| |
| |||||||
Log-Analyse und Auswertung: Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis..Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.06.2015, 20:49
| #1 |
| |  Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Hallo, Mein Avira Antivirus fand 4 Viren auf meinen Win8.1 Pc am 17.06.2015,die Namen der Viren sind; GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7, Artemis!4FBA8E1ECB31.Ich ging nach einer Anleitung im Internet und benutzte die Programme Adwcleaner, Junkware Removal Tool und Malwarebytes ,allerdings traute ich Mich nicht an den letzten Schritt ,wo man in Safe Mode die Viren finden sollte . Ich habe nicht begriffen wie man die Viren nun findet .. Nun installierte ich noch auf eigene Faust Malwarebytes Anti-Rootkit mit einigen Funden und seitdem ist Ruhe .Ich habe angst das Internet wieder anzuschalten ,aber sonst laeuft alles bestens mit wirklich minimaler Verlangsammung des Pc's ,es werden keine viren mehr gefunden ,trotzdem sind sie wohl noch da . ich habe alle logfiles,doch musste GMER ueberspringen, ansonsten ist alles da ! Die zwei Zip datein sind bei Angehaengte Datein ,ich weiss nicht wie man den Rest loescht. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:50 on 23/06/2015 (Hikaru)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional FRST Logfile: Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 20/06/2015 um 15:56:42
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-05-31.5 [Lokal]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Hikaru - HIKARU-UKE
# Gestarted von : C:\Users\Hikaru\Downloads\adwcleaner_4.206.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Hikaru\AppData\Local\Temp\Uninstall.exe
Ordner Gefunden : C:\Program Files (x86)\AnyProtectEx
Ordner Gefunden : C:\Program Files (x86)\LenovoBrowserGuard
Ordner Gefunden : C:\Users\Hikaru\AppData\Local\LenovoBrowserGuard
Ordner Gefunden : C:\Users\Hikaru\AppData\Roaming\AnyProtectEx
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1434566156&z=62208703c51793706665884g7z8cfz8w4q8qegawbw&from=amt&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3FCRE97SHE97SH
Schlüssel Gefunden : HKLM\SOFTWARE\LenovoBrowserGuard
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.124
*************************
AdwCleaner[R0].txt - [7535 Bytes] - [19/06/2015 14:48:28]
AdwCleaner[R1].txt - [1474 Bytes] - [20/06/2015 15:56:42]
AdwCleaner[S0].txt - [6816 Bytes] - [19/06/2015 14:55:00]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1592 Bytes] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 20/06/2015 um 15:58:23
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-05-31.5 [Lokal]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Hikaru - HIKARU-UKE
# Gestarted von : C:\Users\Hikaru\Downloads\adwcleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
[x] Nicht Gelöscht : C:\Program Files (x86)\LenovoBrowserGuard
[x] Nicht Gelöscht : C:\Users\Hikaru\AppData\Local\LenovoBrowserGuard
Ordner Gelöscht : C:\Users\Hikaru\AppData\Roaming\AnyProtectEx
Datei Gelöscht : C:\Users\Hikaru\AppData\Local\Temp\Uninstall.exe
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
[x] Nicht Gelöscht : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [Default]
[x] Nicht Gelöscht : HKLM\SOFTWARE\LenovoBrowserGuard
[x] Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.124
*************************
AdwCleaner[R0].txt - [7535 Bytes] - [19/06/2015 14:48:28]
AdwCleaner[R1].txt - [1671 Bytes] - [20/06/2015 15:56:42]
AdwCleaner[S0].txt - [6816 Bytes] - [19/06/2015 14:55:00]
AdwCleaner[S1].txt - [1400 Bytes] - [20/06/2015 15:58:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1459 Bytes] ##########
[/CODE] Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.1 (06.17.2015:2)
OS: Windows 8.1 x64
Ran by Hikaru on 18.06.2015 at 13:55:44,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Failed to stop: [Service] scfd_1_10_0_16
Successfully stopped: [Service] scsvc_1.10.0.16
Successfully deleted: [Service] scsvc_1.10.0.16
Failed to stop: [Service] scfd_1_10_0_16 [Adware.Vitruvian]
~~~ Tasks
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\APSnotifierPP1
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\APSnotifierPP2
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\APSnotifierPP3
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Convertor
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Crossbrowse
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SuperClick Auto Updater 1.10.0.16 Core
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SuperClick Auto Updater 1.10.0.16 Pending Update
Successfully deleted: [Task] C:\WINDOWS\tasks\APSnotifierPP1.job
Successfully deleted: [Task] C:\WINDOWS\tasks\APSnotifierPP2.job
Successfully deleted: [Task] C:\WINDOWS\tasks\APSnotifierPP3.job
Successfully deleted: [Task] C:\WINDOWS\tasks\Crossbrowse.job
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_592333F42A0D1CD48BDC7C5A423F80B7
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9053764826F483F018422F1AA87409D2
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AskPartnerNetwork
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{16C56A97-C4BD-433D-9355-D9B3814853D9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\scfd_1_10_0_16 [Adware.Vitruvian]
~~~ Files
Successfully deleted: [File] C:\Users\Hikaru\appdata\local\nseA54A.tmp
Successfully deleted: [File] C:\Users\Hikaru\AppData\Roaming\microsoft\internet explorer\quick launch\crossbrowse.lnk
Successfully deleted: [File] C:\Users\Hikaru\AppData\Roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\pc app store.lnk
Successfully deleted: [File] C:\users\public\desktop\crossbrowse.lnk
Successfully deleted: [File] C:\WINDOWS\system32\drivers\scfd_1_10_0_16.sys [Adware.Vitruvian]
Successfully disinfected: [Shortcut] C:\Users\Hikaru\AppData\Roaming\microsoft\internet explorer\quick launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Hikaru\AppData\Roaming\microsoft\internet explorer\quick launch\User Pinned\TaskBar\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Hikaru\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\app_setup
Successfully deleted: [Folder] C:\Program Files (x86)\crossbrowse
Successfully deleted: [Folder] C:\Program Files (x86)\SuperClick_1.10.0.16
Successfully deleted: [Folder] C:\ProgramData\desktopsearch
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\crossbrowse
Successfully deleted: [Folder] C:\ProgramData\pokki
Successfully deleted: [Folder] C:\Users\Hikaru\appdata\local\crossbrowse
Successfully deleted: [Folder] C:\Users\Hikaru\appdata\local\desktopsearch
Successfully deleted: [Folder] C:\Users\Hikaru\appdata\local\pokki
Successfully deleted: [Folder] C:\Users\Hikaru\appdata\locallow\smartweb
Successfully deleted: [Folder] C:\Users\Hikaru\AppData\Roaming\microsoft\windows\start menu\programs\anyprotect pc backup
Successfully deleted: [Folder] C:\Users\Hikaru\appdata\local\16516
~~~ Chrome
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.06.2015 at 13:58:43,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.1 (06.17.2015:2)
OS: Windows 8.1 x64
Ran by Hikaru on 20.06.2015 at 16:00:44,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Hikaru\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.06.2015 at 16:02:48,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.20.02
rootkit: v2015.06.15.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17842
Hikaru :: HIKARU-UKE [administrator]
20.06.2015 16:06:56
mbar-log-2015-06-20 (16-06-56).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 346308
Time elapsed: 11 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Users\Hikaru\AppData\Local\Temp\is-E6PLG.tmp\package_optimizerpro_installer_multilang.exe (Adware.EoRezo) -> Delete on reboot. [9e547a42107aff371c71bbb7808235cb]
C:\Users\Hikaru\AppData\Local\Temp\is-E6PLG.tmp\11.exe (Adware.EoRezo) -> Delete on reboot. [42b0a913bfcb78be9cf1b7bbd72b38c8]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von H4VPHKARU (23.06.2015 um 21:10 Uhr) |
|
23.06.2015, 20:53
| #2 |
| /// TB-Ausbilder   | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
23.06.2015, 21:37
| #3 |
| | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Danke, fuer die schnelle Antwort !
