x054c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:20:10.0220 0x054c VgaSave - ok
23:20:10.0236 0x054c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:20:10.0267 0x054c vhdmp - ok
23:20:10.0283 0x054c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:20:10.0314 0x054c viaagp - ok
23:20:10.0314 0x054c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:20:10.0345 0x054c ViaC7 - ok
23:20:10.0376 0x054c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
23:20:10.0392 0x054c viaide - ok
23:20:10.0423 0x054c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:20:10.0439 0x054c volmgr - ok
23:20:10.0470 0x054c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:20:10.0501 0x054c volmgrx - ok
23:20:10.0532 0x054c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:20:10.0563 0x054c volsnap - ok
23:20:10.0610 0x054c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:20:10.0626 0x054c vsmraid - ok
23:20:10.0704 0x054c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
23:20:10.0813 0x054c VSS - ok
23:20:10.0938 0x054c [ 416F115DC1003BB624D03E019C3D563D, 8961034B60CA20BC4C4655547C425D4ABA82D91E6D426338D4B76BB8D8832383 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
23:20:11.0031 0x054c VUAgent - ok
23:20:11.0047 0x054c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:20:11.0078 0x054c vwifibus - ok
23:20:11.0109 0x054c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:20:11.0141 0x054c vwififlt - ok
23:20:11.0156 0x054c [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:20:11.0187 0x054c vwifimp - ok
23:20:11.0219 0x054c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
23:20:11.0281 0x054c W32Time - ok
23:20:11.0312 0x054c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:20:11.0328 0x054c WacomPen - ok
23:20:11.0343 0x054c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:20:11.0390 0x054c WANARP - ok
23:20:11.0406 0x054c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:20:11.0437 0x054c Wanarpv6 - ok
23:20:11.0515 0x054c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
23:20:11.0624 0x054c wbengine - ok
23:20:11.0655 0x054c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:20:11.0687 0x054c WbioSrvc - ok
23:20:11.0718 0x054c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:20:11.0765 0x054c wcncsvc - ok
23:20:11.0796 0x054c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:20:11.0827 0x054c WcsPlugInService - ok
23:20:11.0874 0x054c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
23:20:11.0889 0x054c Wd - ok
23:20:11.0921 0x054c [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
23:20:11.0936 0x054c WDC_SAM - ok
23:20:11.0999 0x054c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:20:12.0077 0x054c Wdf01000 - ok
23:20:12.0092 0x054c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:20:12.0155 0x054c WdiServiceHost - ok
23:20:12.0170 0x054c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:20:12.0201 0x054c WdiSystemHost - ok
23:20:12.0264 0x054c [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
23:20:12.0311 0x054c WebClient - ok
23:20:12.0342 0x054c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:20:12.0404 0x054c Wecsvc - ok
23:20:12.0435 0x054c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:20:12.0467 0x054c wercplsupport - ok
23:20:12.0498 0x054c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
23:20:12.0545 0x054c WerSvc - ok
23:20:12.0576 0x054c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:20:12.0607 0x054c WfpLwf - ok
23:20:12.0638 0x054c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:20:12.0654 0x054c WIMMount - ok
23:20:12.0763 0x054c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:20:12.0825 0x054c WinDefend - ok
23:20:12.0857 0x054c WinHttpAutoProxySvc - ok
23:20:12.0919 0x054c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:20:12.0981 0x054c Winmgmt - ok
23:20:13.0075 0x054c [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
23:20:13.0200 0x054c WinRM - ok
23:20:13.0262 0x054c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:20:13.0278 0x054c WinUsb - ok
23:20:13.0340 0x054c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:20:13.0418 0x054c Wlansvc - ok
23:20:13.0434 0x054c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:20:13.0465 0x054c WmiAcpi - ok
23:20:13.0496 0x054c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:20:13.0512 0x054c wmiApSrv - ok
23:20:13.0652 0x054c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:20:13.0730 0x054c WMPNetworkSvc - ok
