| |
| |||||||
Log-Analyse und Auswertung: dllhost.exe poppt alle 10-20 Sekunden aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.01.2015, 11:04
| #1 |
 |  dllhost.exe poppt alle 10-20 Sekunden auf Moin, wie oben beschrieben gibt es Bootperioden in denen alle 10-20 Sekunden eine Instanz der dllhost.exe aufpoppt und sich nach 1-2 Sekunden wieder schließt. Das Problem ist meistens nach einem Neustart behoben. Parallel dazu blinkt das Ladesymbol am Mauszeiger immer auf, wenn die dllhost.exe startet. Dieses Problem tritt auch nie beim Systemstart auf, sondern erst nachdem das System einige Zeit gelaufen ist. Desweiteren hab ich das merkwürdige Problem, dass wenn ich vom PC weggehen, mein Headset weglegen, dann wiederkomme und es aufsetze. Das Geräusch kommt, als wenn ein USB-Gerät eingesteckt würde. Google konnte mir nicht weiterhelfen. Da gibt es Leute die das gleiche Problem schildern, aber ohne jegliche Lösungen, lediglich Spekulationen. Emsisoft und Malwarebytes mit Rootkiterkennung sowie TDSSKiller konnten nichts finden. Die FRST-Logs sind von gestern als das Problem mit der dllhost.exe aufgetreten ist. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by T (administrator) on TIMPC on 25-01-2015 20:36:14
Running from C:\Users\T\Desktop
Loaded Profiles: T (Available profiles: T)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(TeamSpeak Systems GmbH) F:\Program Files(x86)\TeamSpeak 3 Client\ts3client_win64.exe
(Mozilla Corporation) F:\Program Files(x86)\Mozilla Firefox\firefox.exe
(Sysinternals - www.sysinternals.com) C:\Users\T\Desktop\TB\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\T\AppData\Local\Temp\procexp64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4997872 2014-12-31] (Emsisoft GmbH)
HKU\S-1-5-21-3416555695-689590634-2451952551-1000\...\MountPoints2: {39072ab4-e697-11e3-aa48-806e6f6e6963} - D:\Run.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\T\AppData\Roaming\Mozilla\Firefox\Profiles\cnbaf2xm.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: NoScript - C:\Users\T\AppData\Roaming\Mozilla\Firefox\Profiles\cnbaf2xm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-01]
FF Extension: Adblock Plus - C:\Users\T\AppData\Roaming\Mozilla\Firefox\Profiles\cnbaf2xm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-28]
StartMenuInternet: FIREFOX.EXE - F:\Program Files(x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-25 20:36 - 2015-01-25 20:36 - 00004608 _____ () C:\Users\T\Desktop\FRST.txt
2015-01-25 20:34 - 2015-01-25 20:34 - 02129920 _____ (Farbar) C:\Users\T\Desktop\FRST64.exe
2015-01-25 19:06 - 2015-01-25 19:06 - 00000000 ____D () C:\Users\T\AppData\Roaming\Macromedia
2015-01-25 19:06 - 2015-01-25 19:06 - 00000000 ____D () C:\Users\T\AppData\Roaming\Adobe
2015-01-25 19:06 - 2015-01-25 19:06 - 00000000 ____D () C:\Users\T\AppData\Local\Macromedia
2015-01-25 19:04 - 2015-01-25 19:04 - 18126512 _____ (Adobe Systems Incorporated) C:\Users\T\Downloads\install_flash_player_16_plugin.exe
2015-01-25 19:04 - 2015-01-25 19:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 19:04 - 2015-01-25 19:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 05:20 - 2015-01-23 05:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-23 05:19 - 2015-01-23 05:19 - 00880784 _____ (Google Inc.) C:\Users\T\Downloads\ChromeSetup.exe
2015-01-21 07:20 - 2015-01-23 06:50 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\T\Desktop\tdsskiller.exe
2015-01-14 16:04 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:04 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:04 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 16:04 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 16:04 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 16:04 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 16:04 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:21 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:21 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:21 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:21 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:21 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:21 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-25 20:36 - 2014-09-10 16:08 - 00000000 ____D () C:\FRST
2015-01-25 19:52 - 2014-06-17 00:40 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-01-25 19:26 - 2014-05-28 19:40 - 01985517 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 17:58 - 2014-05-29 02:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 11:39 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 11:39 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 11:36 - 2011-04-12 08:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 11:36 - 2011-04-12 08:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 11:36 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 11:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 11:32 - 2009-07-14 05:51 - 00043088 _____ () C:\Windows\setupact.log
2015-01-23 13:27 - 2010-11-21 04:47 - 00007636 _____ () C:\Windows\PFRO.log
2015-01-19 23:57 - 2014-07-16 23:12 - 00000000 ____D () C:\Users\T\Documents\ManiaPlanet
2015-01-19 23:05 - 2014-05-29 00:36 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2015-01-14 16:06 - 2014-05-28 20:42 - 01592032 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 16:05 - 2014-05-28 20:20 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 16:05 - 2014-05-28 20:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-02 16:08 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\T\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\T\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\T\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\T\AppData\Local\Temp\nvStInst.exe
C:\Users\T\AppData\Local\Temp\procexp64.exe
C:\Users\T\AppData\Local\Temp\Quarantine.exe
C:\Users\T\AppData\Local\Temp\sqlite3.dll
C:\Users\T\AppData\Local\Temp\swt-win32-3349.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-24 00:29
==================== End Of Log ============================
--- --- --- --- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by T at 2015-01-25 20:36:28
Running from C:\Users\T\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Firefox 35.0 (x86 de) (HKU\S-1-5-21-3416555695-689590634-2451952551-1000\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-01-2015 16:12:23 Windows Update
06-01-2015 20:59:54 Windows Update
13-01-2015 17:44:37 Windows Update
14-01-2015 16:04:53 Windows Update
15-01-2015 03:18:08 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
15-01-2015 03:18:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
20-01-2015 22:02:48 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
==================== Loaded Modules (whitelisted) =============
2014-05-28 22:52 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-06-20 08:48 - 2014-08-06 10:11 - 00102344 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-06-20 08:49 - 2014-08-06 10:11 - 00108488 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-06-20 08:54 - 2014-08-06 10:11 - 00563656 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-06-20 08:55 - 2014-08-06 10:11 - 00579016 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-01-14 03:51 - 2015-01-14 03:51 - 03925104 _____ () F:\Program Files(x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3416555695-689590634-2451952551-500 - Administrator - Disabled)
Gast (S-1-5-21-3416555695-689590634-2451952551-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3416555695-689590634-2451952551-1002 - Limited - Enabled)
T (S-1-5-21-3416555695-689590634-2451952551-1000 - Administrator - Enabled) => C:\Users\T
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2015 11:34:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 04:52:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 04:56:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 01:29:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/22/2015 11:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/22/2015 00:20:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/21/2015 09:11:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 00:45:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 06:35:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 06:28:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/24/2015 03:55:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/24/2015 03:55:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/20/2015 02:05:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/20/2015 02:05:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (11/20/2014 02:17:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/20/2014 02:17:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (11/13/2014 03:51:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/13/2014 03:51:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (11/03/2014 09:28:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.11.2014 um 09:26:03 unerwartet heruntergefahren.
Error: (10/23/2014 01:04:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (01/25/2015 11:34:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 04:52:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 04:56:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 01:29:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/22/2015 11:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/22/2015 00:20:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/21/2015 09:11:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 00:45:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 06:35:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 06:28:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8152.05 MB
Available physical RAM: 6125.03 MB
Total Pagefile: 16302.29 MB
Available Pagefile: 14052.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.57 GB) (Free:70.86 GB) NTFS
Drive f: (HDD) (Fixed) (Total:1863.01 GB) (Free:1732.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7E9DF4B4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 7E9DF4A3)
Partition: GPT Partition Type.