__________________Das hat TDSSKiller gefunden: Code:
ATTFilter 22:26:26.0092 0x0094 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:26:26.0092 0x0094 UEFI system
22:29:39.0795 0x0094 ============================================================
22:29:39.0795 0x0094 Current date / time: 2015/06/23 22:29:39.0795
22:29:39.0795 0x0094 SystemInfo:
22:29:39.0795 0x0094
22:29:39.0795 0x0094 OS Version: 6.3.9600 ServicePack: 0.0
22:29:39.0795 0x0094 Product type: Workstation
22:29:39.0795 0x0094 ComputerName: HIKARU-UKE
22:29:39.0795 0x0094 UserName: Hikaru
22:29:39.0795 0x0094 Windows directory: C:\WINDOWS
22:29:39.0795 0x0094 System windows directory: C:\WINDOWS
22:29:39.0795 0x0094 Running under WOW64
22:29:39.0795 0x0094 Processor architecture: Intel x64
22:29:39.0795 0x0094 Number of processors: 4
22:29:39.0795 0x0094 Page size: 0x1000
22:29:39.0795 0x0094 Boot type: Normal boot
22:29:39.0795 0x0094 ============================================================
22:29:40.0045 0x0094 KLMD registered as C:\WINDOWS\system32\drivers\96701308.sys
22:29:40.0452 0x0094 System UUID: {38DB27D8-083D-7F2B-7D77-5BC8190BCF8F}
22:29:41.0077 0x0094 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:29:41.0093 0x0094 Drive \Device\Harddisk1\DR7 - Size: 0x1D1A00000 ( 7.28 Gb ), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:29:41.0108 0x0094 ============================================================
22:29:41.0108 0x0094 \Device\Harddisk0\DR0:
22:29:41.0108 0x0094 GPT partitions:
22:29:41.0139 0x0094 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {31E51611-5E9F-411D-AD11-943E06E03D7D}, Name: , StartLBA 0x800, BlocksNum 0x1F4000
22:29:41.0139 0x0094 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F045FAC7-10FC-4BBC-AB32-351ABB46455F}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
22:29:41.0139 0x0094 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {1C106FCA-C812-4AA5-9AB0-9CF86E3D03F4}, Name: , StartLBA 0x276800, BlocksNum 0xFA000
22:29:41.0139 0x0094 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0C8B3E96-E220-423B-AFD3-378D2139EA3A}, Name: Microsoft reserved partition, StartLBA 0x370800, BlocksNum 0x40000
22:29:41.0139 0x0094 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5D3AAD72-25D4-436B-8379-D8A97982E08D}, Name: Basic data partition, StartLBA 0x3B0800, BlocksNum 0x71282000
22:29:41.0139 0x0094 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6BFB61E5-951F-4DC5-9E4C-D976D5657743}, Name: , StartLBA 0x71632800, BlocksNum 0x30D4000
22:29:41.0139 0x0094 MBR partitions:
22:29:41.0139 0x0094 \Device\Harddisk1\DR7:
22:29:41.0139 0x0094 MBR partitions:
22:29:41.0139 0x0094 \Device\Harddisk1\DR7\Partition1: MBR, Type 0xB, StartLBA 0xB98, BlocksNum 0xE8C468
22:29:41.0139 0x0094 ============================================================
22:29:41.0170 0x0094 C: <-> \Device\Harddisk0\DR0\Partition5
22:29:41.0170 0x0094 ============================================================
22:29:41.0170 0x0094 Initialize success
22:29:41.0170 0x0094 ============================================================
22:30:28.0124 0x09fc ============================================================
22:30:28.0124 0x09fc Scan started
22:30:28.0124 0x09fc Mode: Manual; SigCheck; TDLFS;
22:30:28.0124 0x09fc ============================================================
22:30:28.0124 0x09fc KSN ping started
22:30:28.0186 0x09fc KSN ping finished: false
22:30:31.0186 0x09fc ================ Scan system memory ========================
22:30:31.0186 0x09fc System memory - ok
22:30:31.0186 0x09fc ================ Scan services =============================
22:30:31.0342 0x09fc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:30:31.0592 0x09fc 1394ohci - ok
22:30:31.0639 0x09fc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:30:31.0655 0x09fc 3ware - ok
22:30:31.0686 0x09fc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:30:31.0717 0x09fc ACPI - ok
22:30:31.0733 0x09fc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:30:31.0749 0x09fc acpiex - ok
22:30:31.0764 0x09fc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:30:31.0780 0x09fc acpipagr - ok
22:30:31.0795 0x09fc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:30:31.0842 0x09fc AcpiPmi - ok
22:30:31.0858 0x09fc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:30:31.0874 0x09fc acpitime - ok
22:30:31.0936 0x09fc [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:30:31.0967 0x09fc AdobeARMservice - ok
22:30:32.0030 0x09fc [ 7C58046ACEAF10525077BD586A740E9F, E26D446EDB158A9EDA7FC7E1DA650FA8896748B7DEB9FDBF5BD4352ACF01B721 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:30:32.0045 0x09fc AdobeFlashPlayerUpdateSvc - ok
22:30:32.0077 0x09fc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:30:32.0108 0x09fc ADP80XX - ok
22:30:32.0139 0x09fc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
22:30:32.0170 0x09fc AeLookupSvc - ok
22:30:32.0202 0x09fc [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:30:32.0249 0x09fc AFD - ok
22:30:32.0264 0x09fc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
22:30:32.0280 0x09fc agp440 - ok
22:30:32.0311 0x09fc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:30:32.0342 0x09fc ahcache - ok
22:30:32.0358 0x09fc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
22:30:32.0389 0x09fc ALG - ok
22:30:32.0420 0x09fc [ 55F45A141BA12B13BBB92B73E2523FF7, DB8E47E6AD2E9F62CB047CCFD92C8BFC586EC066DF71FBBBC41DED0F90A1DE9F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
22:30:32.0467 0x09fc AMD External Events Utility - ok
22:30:32.0499 0x09fc AMD FUEL Service - ok
22:30:32.0515 0x09fc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:30:32.0530 0x09fc AmdK8 - ok
22:30:32.0858 0x09fc [ F50B1FD2E3997FF233ADD107E4F576A9, 68A63209264877450FA587187476E3722AEFC2F4AA762EF4D0E0BC0514CC5519 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
22:30:33.0264 0x09fc amdkmdag - ok
22:30:33.0327 0x09fc [ 7A639FD25D7F21FDE32B29A624623448, 1D19D7DFA9DEEE6C275ECCCBB0B102E652F7A6A440C41D6A8ABB80E0A2CCB5CA ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
22:30:33.0358 0x09fc amdkmdap - ok
22:30:33.0374 0x09fc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:30:33.0405 0x09fc AmdPPM - ok
22:30:33.0420 0x09fc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:30:33.0436 0x09fc amdsata - ok
22:30:33.0452 0x09fc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:30:33.0468 0x09fc amdsbs - ok
22:30:33.0483 0x09fc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:30:33.0499 0x09fc amdxata - ok
22:30:33.0514 0x09fc [ E7B1078DBB261D4809CE85FB80999A01, 7B99C0C2D25DFD83A1DE7BC34808E7AFBED5E7B1C2EBAAB7416263C5388201F0 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
22:30:33.0530 0x09fc amd_sata - ok
22:30:33.0545 0x09fc [ AA1F5BDD3B6CAA9F13FEEAD40949E748, 83CA7CD1E7808492FD8376AA8C9C9CA8F1527EC535BE557F4BBCA610A33B9286 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
22:30:33.0561 0x09fc amd_xata - ok
22:30:33.0655 0x09fc [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:30:33.0702 0x09fc AntiVirMailService - ok
22:30:33.0733 0x09fc [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:30:33.0749 0x09fc AntiVirSchedulerService - ok
22:30:33.0780 0x09fc [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:30:33.0795 0x09fc AntiVirService - ok
22:30:33.0842 0x09fc [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:30:33.0905 0x09fc AntiVirWebService - ok
22:30:33.0936 0x09fc [ 10378ADFA7F832B68616C3B8C6470DBB, 4738F81C40BF3B75612E983AC0DADCA8B4A7D3A5B3FBB5058B93D421A32979AC ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:30:33.0936 0x09fc AODDriver4.3 - ok
22:30:33.0967 0x09fc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:30:33.0984 0x09fc AppID - ok
22:30:34.0014 0x09fc [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:30:34.0061 0x09fc AppIDSvc - ok
22:30:34.0077 0x09fc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:30:34.0139 0x09fc Appinfo - ok
22:30:34.0170 0x09fc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:30:34.0217 0x09fc AppReadiness - ok
22:30:34.0295 0x09fc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:30:34.0342 0x09fc AppXSvc - ok
22:30:34.0358 0x09fc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:30:34.0389 0x09fc arcsas - ok
22:30:34.0405 0x09fc [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:30:34.0452 0x09fc AsyncMac - ok
22:30:34.0467 0x09fc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:30:34.0483 0x09fc atapi - ok
22:30:34.0499 0x09fc [ 517334A411CD079EE9AEF4C2167875A5, 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
22:30:34.0530 0x09fc AtiHDAudioService - ok
22:30:34.0545 0x09fc [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:30:34.0592 0x09fc AudioEndpointBuilder - ok
22:30:34.0639 0x09fc [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:30:34.0686 0x09fc Audiosrv - ok
22:30:34.0717 0x09fc [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:30:34.0733 0x09fc avgntflt - ok
22:30:34.0749 0x09fc [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:30:34.0764 0x09fc avipbb - ok
22:30:34.0780 0x09fc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:30:34.0780 0x09fc avkmgr - ok
22:30:34.0795 0x09fc [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
22:30:34.0811 0x09fc avnetflt - ok
22:30:34.0842 0x09fc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:30:34.0889 0x09fc AxInstSV - ok
22:30:34.0920 0x09fc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
22:30:34.0967 0x09fc b06bdrv - ok
22:30:34.0967 0x09fc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:30:35.0061 0x09fc BasicDisplay - ok
22:30:35.0077 0x09fc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:30:35.0108 0x09fc BasicRender - ok
22:30:35.0124 0x09fc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:30:35.0139 0x09fc bcmfn2 - ok
22:30:35.0170 0x09fc [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:30:35.0233 0x09fc BDESVC - ok
22:30:35.0249 0x09fc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:30:35.0295 0x09fc Beep - ok
22:30:35.0342 0x09fc [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
22:30:35.0405 0x09fc BFE - ok
22:30:35.0436 0x09fc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
22:30:35.0483 0x09fc BITS - ok
22:30:35.0499 0x09fc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:30:35.0514 0x09fc bowser - ok
22:30:35.0545 0x09fc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:30:35.0608 0x09fc BrokerInfrastructure - ok
22:30:35.0639 0x09fc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
22:30:35.0670 0x09fc Browser - ok
22:30:35.0686 0x09fc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:30:35.0717 0x09fc BthAvrcpTg - ok