23:20:13.0761 0x054c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:20:13.0793 0x054c WPCSvc - ok
23:20:13.0808 0x054c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:20:13.0839 0x054c WPDBusEnum - ok
23:20:13.0871 0x054c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:20:13.0902 0x054c ws2ifsl - ok
23:20:13.0933 0x054c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
23:20:13.0949 0x054c wscsvc - ok
23:20:13.0964 0x054c WSearch - ok
23:20:14.0089 0x054c [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
23:20:14.0214 0x054c wuauserv - ok
23:20:14.0245 0x054c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:20:14.0276 0x054c WudfPf - ok
23:20:14.0323 0x054c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:20:14.0354 0x054c WUDFRd - ok
23:20:14.0385 0x054c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:20:14.0401 0x054c wudfsvc - ok
23:20:14.0448 0x054c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
23:20:14.0510 0x054c WwanSvc - ok
23:20:14.0573 0x054c [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
23:20:14.0604 0x054c yukonw7 - ok
23:20:14.0635 0x054c ================ Scan global ===============================
23:20:14.0666 0x054c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
23:20:14.0697 0x054c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
23:20:14.0744 0x054c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
23:20:14.0775 0x054c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
23:20:14.0807 0x054c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
23:20:14.0822 0x054c [ Global ] - ok
23:20:14.0822 0x054c ================ Scan MBR ==================================
23:20:14.0838 0x054c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:20:15.0134 0x054c \Device\Harddisk0\DR0 - ok
23:20:15.0150 0x054c [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR6
23:20:15.0259 0x054c \Device\Harddisk3\DR6 - ok
23:20:15.0259 0x054c ================ Scan VBR ==================================
23:20:15.0275 0x054c [ F3A43021DB39F1142F0896F23DBBF060 ] \Device\Harddisk0\DR0\Partition1
23:20:15.0275 0x054c \Device\Harddisk0\DR0\Partition1 - ok
23:20:15.0290 0x054c [ 38E5B4A81ABAFBCB5D94E799FE9764C1 ] \Device\Harddisk0\DR0\Partition2
23:20:15.0290 0x054c \Device\Harddisk0\DR0\Partition2 - ok
23:20:15.0290 0x054c [ 1CEE7AC0676CEF9A334609E1291D50A3 ] \Device\Harddisk3\DR6\Partition1
23:20:15.0290 0x054c \Device\Harddisk3\DR6\Partition1 - ok
23:20:15.0290 0x054c ================ Scan generic autorun ======================
23:20:15.0337 0x054c [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
23:20:15.0353 0x054c IgfxTray - ok
23:20:15.0384 0x054c [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
23:20:15.0399 0x054c HotKeysCmds - ok
23:20:15.0431 0x054c [ CD1102E5D340216138C7F56FA8D26998, 805BE128B6A52E304A91AD44B6A7322BAD5F72CD400DB5E74D8EF47424894266 ] C:\Windows\system32\igfxpers.exe
23:20:15.0446 0x054c Persistence - ok
23:20:15.0509 0x054c [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:20:15.0540 0x054c APSDaemon - ok
23:20:15.0649 0x054c [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
23:20:15.0696 0x054c avgnt - ok
23:20:15.0774 0x054c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:20:15.0852 0x054c Adobe ARM - ok
23:20:15.0883 0x054c [ A50BB4FFB1498327FACC0E844039BDF2, 155EC714B7FDCFE113328997EC1E72B748BBEFFD00DC2178DF1B100CF43CB628 ] C:\Program Files\Apoint\Apoint.exe
23:20:15.0899 0x054c Apoint - ok
23:20:16.0086 0x054c [ A503A47A5E7EA8024379A8CC6059B74A, 8DEEC50E21924D21DD6383FA7FB3714ECA5AD45C576E0FF0431EE0DB25194620 ] C:\Windows\RtHDVCpl.exe
23:20:16.0367 0x054c RtHDVCpl - ok
23:20:16.0445 0x054c [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files\QuickTime\QTTask.exe
23:20:16.0476 0x054c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
23:20:16.0476 0x054c QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
23:20:16.0554 0x054c [ 21293443961A4E2597453EE7A9347F22, FDA88181C975C251E56D5A38E5473F45B9CB4E1258A6E93320D34D656AB1E6ED ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
23:20:16.0569 0x054c HP Software Update - ok
23:20:16.0647 0x054c [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
23:20:16.0679 0x054c hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
23:20:16.0679 0x054c hpqSRMon ( UnsignedFile.Multi.Generic ) - warning
23:20:16.0741 0x054c [ 79C28DDF889C26FDD6162F796FD49BC4, C1E2468B4F0F52BD707D16656F33CC438AF8E18A38BB6CFB64D11F23993F72F0 ] C:\Program Files\iTunes\iTunesHelper.exe