==================== End Of Log ============================
Danke für die Hilfe  Edit: Screenie vom Prozess mittels Processexplorer
__________________ Beste Grüße, Kuhlambo12  Geändert von kuhlambo12 (26.01.2015 um 11:24 Uhr) |
|
26.01.2015, 11:21
| #2 |
| /// the machine /// TB-Ausbilder    | dllhost.exe poppt alle 10-20 Sekunden auf hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
26.01.2015, 11:36
| #3 |
| | dllhost.exe poppt alle 10-20 Sekunden auf Dank dir schrauber für die schnelle Antwort,
__________________TDSSKiller: Code:
ATTFilter 11:30:19.0691 0x0de0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:30:19.0691 0x0de0 UEFI system
11:30:22.0443 0x0de0 ============================================================
11:30:22.0443 0x0de0 Current date / time: 2015/01/26 11:30:22.0443
11:30:22.0443 0x0de0 SystemInfo:
11:30:22.0443 0x0de0
11:30:22.0443 0x0de0 OS Version: 6.1.7601 ServicePack: 1.0
11:30:22.0443 0x0de0 Product type: Workstation
11:30:22.0443 0x0de0 ComputerName: TIMPC
11:30:22.0443 0x0de0 UserName: T
11:30:22.0443 0x0de0 Windows directory: C:\Windows
11:30:22.0443 0x0de0 System windows directory: C:\Windows
11:30:22.0443 0x0de0 Running under WOW64
11:30:22.0443 0x0de0 Processor architecture: Intel x64
11:30:22.0443 0x0de0 Number of processors: 4
11:30:22.0443 0x0de0 Page size: 0x1000
11:30:22.0443 0x0de0 Boot type: Normal boot
11:30:22.0443 0x0de0 ============================================================
11:30:22.0709 0x0de0 KLMD registered as C:\Windows\system32\drivers\22773668.sys
11:30:22.0761 0x0de0 System UUID: {E64CA34E-AAAA-A021-695D-6CE67B871CDB}
11:30:23.0019 0x0de0 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:30:23.0019 0x0de0 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:30:23.0021 0x0de0 ============================================================
11:30:23.0021 0x0de0 \Device\Harddisk0\DR0:
11:30:23.0021 0x0de0 MBR partitions:
11:30:23.0021 0x0de0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
11:30:23.0021 0x0de0 \Device\Harddisk1\DR1:
11:30:23.0021 0x0de0 GPT partitions:
11:30:23.0022 0x0de0 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D6E29067-4F04-4FE7-92B8-8C3D9584DA27}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
11:30:23.0022 0x0de0 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {048E93F5-A0E4-443D-A2C0-E1D5C0FB5291}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
11:30:23.0022 0x0de0 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F61201C9-273A-4628-86E2-6FA82D3B2BD0}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xDF22000
11:30:23.0022 0x0de0 MBR partitions:
11:30:23.0022 0x0de0 ============================================================
11:30:23.0023 0x0de0 C: <-> \Device\Harddisk1\DR1\Partition3
11:30:23.0033 0x0de0 F: <-> \Device\Harddisk0\DR0\Partition1
11:30:23.0033 0x0de0 ============================================================
11:30:23.0033 0x0de0 Initialize success
11:30:23.0033 0x0de0 ============================================================
11:30:52.0319 0x0ec0 ============================================================
11:30:52.0319 0x0ec0 Scan started
11:30:52.0319 0x0ec0 Mode: Manual; SigCheck; TDLFS;
11:30:52.0319 0x0ec0 ============================================================
11:30:52.0319 0x0ec0 KSN ping started
11:30:54.0667 0x0ec0 KSN ping finished: true
11:30:55.0479 0x0ec0 ================ Scan system memory ========================
11:30:55.0479 0x0ec0 System memory - ok
11:30:55.0479 0x0ec0 ================ Scan services =============================
11:30:55.0517 0x0ec0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:30:55.0578 0x0ec0 1394ohci - ok
11:30:55.0587 0x0ec0 [ 73C035299E3044636104CA7A7634A6AC, ED1D4904E2D1D1C72ED9697297AE1B64860098BA2F6F63F7A1426413007DF138 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
11:30:55.0606 0x0ec0 a2acc - ok
11:30:55.0687 0x0ec0 [ 32603217913987F5CEF9E5A05905CEC4, F997513C96BC2B00D5DD00D96AD7A7CD341709FA5F1441A7BC5ABB22977D2E2E ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
11:30:55.0768 0x0ec0 a2AntiMalware - ok
11:30:55.0776 0x0ec0 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
11:30:55.0787 0x0ec0 A2DDA - ok
11:30:55.0789 0x0ec0 [ 05936579605018BD2BC528FF2C1AD95F, 763C2E76F9078F6A74D5BCCB4DD8A10C82AEB9C9F5A45C3706A587FA2D03E7D3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
11:30:55.0800 0x0ec0 a2injectiondriver - ok
11:30:55.0802 0x0ec0 [ B1AB7116D14667A2238DAEFE20B7F4D0, DC8A9093A6F759657C3354931A462FCCAF3533A907FB7152380EB2E9B4AD3BF8 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
11:30:55.0812 0x0ec0 a2util - ok
11:30:55.0820 0x0ec0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:30:55.0834 0x0ec0 ACPI - ok
11:30:55.0836 0x0ec0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:30:55.0856 0x0ec0 AcpiPmi - ok
11:30:55.0867 0x0ec0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:30:55.0883 0x0ec0 adp94xx - ok
11:30:55.0891 0x0ec0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:30:55.0905 0x0ec0 adpahci - ok
11:30:55.0911 0x0ec0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:30:55.0923 0x0ec0 adpu320 - ok
11:30:55.0927 0x0ec0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:30:55.0990 0x0ec0 AeLookupSvc - ok
11:30:56.0000 0x0ec0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
11:30:56.0018 0x0ec0 AFD - ok
11:30:56.0022 0x0ec0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:30:56.0032 0x0ec0 agp440 - ok
11:30:56.0036 0x0ec0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:30:56.0051 0x0ec0 ALG - ok
11:30:56.0054 0x0ec0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:30:56.0064 0x0ec0 aliide - ok
11:30:56.0067 0x0ec0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:30:56.0076 0x0ec0 amdide - ok
11:30:56.0079 0x0ec0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:30:56.0091 0x0ec0 AmdK8 - ok
11:30:56.0094 0x0ec0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:30:56.0106 0x0ec0 AmdPPM - ok
11:30:56.0110 0x0ec0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:30:56.0121 0x0ec0 amdsata - ok
11:30:56.0127 0x0ec0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:30:56.0139 0x0ec0 amdsbs - ok
11:30:56.0142 0x0ec0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:30:56.0152 0x0ec0 amdxata - ok
11:30:56.0155 0x0ec0 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
11:30:56.0167 0x0ec0 AppID - ok
11:30:56.0170 0x0ec0 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:30:56.0182 0x0ec0 AppIDSvc - ok
11:30:56.0185 0x0ec0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
11:30:56.0198 0x0ec0 Appinfo - ok
11:30:56.0202 0x0ec0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
11:30:56.0212 0x0ec0 arc - ok
11:30:56.0216 0x0ec0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:30:56.0227 0x0ec0 arcsas - ok
11:30:56.0238 0x0ec0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:30:56.0250 0x0ec0 aspnet_state - ok
11:30:56.0253 0x0ec0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:56.0276 0x0ec0 AsyncMac - ok
11:30:56.0279 0x0ec0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:30:56.0289 0x0ec0 atapi - ok
11:30:56.0302 0x0ec0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:30:56.0323 0x0ec0 AudioEndpointBuilder - ok
11:30:56.0335 0x0ec0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:30:56.0355 0x0ec0 AudioSrv - ok
11:30:56.0360 0x0ec0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:30:56.0375 0x0ec0 AxInstSV - ok
11:30:56.0385 0x0ec0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:30:56.0402 0x0ec0 b06bdrv - ok
11:30:56.0409 0x0ec0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:30:56.0424 0x0ec0 b57nd60a - ok
11:30:56.0430 0x0ec0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:30:56.0443 0x0ec0 BDESVC - ok