22:30:35.0733 0x09fc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:30:35.0749 0x09fc BthHFEnum - ok
22:30:35.0764 0x09fc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:30:35.0780 0x09fc bthhfhid - ok
22:30:35.0811 0x09fc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
22:30:35.0827 0x09fc BthHFSrv - ok
22:30:35.0842 0x09fc [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:30:35.0874 0x09fc BTHMODEM - ok
22:30:35.0889 0x09fc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
22:30:35.0920 0x09fc bthserv - ok
22:30:35.0936 0x09fc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:30:35.0967 0x09fc cdfs - ok
22:30:35.0983 0x09fc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:30:35.0999 0x09fc cdrom - ok
22:30:36.0030 0x09fc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:30:36.0061 0x09fc CertPropSvc - ok
22:30:36.0077 0x09fc [ 71BC80BF1B93EB7C8B58E706A9B486F4, 7C1B67A2E71EB4016015F70CC0A2EE0802EED2B7337FBC1C9140626210D84A9F ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
22:30:36.0092 0x09fc cfwids - ok
22:30:36.0092 0x09fc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:30:36.0108 0x09fc circlass - ok
22:30:36.0139 0x09fc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:30:36.0155 0x09fc CLFS - ok
22:30:36.0170 0x09fc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:30:36.0202 0x09fc CmBatt - ok
22:30:36.0234 0x09fc [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:30:36.0249 0x09fc CNG - ok
22:30:36.0281 0x09fc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
22:30:36.0295 0x09fc CompositeBus - ok
22:30:36.0311 0x09fc COMSysApp - ok
22:30:36.0311 0x09fc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:30:36.0358 0x09fc condrv - ok
22:30:36.0389 0x09fc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:30:36.0420 0x09fc CryptSvc - ok
22:30:36.0437 0x09fc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
22:30:36.0452 0x09fc dam - ok
22:30:36.0499 0x09fc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:30:36.0545 0x09fc DcomLaunch - ok
22:30:36.0577 0x09fc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:30:36.0608 0x09fc defragsvc - ok
22:30:36.0639 0x09fc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:30:36.0686 0x09fc DeviceAssociationService - ok
22:30:36.0702 0x09fc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:30:36.0717 0x09fc DeviceInstall - ok
22:30:36.0750 0x09fc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:30:36.0780 0x09fc Dfsc - ok
22:30:36.0795 0x09fc [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:30:36.0811 0x09fc dg_ssudbus - ok
22:30:36.0842 0x09fc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:30:36.0874 0x09fc Dhcp - ok
22:30:36.0952 0x09fc [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
22:30:36.0999 0x09fc DiagTrack - ok
22:30:37.0031 0x09fc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
22:30:37.0045 0x09fc disk - ok
22:30:37.0045 0x09fc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:30:37.0077 0x09fc dmvsc - ok
22:30:37.0108 0x09fc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:30:37.0139 0x09fc Dnscache - ok
22:30:37.0170 0x09fc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:30:37.0217 0x09fc dot3svc - ok
22:30:37.0249 0x09fc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
22:30:37.0264 0x09fc DPS - ok
22:30:37.0295 0x09fc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:30:37.0295 0x09fc drmkaud - ok
22:30:37.0327 0x09fc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:30:37.0358 0x09fc DsmSvc - ok
22:30:37.0405 0x09fc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:30:37.0452 0x09fc DXGKrnl - ok
22:30:37.0483 0x09fc [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
22:30:37.0514 0x09fc e1iexpress - ok
22:30:37.0547 0x09fc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
22:30:37.0577 0x09fc Eaphost - ok
22:30:37.0655 0x09fc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
22:30:37.0780 0x09fc ebdrv - ok
22:30:37.0811 0x09fc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
22:30:37.0827 0x09fc EFS - ok
22:30:37.0842 0x09fc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:30:37.0858 0x09fc EhStorClass - ok
22:30:37.0874 0x09fc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:30:37.0889 0x09fc EhStorTcgDrv - ok
22:30:37.0905 0x09fc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:30:37.0905 0x09fc ErrDev - ok
22:30:37.0952 0x09fc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
22:30:37.0983 0x09fc EventSystem - ok
22:30:37.0983 0x09fc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:30:38.0030 0x09fc exfat - ok
22:30:38.0046 0x09fc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:30:38.0077 0x09fc fastfat - ok
22:30:38.0108 0x09fc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
22:30:38.0139 0x09fc Fax - ok
22:30:38.0155 0x09fc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:30:38.0170 0x09fc fdc - ok
22:30:38.0202 0x09fc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:30:38.0217 0x09fc fdPHost - ok
22:30:38.0233 0x09fc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:30:38.0280 0x09fc FDResPub - ok
22:30:38.0297 0x09fc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:30:38.0327 0x09fc fhsvc - ok
22:30:38.0327 0x09fc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:30:38.0342 0x09fc FileInfo - ok
22:30:38.0358 0x09fc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:30:38.0389 0x09fc Filetrace - ok
22:30:38.0405 0x09fc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:30:38.0420 0x09fc flpydisk - ok
22:30:38.0452 0x09fc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:30:38.0483 0x09fc FltMgr - ok
22:30:38.0547 0x09fc [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
22:30:38.0608 0x09fc FontCache - ok
22:30:38.0655 0x09fc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:30:38.0686 0x09fc FontCache3.0.0.0 - ok
22:30:38.0703 0x09fc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:30:38.0733 0x09fc FsDepends - ok
22:30:38.0733 0x09fc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:30:38.0749 0x09fc Fs_Rec - ok
22:30:38.0796 0x09fc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:30:38.0811 0x09fc fvevol - ok
22:30:38.0827 0x09fc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
22:30:38.0858 0x09fc FxPPM - ok
22:30:38.0874 0x09fc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
22:30:38.0889 0x09fc gagp30kx - ok
22:30:38.0905 0x09fc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:30:38.0936 0x09fc gencounter - ok
22:30:38.0952 0x09fc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:30:38.0967 0x09fc GPIOClx0101 - ok
22:30:39.0030 0x09fc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:30:39.0092 0x09fc gpsvc - ok
22:30:39.0170 0x09fc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
22:30:39.0217 0x09fc HdAudAddService - ok
22:30:39.0249 0x09fc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:30:39.0264 0x09fc HDAudBus - ok
22:30:39.0280 0x09fc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:30:39.0296 0x09fc HidBatt - ok
22:30:39.0327 0x09fc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:30:39.0358 0x09fc HidBth - ok
22:30:39.0374 0x09fc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:30:39.0389 0x09fc hidi2c - ok
22:30:39.0405 0x09fc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:30:39.0420 0x09fc HidIr - ok
22:30:39.0452 0x09fc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
22:30:39.0467 0x09fc hidserv - ok
22:30:39.0483 0x09fc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:30:39.0499 0x09fc HidUsb - ok
22:30:39.0530 0x09fc [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
22:30:39.0561 0x09fc HipShieldK - ok
22:30:39.0592 0x09fc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
22:30:39.0639 0x09fc hkmsvc - ok
22:30:39.0670 0x09fc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:30:39.0702 0x09fc HomeGroupListener - ok
22:30:39.0749 0x09fc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:30:39.0780 0x09fc HomeGroupProvider - ok
22:30:39.0827 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:30:39.0842 0x09fc HomeNetSvc - ok
22:30:39.0858 0x09fc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:30:39.0874 0x09fc HpSAMD - ok
22:30:39.0920 0x09fc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:30:39.0952 0x09fc HTTP - ok
22:30:39.0967 0x09fc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:30:39.0984 0x09fc hwpolicy - ok
22:30:39.0984 0x09fc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:30:40.0014 0x09fc hyperkbd - ok
22:30:40.0030 0x09fc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
22:30:40.0046 0x09fc HyperVideo - ok
22:30:40.0077 0x09fc [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:30:40.0108 0x09fc i8042prt - ok
22:30:40.0123 0x09fc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:30:40.0139 0x09fc iaLPSSi_GPIO - ok
22:30:40.0155 0x09fc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:30:40.0170 0x09fc iaLPSSi_I2C - ok
22:30:40.0202 0x09fc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:30:40.0217 0x09fc iaStorAV - ok
22:30:40.0249 0x09fc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:30:40.0264 0x09fc iaStorV - ok
22:30:40.0280 0x09fc IEEtwCollectorService - ok
22:30:40.0327 0x09fc [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:30:40.0420 0x09fc IKEEXT - ok
22:30:40.0530 0x09fc [ 7A3585C4000C8340AE6B7FA08F9EF50F, B93F23464E7D929B90D80650698372128546CFEDA72216823CBE51A08D3368E0 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:30:40.0639 0x09fc IntcAzAudAddService - ok
22:30:40.0670 0x09fc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:30:40.0670 0x09fc intelide - ok
22:30:40.0702 0x09fc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:30:40.0733 0x09fc intelpep - ok
22:30:40.0749 0x09fc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:30:40.0764 0x09fc intelppm - ok
22:30:40.0780 0x09fc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:30:40.0796 0x09fc IpFilterDriver - ok
22:30:40.0842 0x09fc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:30:40.0889 0x09fc iphlpsvc - ok
22:30:40.0920 0x09fc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:30:40.0936 0x09fc IPMIDRV - ok
22:30:40.0952 0x09fc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:30:40.0967 0x09fc IPNAT - ok
22:30:40.0983 0x09fc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:30:41.0014 0x09fc IRENUM - ok
22:30:41.0030 0x09fc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:30:41.0045 0x09fc isapnp - ok
22:30:41.0077 0x09fc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:30:41.0092 0x09fc iScsiPrt - ok
22:30:41.0124 0x09fc [ E2CFDA7E9606FD5ECAB93E4817414661, F60A1EFFD7EB9D69620E971AB30D3FF4138D233A6EDE51CFD1BE8CCB5776E321 ] JME Keyboard C:\Windows\jmesoft\Service.exe