23:20:16.0757 0x054c iTunesHelper - ok
23:20:16.0835 0x054c [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
23:20:16.0850 0x054c Avira Systray - ok
23:20:16.0944 0x054c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:20:17.0053 0x054c Sidebar - ok
23:20:17.0084 0x054c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:20:17.0115 0x054c mctadmin - ok
23:20:17.0178 0x054c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:20:17.0240 0x054c Sidebar - ok
23:20:17.0256 0x054c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:20:17.0287 0x054c mctadmin - ok
23:20:17.0318 0x054c AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x40010 ( disabled : outofdate )
23:20:17.0318 0x054c Win FW state via NFP2: enabled
23:20:17.0318 0x054c ============================================================
23:20:17.0318 0x054c Scan finished
23:20:17.0318 0x054c ============================================================
23:20:17.0334 0x1584 Detected object count: 7
23:20:17.0334 0x1584 Actual detected object count: 7
23:21:27.0799 0x1584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0799 0x1584 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0799 0x1584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0799 0x1584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0815 0x1584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0815 0x1584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0815 0x1584 QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0815 0x1584 QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0815 0x1584 hpqSRMon ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0815 0x1584 hpqSRMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.12.13.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17280
Admin :: ****-PC [administrator]
13.12.2014 23:27:36
mbar-log-2014-12-13 (23-27-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 355359
Time elapsed: 24 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Vielen Dank schon mal Gruß Frank |
|
14.12.2014, 16:38
| #4 |
| /// the machine /// TB-Ausbilder | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail sieht soweit gut aus.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.12.2014, 21:13
| #5 |
| | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Vielen Dank für die Hilfe. Dann bin ich erstmal beruhigt. Gruß Frank |
|
17.12.2014, 20:04
| #6 |
| /// the machine /// TB-Ausbilder | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Gern Geschehen 
__________________ --> Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail |
|
17.12.2014, 22:43
| #7 |
| | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Hallo Schrauber, jetzt hats mir doch keine Ruhe gelassen, weil mein Bauchgefühl mir gesagt hat, daß der Rechner irgendwie nicht ganz sauber ist. Daher habe ich Malwarebytes drüber laufen lassen und 2 Funde gehabt, die ich in Quarantäne geschickt habe (PUP.Optional.FrostfireTB.A.) Hier das Logfile dazu, auch wenn das logfile keine Funde sagt?!? Habe den Rechner danach neu gestartet: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 16.12.2014 Suchlauf-Zeit: 21:32:43 Logdatei: Malwarebytes log.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2014.12.16.05 Rootkit Datenbank: v2014.12.14.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Admin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 355254 Verstrichene Zeit: 33 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Danke schon mal Gruß F |
|
18.12.2014, 20:42
| #8 |
| /// the machine /// TB-Ausbilder | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Kein Fund im Log aber es wurde was gefunden? Naja, ist auch egal, es war laut deiner Beschreibung nur ein PUP Fund. Google mal PUP
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.12.2014, 21:17
| #9 |
| | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail bin erst jetzt dazu gekommen, wieder hier reinzuschauen. dann ist ja alles gut. DANKE! |
|
26.12.2014, 16:56
| #10 |
| /// the machine /// TB-Ausbilder | Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail |
| 1&1-mail, adware, antivirus, bluescreen, bluescreen 0x0000001a, bluescreen 0x80630801, browser, defender, explorer, fehlercode 22, firefox, flash player, helper, homepage, memory.dmp, officejet, phishing, security, server, services.exe, software, svchost.exe, this device is disabled. (code 22), windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
