| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Fake Inkasso Email mit Anhang geöffnetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.09.2015, 17:34
| #1 |
 |  Fake Inkasso Email mit Anhang geöffnet Hallo Liebe Forenmitglieder, ich habe mich gerade frisch bei euch registriert. :-) Über Google bin ich auf Euch gekommen und hoffe ihr könnt mir weiterhelfen, wie in anderen Threads auch schon zu diesem Thema. :-) Mein Vater bekam gestern eine Email von "anwaltschaften@paypal.de" mit dem Inhalt die letzte Chance zu haben eine offene Rechnung zu begleichen. Das ganze war anfangs in einer .rar Datei gepackt, in der sich eine .zip befand, wo wiederum die MSDOS Anwendung war. Da mein Vater kein Winrar hatte, installierte ihm mein schlauer Bruder Winrar, damit man sich den Virus garantiert einfängt.  Einen Virenscan mit Avira ist auch nicht mehr möglich, lässt er mir nicht mehr öffnen. Ich hänge mal, so wie ich es in anderen Threads gesehen habe, gleich das erste Logfile mit an und bedanke mich für hoffentlich kommende Hilfe. :-) Gruß Tom FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
durchgeführt von Tom (Administrator) auf TOM-PC (21-09-2015 18:14:16)
Gestartet von C:\Users\Tom\Downloads
Geladene Profile: Tom & UpdatusUser (Verfügbare Profile: Tom & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\PnkBstrA.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
() C:\Windows\PLFSetI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(SlySoft, Inc.) C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\tasklist.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM\...\Run: [amplitude_modulation] => C:\ProgramData\Apple Computer\iTunes\bending\antigravity.exe [212480 2014-10-06] ()
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\Run: [link_doctor] => C:\Users\Tom\AppData\Local\Temp\Link-hear\linkstaff.exe [150528 2015-09-20] () <===== ACHTUNG
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\Run: [sentence-mess] => C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe [133632 2015-09-21] () <===== ACHTUNG
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\RunOnce: [artificial_intelligence] => C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\common_mode_signals.exe [175616 2013-11-04] ()
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\RunOnce: [link_doctor] => C:\Users\Tom\AppData\Local\Temp\Link-hear\linkstaff.exe [150528 2015-09-20] () <===== ACHTUNG
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\RunOnce: [sentence-mess] => C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe [133632 2015-09-21] () <===== ACHTUNG
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\MountPoints2: {c014ff6d-f2d9-11e1-8bb1-001b2492b0d7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\MountPoints2: {d9890044-cf12-11de-a0ed-001b2492b0d7} - E:\autorun.exe
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\MountPoints2: {f94e7445-f7d3-11df-a57f-001b2492b0d7} - G:\Startme.exe
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\...\RunOnce: [Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-07-26] ()
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [S-1-5-21-1796242751-1131443975-3968838413-1007] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1796242751-1131443975-3968838413-1007] => http=127.0.0.1:13828
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3CFC953B-1273-4069-BFA1-CB563EAE82C9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{741C1AE7-224F-45B3-B45D-028DB155ABC3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{770DCACE-5EFF-4DF4-9DF9-73B634FCC3AC}: [DhcpNameServer] 10.111.81.129 10.129.32.1
Tcpip\..\Interfaces\{8DC59DBC-A745-414F-B6A0-5895ED7B8FD4}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396889955&from=tugs&uid=WDCXWD2500BEVS-22UST0_WD-WXC80744165941659
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=skin
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.conduit.com?searchsource=10&ctid=ct2319825
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396889955&from=tugs&uid=WDCXWD2500BEVS-22UST0_WD-WXC80744165941659
URLSearchHook: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001 - (Kein Name) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - Keine Datei
URLSearchHook: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 - (Kein Name) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - Keine Datei
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001 -> DefaultScope {00A55085-29D0-45E7-9C3B-0224413CFAA1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001 -> {00A55085-29D0-45E7-9C3B-0224413CFAA1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001 -> {79EA0498-71D2-49FE-9C55-92FB9D0DB079} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {00A55085-29D0-45E7-9C3B-0224413CFAA1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=6c33504b0000000000000013e895996f
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396889955&from=tugs&uid=WDCXWD2500BEVS-22UST0_WD-WXC80744165941659&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=skin
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {79EA0498-71D2-49FE-9C55-92FB9D0DB079} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={B3D08A4C-8BF2-4174-B094-81691FE27FFF}&mid=d855850615f847d198e73a1ef700f291-bcaa8eecfb73fcfdd1a58a70dc7e19efec13a151&lang=de&ds=tt014&pr=sa&d=2011-12-11 12:16:31&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-14] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001 -> Kein Name - {A51A36E6-31E7-4838-9FF7-76298B527EC0} - Keine Datei
Toolbar: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> Kein Name - {A51A36E6-31E7-4838-9FF7-76298B527EC0} - Keine Datei
Toolbar: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> Kein Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - Keine Datei
Toolbar: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icqde.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-03-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-22] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-12-02] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1796242751-1131443975-3968838413-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1796242751-1131443975-3968838413-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-11-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-11-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-11-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-11-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-11-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-11-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-11-09] (Apple Inc.)