22:30:41.0139 0x09fc JME Keyboard - detected UnsignedFile.Multi.Generic ( 1 )
22:30:41.0202 0x09fc JME Keyboard ( UnsignedFile.Multi.Generic ) - warning
22:30:41.0202 0x09fc Force sending object to P2P due to detect: JME Keyboard
22:30:41.0202 0x09fc Object send P2P result: false
22:30:41.0233 0x09fc [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:30:41.0249 0x09fc kbdclass - ok
22:30:41.0281 0x09fc [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:30:41.0295 0x09fc kbdhid - ok
22:30:41.0295 0x09fc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
22:30:41.0312 0x09fc kdnic - ok
22:30:41.0327 0x09fc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
22:30:41.0342 0x09fc KeyIso - ok
22:30:41.0374 0x09fc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:30:41.0389 0x09fc KSecDD - ok
22:30:41.0405 0x09fc [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:30:41.0436 0x09fc KSecPkg - ok
22:30:41.0436 0x09fc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
22:30:41.0452 0x09fc ksthunk - ok
22:30:41.0483 0x09fc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:30:41.0514 0x09fc KtmRm - ok
22:30:41.0545 0x09fc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:30:41.0577 0x09fc LanmanServer - ok
22:30:41.0624 0x09fc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:30:41.0655 0x09fc LanmanWorkstation - ok
22:30:41.0717 0x09fc [ 754891B0F48F961571580569C185EB00, 0818FCF23E0C795DFDB72A7215973D801E6559818F5A4AF050E0994522B6EAF7 ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
22:30:41.0749 0x09fc Lenovo EasyPlus Hotspot - ok
22:30:41.0795 0x09fc [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
22:30:41.0811 0x09fc Lenovo System Agent Service - ok
22:30:41.0874 0x09fc [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
22:30:41.0889 0x09fc lfsvc - ok
22:30:41.0905 0x09fc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
22:30:41.0920 0x09fc lltdio - ok
22:30:41.0952 0x09fc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:30:42.0014 0x09fc lltdsvc - ok
22:30:42.0045 0x09fc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:30:42.0061 0x09fc lmhosts - ok
22:30:42.0077 0x09fc [ 30223D9D80819C55531F2CF0CCB7C355, 1CA88470D6ECCF84BE23A71B1198B42107789EFD6EE7A37B2F880380F888FC83 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
22:30:42.0092 0x09fc LSCWinService - ok
22:30:42.0108 0x09fc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:30:42.0124 0x09fc LSI_SAS - ok
22:30:42.0139 0x09fc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
22:30:42.0155 0x09fc LSI_SAS2 - ok
22:30:42.0170 0x09fc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
22:30:42.0186 0x09fc LSI_SAS3 - ok
22:30:42.0202 0x09fc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:30:42.0217 0x09fc LSI_SSS - ok
22:30:42.0249 0x09fc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
22:30:42.0312 0x09fc LSM - ok
22:30:42.0328 0x09fc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:30:42.0358 0x09fc luafv - ok
22:30:42.0374 0x09fc mailUpdate - ok
22:30:42.0389 0x09fc [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:30:42.0405 0x09fc MBAMProtector - ok
22:30:42.0467 0x09fc [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:30:42.0514 0x09fc MBAMService - ok
22:30:42.0530 0x09fc [ 28B597A61C9AC9B59BC0573D70A62CBF, 032C095ECDAEEE800BD9C7AB08C089E7530A9DD09AE577D1612035F2BFFAA61C ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
22:30:42.0562 0x09fc MBAMWebAccessControl - ok
22:30:42.0624 0x09fc [ A85ABA4547E99D7FF985D564763D9E20, D32F539F0B2643A8EF86AD3F3A15A17A817698E971860E90549712FC14BCF9F2 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
22:30:42.0639 0x09fc McAPExe - ok
22:30:42.0686 0x09fc [ 16EF8A0930296943D124F06EA4E21544, 61248EAD26E1296E1445C17EC44693A3ECF1C64738213EF3AA2ADCBD4E9CB89A ] McAWFwk c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
22:30:42.0717 0x09fc McAWFwk - ok
22:30:42.0764 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] mcbootdelaystartsvc C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
22:30:42.0780 0x09fc mcbootdelaystartsvc - ok
22:30:42.0827 0x09fc [ 5DDFE5AF5D91A8754530EC0CF2A0125F, F4B8DCD4D2863895509F7E9EFC965CA2A59CEDA1DD50CF8354A8FAF3E245CAB2 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
22:30:42.0842 0x09fc mccspsvc - ok
22:30:42.0842 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:30:42.0858 0x09fc McMPFSvc - ok
22:30:42.0889 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McOobeSv2 C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
22:30:42.0905 0x09fc McOobeSv2 - ok
22:30:42.0920 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] mcpltsvc C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
22:30:42.0936 0x09fc mcpltsvc - ok
22:30:42.0936 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McProxy C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
22:30:42.0967 0x09fc McProxy - ok
22:30:42.0967 0x09fc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:30:42.0983 0x09fc megasas - ok
22:30:43.0015 0x09fc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:30:43.0045 0x09fc megasr - ok
22:30:43.0077 0x09fc [ B069A1B8072AC23CA31638CAF6E1CC90, 726E3B744F39E265C9B8FDDCD7EBD1B87327A92719EEB1924820BC90FE67B277 ] mfeaack C:\WINDOWS\system32\drivers\mfeaack.sys
22:30:43.0108 0x09fc mfeaack - ok
22:30:43.0124 0x09fc [ B540EED782123308F865ACAF0F1C2E64, D1F163AA2E37A72958E78B5F96D1E087AF3B9AA33ABB89ADCEBF6CA5A44C8DFA ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
22:30:43.0139 0x09fc mfeavfk - ok
22:30:43.0170 0x09fc [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk C:\WINDOWS\system32\DRIVERS\mfedisk.sys
22:30:43.0186 0x09fc mfedisk - ok
22:30:43.0202 0x09fc [ 5F4CABAFF1858C54DD5AFB33BD76926E, 06BDEE2B5325E605774C095D9DADFF5E6E124259482C4B7D9E74F1CEDC5A194E ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys
22:30:43.0217 0x09fc mfeelamk - ok
22:30:43.0264 0x09fc [ B080F4161DFC8B4555ADE5AEF8BEA10C, AEB88FACB90981BF5A9B532D83A0792F78D30F6CCCA107FBDC4EECD6D29AD124 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:30:43.0295 0x09fc mfefire - ok
22:30:43.0327 0x09fc [ 7E44DEBA7851496841C7D4849668B4E9, 6B5E42BB81B3F841D7C1B312A309542969D6FECEAD9379BD88213809AA2DEC5B ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
22:30:43.0342 0x09fc mfefirek - ok
22:30:43.0405 0x09fc [ E66C388028FC6D4B837504BB350FF368, 517B03CC0F622EE7027923051696326472924F43513C1E6201FBB3F29D7F6DD1 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
22:30:43.0436 0x09fc mfehidk - ok
22:30:43.0467 0x09fc [ 63B1C0B982EC1A91C82F53CD22F21B91, F242E2E9E4F5893E63879A4D9FDCC13B3FF571F7108A6E9B98F4DEEB2C01BA3A ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
22:30:43.0483 0x09fc mfemms - ok
22:30:43.0500 0x09fc [ F9881B099DD511A9A53B0B9DB668EA9D, 3E57AC8137F893760C7C3DD06D47CCAE9F3EA419E698E5A08925120F3186E11F ] mfevtp C:\WINDOWS\system32\mfevtps.exe
22:30:43.0514 0x09fc mfevtp - ok
22:30:43.0545 0x09fc [ 06E22CD1696D37862CFB154E008C7921, 3994F3749716CC956E35AE699027FC2BEFA5F5402E0774323C9C9EA4FBBBC5BD ] mfewfpk C:\WINDOWS\system32\drivers\mfewfpk.sys
22:30:43.0562 0x09fc mfewfpk - ok
22:30:43.0592 0x09fc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
22:30:43.0608 0x09fc MMCSS - ok
22:30:43.0624 0x09fc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:30:43.0655 0x09fc Modem - ok
22:30:43.0670 0x09fc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:30:43.0702 0x09fc monitor - ok
22:30:43.0733 0x09fc [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:30:43.0764 0x09fc mouclass - ok
22:30:43.0780 0x09fc [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:30:43.0811 0x09fc mouhid - ok
22:30:43.0827 0x09fc [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:30:43.0842 0x09fc mountmgr - ok
22:30:43.0874 0x09fc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:30:43.0889 0x09fc mpsdrv - ok
22:30:43.0936 0x09fc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:30:43.0967 0x09fc MpsSvc - ok
22:30:44.0014 0x09fc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:30:44.0045 0x09fc MRxDAV - ok
22:30:44.0077 0x09fc [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:30:44.0108 0x09fc mrxsmb - ok
22:30:44.0123 0x09fc [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:30:44.0155 0x09fc mrxsmb10 - ok
22:30:44.0202 0x09fc [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:30:44.0249 0x09fc mrxsmb20 - ok
22:30:44.0264 0x09fc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
22:30:44.0295 0x09fc MsBridge - ok
22:30:44.0311 0x09fc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:30:44.0342 0x09fc MSDTC - ok
22:30:44.0358 0x09fc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:30:44.0389 0x09fc Msfs - ok
22:30:44.0389 0x09fc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:30:44.0405 0x09fc msgpiowin32 - ok
22:30:44.0420 0x09fc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:30:44.0436 0x09fc mshidkmdf - ok
22:30:44.0436 0x09fc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:30:44.0483 0x09fc mshidumdf - ok
22:30:44.0499 0x09fc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:30:44.0514 0x09fc msisadrv - ok
22:30:44.0545 0x09fc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:30:44.0577 0x09fc MSiSCSI - ok
22:30:44.0577 0x09fc msiserver - ok
22:30:44.0592 0x09fc [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:30:44.0608 0x09fc MSK80Service - ok
22:30:44.0624 0x09fc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:30:44.0655 0x09fc MSKSSRV - ok
22:30:44.0670 0x09fc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
22:30:44.0717 0x09fc MsLldp - ok
22:30:44.0733 0x09fc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:30:44.0749 0x09fc MSPCLOCK - ok
22:30:44.0764 0x09fc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:30:44.0780 0x09fc MSPQM - ok
22:30:44.0811 0x09fc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:30:44.0842 0x09fc MsRPC - ok
22:30:44.0858 0x09fc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:30:44.0874 0x09fc mssmbios - ok
22:30:44.0889 0x09fc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:30:44.0889 0x09fc MSTEE - ok
22:30:44.0905 0x09fc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:30:44.0920 0x09fc MTConfig - ok
22:30:44.0920 0x09fc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:30:44.0952 0x09fc Mup - ok
22:30:44.0952 0x09fc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:30:44.0967 0x09fc mvumis - ok
22:30:45.0014 0x09fc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
22:30:45.0045 0x09fc napagent - ok
22:30:45.0078 0x09fc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:30:45.0108 0x09fc NativeWifiP - ok
22:30:45.0139 0x09fc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:30:45.0186 0x09fc NcaSvc - ok