11:30:56.0445 0x0ec0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:30:56.0468 0x0ec0 Beep - ok
11:30:56.0483 0x0ec0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:30:56.0504 0x0ec0 BFE - ok
11:30:56.0520 0x0ec0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:30:56.0554 0x0ec0 BITS - ok
11:30:56.0558 0x0ec0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:30:56.0570 0x0ec0 blbdrive - ok
11:30:56.0574 0x0ec0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:30:56.0586 0x0ec0 bowser - ok
11:30:56.0588 0x0ec0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:30:56.0601 0x0ec0 BrFiltLo - ok
11:30:56.0603 0x0ec0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:30:56.0616 0x0ec0 BrFiltUp - ok
11:30:56.0620 0x0ec0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:30:56.0634 0x0ec0 Browser - ok
11:30:56.0642 0x0ec0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:30:56.0658 0x0ec0 Brserid - ok
11:30:56.0661 0x0ec0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:30:56.0677 0x0ec0 BrSerWdm - ok
11:30:56.0679 0x0ec0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:30:56.0692 0x0ec0 BrUsbMdm - ok
11:30:56.0695 0x0ec0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:30:56.0706 0x0ec0 BrUsbSer - ok
11:30:56.0710 0x0ec0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:30:56.0723 0x0ec0 BTHMODEM - ok
11:30:56.0728 0x0ec0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:30:56.0754 0x0ec0 bthserv - ok
11:30:56.0758 0x0ec0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:30:56.0783 0x0ec0 cdfs - ok
11:30:56.0788 0x0ec0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:30:56.0802 0x0ec0 cdrom - ok
11:30:56.0806 0x0ec0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:30:56.0831 0x0ec0 CertPropSvc - ok
11:30:56.0834 0x0ec0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
11:30:56.0847 0x0ec0 circlass - ok
11:30:56.0850 0x0ec0 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
11:30:56.0861 0x0ec0 cleanhlp - ok
11:30:56.0869 0x0ec0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
11:30:56.0884 0x0ec0 CLFS - ok
11:30:56.0891 0x0ec0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:56.0902 0x0ec0 clr_optimization_v2.0.50727_32 - ok
11:30:56.0908 0x0ec0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:30:56.0920 0x0ec0 clr_optimization_v2.0.50727_64 - ok
11:30:56.0930 0x0ec0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:30:56.0942 0x0ec0 clr_optimization_v4.0.30319_32 - ok
11:30:56.0946 0x0ec0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:30:56.0958 0x0ec0 clr_optimization_v4.0.30319_64 - ok
11:30:56.0961 0x0ec0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:30:56.0974 0x0ec0 CmBatt - ok
11:30:56.0976 0x0ec0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:30:56.0986 0x0ec0 cmdide - ok
11:30:56.0996 0x0ec0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
11:30:57.0016 0x0ec0 CNG - ok
11:30:57.0019 0x0ec0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:30:57.0029 0x0ec0 Compbatt - ok
11:30:57.0033 0x0ec0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:30:57.0046 0x0ec0 CompositeBus - ok
11:30:57.0049 0x0ec0 COMSysApp - ok
11:30:57.0052 0x0ec0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:30:57.0062 0x0ec0 crcdisk - ok
11:30:57.0068 0x0ec0 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:30:57.0083 0x0ec0 CryptSvc - ok
11:30:57.0087 0x0ec0 [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
11:30:57.0098 0x0ec0 dc3d - ok
11:30:57.0109 0x0ec0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:30:57.0140 0x0ec0 DcomLaunch - ok
11:30:57.0147 0x0ec0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:30:57.0175 0x0ec0 defragsvc - ok
11:30:57.0179 0x0ec0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:30:57.0203 0x0ec0 DfsC - ok
11:30:57.0212 0x0ec0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:30:57.0228 0x0ec0 Dhcp - ok
11:30:57.0232 0x0ec0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:30:57.0256 0x0ec0 discache - ok
11:30:57.0260 0x0ec0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
11:30:57.0271 0x0ec0 Disk - ok
11:30:57.0277 0x0ec0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:30:57.0291 0x0ec0 Dnscache - ok
11:30:57.0298 0x0ec0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:30:57.0325 0x0ec0 dot3svc - ok
11:30:57.0331 0x0ec0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:30:57.0356 0x0ec0 DPS - ok
11:30:57.0359 0x0ec0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:30:57.0372 0x0ec0 drmkaud - ok
11:30:57.0390 0x0ec0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:30:57.0413 0x0ec0 DXGKrnl - ok
11:30:57.0419 0x0ec0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:30:57.0444 0x0ec0 EapHost - ok
11:30:57.0510 0x0ec0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:30:57.0567 0x0ec0 ebdrv - ok
11:30:57.0575 0x0ec0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
11:30:57.0589 0x0ec0 EFS - ok
11:30:57.0600 0x0ec0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:30:57.0617 0x0ec0 elxstor - ok
11:30:57.0620 0x0ec0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:30:57.0632 0x0ec0 ErrDev - ok
11:30:57.0644 0x0ec0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:30:57.0673 0x0ec0 EventSystem - ok
11:30:57.0680 0x0ec0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:30:57.0706 0x0ec0 exfat - ok
11:30:57.0711 0x0ec0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:30:57.0737 0x0ec0 fastfat - ok
11:30:57.0751 0x0ec0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
11:30:57.0772 0x0ec0 Fax - ok
11:30:57.0776 0x0ec0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
11:30:57.0788 0x0ec0 fdc - ok
11:30:57.0791 0x0ec0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:30:57.0814 0x0ec0 fdPHost - ok
11:30:57.0817 0x0ec0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:30:57.0841 0x0ec0 FDResPub - ok
11:30:57.0844 0x0ec0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:30:57.0855 0x0ec0 FileInfo - ok
11:30:57.0858 0x0ec0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:30:57.0881 0x0ec0 Filetrace - ok
11:30:57.0885 0x0ec0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:30:57.0896 0x0ec0 flpydisk - ok
11:30:57.0904 0x0ec0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:30:57.0917 0x0ec0 FltMgr - ok
11:30:57.0938 0x0ec0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
11:30:57.0968 0x0ec0 FontCache - ok
11:30:57.0972 0x0ec0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:30:57.0982 0x0ec0 FontCache3.0.0.0 - ok
11:30:57.0985 0x0ec0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:30:57.0996 0x0ec0 FsDepends - ok
11:30:57.0999 0x0ec0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:30:58.0009 0x0ec0 Fs_Rec - ok
11:30:58.0015 0x0ec0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:30:58.0030 0x0ec0 fvevol - ok
11:30:58.0034 0x0ec0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:30:58.0044 0x0ec0 gagp30kx - ok
11:30:58.0059 0x0ec0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
11:30:58.0093 0x0ec0 gpsvc - ok
11:30:58.0097 0x0ec0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:30:58.0109 0x0ec0 hcw85cir - ok
11:30:58.0117 0x0ec0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:30:58.0134 0x0ec0 HdAudAddService - ok
11:30:58.0140 0x0ec0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:30:58.0154 0x0ec0 HDAudBus - ok
11:30:58.0157 0x0ec0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:30:58.0168 0x0ec0 HidBatt - ok
11:30:58.0172 0x0ec0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:30:58.0186 0x0ec0 HidBth - ok
11:30:58.0190 0x0ec0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
11:30:58.0203 0x0ec0 HidIr - ok