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\searchplugins\11-suche.xml [2015-03-16]
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\searchplugins\englische-ergebnisse.xml [2015-03-16]
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\searchplugins\gmx-suche.xml [2015-03-16]
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\searchplugins\lastminute.xml [2015-03-16]
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\searchplugins\webde-suche.xml [2015-03-16]
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\searchplugins\youtube-videosuche.xml [2011-07-01]
FF Extension: MediaPlayerplus - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-07]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\de_DE@dicts.j3e.de [2014-02-03]
FF Extension: VideoFileDownload - Download YouTube Videos - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\plugin@videofiledownload.com [2012-08-24]
FF Extension: Flash and Video Download - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-07-13]
FF Extension: BSMinfo - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\mybsminfo@dahaiz.com.xpi [2015-07-13]
FF Extension: WEB.DE MailCheck - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\toolbar@web.de.xpi [2012-03-03]
FF Extension: Adblock Plus - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-23]
FF Extension: Fox!Box - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ewk2e9sh.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2011-11-21]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\45.0.2454.93\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\45.0.2454.93\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll => Keine Datei
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Avira Browserschutz) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-01] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-10-23] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [X]
S2 switch_mode_power_supply; C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\low_drop_out.exe [X]
S2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-03-21] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-11] (Avira Operations GmbH & Co. KG)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [Datei ist nicht signiert]
S3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-06-24] (Nuvoton Technology Corporation) [Datei ist nicht signiert]
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [Datei ist nicht signiert]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [Datei ist nicht signiert]
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [19968 2005-08-10] (Protection Technology) [Datei ist nicht signiert]
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2014-03-04] () [Datei ist nicht signiert]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG)
S3 TT1724ht; C:\Windows\System32\drivers\TT1724ht.sys [79520 2007-06-06] (TerraTec Electronic GmbH)
S3 TT1724sa; C:\Windows\System32\drivers\TT1724sa.sys [407584 2007-06-06] (Sensaura)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-11-08] (TuneUp Software)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-05-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2010-06-14] (RealVNC Ltd.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S4 Amdxidtun; kein ImagePath
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 uafilter; System32\DRIVERS\uafilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-21 18:14 - 2015-09-21 18:16 - 00026461 _____ C:\Users\Tom\Downloads\FRST.txt
2015-09-21 18:14 - 2015-09-21 18:14 - 00000000 ____D C:\FRST
2015-09-21 18:13 - 2015-09-21 18:13 - 01695232 _____ (Farbar) C:\Users\Tom\Downloads\FRST.exe
2015-09-21 18:04 - 2015-09-21 18:04 - 00000875 _____ C:\Users\Tom\Desktop\Neues Textdokument.txt
2015-09-10 20:11 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-10 20:11 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 20:11 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-10 20:11 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-10 20:11 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 20:11 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 20:11 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 20:11 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 20:11 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-10 20:11 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-10 20:11 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 20:11 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 20:11 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-10 20:11 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-10 20:11 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 20:11 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 20:11 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-10 20:11 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-10 20:11 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-10 20:11 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-09-10 20:11 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-10 20:11 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-10 20:11 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-10 20:11 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-10 20:11 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-10 20:11 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-10 20:11 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-10 20:11 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-10 20:11 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-10 20:11 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-10 20:11 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-10 20:11 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-10 20:11 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-10 20:11 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 20:11 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-10 20:11 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-10 20:11 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-10 20:11 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-10 20:11 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-10 20:10 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 20:10 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 20:10 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-10 20:10 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-10 20:10 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 20:10 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-10 20:10 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-10 20:10 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-10 20:10 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-10 20:10 