22:30:45.0217 0x09fc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:30:45.0233 0x09fc NcbService - ok
22:30:45.0264 0x09fc [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:30:45.0280 0x09fc NcdAutoSetup - ok
22:30:45.0327 0x09fc [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:30:45.0389 0x09fc NDIS - ok
22:30:45.0405 0x09fc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
22:30:45.0436 0x09fc NdisCap - ok
22:30:45.0467 0x09fc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
22:30:45.0514 0x09fc NdisImPlatform - ok
22:30:45.0545 0x09fc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:30:45.0578 0x09fc NdisTapi - ok
22:30:45.0592 0x09fc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:30:45.0608 0x09fc Ndisuio - ok
22:30:45.0624 0x09fc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:30:45.0639 0x09fc NdisVirtualBus - ok
22:30:45.0655 0x09fc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:30:45.0686 0x09fc NdisWan - ok
22:30:45.0686 0x09fc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:30:45.0702 0x09fc NdisWanLegacy - ok
22:30:45.0734 0x09fc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:30:45.0749 0x09fc NDProxy - ok
22:30:45.0764 0x09fc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:30:45.0780 0x09fc Ndu - ok
22:30:45.0811 0x09fc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:30:45.0827 0x09fc NetBIOS - ok
22:30:45.0843 0x09fc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:30:45.0874 0x09fc NetBT - ok
22:30:45.0874 0x09fc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
22:30:45.0889 0x09fc Netlogon - ok
22:30:45.0936 0x09fc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
22:30:45.0952 0x09fc Netman - ok
22:30:46.0014 0x09fc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:30:46.0045 0x09fc netprofm - ok
22:30:46.0092 0x09fc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:30:46.0108 0x09fc NetTcpPortSharing - ok
22:30:46.0124 0x09fc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
22:30:46.0155 0x09fc netvsc - ok
22:30:46.0311 0x09fc [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew02.sys
22:30:46.0452 0x09fc NETwNe64 - ok
22:30:46.0514 0x09fc [ 82CB4A679121EAE6370B79152FD4207A, ABE3D935125BB0F15E4112F81380B1AFA64977C1296B185640F9764BAAD5868D ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
22:30:46.0545 0x09fc NitroDriverReadSpool9 - ok
22:30:46.0592 0x09fc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:30:46.0639 0x09fc NlaSvc - ok
22:30:46.0702 0x09fc [ F13529E410DE911BA558D111E5B75E42, 534147B06D7AC6C508D88362958B80ED121924E2DD9B0773D2ECBA56B7DDF97F ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
22:30:46.0717 0x09fc nlsX86cc - ok
22:30:46.0733 0x09fc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:30:46.0749 0x09fc Npfs - ok
22:30:46.0764 0x09fc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:30:46.0780 0x09fc npsvctrig - ok
22:30:46.0795 0x09fc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
22:30:46.0858 0x09fc nsi - ok
22:30:46.0874 0x09fc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:30:46.0920 0x09fc nsiproxy - ok
22:30:46.0983 0x09fc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:30:47.0061 0x09fc Ntfs - ok
22:30:47.0077 0x09fc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
22:30:47.0092 0x09fc Null - ok
22:30:47.0108 0x09fc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:30:47.0124 0x09fc nvraid - ok
22:30:47.0124 0x09fc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:30:47.0139 0x09fc nvstor - ok
22:30:47.0155 0x09fc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
22:30:47.0170 0x09fc nv_agp - ok
22:30:47.0202 0x09fc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:30:47.0264 0x09fc p2pimsvc - ok
22:30:47.0296 0x09fc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:30:47.0327 0x09fc p2psvc - ok
22:30:47.0342 0x09fc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:30:47.0358 0x09fc Parport - ok
22:30:47.0389 0x09fc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:30:47.0405 0x09fc partmgr - ok
22:30:47.0452 0x09fc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:30:47.0483 0x09fc PcaSvc - ok
22:30:47.0530 0x09fc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
22:30:47.0561 0x09fc pci - ok
22:30:47.0578 0x09fc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:30:47.0594 0x09fc pciide - ok
22:30:47.0594 0x09fc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:30:47.0608 0x09fc pcmcia - ok
22:30:47.0624 0x09fc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:30:47.0639 0x09fc pcw - ok
22:30:47.0670 0x09fc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:30:47.0686 0x09fc pdc - ok
22:30:47.0717 0x09fc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
22:30:47.0764 0x09fc PEAUTH - ok
22:30:47.0796 0x09fc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
22:30:47.0811 0x09fc PerfHost - ok
22:30:47.0874 0x09fc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
22:30:47.0952 0x09fc pla - ok
22:30:47.0983 0x09fc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:30:48.0014 0x09fc PlugPlay - ok
22:30:48.0046 0x09fc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:30:48.0061 0x09fc PNRPAutoReg - ok
22:30:48.0077 0x09fc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:30:48.0108 0x09fc PNRPsvc - ok
22:30:48.0139 0x09fc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:30:48.0170 0x09fc PolicyAgent - ok
22:30:48.0186 0x09fc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
22:30:48.0217 0x09fc Power - ok
22:30:48.0217 0x09fc [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:30:48.0249 0x09fc PptpMiniport - ok
22:30:48.0374 0x09fc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:30:48.0530 0x09fc PrintNotify - ok
22:30:48.0545 0x09fc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:30:48.0592 0x09fc Processor - ok
22:30:48.0655 0x09fc [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:30:48.0686 0x09fc ProfSvc - ok
22:30:48.0717 0x09fc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
22:30:48.0749 0x09fc Psched - ok
22:30:48.0795 0x09fc [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
22:30:48.0827 0x09fc PSI_SVC_2 - ok
22:30:48.0874 0x09fc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:30:48.0905 0x09fc QWAVE - ok
22:30:48.0920 0x09fc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:30:48.0952 0x09fc QWAVEdrv - ok
22:30:48.0967 0x09fc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:30:48.0999 0x09fc RasAcd - ok
22:30:49.0030 0x09fc [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
22:30:49.0061 0x09fc RasAgileVpn - ok
22:30:49.0092 0x09fc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:30:49.0124 0x09fc RasAuto - ok
22:30:49.0155 0x09fc [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:30:49.0170 0x09fc Rasl2tp - ok
22:30:49.0202 0x09fc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:30:49.0249 0x09fc RasMan - ok
22:30:49.0264 0x09fc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:30:49.0280 0x09fc RasPppoe - ok
22:30:49.0295 0x09fc [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
22:30:49.0327 0x09fc RasSstp - ok
22:30:49.0358 0x09fc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:30:49.0405 0x09fc rdbss - ok
22:30:49.0420 0x09fc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:30:49.0436 0x09fc rdpbus - ok
22:30:49.0452 0x09fc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:30:49.0483 0x09fc RDPDR - ok
22:30:49.0514 0x09fc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:30:49.0530 0x09fc RdpVideoMiniport - ok
22:30:49.0562 0x09fc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:30:49.0593 0x09fc rdyboost - ok
22:30:49.0624 0x09fc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
22:30:49.0655 0x09fc ReFS - ok
22:30:49.0702 0x09fc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:30:49.0717 0x09fc RemoteAccess - ok
22:30:49.0764 0x09fc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:30:49.0811 0x09fc RemoteRegistry - ok
22:30:49.0858 0x09fc [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
22:30:49.0889 0x09fc RichVideo64 - ok
22:30:49.0905 0x09fc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:30:49.0920 0x09fc RpcEptMapper - ok
22:30:49.0936 0x09fc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
22:30:49.0952 0x09fc RpcLocator - ok
22:30:49.0999 0x09fc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:30:50.0062 0x09fc RpcSs - ok
22:30:50.0077 0x09fc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:30:50.0109 0x09fc rspndr - ok
22:30:50.0124 0x09fc [ 99E927EA78E4B20F02B4B900F6FAB569, C4F6EC9B3BA4FA39926673F39BA3A183CDB7FFC04404F115779C7397C482A795 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
22:30:50.0155 0x09fc RSUSBVSTOR - ok
22:30:50.0202 0x09fc [ 948D5E71CF9DB59961353A355EA45139, A23D012B07A92CC217C67C904CDFBA2BCCDCC2BD49B24FB694BD230D000F2B7B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
22:30:50.0217 0x09fc RTL8168 - ok
22:30:50.0249 0x09fc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:30:50.0264 0x09fc s3cap - ok
22:30:50.0295 0x09fc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
22:30:50.0327 0x09fc SamSs - ok
22:30:50.0342 0x09fc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:30:50.0358 0x09fc sbp2port - ok
22:30:50.0374 0x09fc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:30:50.0420 0x09fc SCardSvr - ok
22:30:50.0436 0x09fc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:30:50.0467 0x09fc ScDeviceEnum - ok
22:30:50.0499 0x09fc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:30:50.0530 0x09fc scfilter - ok
22:30:50.0592 0x09fc [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:30:50.0670 0x09fc Schedule - ok
22:30:50.0702 0x09fc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:30:50.0749 0x09fc SCPolicySvc - ok
22:30:50.0780 0x09fc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:30:50.0795 0x09fc sdbus - ok
22:30:50.0795 0x09fc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:30:50.0811 0x09fc sdstor - ok
22:30:50.0828 0x09fc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
22:30:50.0859 0x09fc secdrv - ok
22:30:50.0889 0x09fc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
22:30:50.0920 0x09fc seclogon - ok
22:30:50.0952 0x09fc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
22:30:50.0967 0x09fc SENS - ok
22:30:50.0999 0x09fc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:30:51.0014 0x09fc SensrSvc - ok
22:30:51.0030 0x09fc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:30:51.0045 0x09fc SerCx - ok
22:30:51.0061 0x09fc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:30:51.0078 0x09fc SerCx2 - ok