11:30:58.0206 0x0ec0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:30:58.0230 0x0ec0 hidserv - ok
11:30:58.0234 0x0ec0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:30:58.0245 0x0ec0 HidUsb - ok
11:30:58.0250 0x0ec0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:30:58.0274 0x0ec0 hkmsvc - ok
11:30:58.0281 0x0ec0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:30:58.0296 0x0ec0 HomeGroupListener - ok
11:30:58.0302 0x0ec0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:30:58.0316 0x0ec0 HomeGroupProvider - ok
11:30:58.0320 0x0ec0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:30:58.0331 0x0ec0 HpSAMD - ok
11:30:58.0345 0x0ec0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:30:58.0378 0x0ec0 HTTP - ok
11:30:58.0382 0x0ec0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:30:58.0392 0x0ec0 hwpolicy - ok
11:30:58.0395 0x0ec0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:30:58.0408 0x0ec0 i8042prt - ok
11:30:58.0420 0x0ec0 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:30:58.0437 0x0ec0 iaStor - ok
11:30:58.0447 0x0ec0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:30:58.0462 0x0ec0 iaStorV - ok
11:30:58.0479 0x0ec0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:30:58.0501 0x0ec0 idsvc - ok
11:30:58.0505 0x0ec0 IEEtwCollectorService - ok
11:30:58.0508 0x0ec0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:30:58.0519 0x0ec0 iirsp - ok
11:30:58.0536 0x0ec0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:30:58.0559 0x0ec0 IKEEXT - ok
11:30:58.0563 0x0ec0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:30:58.0573 0x0ec0 intelide - ok
11:30:58.0577 0x0ec0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:30:58.0589 0x0ec0 intelppm - ok
11:30:58.0593 0x0ec0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:30:58.0618 0x0ec0 IPBusEnum - ok
11:30:58.0622 0x0ec0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:30:58.0646 0x0ec0 IpFilterDriver - ok
11:30:58.0658 0x0ec0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:30:58.0678 0x0ec0 iphlpsvc - ok
11:30:58.0683 0x0ec0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:30:58.0695 0x0ec0 IPMIDRV - ok
11:30:58.0700 0x0ec0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:30:58.0724 0x0ec0 IPNAT - ok
11:30:58.0727 0x0ec0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:30:58.0741 0x0ec0 IRENUM - ok
11:30:58.0744 0x0ec0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:30:58.0754 0x0ec0 isapnp - ok
11:30:58.0761 0x0ec0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:30:58.0775 0x0ec0 iScsiPrt - ok
11:30:58.0783 0x0ec0 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
11:30:58.0797 0x0ec0 iusb3hub - ok
11:30:58.0813 0x0ec0 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:30:58.0833 0x0ec0 iusb3xhc - ok
11:30:58.0837 0x0ec0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:30:58.0847 0x0ec0 kbdclass - ok
11:30:58.0851 0x0ec0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:30:58.0862 0x0ec0 kbdhid - ok
11:30:58.0866 0x0ec0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
11:30:58.0878 0x0ec0 KeyIso - ok
11:30:58.0882 0x0ec0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:30:58.0893 0x0ec0 KSecDD - ok
11:30:58.0898 0x0ec0 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:30:58.0910 0x0ec0 KSecPkg - ok
11:30:58.0914 0x0ec0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:30:58.0938 0x0ec0 ksthunk - ok
11:30:58.0947 0x0ec0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:30:58.0976 0x0ec0 KtmRm - ok
11:30:58.0981 0x0ec0 [ A43A9920D2409BB9DA747D2FD20A2E61, 6D48897F3B9F0D04FC0C09017A34F1614C708476829F275682963F162BCBE8A0 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:30:58.0992 0x0ec0 L1C - ok
11:30:58.0999 0x0ec0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:30:59.0025 0x0ec0 LanmanServer - ok
11:30:59.0030 0x0ec0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:30:59.0056 0x0ec0 LanmanWorkstation - ok
11:30:59.0062 0x0ec0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:30:59.0086 0x0ec0 lltdio - ok
11:30:59.0093 0x0ec0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:30:59.0122 0x0ec0 lltdsvc - ok
11:30:59.0125 0x0ec0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:30:59.0151 0x0ec0 lmhosts - ok
11:30:59.0158 0x0ec0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:30:59.0169 0x0ec0 LSI_FC - ok
11:30:59.0174 0x0ec0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:30:59.0185 0x0ec0 LSI_SAS - ok
11:30:59.0189 0x0ec0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:30:59.0200 0x0ec0 LSI_SAS2 - ok
11:30:59.0205 0x0ec0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:30:59.0216 0x0ec0 LSI_SCSI - ok
11:30:59.0221 0x0ec0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:30:59.0246 0x0ec0 luafv - ok
11:30:59.0249 0x0ec0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
11:30:59.0259 0x0ec0 megasas - ok
11:30:59.0267 0x0ec0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:30:59.0281 0x0ec0 MegaSR - ok
11:30:59.0285 0x0ec0 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:30:59.0295 0x0ec0 MEIx64 - ok
11:30:59.0299 0x0ec0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:30:59.0324 0x0ec0 MMCSS - ok
11:30:59.0327 0x0ec0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:30:59.0351 0x0ec0 Modem - ok
11:30:59.0354 0x0ec0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:30:59.0367 0x0ec0 monitor - ok
11:30:59.0371 0x0ec0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:30:59.0382 0x0ec0 mouclass - ok
11:30:59.0385 0x0ec0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:30:59.0397 0x0ec0 mouhid - ok
11:30:59.0402 0x0ec0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:30:59.0412 0x0ec0 mountmgr - ok
11:30:59.0419 0x0ec0 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:30:59.0430 0x0ec0 MozillaMaintenance - ok
11:30:59.0435 0x0ec0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:30:59.0447 0x0ec0 mpio - ok
11:30:59.0451 0x0ec0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:30:59.0475 0x0ec0 mpsdrv - ok
11:30:59.0491 0x0ec0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:30:59.0525 0x0ec0 MpsSvc - ok
11:30:59.0531 0x0ec0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:30:59.0544 0x0ec0 MRxDAV - ok
11:30:59.0549 0x0ec0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:30:59.0562 0x0ec0 mrxsmb - ok
11:30:59.0570 0x0ec0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:30:59.0585 0x0ec0 mrxsmb10 - ok
11:30:59.0590 0x0ec0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:30:59.0602 0x0ec0 mrxsmb20 - ok
11:30:59.0606 0x0ec0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:30:59.0616 0x0ec0 msahci - ok
11:30:59.0621 0x0ec0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:30:59.0633 0x0ec0 msdsm - ok
11:30:59.0638 0x0ec0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:30:59.0652 0x0ec0 MSDTC - ok
11:30:59.0659 0x0ec0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:30:59.0682 0x0ec0 Msfs - ok
11:30:59.0685 0x0ec0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:30:59.0708 0x0ec0 mshidkmdf - ok
11:30:59.0712 0x0ec0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:30:59.0722 0x0ec0 msisadrv - ok
11:30:59.0727 0x0ec0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:30:59.0753 0x0ec0 MSiSCSI - ok
11:30:59.0756 0x0ec0 msiserver - ok
11:30:59.0759 0x0ec0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:30:59.0782 0x0ec0 MSKSSRV - ok
11:30:59.0785 0x0ec0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:30:59.0809 0x0ec0 MSPCLOCK - ok
11:30:59.0812 0x0ec0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:30:59.0836 0x0ec0 MSPQM - ok
11:30:59.0844 0x0ec0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:30:59.0859 0x0ec0 MsRPC - ok