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 20:10 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-10 20:10 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-10 20:10 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-10 20:10 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 20:10 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-10 20:10 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-10 20:10 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-10 20:10 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-10 20:10 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-10 20:10 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-10 20:10 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-10 20:10 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-10 20:10 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-10 20:10 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 20:10 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 20:10 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 20:10 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 20:10 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 20:10 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-10 20:10 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 20:10 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 20:10 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-10 20:06 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-10 20:06 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 20:06 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-10 20:06 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 20:06 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-10 20:06 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-10 20:06 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 20:06 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 20:06 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-01 21:19 - 2015-09-01 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-21 18:14 - 2009-11-11 19:12 - 01269227 _____ C:\Windows\WindowsUpdate.log
2015-09-21 18:12 - 2012-10-20 13:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-21 18:12 - 2011-11-12 23:39 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1796242751-1131443975-3968838413-1001UA.job
2015-09-21 18:12 - 2011-11-12 23:39 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1796242751-1131443975-3968838413-1001Core.job
2015-09-21 18:09 - 2014-04-07 19:04 - 00002178 _____ C:\Windows\Tasks\3afb30f2-c545-4ee2-8e16-a626c7bddeae-4.job
2015-09-21 18:09 - 2013-05-31 20:35 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-09-21 18:09 - 2011-12-11 12:50 - 00140033 _____ C:\Windows\setupact.log
2015-09-21 18:09 - 2011-07-09 18:13 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-21 18:09 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-21 18:08 - 2012-01-15 11:55 - 00443466 _____ C:\Windows\PFRO.log
2015-09-21 17:27 - 2009-07-14 06:34 - 00023312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-21 17:27 - 2009-07-14 06:34 - 00023312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-21 17:22 - 2011-07-09 18:13 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-20 11:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-20 10:51 - 2012-12-06 00:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-19 20:18 - 2013-01-07 20:34 - 00002312 _____ C:\Users\Tom\Desktop\Google Chrome.lnk
2015-09-17 20:19 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-15 18:52 - 2015-02-10 21:00 - 00000000 ____D C:\Users\Tom\Documents\PayPal Zugang
2015-09-12 08:21 - 2009-11-11 19:29 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 08:20 - 2011-07-09 18:13 - 00000000 ____D C:\Users\Tom\AppData\Local\Google
2015-09-12 08:14 - 2009-07-14 06:33 - 00412192 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 08:12 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-12 08:12 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-09-10 20:50 - 2009-11-22 13:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 20:44 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2015-09-01 21:16 - 2013-04-03 11:36 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-09-01 21:16 - 2013-04-03 11:36 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-20 13:56 - 2013-12-20 13:56 - 49940480 _____ () C:\Program Files\GUT158.tmp
2015-05-15 18:34 - 2015-05-15 18:34 - 6420480 _____ () C:\Program Files\GUT4637.tmp
2012-01-23 16:38 - 2012-01-23 16:38 - 0000412 _____ () C:\Users\Tom\AppData\Roaming\All CPU Meter_Settings.ini
2012-01-23 16:00 - 2012-01-23 16:00 - 0000339 _____ () C:\Users\Tom\AppData\Roaming\Drives Meter_Settings.ini
2004-01-26 18:15 - 2004-01-26 18:15 - 0233472 ____R () C:\Users\Tom\AppData\Roaming\MafiaSetup.exe
2012-01-30 15:20 - 2012-02-01 16:59 - 0000352 _____ () C:\Users\Tom\AppData\Roaming\Network Meter_Settings.ini
2009-12-10 00:22 - 2010-07-09 16:27 - 0000600 _____ () C:\Users\Tom\AppData\Roaming\winscp.rnd
2010-05-14 13:03 - 2012-12-22 14:52 - 0007597 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg
2012-01-15 12:33 - 2012-01-15 12:33 - 0000085 ___SH () C:\ProgramData\.zreglib
2009-11-19 20:33 - 2009-11-19 20:33 - 0004940 _____ () C:\ProgramData\mtbjfghn.xbe
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Tom\AppData\Local\Temp\Link-hear\linkstaff.exe
C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
Einige Dateien in TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\AskSLib.dll
C:\Users\Tom\AppData\Local\Temp\avgnt.exe
C:\Users\Tom\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tom\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Tom\AppData\Local\Temp\f.exe
C:\Users\Tom\AppData\Local\Temp\FileSystemView.dll
C:\Users\Tom\AppData\Local\Temp\Quarantine.exe
C:\Users\Tom\AppData\Local\Temp\_isA8B.exe
C:\Users\Tom\AppData\Local\Temp\{55347C35-C352-41A9-A56D-63CCAE8C5DDE}-38.0.2125.111_37.0.2062.124_chrome_updater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-05-20 11:35
==================== Ende vom FRST.txt ============================
Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:15-09-2015
durchgeführt von Tom (2015-09-21 18:17:46)
Gestartet von C:\Users\Tom\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2009-11-11 17:13:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1796242751-1131443975-3968838413-500 - Administrator - Disabled)
Gast (S-1-5-21-1796242751-1131443975-3968838413-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1796242751-1131443975-3968838413-1008 - Limited - Enabled)
Tom (S-1-5-21-1796242751-1131443975-3968838413-1001 - Administrator - Enabled) => C:\Users\Tom