22:30:51.0092 0x09fc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:30:51.0124 0x09fc Serenum - ok
22:30:51.0124 0x09fc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:30:51.0139 0x09fc Serial - ok
22:30:51.0170 0x09fc [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:30:51.0186 0x09fc sermouse - ok
22:30:51.0233 0x09fc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:30:51.0264 0x09fc SessionEnv - ok
22:30:51.0280 0x09fc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:30:51.0296 0x09fc sfloppy - ok
22:30:51.0327 0x09fc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:30:51.0343 0x09fc SharedAccess - ok
22:30:51.0389 0x09fc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:30:51.0452 0x09fc ShellHWDetection - ok
22:30:51.0483 0x09fc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:30:51.0483 0x09fc SiSRaid2 - ok
22:30:51.0499 0x09fc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:30:51.0514 0x09fc SiSRaid4 - ok
22:30:51.0530 0x09fc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
22:30:51.0562 0x09fc smphost - ok
22:30:51.0577 0x09fc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:30:51.0609 0x09fc SNMPTRAP - ok
22:30:51.0655 0x09fc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:30:51.0686 0x09fc spaceport - ok
22:30:51.0686 0x09fc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:30:51.0702 0x09fc SpbCx - ok
22:30:51.0749 0x09fc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:30:51.0780 0x09fc Spooler - ok
22:30:51.0936 0x09fc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:30:52.0170 0x09fc sppsvc - ok
22:30:52.0202 0x09fc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:30:52.0233 0x09fc srv - ok
22:30:52.0280 0x09fc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:30:52.0327 0x09fc srv2 - ok
22:30:52.0358 0x09fc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:30:52.0374 0x09fc srvnet - ok
22:30:52.0405 0x09fc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:30:52.0436 0x09fc SSDPSRV - ok
22:30:52.0452 0x09fc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:30:52.0467 0x09fc SstpSvc - ok
22:30:52.0499 0x09fc [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:30:52.0514 0x09fc ssudmdm - ok
22:30:52.0530 0x09fc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:30:52.0545 0x09fc stexstor - ok
22:30:52.0578 0x09fc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
22:30:52.0608 0x09fc stisvc - ok
22:30:52.0639 0x09fc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:30:52.0655 0x09fc storahci - ok
22:30:52.0686 0x09fc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
22:30:52.0702 0x09fc storflt - ok
22:30:52.0717 0x09fc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:30:52.0733 0x09fc stornvme - ok
22:30:52.0764 0x09fc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:30:52.0780 0x09fc StorSvc - ok
22:30:52.0795 0x09fc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:30:52.0811 0x09fc storvsc - ok
22:30:52.0842 0x09fc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
22:30:52.0858 0x09fc svsvc - ok
22:30:52.0874 0x09fc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:30:52.0889 0x09fc swenum - ok
22:30:52.0936 0x09fc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
22:30:52.0967 0x09fc swprv - ok
22:30:53.0030 0x09fc [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
22:30:53.0077 0x09fc SysMain - ok
22:30:53.0092 0x09fc [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:30:53.0139 0x09fc SystemEventsBroker - ok
22:30:53.0170 0x09fc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:30:53.0202 0x09fc TabletInputService - ok
22:30:53.0233 0x09fc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:30:53.0264 0x09fc TapiSrv - ok
22:30:53.0327 0x09fc [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:30:53.0420 0x09fc Tcpip - ok
22:30:53.0483 0x09fc [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:30:53.0545 0x09fc TCPIP6 - ok
22:30:53.0578 0x09fc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:30:53.0592 0x09fc tcpipreg - ok
22:30:53.0608 0x09fc [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:30:53.0624 0x09fc tdx - ok
22:30:53.0639 0x09fc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:30:53.0655 0x09fc terminpt - ok
22:30:53.0702 0x09fc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
22:30:53.0749 0x09fc TermService - ok
22:30:53.0780 0x09fc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
22:30:53.0795 0x09fc Themes - ok
22:30:53.0828 0x09fc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
22:30:53.0842 0x09fc THREADORDER - ok
22:30:53.0858 0x09fc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
22:30:53.0889 0x09fc TimeBroker - ok
22:30:53.0905 0x09fc [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
22:30:53.0920 0x09fc TPM - ok
22:30:53.0952 0x09fc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:30:53.0983 0x09fc TrkWks - ok
22:30:54.0014 0x09fc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:30:54.0045 0x09fc TrustedInstaller - ok
22:30:54.0061 0x09fc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
22:30:54.0077 0x09fc TsUsbFlt - ok
22:30:54.0108 0x09fc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:30:54.0125 0x09fc TsUsbGD - ok
22:30:54.0139 0x09fc [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
22:30:54.0186 0x09fc tunnel - ok
22:30:54.0202 0x09fc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
22:30:54.0233 0x09fc uagp35 - ok
22:30:54.0264 0x09fc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:30:54.0280 0x09fc UASPStor - ok
22:30:54.0311 0x09fc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
22:30:54.0327 0x09fc UCX01000 - ok
22:30:54.0358 0x09fc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:30:54.0374 0x09fc udfs - ok
22:30:54.0389 0x09fc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:30:54.0405 0x09fc UEFI - ok
22:30:54.0436 0x09fc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:30:54.0452 0x09fc UI0Detect - ok
22:30:54.0467 0x09fc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
22:30:54.0483 0x09fc uliagpkx - ok
22:30:54.0499 0x09fc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:30:54.0514 0x09fc umbus - ok
22:30:54.0530 0x09fc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:30:54.0561 0x09fc UmPass - ok
22:30:54.0592 0x09fc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:30:54.0624 0x09fc UmRdpService - ok
22:30:54.0670 0x09fc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:30:54.0702 0x09fc upnphost - ok
22:30:54.0733 0x09fc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:30:54.0749 0x09fc usbccgp - ok
22:30:54.0764 0x09fc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:30:54.0795 0x09fc usbcir - ok
22:30:54.0827 0x09fc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:30:54.0842 0x09fc usbehci - ok
22:30:54.0889 0x09fc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:30:54.0920 0x09fc usbhub - ok
22:30:54.0967 0x09fc [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:30:54.0983 0x09fc USBHUB3 - ok
22:30:55.0014 0x09fc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:30:55.0030 0x09fc usbohci - ok
22:30:55.0045 0x09fc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:30:55.0108 0x09fc usbprint - ok
22:30:55.0139 0x09fc [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
22:30:55.0170 0x09fc usbscan - ok
22:30:55.0202 0x09fc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:30:55.0217 0x09fc USBSTOR - ok
22:30:55.0233 0x09fc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:30:55.0264 0x09fc usbuhci - ok
22:30:55.0295 0x09fc [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
22:30:55.0327 0x09fc usbvideo - ok
22:30:55.0342 0x09fc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:30:55.0358 0x09fc USBXHCI - ok
22:30:55.0374 0x09fc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:30:55.0390 0x09fc VaultSvc - ok
22:30:55.0405 0x09fc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:30:55.0420 0x09fc vdrvroot - ok
22:30:55.0467 0x09fc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
22:30:55.0545 0x09fc vds - ok
22:30:55.0561 0x09fc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:30:55.0577 0x09fc VerifierExt - ok
22:30:55.0608 0x09fc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:30:55.0655 0x09fc vhdmp - ok
22:30:55.0670 0x09fc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
22:30:55.0686 0x09fc viaide - ok
22:30:55.0717 0x09fc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:30:55.0733 0x09fc vmbus - ok
22:30:55.0733 0x09fc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:30:55.0764 0x09fc VMBusHID - ok
22:30:55.0795 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:30:55.0827 0x09fc vmicguestinterface - ok
22:30:55.0842 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
22:30:55.0874 0x09fc vmicheartbeat - ok
22:30:55.0889 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:30:55.0905 0x09fc vmickvpexchange - ok
22:30:55.0920 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
22:30:55.0952 0x09fc vmicrdv - ok
22:30:55.0967 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
22:30:55.0999 0x09fc vmicshutdown - ok
22:30:56.0014 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
22:30:56.0045 0x09fc vmictimesync - ok
22:30:56.0061 0x09fc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
22:30:56.0092 0x09fc vmicvss - ok
22:30:56.0092 0x09fc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:30:56.0108 0x09fc volmgr - ok
22:30:56.0140 0x09fc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:30:56.0170 0x09fc volmgrx - ok
22:30:56.0186 0x09fc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:30:56.0202 0x09fc volsnap - ok
22:30:56.0217 0x09fc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
22:30:56.0233 0x09fc vpci - ok
22:30:56.0264 0x09fc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:30:56.0280 0x09fc vsmraid - ok
22:30:56.0327 0x09fc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
22:30:56.0389 0x09fc VSS - ok
22:30:56.0405 0x09fc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:30:56.0436 0x09fc VSTXRAID - ok
22:30:56.0452 0x09fc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:30:56.0467 0x09fc vwifibus - ok
22:30:56.0483 0x09fc [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
22:30:56.0514 0x09fc vwififlt - ok
22:30:56.0530 0x09fc [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
22:30:56.0545 0x09fc vwifimp - ok
22:30:56.0577 0x09fc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
22:30:56.0608 0x09fc W32Time - ok
22:30:56.0624 0x09fc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:30:56.0655 0x09fc WacomPen - ok
22:30:56.0686 0x09fc [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:30:56.0717 0x09fc Wanarp - ok