11:30:59.0865 0x0ec0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:30:59.0876 0x0ec0 mssmbios - ok
11:30:59.0879 0x0ec0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:30:59.0904 0x0ec0 MSTEE - ok
11:30:59.0907 0x0ec0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:30:59.0919 0x0ec0 MTConfig - ok
11:30:59.0923 0x0ec0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:30:59.0934 0x0ec0 Mup - ok
11:30:59.0943 0x0ec0 [ 19BCB974EBAC7A35D4CA0495F7F088C3, 26A121DF13B3A46CE761AFC668C24FAA357481B91072AD63EFFBD58E7A2F71E5 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
11:30:59.0956 0x0ec0 mv91xx - ok
11:30:59.0967 0x0ec0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:30:59.0998 0x0ec0 napagent - ok
11:31:00.0007 0x0ec0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:31:00.0025 0x0ec0 NativeWifiP - ok
11:31:00.0044 0x0ec0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
11:31:00.0068 0x0ec0 NDIS - ok
11:31:00.0073 0x0ec0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:31:00.0097 0x0ec0 NdisCap - ok
11:31:00.0101 0x0ec0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:31:00.0125 0x0ec0 NdisTapi - ok
11:31:00.0129 0x0ec0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:31:00.0153 0x0ec0 Ndisuio - ok
11:31:00.0158 0x0ec0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:31:00.0183 0x0ec0 NdisWan - ok
11:31:00.0187 0x0ec0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:31:00.0211 0x0ec0 NDProxy - ok
11:31:00.0215 0x0ec0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:31:00.0239 0x0ec0 NetBIOS - ok
11:31:00.0246 0x0ec0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:31:00.0272 0x0ec0 NetBT - ok
11:31:00.0276 0x0ec0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
11:31:00.0288 0x0ec0 Netlogon - ok
11:31:00.0297 0x0ec0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:31:00.0326 0x0ec0 Netman - ok
11:31:00.0331 0x0ec0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:00.0344 0x0ec0 NetMsmqActivator - ok
11:31:00.0348 0x0ec0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:00.0361 0x0ec0 NetPipeActivator - ok
11:31:00.0371 0x0ec0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:31:00.0401 0x0ec0 netprofm - ok
11:31:00.0407 0x0ec0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:00.0419 0x0ec0 NetTcpActivator - ok
11:31:00.0424 0x0ec0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:00.0436 0x0ec0 NetTcpPortSharing - ok
11:31:00.0440 0x0ec0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:31:00.0450 0x0ec0 nfrd960 - ok
11:31:00.0459 0x0ec0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:31:00.0475 0x0ec0 NlaSvc - ok
11:31:00.0479 0x0ec0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:31:00.0502 0x0ec0 Npfs - ok
11:31:00.0506 0x0ec0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:31:00.0530 0x0ec0 nsi - ok
11:31:00.0534 0x0ec0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:31:00.0557 0x0ec0 nsiproxy - ok
11:31:00.0590 0x0ec0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:31:00.0622 0x0ec0 Ntfs - ok
11:31:00.0628 0x0ec0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:31:00.0651 0x0ec0 Null - ok
11:31:00.0658 0x0ec0 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:31:00.0670 0x0ec0 NVHDA - ok
11:31:00.0880 0x0ec0 [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:31:01.0063 0x0ec0 nvlddmkm - ok
11:31:01.0082 0x0ec0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:31:01.0094 0x0ec0 nvraid - ok
11:31:01.0100 0x0ec0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:31:01.0113 0x0ec0 nvstor - ok
11:31:01.0131 0x0ec0 [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:31:01.0154 0x0ec0 nvsvc - ok
11:31:01.0160 0x0ec0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:31:01.0171 0x0ec0 nv_agp - ok
11:31:01.0175 0x0ec0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:31:01.0188 0x0ec0 ohci1394 - ok
11:31:01.0196 0x0ec0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:31:01.0213 0x0ec0 p2pimsvc - ok
11:31:01.0223 0x0ec0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:31:01.0241 0x0ec0 p2psvc - ok
11:31:01.0246 0x0ec0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
11:31:01.0258 0x0ec0 Parport - ok
11:31:01.0263 0x0ec0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:31:01.0274 0x0ec0 partmgr - ok
11:31:01.0280 0x0ec0 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:31:01.0295 0x0ec0 PcaSvc - ok
11:31:01.0302 0x0ec0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:31:01.0314 0x0ec0 pci - ok
11:31:01.0318 0x0ec0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:31:01.0327 0x0ec0 pciide - ok
11:31:01.0334 0x0ec0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:31:01.0347 0x0ec0 pcmcia - ok
11:31:01.0351 0x0ec0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:31:01.0362 0x0ec0 pcw - ok
11:31:01.0376 0x0ec0 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:31:01.0396 0x0ec0 PEAUTH - ok
11:31:01.0423 0x0ec0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:31:01.0435 0x0ec0 PerfHost - ok
11:31:01.0468 0x0ec0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:31:01.0509 0x0ec0 pla - ok
11:31:01.0522 0x0ec0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:31:01.0540 0x0ec0 PlugPlay - ok
11:31:01.0544 0x0ec0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:31:01.0556 0x0ec0 PNRPAutoReg - ok
11:31:01.0565 0x0ec0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:31:01.0580 0x0ec0 PNRPsvc - ok
11:31:01.0592 0x0ec0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:31:01.0622 0x0ec0 PolicyAgent - ok
11:31:01.0631 0x0ec0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
11:31:01.0657 0x0ec0 Power - ok
11:31:01.0663 0x0ec0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:31:01.0686 0x0ec0 PptpMiniport - ok
11:31:01.0691 0x0ec0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
11:31:01.0703 0x0ec0 Processor - ok
11:31:01.0710 0x0ec0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
11:31:01.0725 0x0ec0 ProfSvc - ok
11:31:01.0729 0x0ec0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:31:01.0740 0x0ec0 ProtectedStorage - ok
11:31:01.0746 0x0ec0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:31:01.0771 0x0ec0 Psched - ok
11:31:01.0799 0x0ec0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:31:01.0830 0x0ec0 ql2300 - ok
11:31:01.0837 0x0ec0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:31:01.0849 0x0ec0 ql40xx - ok
11:31:01.0856 0x0ec0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:31:01.0874 0x0ec0 QWAVE - ok
11:31:01.0878 0x0ec0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:31:01.0892 0x0ec0 QWAVEdrv - ok
11:31:01.0896 0x0ec0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:31:01.0920 0x0ec0 RasAcd - ok
11:31:01.0925 0x0ec0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:31:01.0949 0x0ec0 RasAgileVpn - ok
11:31:01.0955 0x0ec0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:31:01.0980 0x0ec0 RasAuto - ok
11:31:01.0986 0x0ec0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:31:02.0011 0x0ec0 Rasl2tp - ok
11:31:02.0020 0x0ec0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:31:02.0048 0x0ec0 RasMan - ok
11:31:02.0054 0x0ec0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:31:02.0078 0x0ec0 RasPppoe - ok
11:31:02.0083 0x0ec0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:31:02.0108 0x0ec0 RasSstp - ok
11:31:02.0117 0x0ec0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:31:02.0144 0x0ec0 rdbss - ok
11:31:02.0149 0x0ec0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:31:02.0161 0x0ec0 rdpbus - ok
11:31:02.0165 0x0ec0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:31:02.0189 0x0ec0 RDPCDD - ok
11:31:02.0196 0x0ec0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:31:02.0219 0x0ec0 RDPENCDD - ok