UpdatusUser (S-1-5-21-1796242751-1131443975-3968838413-1007 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Crystal Eye Webcam (HKLM\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avira (HKLM\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
CloneCD (HKLM\...\CloneCD) (Version: - SlySoft)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DMUninstaller (HKLM\...\DMUninstaller) (Version: - ) <==== ACHTUNG
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
High-Definition Video Playback (Version: 11.1.10500.2.65 - Nero AG) Hidden
Intel A/V Codecs V2.0 (HKLM\...\CodInstl) (Version: - )
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.300 - Oracle)
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{86A4C6D9-29EE-4719-AFA1-BA3341862B83}) (Version: 3.4.54.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{1FDA5A37-B22D-43FF-B582-B8964050DC13}) (Version: 3.4.18.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 12.0 (x86 de) (HKLM\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Firefox 9.0 (x86 de) (HKLM\...\Mozilla Firefox 9.0 (x86 de)) (Version: 9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Kwik Media (HKLM\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Richter+Frenzel Katalog-DVD (HKLM\...\{144899CC-DB86-4F04-BB53-6879F2B78EA9}_is1) (Version: - Richter+Frenzel GmbH + Co. KG)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Star Wars JK II Jedi Outcast (HKLM\...\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}) (Version: - )
Tom Clancy's Rainbow Six: Lockdown (HKLM\...\{3BB33584-3860-4772-AEE9-D8E61F552896}) (Version: 1.00.000 - )
TuneUp Utilities 2012 (HKLM\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)
TuneUp Utilities 2012 (Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73 - TuneUp Software) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.21.135\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.5\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.27.5\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.23.9\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Chrome\Application\45.0.2454.93\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.1\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.21.145\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.21.153\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.13\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.24.15\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.22.3\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.21.165\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.26.9\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.11\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.22.5\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.24.7\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Tom\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Tom\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.23.9\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Tom\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Tom\AppData\Local\Google\Chrome\Application\23.0.1271.97\delegate_execute.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.165\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Tom\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1796242751-1131443975-3968838413-1007_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.5\psuser.dll Keine Datei
==================== Wiederherstellungspunkte =========================
14-08-2015 15:55:11 Windows Update
15-08-2015 09:24:15 Windows Update
15-08-2015 09:42:54 Windows Update
16-08-2015 13:11:31 Windows Update
16-08-2015 21:13:07 Windows Update
19-08-2015 19:01:36 Windows Update
27-08-2015 09:48:45 Windows Update
01-09-2015 21:09:43 Windows Update
08-09-2015 22:15:37 Windows Update
10-09-2015 20:33:44 Windows Update
16-09-2015 18:08:44 Windows Update
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BA4A997-FB5B-404F-8D64-607D13F498AB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe
Task: {11BE12C4-CD78-4663-AD69-DB1834F7A290} - System32\Tasks\{2BDF31E9-3A4D-43EB-A6BD-21622480B082} => C:\Program Files\ICQ Away Reader\ICQ Away Reader.exe
Task: {17ECBA38-EB09-44BE-970A-B96DC06A3022} - System32\Tasks\{AB06EFCC-1E0D-470C-AD20-C87D5FE7E668} => C:\Program Files\UltraVNC\winvnc.exe
Task: {189C27CF-FC23-4F48-BA69-D0247573C339} - System32\Tasks\{93E8A618-038C-4DE5-A1D1-CE73A4F61A8E} => C:\Users\Tom\Desktop\RedTube Premium Account Creator V3\RedTube Premium Account Creator V3.exe
Task: {18FC64AD-2398-4204-9B36-3F8D04B15F4C} - System32\Tasks\{D77CEC24-B954-4075-9457-442E3F499D6D} => C:\Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\Lockdown.exe [2006-01-26] ()
Task: {192C0EC6-A1D5-4551-BCBC-E76DB00192EC} - System32\Tasks\{9178FA7D-5475-4EE1-828A-66F7CE39DADC} => C:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: {1E73C055-27F6-47FD-BE76-A1134F9974ED} - System32\Tasks\{9BD8D8C6-A138-467A-A0D9-D9FE44DA21D6} => C:\Users\Tom\AppData\Local\Temp\TerraTec\Aureon 5.1 USB\AFUSBCP.exe <==== ACHTUNG
Task: {28E1F828-84E5-4464-9DAA-097CEAC93265} - System32\Tasks\{C072CE57-202A-4634-BE75-1F91C87D678E} => C:\Program Files\ICQ Away Reader\ICQ Away Reader.exe
Task: {2CB6E46A-1CB2-485E-A521-F5CF48565931} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {37D4CED8-4181-45EA-9618-92491450E23F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3E02CD00-09F5-4D7E-AAB6-678E2B1792F0} - System32\Tasks\{CE987770-3C86-4AD6-86EF-CD9A69B88222} => C:\Users\Tom\AppData\Local\Temp\TerraTec\Aureon 5.1 USB\AFUSBCP.exe <==== ACHTUNG
Task: {42254206-1E2E-4938-B23F-37ED8918022A} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe
Task: {4A963BF3-5DFF-4BD2-BC0A-1FF48BDDA918} - System32\Tasks\{20AC673E-7A60-4EBC-BE33-84C75FD03E77} => C:\Users\Tom\AppData\Local\Temp\TerraTec\Aureon 5.1 USB\AFUSBCP.exe <==== ACHTUNG
Task: {4AD7F741-B63D-4B82-8021-346E4BAD51A4} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {5769D960-AC17-45E9-BBFE-01A730550CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {63309204-C35A-4071-9CA0-0424E73ECEA3} - System32\Tasks\{FB5AF0D4-84B2-497B-98C2-665301BFA7C0} => pcalua.exe -a "C:\Program Files\EA GAMES\Die Sims 2 Nightlife\EAUninstall.exe"
Task: {69F42F19-1684-4F82-83DC-23D54937D794} - System32\Tasks\{4794D4D6-1ED1-4890-B7E6-EBC6410EE7A5} => C:\Users\Tom\AppData\Local\Temp\TerraTec\Aureon 5.1 USB\AFUSBCP.exe <==== ACHTUNG
Task: {6ACFC827-CDE7-4F8E-A376-ECBFD0280B3B} - System32\Tasks\{671D839B-5B64-4AB3-9247-5AC4595748D4} => C:\Program Files\EA GAMES\Die Sims 2\TSBin\Sims2.exe
Task: {6C5B1691-8929-490C-8738-61C6D81AD3E2} - System32\Tasks\{79BD32D3-5682-44DF-8FF7-318358BFDB06} => C:\Program Files\Steamless CounterStrike Source OrangeBox\hl2.exe
Task: {6F691A7C-D457-4C4C-BC21-0B3C1635DCD1} - System32\Tasks\{7687E57C-90F1-4DB7-8567-9F73C87F47DB} => C:\Users\Tom\Downloads\Aureon5.1USB_MKII_App_Drv_2000_XP_1.1.3.22.exe