22:30:56.0733 0x09fc [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:30:56.0749 0x09fc Wanarpv6 - ok
22:30:56.0811 0x09fc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
22:30:56.0858 0x09fc wbengine - ok
22:30:56.0890 0x09fc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:30:56.0936 0x09fc WbioSrvc - ok
22:30:56.0952 0x09fc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:30:56.0983 0x09fc Wcmsvc - ok
22:30:57.0014 0x09fc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:30:57.0045 0x09fc wcncsvc - ok
22:30:57.0061 0x09fc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:30:57.0092 0x09fc WcsPlugInService - ok
22:30:57.0108 0x09fc [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:30:57.0139 0x09fc WdBoot - ok
22:30:57.0186 0x09fc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:30:57.0217 0x09fc Wdf01000 - ok
22:30:57.0249 0x09fc [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:30:57.0264 0x09fc WdFilter - ok
22:30:57.0295 0x09fc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:30:57.0311 0x09fc WdiServiceHost - ok
22:30:57.0311 0x09fc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:30:57.0342 0x09fc WdiSystemHost - ok
22:30:57.0359 0x09fc [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:30:57.0374 0x09fc WdNisDrv - ok
22:30:57.0406 0x09fc WdNisSvc - ok
22:30:57.0436 0x09fc [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:30:57.0467 0x09fc WebClient - ok
22:30:57.0499 0x09fc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:30:57.0545 0x09fc Wecsvc - ok
22:30:57.0561 0x09fc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:30:57.0592 0x09fc WEPHOSTSVC - ok
22:30:57.0624 0x09fc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:30:57.0655 0x09fc wercplsupport - ok
22:30:57.0702 0x09fc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:30:57.0733 0x09fc WerSvc - ok
22:30:57.0749 0x09fc [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
22:30:57.0764 0x09fc WFPLWFS - ok
22:30:57.0795 0x09fc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:30:57.0827 0x09fc WiaRpc - ok
22:30:57.0842 0x09fc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:30:57.0858 0x09fc WIMMount - ok
22:30:57.0858 0x09fc WinDefend - ok
22:30:57.0905 0x09fc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:30:57.0936 0x09fc WinHttpAutoProxySvc - ok
22:30:57.0999 0x09fc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:30:58.0030 0x09fc Winmgmt - ok
22:30:58.0139 0x09fc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:30:58.0233 0x09fc WinRM - ok
22:30:58.0264 0x09fc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
22:30:58.0295 0x09fc WinUsb - ok
22:30:58.0327 0x09fc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:30:58.0420 0x09fc WlanSvc - ok
22:30:58.0499 0x09fc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:30:58.0561 0x09fc wlidsvc - ok
22:30:58.0592 0x09fc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:30:58.0608 0x09fc WmiAcpi - ok
22:30:58.0655 0x09fc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:30:58.0686 0x09fc wmiApSrv - ok
22:30:58.0702 0x09fc WMPNetworkSvc - ok
22:30:58.0733 0x09fc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:30:58.0749 0x09fc Wof - ok
22:30:58.0827 0x09fc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:30:58.0890 0x09fc workfolderssvc - ok
22:30:58.0920 0x09fc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:30:58.0936 0x09fc wpcfltr - ok
22:30:58.0952 0x09fc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
22:30:58.0967 0x09fc WPCSvc - ok
22:30:58.0999 0x09fc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:30:59.0030 0x09fc WPDBusEnum - ok
22:30:59.0045 0x09fc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:30:59.0061 0x09fc WpdUpFltr - ok
22:30:59.0061 0x09fc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:30:59.0092 0x09fc ws2ifsl - ok
22:30:59.0124 0x09fc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:30:59.0139 0x09fc wscsvc - ok
22:30:59.0139 0x09fc WSearch - ok
22:30:59.0264 0x09fc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
22:30:59.0389 0x09fc WSService - ok
22:30:59.0420 0x09fc [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
22:30:59.0436 0x09fc wsvd - ok
22:30:59.0577 0x09fc [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:30:59.0686 0x09fc wuauserv - ok
22:30:59.0733 0x09fc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:30:59.0749 0x09fc WudfPf - ok
22:30:59.0795 0x09fc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
22:30:59.0811 0x09fc WUDFRd - ok
22:30:59.0827 0x09fc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
22:30:59.0842 0x09fc WUDFSensorLP - ok
22:30:59.0858 0x09fc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:30:59.0889 0x09fc wudfsvc - ok
22:30:59.0905 0x09fc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
22:30:59.0920 0x09fc WUDFWpdFs - ok
22:30:59.0920 0x09fc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
22:30:59.0936 0x09fc WUDFWpdMtp - ok
22:30:59.0983 0x09fc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:30:59.0999 0x09fc WwanSvc - ok
22:31:00.0014 0x09fc ================ Scan global ===============================
22:31:00.0061 0x09fc [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
22:31:00.0077 0x09fc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
22:31:00.0108 0x09fc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
22:31:00.0124 0x09fc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
22:31:00.0139 0x09fc [ Global ] - ok
22:31:00.0139 0x09fc ================ Scan MBR ==================================
22:31:00.0170 0x09fc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:31:00.0264 0x09fc \Device\Harddisk0\DR0 - ok
22:31:00.0280 0x09fc [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR7
22:31:00.0483 0x09fc \Device\Harddisk1\DR7 - ok
22:31:00.0483 0x09fc ================ Scan VBR ==================================
22:31:00.0483 0x09fc [ D8FA1788F4CA74FB8A309E3165A09D83 ] \Device\Harddisk0\DR0\Partition1
22:31:00.0545 0x09fc \Device\Harddisk0\DR0\Partition1 - ok
22:31:00.0561 0x09fc [ 42C214443098E322C2052B8B938CAD7D ] \Device\Harddisk0\DR0\Partition2
22:31:00.0624 0x09fc \Device\Harddisk0\DR0\Partition2 - ok
22:31:00.0640 0x09fc [ 0C67991C25DD9AFFA29B9782CDCC939C ] \Device\Harddisk0\DR0\Partition3
22:31:00.0686 0x09fc \Device\Harddisk0\DR0\Partition3 - ok
22:31:00.0717 0x09fc [ 495E37546AA24032873EE424E9C33648 ] \Device\Harddisk0\DR0\Partition4
22:31:00.0717 0x09fc \Device\Harddisk0\DR0\Partition4 - ok
22:31:00.0734 0x09fc [ 87F02A404C53F34C8C05C519C885884E ] \Device\Harddisk0\DR0\Partition5
22:31:00.0764 0x09fc \Device\Harddisk0\DR0\Partition5 - ok
22:31:00.0812 0x09fc [ CAC83B919CCDA524A2218543017448EA ] \Device\Harddisk0\DR0\Partition6
22:31:00.0827 0x09fc \Device\Harddisk0\DR0\Partition6 - ok
22:31:00.0827 0x09fc [ FCD9CD1A8BC19A8BC83772C9F8A0A5F1 ] \Device\Harddisk1\DR7\Partition1
22:31:00.0843 0x09fc \Device\Harddisk1\DR7\Partition1 - ok
22:31:00.0843 0x09fc ================ Scan generic autorun ======================
22:31:01.0217 0x09fc [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:31:01.0625 0x09fc RTHDVCPL - ok
22:31:01.0702 0x09fc [ F31CDC26F3624750C2AE2DEFF1E598DA, 06B606E849FB946A9E4CFC8E6799A6B18C4E3233A77ED62DEBCC375649F3D7A8 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:31:01.0749 0x09fc RtHDVBg_LENOVO_MICPKEY - ok
22:31:01.0842 0x09fc [ FABE304460CE5FBD10139403DFAF1853, 1C3BDCEA4508FC2768A6B2CB56D2B08FCDA6047D6F1B52FE2E2901DBCD72B37C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
22:31:01.0858 0x09fc StartCCC - ok
22:31:01.0890 0x09fc [ 17716C3DD52BF815291D80FAAF329AC7, 3E42FBED89BF8CE6C0EE8C97C050358ED98577BB1DDFA93CDE25F431FC55138E ] C:\WINDOWS\jmesoft\hotkey.exe
22:31:01.0905 0x09fc jmekey - detected UnsignedFile.Multi.Generic ( 1 )
22:31:01.0905 0x09fc jmekey ( UnsignedFile.Multi.Generic ) - warning
22:31:01.0920 0x09fc [ A7464F6ED03611109F435218E424AAB8, 2C582D2E97F5AE97D1FBEC0493DF45A8EAF2D2CA93048556FD11B4AAA09956E6 ] C:\Windows\jmesoft\ServiceLoader.exe
22:31:01.0936 0x09fc jmesoft - detected UnsignedFile.Multi.Generic ( 1 )
22:31:01.0936 0x09fc jmesoft ( UnsignedFile.Multi.Generic ) - warning
22:31:01.0999 0x09fc [ 50299DBA20F8A1735830914777B55932, 7A8864A9FA81BF6C53797B7B8FCC2199B812A7E913D35387A0C5C63C170BAC02 ] C:\Program Files\Lenovo\LVT\LJYZ.exe
22:31:02.0030 0x09fc LVT - ok
22:31:02.0077 0x09fc [ B29819926AD9A9F991E5927095262D1B, 4035412786398CF4C36453BB2919FCC328ED4C8F5CB730A89DCE7A2B16FFF287 ] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
22:31:02.0108 0x09fc mcpltui_exe - ok
22:31:02.0155 0x09fc [ 0B427D9943C838620AFA30CBB24A6D77, 5A98B1405126F79846C810E739E964B11A4397F3DE597991308DB3C6AABB8F81 ] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
22:31:02.0186 0x09fc CLMLServer - ok
22:31:02.0217 0x09fc [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
22:31:02.0233 0x09fc UpdateP2GoShortCut - ok
22:31:02.0264 0x09fc [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
22:31:02.0280 0x09fc RemoteControl10 - ok
22:31:02.0311 0x09fc [ 1385CE7ADFD546084E1E6D5E82C91D1C, 15EBA35046D9E6E73792746BE99F2A3843C4E84983637A26674C04308091D5C5 ] C:\Program Files (x86)\PDF24\pdf24.exe
22:31:02.0327 0x09fc PDFPrint - ok
22:31:02.0358 0x09fc [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
22:31:02.0358 0x09fc HP Software Update - ok
22:31:02.0405 0x09fc [ 6F94A57D1F05A1A68C33D49B6751C8C6, D37ADB69E8FB2209F6DBD9A55E67800AAED35973DE0830878C6177BDCC073676 ] C:\Windows\System32\StikyNot.exe
22:31:02.0452 0x09fc RESTART_STICKY_NOTES - ok
22:31:02.0561 0x09fc AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
22:31:02.0577 0x09fc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
22:31:02.0577 0x09fc FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
22:31:02.0577 0x09fc ============================================================
22:31:02.0577 0x09fc Scan finished
22:31:02.0577 0x09fc ============================================================
22:31:02.0592 0x1268 Detected object count: 3
22:31:02.0592 0x1268 Actual detected object count: 3
22:31:42.0890 0x1268 JME Keyboard ( UnsignedFile.Multi.Generic ) - skipped by user
22:31:42.0890 0x1268 JME Keyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:31:42.0890 0x1268 jmekey ( UnsignedFile.Multi.Generic ) - skipped by user
22:31:42.0890 0x1268 jmekey ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:31:42.0890 0x1268 jmesoft ( UnsignedFile.Multi.Generic ) - skipped by user
22:31:42.0890 0x1268 jmesoft ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
24.06.2015, 13:20
| #4 |
| /// TB-Ausbilder | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Servus, So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! bitte nochmal die folgenden Programme in der angegebenen Reihenfolge ausführen und alle Funde entfernen lassen und die Logdateien dazu posten: 1. AdwCleaner 2. MBAM 3. JRT Und dann noch ein frisches Logfile bitte:
|
|
24.06.2015, 14:31
| #5 |
| | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Hi Matthias , hier sind die logfiles ,aber die FRST file hat wieder 500 kb gehabt , also ist sie gezippt . Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 24/06/2015 um 14:54:12
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-05-31.5 [Lokal]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Hikaru - HIKARU-UKE
# Gestarted von : C:\Users\Hikaru\Desktop\adwcleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
**** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\LenovoBrowserGuard
Ordner Gelöscht : C:\Users\Hikaru\AppData\Local\LenovoBrowserGuard
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\LenovoBrowserGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [7535 Bytes] - [19/06/2015 14:48:28]
AdwCleaner[R1].txt - [1671 Bytes] - [20/06/2015 15:56:42]
AdwCleaner[R2].txt - [1273 Bytes] - [24/06/2015 14:52:27]
AdwCleaner[S0].txt - [6816 Bytes] - [19/06/2015 14:55:00]
AdwCleaner[S1].txt - [1539 Bytes] - [20/06/2015 15:58:23]
AdwCleaner[S2].txt - [1193 Bytes] - [24/06/2015 14:54:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1252 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 24.06.2015 Suchlauf-Zeit: 14:56:34 Logdatei: mbam24.6-1.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.20.02 Rootkit Datenbank: v2015.06.15.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Hikaru Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 345618 Verstrichene Zeit: 11 Min, 43 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Error, 24.06.2015 14:55:14, SYSTEM, HIKARU-UKE, Protection, IsLicensed, 13, Protection, 24.06.2015 14:55:14, SYSTEM, HIKARU-UKE, Protection, Malware Protection, Stopping, Protection, 24.06.2015 14:55:14, SYSTEM, HIKARU-UKE, Protection, Malware Protection, Stopped, Update, 24.06.2015 14:56:34, SYSTEM, HIKARU-UKE, Manual, Failed, Unable to access update server, Scan, 24.06.2015 15:08:18, SYSTEM, HIKARU-UKE, Manual, Start: 24.06.2015 14:56:34, Dauer: 11 Minuten 43 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "0" nicht-Malwareerkennung, (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.1 (06.17.2015:2)
OS: Windows 8.1 x64
Ran by Hikaru on 24.06.2015 at 15:11:44,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.06.2015 at 15:13:50,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Additional FRST Logfile: |
|
24.06.2015, 16:09
| #6 |
| /// TB-Ausbilder | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Servus, Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
S2 mailUpdate; C:\ProgramData\MailUpdate\mailUpdate.exe -service [X]
SearchScopes: HKU\S-1-5-21-239342230-206131414-3666733320-1002 -> {16C56A97-C4BD-433D-9355-D9B3814853D9} URL =
SearchScopes: HKU\S-1-5-21-239342230-206131414-3666733320-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {16C56A97-C4BD-433D-9355-D9B3814853D9} URL =
Task: {01A7284B-3E31-42E2-97A5-67AEEC918158} - \Emaenxsu No Task File <==== ATTENTION
Task: {190FFCA9-85C7-41E1-AC00-D0B049212C89} - \Winsta Update No Task File <==== ATTENTION
FirewallRules: [{8C71827F-0F8B-437A-9D01-A1ED3C17BB67}] => (Allow) C:\Users\Hikaru\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{4F179252-BEA9-442B-A821-E035B478046A}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
24.06.2015, 20:24
| #7 |
| | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. N'Abend , hier ist die FRST fIxlog : Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Hikaru at 2015-06-24 18:40:00 Run:1
Running from C:\Users\Hikaru\Desktop
Loaded Profiles: Hikaru & (Available Profiles: Hikaru)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
S2 mailUpdate; C:\ProgramData\MailUpdate\mailUpdate.exe -service [X]
SearchScopes: HKU\S-1-5-21-239342230-206131414-3666733320-1002 -> {16C56A97-C4BD-433D-9355-D9B3814853D9} URL =
SearchScopes: HKU\S-1-5-21-239342230-206131414-3666733320-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {16C56A97-C4BD-433D-9355-D9B3814853D9} URL =
Task: {01A7284B-3E31-42E2-97A5-67AEEC918158} - \Emaenxsu No Task File <==== ATTENTION
Task: {190FFCA9-85C7-41E1-AC00-D0B049212C89} - \Winsta Update No Task File <==== ATTENTION
FirewallRules: [{8C71827F-0F8B-437A-9D01-A1ED3C17BB67}] => (Allow) C:\Users\Hikaru\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{4F179252-BEA9-442B-A821-E035B478046A}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
RemoveProxy:
EmptyTemp:
end
*****************
Processes closed successfully.
mailUpdate => Service removed successfully
"HKU\S-1-5-21-239342230-206131414-3666733320-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16C56A97-C4BD-433D-9355-D9B3814853D9}" => key removed successfully
HKCR\CLSID\{16C56A97-C4BD-433D-9355-D9B3814853D9} => key not found.
"HKU\S-1-5-21-239342230-206131414-3666733320-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16C56A97-C4BD-433D-9355-D9B3814853D9}" => key removed successfully
HKCR\CLSID\{16C56A97-C4BD-433D-9355-D9B3814853D9} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{01A7284B-3E31-42E2-97A5-67AEEC918158}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01A7284B-3E31-42E2-97A5-67AEEC918158}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Emaenxsu" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{190FFCA9-85C7-41E1-AC00-D0B049212C89}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{190FFCA9-85C7-41E1-AC00-D0B049212C89}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta Update" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C71827F-0F8B-437A-9D01-A1ED3C17BB67} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F179252-BEA9-442B-A821-E035B478046A} => value removed successfully
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-239342230-206131414-3666733320-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-239342230-206131414-3666733320-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-239342230-206131414-3666733320-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-239342230-206131414-3666733320-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 732.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 18:40:31 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d02caeca3c90e348863edc84b853a2fe
# end=init
# utc_time=2015-06-24 05:18:22
# local_time=2015-06-24 07:18:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24482
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d02caeca3c90e348863edc84b853a2fe
# end=updated
# utc_time=2015-06-24 05:21:29
# local_time=2015-06-24 07:21:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d02caeca3c90e348863edc84b853a2fe
# engine=24482
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-24 07:00:19
# local_time=2015-06-24 09:00:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 954528 60053712 0 0
# scanned=324718
# found=12
# cleaned=0
# scan_time=5930
sh=6DE39BA2182720CDEB45E8B9936CDC07EAB52085 ft=1 fh=a289755de31c3d50 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe.vir"
sh=713A353AC8CEF22000E5640F0DB9155BBF245491 ft=1 fh=c58d002dc5bd92a3 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPTool64.exe.vir"
sh=6C9A4683E78599CDCB2F5FDA91AA49E61ED9858C ft=1 fh=5601d77d4e6a9c3c vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll.vir"
sh=DAA572BB067FAE9152ACE0450D532296B8DBE026 ft=1 fh=9fa1d9f57ff7247a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll.vir"
sh=1BE5A8E26AF3A963669AF440AE8C7501F20159AC ft=1 fh=7c9cd284f3175fea vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64.dll.vir"
sh=63E6C5AC0021F16B40DBF00DAA68C4E09676DD4B ft=1 fh=add9d73cb55e69cf vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll.vir"
sh=EA6717E7E8489F91FD4BA34BA7763A03597F04AA ft=1 fh=35b314d511d4babd vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe.vir"
sh=FFA86971C39536FEFAE13BBE7D597600C6699098 ft=1 fh=adb1763c5f5104b9 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\Main\bin\SPTool.dll.vir"
sh=1923F473B9710CC8072E28CEE49AA5AC8C62E2AF ft=1 fh=40e068b85a9362d6 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe.vir"
sh=524E998587FBEC044FA27244D6D742F4B4D19CEB ft=1 fh=e7e84e08d468813d vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LenovoBrowserGuard\UI\bin\cltmngui.exe.vir"
sh=97F7C1011A73443860463BB24240AA099E1960A4 ft=1 fh=194dba6be4004f73 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="F:\collect\texturesbrushes\brushes-searchmodify\whatever\gimp_31.exe"
sh=6B3FC04C49FA646056EF9E546F9E823ADE523616 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="F:\Storytelling\safekeeping\to facebook\1brushes.zip"
Code:
ATTFilter Results of screen317's Security Check version 1.004
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Antivirus
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 18.0.0.160
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
24.06.2015, 21:10
| #8 |
| /// TB-Ausbilder | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Servus, Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. |
|
24.06.2015, 22:29
| #9 |
| | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Hi , ich verstehe nicht ganz ,die Windows Firewall ist deaktiviert ? Ich habe zweimal geprueft und es sagt es ist Aktiv . Habe ich irgendwas nicht richtig angestellt ? Hier die FSS.txt Datei und  :Code:
ATTFilter Farbar Service Scanner Version: 17-01-2015
Ran by Hikaru (administrator) on 24-06-2015 at 23:16:38
Running from "C:\Users\Hikaru\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
|
|
25.06.2015, 13:46
| #10 |
| /// TB-Ausbilder | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Servus, gibt es aktuell noch Probleme mit Adware/Malware? Wenn ja, welche und welche Browser sind betroffen? |
|
25.06.2015, 14:33
| #11 |
| | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Laeuft alles Einwandfrei , also bin ich nun sicher ?  Danke Dir ! |
|
25.06.2015, 19:41
| #12 | ||||||||||
| /// TB-Ausbilder | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
26.06.2015, 13:00
| #13 |
| | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Alles erledigt . |
|
26.06.2015, 20:16
| #14 |
| /// TB-Ausbilder | Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Win8.1 hat 4 Viren:GenericPOP.x , TR/Dropper.MSIL.Gen,ADWARE.Gen7 und Artemis.. |
| adware.gen7, angst, anime, anleitung, antivirus, artemis!, askbar, avira, benutzte, beste, bobrowser, faust, feedback, funde, genericpop.x, gmer, install.exe, installier, installierte, interne, internet, launch, leitung, logfiles, malwarebytes, namen, onedrive, programme, removal, schritt, seitdem, tool, tr/dropper.msil.gen, viren, win, wirklich |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