11:31:02.0225 0x0ec0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:31:02.0249 0x0ec0 RDPREFMP - ok
11:31:02.0257 0x0ec0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:31:02.0269 0x0ec0 RdpVideoMiniport - ok
11:31:02.0276 0x0ec0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:31:02.0291 0x0ec0 RDPWD - ok
11:31:02.0299 0x0ec0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:31:02.0312 0x0ec0 rdyboost - ok
11:31:02.0318 0x0ec0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:31:02.0343 0x0ec0 RemoteAccess - ok
11:31:02.0349 0x0ec0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:31:02.0375 0x0ec0 RemoteRegistry - ok
11:31:02.0380 0x0ec0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:31:02.0404 0x0ec0 RpcEptMapper - ok
11:31:02.0408 0x0ec0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:31:02.0420 0x0ec0 RpcLocator - ok
11:31:02.0432 0x0ec0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
11:31:02.0462 0x0ec0 RpcSs - ok
11:31:02.0468 0x0ec0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:31:02.0493 0x0ec0 rspndr - ok
11:31:02.0497 0x0ec0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
11:31:02.0508 0x0ec0 SamSs - ok
11:31:02.0514 0x0ec0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:31:02.0525 0x0ec0 sbp2port - ok
11:31:02.0532 0x0ec0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:31:02.0558 0x0ec0 SCardSvr - ok
11:31:02.0563 0x0ec0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:31:02.0587 0x0ec0 scfilter - ok
11:31:02.0609 0x0ec0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
11:31:02.0647 0x0ec0 Schedule - ok
11:31:02.0653 0x0ec0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:31:02.0676 0x0ec0 SCPolicySvc - ok
11:31:02.0683 0x0ec0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:31:02.0697 0x0ec0 SDRSVC - ok
11:31:02.0702 0x0ec0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:31:02.0726 0x0ec0 secdrv - ok
11:31:02.0730 0x0ec0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
11:31:02.0754 0x0ec0 seclogon - ok
11:31:02.0759 0x0ec0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:31:02.0784 0x0ec0 SENS - ok
11:31:02.0790 0x0ec0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:31:02.0803 0x0ec0 SensrSvc - ok
11:31:02.0807 0x0ec0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:31:02.0819 0x0ec0 Serenum - ok
11:31:02.0825 0x0ec0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
11:31:02.0838 0x0ec0 Serial - ok
11:31:02.0842 0x0ec0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:31:02.0854 0x0ec0 sermouse - ok
11:31:02.0868 0x0ec0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:31:02.0893 0x0ec0 SessionEnv - ok
11:31:02.0897 0x0ec0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:31:02.0910 0x0ec0 sffdisk - ok
11:31:02.0915 0x0ec0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:31:02.0927 0x0ec0 sffp_mmc - ok
11:31:02.0932 0x0ec0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:31:02.0944 0x0ec0 sffp_sd - ok
11:31:02.0949 0x0ec0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:31:02.0960 0x0ec0 sfloppy - ok
11:31:02.0970 0x0ec0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:31:02.0998 0x0ec0 SharedAccess - ok
11:31:03.0010 0x0ec0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:31:03.0038 0x0ec0 ShellHWDetection - ok
11:31:03.0043 0x0ec0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:31:03.0053 0x0ec0 SiSRaid2 - ok
11:31:03.0058 0x0ec0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:31:03.0070 0x0ec0 SiSRaid4 - ok
11:31:03.0075 0x0ec0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:31:03.0100 0x0ec0 Smb - ok
11:31:03.0110 0x0ec0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:31:03.0122 0x0ec0 SNMPTRAP - ok
11:31:03.0126 0x0ec0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:31:03.0136 0x0ec0 spldr - ok
11:31:03.0150 0x0ec0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
11:31:03.0170 0x0ec0 Spooler - ok
11:31:03.0240 0x0ec0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:31:03.0314 0x0ec0 sppsvc - ok
11:31:03.0324 0x0ec0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:31:03.0349 0x0ec0 sppuinotify - ok
11:31:03.0360 0x0ec0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:31:03.0452 0x0ec0 srv - ok
11:31:03.0463 0x0ec0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:31:03.0481 0x0ec0 srv2 - ok
11:31:03.0488 0x0ec0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:31:03.0502 0x0ec0 srvnet - ok
11:31:03.0509 0x0ec0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:31:03.0536 0x0ec0 SSDPSRV - ok
11:31:03.0542 0x0ec0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:31:03.0567 0x0ec0 SstpSvc - ok
11:31:03.0586 0x0ec0 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:31:03.0605 0x0ec0 Steam Client Service - ok
11:31:03.0611 0x0ec0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:31:03.0620 0x0ec0 stexstor - ok
11:31:03.0634 0x0ec0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:31:03.0656 0x0ec0 stisvc - ok
11:31:03.0661 0x0ec0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:31:03.0671 0x0ec0 swenum - ok
11:31:03.0685 0x0ec0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:31:03.0716 0x0ec0 swprv - ok
11:31:03.0750 0x0ec0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
11:31:03.0789 0x0ec0 SysMain - ok
11:31:03.0797 0x0ec0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:31:03.0812 0x0ec0 TabletInputService - ok
11:31:03.0822 0x0ec0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:31:03.0851 0x0ec0 TapiSrv - ok
11:31:03.0856 0x0ec0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
11:31:03.0881 0x0ec0 TBS - ok
11:31:03.0917 0x0ec0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:31:03.0953 0x0ec0 Tcpip - ok
11:31:03.0993 0x0ec0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:31:04.0030 0x0ec0 TCPIP6 - ok
11:31:04.0041 0x0ec0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:31:04.0053 0x0ec0 tcpipreg - ok
11:31:04.0060 0x0ec0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:31:04.0073 0x0ec0 TDPIPE - ok
11:31:04.0077 0x0ec0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:31:04.0088 0x0ec0 TDTCP - ok
11:31:04.0095 0x0ec0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:31:04.0108 0x0ec0 tdx - ok
11:31:04.0113 0x0ec0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:31:04.0123 0x0ec0 TermDD - ok
11:31:04.0139 0x0ec0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:31:04.0161 0x0ec0 TermService - ok
11:31:04.0166 0x0ec0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:31:04.0182 0x0ec0 Themes - ok
11:31:04.0187 0x0ec0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:31:04.0211 0x0ec0 THREADORDER - ok
11:31:04.0218 0x0ec0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:31:04.0244 0x0ec0 TrkWks - ok
11:31:04.0252 0x0ec0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:31:04.0277 0x0ec0 TrustedInstaller - ok
11:31:04.0286 0x0ec0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:31:04.0297 0x0ec0 tssecsrv - ok
11:31:04.0302 0x0ec0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:31:04.0315 0x0ec0 TsUsbFlt - ok
11:31:04.0319 0x0ec0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:31:04.0331 0x0ec0 TsUsbGD - ok
11:31:04.0338 0x0ec0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:31:04.0363 0x0ec0 tunnel - ok
11:31:04.0368 0x0ec0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:31:04.0378 0x0ec0 uagp35 - ok
11:31:04.0388 0x0ec0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:31:04.0415 0x0ec0 udfs - ok
11:31:04.0427 0x0ec0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:31:04.0440 0x0ec0 UI0Detect - ok
11:31:04.0445 0x0ec0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:31:04.0455 0x0ec0 uliagpkx - ok