Task: {785EF02D-8E8F-46FE-BAE6-8A04ED25576F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {7E2F9CB6-0450-4F00-AF87-F1905D62F85E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1796242751-1131443975-3968838413-1001UA => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {829A0265-41B0-4169-8427-5F248AEF9A68} - System32\Tasks\{83D7275B-8599-42EF-84B6-33775AF53C1F} => Chrome.exe
Task: {85FDF6BC-EC39-4D63-9FE9-A129F41C8149} - System32\Tasks\{7A9B7A2E-BB30-46AC-BACB-DA8DE60AFD07} => pcalua.exe -a C:\Users\Tom\Downloads\Aureon5.1USB_MKII_App_Drv_2000_XP_1.1.3.22(2).exe -d "C:\Program Files\Mozilla Firefox"
Task: {8694DFC3-0783-4AA3-A36B-E6A725D06671} - System32\Tasks\{48CD6125-ADF3-4157-B286-4F1ED739EF2F} => C:\Program Files\iTeleport\iTeleport Connect\iTeleportConnect.exe
Task: {86CB1851-CED6-43A7-B01E-A5388937FDD0} - System32\Tasks\{49535E9D-01A1-4047-8810-F9FA3F68FBCB} => C:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: {8EAD53DD-0CD5-44F0-BBCE-8941B3BD359E} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{DE0FFD72-47CB-4943-B736-23332743EB42}.exe
Task: {92D9D10A-65E3-4E8C-8AB0-B6683B02E877} - System32\Tasks\{EB7F5971-7EC8-4435-B05D-DF7852B61EDD} => C:\Users\Public\World of Warcraft\Launcher.exe
Task: {931E1FB1-4C28-4E6F-91D0-28BA56A51349} - System32\Tasks\{11256834-7C5B-47C5-A2F5-7A85E0FFCC5D} => C:\Users\Tom\AppData\Local\Temp\TerraTec\Aureon 5.1 USB\AFUSBCP.exe <==== ACHTUNG
Task: {9E2117E3-119C-4A58-808D-8518B1BF7A01} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9EC01413-4108-40F7-814B-7891FDEC827F} - System32\Tasks\3afb30f2-c545-4ee2-8e16-a626c7bddeae-4 => C:\Program Files\MediaPlayerplus\3afb30f2-c545-4ee2-8e16-a626c7bddeae-4.exe <==== ACHTUNG
Task: {A3048FD9-FB73-4E4B-B159-88511FEDE5FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A4D9E1FC-0D9B-4573-8A92-D63E4027C1F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-14] (Adobe Systems Incorporated)
Task: {B29DD683-B74D-4C13-892C-5AC9C3F3DA51} - System32\Tasks\{88933599-7F95-4D7D-8957-E2E520A08D77} => C:\Users\Tom\Desktop\RedTube Premium Account Creator V3\RedTube Premium Account Creator V3.exe
Task: {BC4EF880-66F0-49D8-8609-46C95BF76E63} - System32\Tasks\{E1E14129-79C0-4951-8F1C-8CAE916EC9A4} => C:\Program Files\ICQ Away Reader\ICQ Away Reader.exe
Task: {BDA9BE76-C6CB-4D8F-81C9-632C2C5E174E} - System32\Tasks\{9A5775F7-90BD-495C-B16C-014D445A0586} => C:\Users\Tom\AppData\Local\Temp\TerraTec\Aureon 5.1 USB\AFUSBCP.exe <==== ACHTUNG
Task: {BF89BF53-C0D9-4CF3-9745-DA0AB2677326} - System32\Tasks\{9BB7C399-E917-4D7D-BEC1-E91ECD168D96} => C:\Users\Tom\Downloads\Aureon5.1USB_MKII_App_Drv_2000_XP_1.1.3.22.exe
Task: {C6DD3D93-9A6D-4EFA-8946-51F2D4B48DF1} - System32\Tasks\{27B1499B-0378-452B-8E7A-31D8A677D856} => C:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: {D732FFBD-4873-4483-8C3F-4D18EF94A083} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D8698101-3521-4B4E-8526-2999058A668F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1796242751-1131443975-3968838413-1001Core => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DC5C7C23-FF09-4541-BB66-8D06BB66728E} - System32\Tasks\{720A315A-375D-422A-96E8-F75EFF3C1E5B} => C:\Users\Public\World of Warcraft\Launcher.exe
Task: {E31D58E9-D548-437B-9417-3BF9777FEECC} - System32\Tasks\Google Updater and Installer => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E9C7495D-FD94-49B1-B850-7BD034967F56} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {F28D835E-5097-467F-A36C-FFD06F965E4D} - System32\Tasks\{1681C7A3-75FB-4F58-991F-E8FA7E70F39C} => C:\Program Files\EA GAMES\Die Sims 2\TSBin\Sims2.exe
Task: {F6367AD3-ECBF-484F-A06D-47F23709AD5B} - System32\Tasks\{24B6C42A-D36E-47ED-83AD-F79A774114AB} => pcalua.exe -a C:\Users\Tom\Downloads\Aureon5.1USB_MKII_App_Drv_2000_XP_1.1.3.22.exe -d C:\Users\Tom\Downloads
Task: {F7EA123D-4340-4A71-A0C0-320BAF2E65C1} - System32\Tasks\{06914B7F-1A6A-4858-B81F-928F6D806F23} => Chrome.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\3afb30f2-c545-4ee2-8e16-a626c7bddeae-4.job => C:\Program Files\MediaPlayerplus\3afb30f2-c545-4ee2-8e16-a626c7bddeae-4.exeΒ/abYmJPDEn /EUkHMBwn='MediaPlayerplus' /MmDSop C:\Program Files\MediaPlayerplus\54246.xpi' /ENgBWaqry=54246 /ozkpHZ='001359' /wTDxd='verticals-ads,intext,shopping' /XrVENbJSK='0' /OHnVPruA=37398BCA9B2E4B038F8E88D6840422E2IE /ukTCzXJjA=930087fb3af6194e004ba72771fd7186 /ulILoqAB=1_34_3_28 /jeqrn=1.34.3.28 /rLegyiQJL=1396890238 /NumLNC=http:/stats.clientdemocloud.com /uqFWt=http:/errors.clientdemocloud.com /NZpWlrhaw=300 /bMARJuAvz=a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com /GUfpcYQ=0.94 /YCKehB=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /Qgkcl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /lYkHD='MediaPlayerplus' /XIzIevY='MediaPlayerEnhance Extension' /QyflNzhXM='Freeven' /YKTGFVWAD=ch /xxPTnzqUm /xdKrpQoPo /YbrFT /YlJXdNe='http:/update.clientdemocloud.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ACHTUNG
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{DE0FFD72-47CB-4943-B736-23332743EB42}.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1796242751-1131443975-3968838413-1001Core.job => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1796242751-1131443975-3968838413-1001UA.job => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-06 00:36 - 2012-10-02 21:28 - 00079208 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-10-23 02:50 - 2011-10-23 02:50 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2010-02-19 00:08 - 2008-07-29 20:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-09-19 20:17 - 2015-09-12 02:22 - 01501512 _____ () C:\Users\Tom\AppData\Local\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-19 20:17 - 2015-09-12 02:22 - 00081224 _____ () C:\Users\Tom\AppData\Local\Google\Chrome\Application\45.0.2454.93\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1796242751-1131443975-3968838413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{67FD95A4-6827-485B-A67B-DF66E440468D}] => (Allow) %ProgramFiles%\ICQ Away Reader\ICQ Away Reader.exe
FirewallRules: [{3013420F-A1FC-498F-9164-C030BDEB0EBB}] => (Allow) %ProgramFiles%\Avira\AntiVir Desktop\update.exe
FirewallRules: [{F87959FA-310D-45F4-B6F1-BEABBDCA0A45}] => (Allow) %USERPROFILE%\Downloads\Aureon5.1USB_MKII_App_Drv_2000_XP_1.1.3.22(2).exe
FirewallRules: [TCP Query User{44BBA6C0-32A8-4F5B-9AE6-80D62A000879}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{6A6361D1-05EA-486F-9A9A-078BBA689677}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{5FAC519C-D1B4-4A12-9A4C-F83642A8E418}] => (Allow) LPort=3724
FirewallRules: [{17AEA9BD-9959-4AD6-9C76-90B4EBAB88B3}] => (Allow) LPort=5900
FirewallRules: [{A36FA05A-372E-48B2-AA62-1851A0E66AB4}] => (Allow) LPort=5800