11:31:04.0461 0x0ec0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:31:04.0472 0x0ec0 umbus - ok
11:31:04.0477 0x0ec0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
11:31:04.0489 0x0ec0 UmPass - ok
11:31:04.0499 0x0ec0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:31:04.0528 0x0ec0 upnphost - ok
11:31:04.0534 0x0ec0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:31:04.0547 0x0ec0 usbccgp - ok
11:31:04.0553 0x0ec0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:31:04.0565 0x0ec0 usbcir - ok
11:31:04.0571 0x0ec0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:31:04.0582 0x0ec0 usbehci - ok
11:31:04.0592 0x0ec0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:31:04.0608 0x0ec0 usbhub - ok
11:31:04.0613 0x0ec0 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:31:04.0624 0x0ec0 usbohci - ok
11:31:04.0629 0x0ec0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:31:04.0642 0x0ec0 usbprint - ok
11:31:04.0648 0x0ec0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:31:04.0660 0x0ec0 USBSTOR - ok
11:31:04.0667 0x0ec0 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:31:04.0679 0x0ec0 usbuhci - ok
11:31:04.0685 0x0ec0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:31:04.0709 0x0ec0 UxSms - ok
11:31:04.0714 0x0ec0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
11:31:04.0726 0x0ec0 VaultSvc - ok
11:31:04.0731 0x0ec0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:31:04.0741 0x0ec0 vdrvroot - ok
11:31:04.0754 0x0ec0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:31:04.0784 0x0ec0 vds - ok
11:31:04.0790 0x0ec0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:31:04.0802 0x0ec0 vga - ok
11:31:04.0807 0x0ec0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:31:04.0831 0x0ec0 VgaSave - ok
11:31:04.0839 0x0ec0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:31:04.0851 0x0ec0 vhdmp - ok
11:31:04.0857 0x0ec0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:31:04.0866 0x0ec0 viaide - ok
11:31:04.0872 0x0ec0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:31:04.0882 0x0ec0 volmgr - ok
11:31:04.0893 0x0ec0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:31:04.0907 0x0ec0 volmgrx - ok
11:31:04.0917 0x0ec0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:31:04.0930 0x0ec0 volsnap - ok
11:31:04.0939 0x0ec0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:31:04.0951 0x0ec0 vsmraid - ok
11:31:04.0982 0x0ec0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:31:05.0027 0x0ec0 VSS - ok
11:31:05.0038 0x0ec0 [ 316A1762BD41C3DB06EB484527838E2D, D358F9008F347BCE673C9EA5027FE9A2C169943A775DF012364965643C9AB794 ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys
11:31:05.0052 0x0ec0 VUSB3HUB - ok
11:31:05.0057 0x0ec0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:31:05.0070 0x0ec0 vwifibus - ok
11:31:05.0081 0x0ec0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:31:05.0109 0x0ec0 W32Time - ok
11:31:05.0117 0x0ec0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:31:05.0129 0x0ec0 WacomPen - ok
11:31:05.0135 0x0ec0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:31:05.0159 0x0ec0 WANARP - ok
11:31:05.0165 0x0ec0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:31:05.0188 0x0ec0 Wanarpv6 - ok
11:31:05.0218 0x0ec0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:31:05.0250 0x0ec0 wbengine - ok
11:31:05.0260 0x0ec0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:31:05.0277 0x0ec0 WbioSrvc - ok
11:31:05.0288 0x0ec0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:31:05.0307 0x0ec0 wcncsvc - ok
11:31:05.0313 0x0ec0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:31:05.0326 0x0ec0 WcsPlugInService - ok
11:31:05.0331 0x0ec0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
11:31:05.0341 0x0ec0 Wd - ok
11:31:05.0358 0x0ec0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:31:05.0380 0x0ec0 Wdf01000 - ok
11:31:05.0387 0x0ec0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:31:05.0415 0x0ec0 WdiServiceHost - ok
11:31:05.0421 0x0ec0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:31:05.0436 0x0ec0 WdiSystemHost - ok
11:31:05.0445 0x0ec0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
11:31:05.0462 0x0ec0 WebClient - ok
11:31:05.0471 0x0ec0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:31:05.0498 0x0ec0 Wecsvc - ok
11:31:05.0504 0x0ec0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:31:05.0530 0x0ec0 wercplsupport - ok
11:31:05.0537 0x0ec0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:31:05.0562 0x0ec0 WerSvc - ok
11:31:05.0568 0x0ec0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:31:05.0592 0x0ec0 WfpLwf - ok
11:31:05.0597 0x0ec0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:31:05.0607 0x0ec0 WIMMount - ok
11:31:05.0612 0x0ec0 WinDefend - ok
11:31:05.0623 0x0ec0 WinHttpAutoProxySvc - ok
11:31:05.0637 0x0ec0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:31:05.0664 0x0ec0 Winmgmt - ok
11:31:05.0703 0x0ec0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
11:31:05.0744 0x0ec0 WinRM - ok
11:31:05.0773 0x0ec0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:31:05.0800 0x0ec0 Wlansvc - ok
11:31:05.0806 0x0ec0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:31:05.0818 0x0ec0 WmiAcpi - ok
11:31:05.0830 0x0ec0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:31:05.0844 0x0ec0 wmiApSrv - ok
11:31:05.0850 0x0ec0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:31:05.0862 0x0ec0 WPCSvc - ok
11:31:05.0869 0x0ec0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:31:05.0886 0x0ec0 WPDBusEnum - ok
11:31:05.0891 0x0ec0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:31:05.0915 0x0ec0 ws2ifsl - ok
11:31:05.0921 0x0ec0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:31:05.0937 0x0ec0 wscsvc - ok
11:31:05.0943 0x0ec0 WSearch - ok
11:31:05.0992 0x0ec0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
11:31:06.0037 0x0ec0 wuauserv - ok
11:31:06.0048 0x0ec0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:31:06.0060 0x0ec0 WudfPf - ok
11:31:06.0070 0x0ec0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:31:06.0084 0x0ec0 WUDFRd - ok
11:31:06.0090 0x0ec0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:31:06.0104 0x0ec0 wudfsvc - ok
11:31:06.0112 0x0ec0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:31:06.0127 0x0ec0 WwanSvc - ok
11:31:06.0136 0x0ec0 [ FFDB0ED9D1D453F7F19DE55FE0706195, 926982B6204B3820AF3F9FE5A423938587E07CE1832B103AD77C5AEC2762DF3E ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys
11:31:06.0150 0x0ec0 xhcdrv - ok
11:31:06.0162 0x0ec0 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
11:31:06.0173 0x0ec0 xusb21 - ok
11:31:06.0177 0x0ec0 ================ Scan global ===============================
11:31:06.0180 0x0ec0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:31:06.0185 0x0ec0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:31:06.0193 0x0ec0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:31:06.0198 0x0ec0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:31:06.0206 0x0ec0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:31:06.0210 0x0ec0 [ Global ] - ok
11:31:06.0210 0x0ec0 ================ Scan MBR ==================================
11:31:06.0211 0x0ec0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:31:06.0290 0x0ec0 \Device\Harddisk0\DR0 - ok
11:31:06.0294 0x0ec0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:31:06.0309 0x0ec0 \Device\Harddisk1\DR1 - ok
11:31:06.0309 0x0ec0 ================ Scan VBR ==================================
11:31:06.0311 0x0ec0 [ 4EED76DFA6211A336C468259F24B3DDB ] \Device\Harddisk0\DR0\Partition1
11:31:06.0379 0x0ec0 \Device\Harddisk0\DR0\Partition1 - ok
11:31:06.0382 0x0ec0 [ D8CBF42A5DEF80E9CDFAA1E2B740FDD0 ] \Device\Harddisk1\DR1\Partition1