FirewallRules: [TCP Query User{86B8090E-542C-4CC8-8712-0B12781A8300}C:\program files\ubisoft\funatics\die siedler ii - die nächste generation\bin\s2dng.exe] => (Block) C:\program files\ubisoft\funatics\die siedler ii - die nächste generation\bin\s2dng.exe
FirewallRules: [UDP Query User{238E9316-9EF3-4224-8060-3CF94EA2AE0A}C:\program files\ubisoft\funatics\die siedler ii - die nächste generation\bin\s2dng.exe] => (Block) C:\program files\ubisoft\funatics\die siedler ii - die nächste generation\bin\s2dng.exe
FirewallRules: [TCP Query User{84D9A693-F47B-46FA-8D3A-58D1C79D83AB}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{550D9695-FA9B-45DC-B3B5-F739005AE5E3}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{FB05C4AF-3F9C-4DDD-8936-6F2232EBC6FF}] => (Allow) C:\Program Files\Steam\SteamApps\tom_0140\counter-strike source\hl2.exe
FirewallRules: [{5E7B19AB-AA05-4FB1-8E10-9D56BBDB63D7}] => (Allow) C:\Program Files\Steam\SteamApps\tom_0140\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{385A77F7-F8D6-4337-A5F8-6AF4779B9510}F:\dokumente\spiele und software\world of warcraft\launcher.exe] => (Allow) F:\dokumente\spiele und software\world of warcraft\launcher.exe
FirewallRules: [UDP Query User{73A95384-7FF4-4E6F-95DC-E5D70C07E101}F:\dokumente\spiele und software\world of warcraft\launcher.exe] => (Allow) F:\dokumente\spiele und software\world of warcraft\launcher.exe
FirewallRules: [{168BC43F-8DE7-4094-BA80-E21E0EBFAABD}] => (Allow) C:\Program Files\Steam\SteamApps\tom_0140\counter-strike source\hl2.exe
FirewallRules: [{90DB3879-7408-4834-A1D3-3666EAB4A211}] => (Allow) C:\Program Files\Steam\SteamApps\tom_0140\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{99A6F98A-9873-41DC-ABCA-110F45C689FA}F:\dokumente\spiele und software\need for speed - the run\need for speed the run\need for speed the run.exe] => (Allow) F:\dokumente\spiele und software\need for speed - the run\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{C61CA68F-C623-4FD9-B245-D99DA115AD6A}F:\dokumente\spiele und software\need for speed - the run\need for speed the run\need for speed the run.exe] => (Allow) F:\dokumente\spiele und software\need for speed - the run\need for speed the run\need for speed the run.exe
FirewallRules: [{55259E17-EF86-4840-845B-C619C646E42D}] => (Allow) F:\Dokumente\Spiele und Software\Zoo Tycoon 2\zt.exe
FirewallRules: [{E1A34D28-5D46-442E-8CDD-6AC583ABFB82}] => (Allow) F:\Dokumente\Spiele und Software\Zoo Tycoon 2\zt.exe
FirewallRules: [{547AD333-6EAC-490E-9943-C1EE5DB2D16A}] => (Allow) F:\Dokumente\Spiele und Software\World of Warcraft\Launcher.patch.exe
FirewallRules: [{36AE424F-8D57-42C5-AB58-DF5881EA8678}] => (Allow) F:\Dokumente\Spiele und Software\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{B549F652-0F85-4AC0-ABCF-5065E953CE80}C:\program files\novomatic gaminator cf1 final\game.exe] => (Block) C:\program files\novomatic gaminator cf1 final\game.exe
FirewallRules: [UDP Query User{96C4F3E7-E007-41DE-AF2D-67B7EEFAA106}C:\program files\novomatic gaminator cf1 final\game.exe] => (Block) C:\program files\novomatic gaminator cf1 final\game.exe
FirewallRules: [TCP Query User{7CE471BB-9E0D-4D1C-BAA9-F79A6A763090}C:\program files\novomatic gaminator cf1 final\game.exe] => (Block) C:\program files\novomatic gaminator cf1 final\game.exe
FirewallRules: [UDP Query User{9815B311-A08D-4970-B5A0-ACB9FC5BBB5A}C:\program files\novomatic gaminator cf1 final\game.exe] => (Block) C:\program files\novomatic gaminator cf1 final\game.exe
FirewallRules: [TCP Query User{AFEBC5E6-9177-46D4-AD58-35500C3B093D}C:\program files\tsearch\easydownload.exe] => (Allow) C:\program files\tsearch\easydownload.exe
FirewallRules: [UDP Query User{3544ED26-933B-4ABB-BEE5-DA736D5F1C8F}C:\program files\tsearch\easydownload.exe] => (Allow) C:\program files\tsearch\easydownload.exe
FirewallRules: [TCP Query User{F1EF38A3-CF61-433C-B0E9-35D9655F1DC6}F:\externe\dokumente\spiele und software\world of warcraft\launcher.patch.exe] => (Allow) F:\externe\dokumente\spiele und software\world of warcraft\launcher.patch.exe
FirewallRules: [UDP Query User{D1846639-2E06-4161-B3F6-96A70446040E}F:\externe\dokumente\spiele und software\world of warcraft\launcher.patch.exe] => (Allow) F:\externe\dokumente\spiele und software\world of warcraft\launcher.patch.exe
FirewallRules: [{9BC6274D-755E-4B24-A1CC-B1C87B202ADE}] => (Allow) F:\Externe\Dokumente\Spiele und Software\World of Warcraft\Launcher.exe
FirewallRules: [{C23B05E5-7260-4C4D-9BF5-7D26138729E9}] => (Allow) F:\Externe\Dokumente\Spiele und Software\World of Warcraft\Launcher.exe
FirewallRules: [TCP Query User{4C1469A2-F42E-41B0-BF58-92CE55404E7E}F:\externe\dokumente\spiele und software\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) F:\externe\dokumente\spiele und software\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [UDP Query User{ADF70F59-E597-4994-B25C-FC13FBD6DF47}F:\externe\dokumente\spiele und software\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) F:\externe\dokumente\spiele und software\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [{49B3D790-7ABA-44D0-8679-1FAB45E05B35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{15DFFDF5-4763-4F81-856A-48C1E6E5068F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{C559D8A7-C6E3-4EA7-946A-812799333119}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{04599FD1-8EF4-4288-BF6E-9737EBCE897C}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2A7D9A39-BB99-458A-9323-20DB5CB939AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{37B84268-FA0C-47AF-902A-D17598894207}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{F8761324-BAEB-4E29-97B6-E2FAE196C0D1}] => (Allow) C:\Program Files\TuneUp Utilities 2012\UpdateWizard.exe
FirewallRules: [{14947EFF-DD24-468C-9224-C61738937F1B}] => (Allow) C:\Program Files\TuneUp Utilities 2012\UpdateWizard.exe
FirewallRules: [{D891EE5C-427F-4BA4-9BC4-6992F07298BB}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{98840587-8468-430D-8B86-160A2FB722AC}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{BE813D48-667C-46E6-B491-9E678DDB9172}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{06206D7E-F5A9-408F-80E3-A9445428A347}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{6AEC647E-6600-4A76-9A86-7F94551D342B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9445AED6-1FF2-4312-940A-6DBEC2E61E64}] => (Allow) LPort=2869
FirewallRules: [{C7A2125F-C110-4735-B8D3-04EEDCF705AB}] => (Allow) LPort=1900
FirewallRules: [{BE3DF4FC-6CD6-4CD8-AB93-BA2851220E61}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CEDFEA4E-4DAE-4158-A8B6-94CAA721D7FE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{B10A255B-8BA9-49D3-8E43-0833F51000D0}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{930DA44E-596C-4F87-BF1D-537E1492C1EB}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{823C3DA2-D65A-4889-8AED-07DD9D96EDCB}] => (Allow) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/21/2015 06:09:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: antigravity.exe, Version: 0.0.0.0, Zeitstempel: 0x5558ca74
Name des fehlerhaften Moduls: antigravity.exe, Version: 0.0.0.0, Zeitstempel: 0x5558ca74
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f5f5
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0xantigravity.exe0
Pfad der fehlerhaften Anwendung: antigravity.exe1
Pfad des fehlerhaften Moduls: antigravity.exe2
Berichtskennung: antigravity.exe3
Error: (09/20/2015 11:57:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm certreq.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b0c
Startzeit: 01d0f38a02379e47
Endzeit: 15
Anwendungspfad: C:\Windows\system32\certreq.exe
Berichts-ID: ed89ab45-5f7d-11e5-9ca8-001b2492b0d7
Error: (09/20/2015 11:31:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55afd7a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3f83
ID des fehlerhaften Prozesses: 0x1e64
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (09/20/2015 11:31:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55afd7a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3f83
ID des fehlerhaften Prozesses: 0x1df4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (09/20/2015 11:30:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18939, Zeitstempel: 0x55afd7a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3f83
ID des fehlerhaften Prozesses: 0x1908
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (09/14/2015 06:40:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GWXUX.exe, Version 6.3.9600.17923 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b30
Startzeit: 01d0ef0be0781049
Endzeit: 0
Anwendungspfad: C:\Windows\System32\GWX\GWXUX.exe
Berichts-ID: 4dbca61d-5aff-11e5-90d8-001b2492b0d7
Error: (08/31/2015 08:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OneClick.exe, Version 12.0.3600.73 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16d8
Startzeit: 01d0e40d7b7b2c04
Endzeit: 1744
Anwendungspfad: C:\Program Files\TuneUp Utilities 2012\OneClick.exe
Berichts-ID: 2794b1a4-5011-11e5-95f5-001b2492b0d7
Error: (08/16/2015 08:28:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17923, Zeitstempel: 0x55945712
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00bd5598
ID des fehlerhaften Prozesses: 0x3a8
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Error: (08/06/2015 07:35:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OneClick.exe, Version 12.0.3600.73 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fa0
Startzeit: 01d0d06bfc1f492f
Endzeit: 256
Anwendungspfad: C:\Program Files\TuneUp Utilities 2012\OneClick.exe
Berichts-ID: 6ab3d52a-3c61-11e5-9cd8-001b2492b0d7
Error: (07/12/2015 07:26:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OneClick.exe, Version 12.0.3600.73 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11ac
Startzeit: 01d0bcc50a043bca
Endzeit: 269
Anwendungspfad: C:\Program Files\TuneUp Utilities 2012\OneClick.exe
Berichts-ID: 0497f69a-28bb-11e5-9f75-001c26e24a0e
Systemfehler:
=============
Error: (09/21/2015 06:19:50 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (09/21/2015 06:10:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (09/21/2015 06:10:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01
sfsync02
sfvfs02
Error: (09/21/2015 06:09:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (09/21/2015 06:09:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.0.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/21/2015 06:09:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (09/21/2015 06:09:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (09/21/2015 06:08:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01.sys konnte nicht geladen werden.
Error: (09/21/2015 06:08:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfvfs02.sys konnte nicht geladen werden.
Error: (09/21/2015 06:08:42 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Prozentuale Nutzung des RAM: 69%
Installierter physikalischer RAM: 2046.43 MB
Verfügbarer physikalischer RAM: 627.05 MB
Summe virtueller Speicher: 4092.86 MB
Verfügbarer virtueller Speicher: 733.92 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:219.88 GB) (Free:140.37 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F3349997)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=12)
Partition 2: (Active) - (Size=219.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3.2 GB) - (Type=12)
==================== Ende vom Addition.txt ============================
|
|
21.09.2015, 17:48
| #2 |
| /// the machine /// TB-Ausbilder    | Fake Inkasso Email mit Anhang geöffnet hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
22.09.2015, 16:25
| #3 |
| | Fake Inkasso Email mit Anhang geöffnet Hallo
__________________Vielen Dank für die Antwort und deine Hilfe! :-) Ich hab gestern mit den Scans begonnen, leider dauerte das Ganze etwas und ist nun fertig :-) Hier der erste Log der mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.21.05
rootkit: v2015.09.18.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18015
Tom :: TOM-PC [administrator]
21.09.2015 19:53:45
mbar-log-2015-09-21 (19-53-45).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 482531
Time elapsed: 1 hour(s), 46 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Delete on reboot. [ed9cc46e7e0dbf775bff1aa755addb25]
HKU\S-1-5-21-1796242751-1131443975-3968838413-1007\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Delete on reboot. [ed9cc46e7e0dbf775bff1aa755addb25]
Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|link_doctor (Backdoor.Bot) -> Data: C:\Users\Tom\AppData\Local\Temp\Link-hear\linkstaff.exe -> Delete on reboot. [b1d80f23b3d8a78f49ac20c3ed14fb05]
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|link_doctor (Backdoor.Bot) -> Data: C:\Users\Tom\AppData\Local\Temp\Link-hear\linkstaff.exe -> Delete on reboot. [b1d80f23b3d8a78f49ac20c3ed14fb05]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Users\Tom\AppData\Local\Temp\Link-hear\linkstaff.exe (Backdoor.Bot) -> Delete on reboot. [b1d80f23b3d8a78f49ac20c3ed14fb05]
C:\Users\Tom\AppData\Local\Temp\android\android.exe (Backdoor.Bot) -> Delete on reboot. [aadf56dc3c4f60d62155f81bea17a060]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
22.09.2015, 16:25
| #4 |
| | Fake Inkasso Email mit Anhang geöffnet Dann nochmal der zweite Durchlauf, wo jedoch nichts mehr gefunden wurde und der dazugehörige Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.21.06
rootkit: v2015.09.18.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18015
Tom :: TOM-PC [administrator]
21.09.2015 21:47:14
mbar-log-2015-09-21 (21-47-14).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 482100