11:31:06.0383 0x0ec0 \Device\Harddisk1\DR1\Partition1 - ok
11:31:06.0384 0x0ec0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
11:31:06.0384 0x0ec0 \Device\Harddisk1\DR1\Partition2 - ok
11:31:06.0386 0x0ec0 [ 9D42F8613477E5375C4088A21A85980E ] \Device\Harddisk1\DR1\Partition3
11:31:06.0387 0x0ec0 \Device\Harddisk1\DR1\Partition3 - ok
11:31:06.0387 0x0ec0 ================ Scan generic autorun ======================
11:31:06.0472 0x0ec0 [ 89BC7598FD85957C1EA9EFBBC6BF84AD, EAD736AAC12175C46F46FE130057B7C3FDC9CC68871026A3B2F68C0174C00D70 ] c:\program files (x86)\emsisoft anti-malware\a2guard.exe
11:31:06.0550 0x0ec0 emsisoft anti-malware - ok
11:31:06.0577 0x0ec0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:31:06.0606 0x0ec0 Sidebar - ok
11:31:06.0610 0x0ec0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:31:06.0626 0x0ec0 mctadmin - ok
11:31:06.0647 0x0ec0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:31:06.0673 0x0ec0 Sidebar - ok
11:31:06.0677 0x0ec0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:31:06.0692 0x0ec0 mctadmin - ok
11:31:06.0693 0x0ec0 Waiting for KSN requests completion. In queue: 275
11:31:07.0693 0x0ec0 Waiting for KSN requests completion. In queue: 275
11:31:08.0694 0x0ec0 Waiting for KSN requests completion. In queue: 275
11:31:09.0709 0x0ec0 AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe ( 9.0.0.4799 ), 0x41000 ( enabled : updated )
11:31:09.0717 0x0ec0 Win FW state via NFP2: enabled
11:31:12.0109 0x0ec0 ============================================================
11:31:12.0109 0x0ec0 Scan finished
11:31:12.0109 0x0ec0 ============================================================
11:31:12.0113 0x0dc8 Detected object count: 0
11:31:12.0113 0x0dc8 Actual detected object count: 0
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.01.26.04
rootkit: v2015.01.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
T :: TIMPC [administrator]
26.01.2015 11:26:48
mbar-log-2015-01-26 (11-26-48).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322794
Time elapsed: 3 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
__________________ |
|
26.01.2015, 18:03
| #4 |
| /// the machine /// TB-Ausbilder | dllhost.exe poppt alle 10-20 Sekunden auf Ploppt da wirklich was auf oder siehst du den Prozess nur im Taskmanager?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.01.2015, 18:05
| #5 |
| | dllhost.exe poppt alle 10-20 Sekunden auf Wie gesagt, es ist mir zuerst aufgefallen als die ganze Zeit dieser Ladekreis an der Maus kurz aufgeblinkt ist. Und wenn ich dann in den Taskmanager geschaut habe, ist da eine dllhost.exe die sich nach sehr kurzer Zeit wieder schließt. Und wenn ich dann den Taskmanager auflasse und meine Maus beobachte ist halt zu sehen, dass jedes mal wenn das Ladesymbol kurz aufblinkt die dllhost.exe startet und sich danach wieder schließt.
__________________ Beste Grüße, Kuhlambo12 |
|
26.01.2015, 22:30
| #6 |
| /// the machine /// TB-Ausbilder | dllhost.exe poppt alle 10-20 Sekunden auf Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
__________________ --> dllhost.exe poppt alle 10-20 Sekunden auf |
|
26.01.2015, 22:36
| #7 |
| | dllhost.exe poppt alle 10-20 Sekunden auf So, Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 22:33 on 26/01/2015 by T
Administrator - Elevation successful
========== regfind ==========
Searching for "F9717507-6651-4edb-bff7-ae615179bccf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c39ee728-d419-4bd4-a3ef-eda059dbd935}]
"AppID"="{F9717507-6651-4EDB-BFF7-AE615179BCCF}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{c39ee728-d419-4bd4-a3ef-eda059dbd935}]
"AppID"="{F9717507-6651-4EDB-BFF7-AE615179BCCF}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{c39ee728-d419-4bd4-a3ef-eda059dbd935}]
"AppID"="{F9717507-6651-4EDB-BFF7-AE615179BCCF}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}]
Searching for " "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{4C10CFD7-F505-421F-995C-3D78E91A3AA6}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingID="{78D8CC82-372F-44e4-B70C-8944DB7BCC24}" ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}">
<Descriptor descriptorID="{0CFCF432-3544-4f78-9426-07A36843E6BA}"/>
<Descriptor descriptorID="{B54162A2-F67F-46dc-9ED5-F6067520EC94}"/>
<Descriptor descriptorID="{BE562A5F-2A80-4c28-9752-74C696E2ABAF}"/>
</Rating>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="http://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="http://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Resource> </Res
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" Architecture="32" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="http://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="http://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_ARCHOS&REV_1.00#USBV1.00&0#]
"DeviceDesc"="ARCHOS "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_ARCHOS&REV_1.00#USBV1.00&0#]
"DeviceDesc"="ARCHOS "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_ARCHOS&REV_1.00#USBV1.00&0#]
"DeviceDesc"="ARCHOS "
-= EOF =-
__________________ Beste Grüße, Kuhlambo12 |
|
27.01.2015, 07:49
| #8 |
| /// the machine /// TB-Ausbilder | dllhost.exe poppt alle 10-20 Sekunden auf alles legitim. Sieht nach dem bekannten dllhost memory Bug aus. Alle Windows Updates installiert=?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.01.2015, 08:58
| #9 |
| | dllhost.exe poppt alle 10-20 Sekunden auf Alle Windowsupdates installiert bis auf Silverlight und ein Sprachpaket fürs net framework. Aber alle Wichtigen sind drauf. Sonst sind die Logs also sauber? Und kann man irgendwas gegen den Memorybug machen?
__________________ Beste Grüße, Kuhlambo12 |
|
27.01.2015, 13:32
| #10 |
| /// the machine /// TB-Ausbilder | dllhost.exe poppt alle 10-20 Sekunden auf Kannst ja mal nach der CLSID und "dllhost memory bug" googlen. Tausende Ergebnisse, nur selten ne Lösung.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.01.2015, 17:56
| #11 |
| | dllhost.exe poppt alle 10-20 Sekunden auf Das ist mir auch schon aufgefallen, da gibt es relativ viele Leute mit den gleichen Problemen aber die "Lösungen" sind meistens das Deaktivieren von Programmen die bei 90% der anderen Leuten nicht mal auf dem Rechner sind. Nagut wenn sonst alles sauber ist und Malware nicht der Ursprung ist dann muss ich halt ab und an meinen PC einmal mehr neustarten damit das Problem weg ist. Vielen Danke und eine schöne Restwoche wünsch ich noch  Kann man das hier noch irgendwie loswerden? Code:
ATTFilter FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
Der Ordner existiert auch nicht wenn ich nachschaue.
__________________ Beste Grüße, Kuhlambo12 |
|
27.01.2015, 20:21
| #12 |
| /// the machine /// TB-Ausbilder | dllhost.exe poppt alle 10-20 Sekunden auf Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.01.2015, 21:38
| #13 |
| | dllhost.exe poppt alle 10-20 Sekunden aufCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by T at 2015-01-27 21:37:02 Run:1
Running from C:\Users\T\Desktop
Loaded Profiles: T (Available profiles: T)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
*****************
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
==== End of Fixlog 21:37:02 ====
vielen Dank!
__________________ Beste Grüße, Kuhlambo12 |
|
28.01.2015, 10:42
| #14 |
| /// the machine /// TB-Ausbilder | dllhost.exe poppt alle 10-20 Sekunden auf Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu dllhost.exe poppt alle 10-20 Sekunden auf |
| .dll, adware, blinkt, browser, cpu, defender, dllhost.exe, explorer, firefox, flash player, home, homepage, kaspersky, mozilla, neustart, problem, registry, scan, security, sekunden, services.exe, software, svchost.exe, teamspeak, temp, windows |
Linear-Darstellung