Time elapsed: 1 hour(s), 15 minute(s), 51 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 17:07:50.0467 0x2d24 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:08:04.0092 0x2d24 ============================================================
17:08:04.0092 0x2d24 Current date / time: 2015/09/22 17:08:04.0092
17:08:04.0092 0x2d24 SystemInfo:
17:08:04.0092 0x2d24
17:08:04.0092 0x2d24 OS Version: 6.1.7601 ServicePack: 1.0
17:08:04.0092 0x2d24 Product type: Workstation
17:08:04.0092 0x2d24 ComputerName: TOM-PC
17:08:04.0092 0x2d24 UserName: Tom
17:08:04.0092 0x2d24 Windows directory: C:\Windows
17:08:04.0092 0x2d24 System windows directory: C:\Windows
17:08:04.0092 0x2d24 Processor architecture: Intel x86
17:08:04.0092 0x2d24 Number of processors: 2
17:08:04.0092 0x2d24 Page size: 0x1000
17:08:04.0092 0x2d24 Boot type: Normal boot
17:08:04.0092 0x2d24 ============================================================
17:08:06.0595 0x2d24 KLMD registered as C:\Windows\system32\drivers\21128307.sys
17:08:07.0105 0x2d24 System UUID: {41E80AEA-1A26-5AA2-5401-A7B392501519}
17:08:08.0183 0x2d24 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:08:08.0183 0x2d24 ============================================================
17:08:08.0183 0x2d24 \Device\Harddisk0\DR0:
17:08:08.0183 0x2d24 MBR partitions:
17:08:08.0183 0x2d24 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x1B7C4000
17:08:08.0183 0x2d24 ============================================================
17:08:08.0214 0x2d24 C: <-> \Device\Harddisk0\DR0\Partition1
17:08:08.0214 0x2d24 ============================================================
17:08:08.0214 0x2d24 Initialize success
17:08:08.0214 0x2d24 ============================================================
17:08:40.0568 0x2e08 ============================================================
17:08:40.0568 0x2e08 Scan started
17:08:40.0568 0x2e08 Mode: Manual; SigCheck; TDLFS;
17:08:40.0568 0x2e08 ============================================================
17:08:40.0568 0x2e08 KSN ping started
17:08:54.0258 0x2e08 KSN ping finished: true
17:08:55.0350 0x2e08 ================ Scan system memory ========================
17:08:55.0350 0x2e08 System memory - ok
17:08:55.0350 0x2e08 ================ Scan services =============================
17:08:55.0522 0x2e08 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:08:55.0709 0x2e08 1394ohci - ok
17:08:55.0768 0x2e08 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:08:55.0799 0x2e08 ACPI - ok
17:08:55.0815 0x2e08 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:08:55.0908 0x2e08 AcpiPmi - ok
17:08:56.0033 0x2e08 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:08:56.0049 0x2e08 AdobeARMservice - ok
17:08:56.0142 0x2e08 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:08:56.0167 0x2e08 AdobeFlashPlayerUpdateSvc - ok
17:08:56.0201 0x2e08 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:08:56.0233 0x2e08 adp94xx - ok
17:08:56.0279 0x2e08 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:08:56.0295 0x2e08 adpahci - ok
17:08:56.0326 0x2e08 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:08:56.0342 0x2e08 adpu320 - ok
17:08:56.0373 0x2e08 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:08:56.0451 0x2e08 AeLookupSvc - ok
17:08:56.0482 0x2e08 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
17:08:56.0545 0x2e08 AFD - ok
17:08:56.0576 0x2e08 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:08:56.0591 0x2e08 agp440 - ok
17:08:56.0623 0x2e08 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:08:56.0638 0x2e08 aic78xx - ok
17:08:56.0669 0x2e08 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:08:56.0739 0x2e08 ALG - ok
17:08:56.0767 0x2e08 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:08:56.0784 0x2e08 aliide - ok
17:08:56.0799 0x2e08 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:08:56.0817 0x2e08 amdagp - ok
17:08:56.0845 0x2e08 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:08:56.0862 0x2e08 amdide - ok
17:08:56.0882 0x2e08 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:08:56.0948 0x2e08 AmdK8 - ok
17:08:56.0955 0x2e08 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:08:57.0003 0x2e08 AmdPPM - ok
17:08:57.0036 0x2e08 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:08:57.0053 0x2e08 amdsata - ok
17:08:57.0068 0x2e08 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:08:57.0084 0x2e08 amdsbs - ok
17:08:57.0100 0x2e08 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:08:57.0115 0x2e08 amdxata - ok
17:08:57.0131 0x2e08 Amdxidtun - ok
17:08:57.0256 0x2e08 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
17:08:57.0318 0x2e08 AntiVirMailService - ok
17:08:57.0396 0x2e08 [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:08:57.0427 0x2e08 AntiVirSchedulerService - ok
17:08:57.0490 0x2e08 [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:08:57.0505 0x2e08 AntiVirService - ok
17:08:57.0599 0x2e08 [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
17:08:57.0677 0x2e08 AntiVirWebService - ok
17:08:57.0724 0x2e08 [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\Windows\system32\drivers\appid.sys
17:08:57.0770 0x2e08 AppID - ok
17:08:57.0786 0x2e08 [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:08:57.0833 0x2e08 AppIDSvc - ok
17:08:57.0864 0x2e08 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
17:08:57.0926 0x2e08 Appinfo - ok
17:08:57.0958 0x2e08 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:08:58.0020 0x2e08 AppMgmt - ok
17:08:58.0051 0x2e08 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:08:58.0082 0x2e08 arc - ok
17:08:58.0098 0x2e08 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:08:58.0114 0x2e08 arcsas - ok
17:08:58.0223 0x2e08 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:08:58.0254 0x2e08 aspnet_state - ok
17:08:58.0285 0x2e08 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:08:58.0439 0x2e08 AsyncMac - ok
17:08:58.0468 0x2e08 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:08:58.0484 0x2e08 atapi - ok
17:08:58.0515 0x2e08 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:08:58.0609 0x2e08 AudioEndpointBuilder - ok
17:08:58.0640 0x2e08 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:08:58.0671 0x2e08 Audiosrv - ok
17:08:58.0734 0x2e08 [ 0FFC36573D7541155F84AC8F8F9D87A6, 50CE44B544CF365C4E99133C69582154C58DEB263892E3EF02C9886C8D652F60 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:08:58.0749 0x2e08 avgntflt - ok
17:08:58.0796 0x2e08 [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
17:08:58.0812 0x2e08 avgtp - ok
17:08:58.0843 0x2e08 [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:08:58.0858 0x2e08 avipbb - ok
17:08:58.0890 0x2e08 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:08:58.0905 0x2e08 avkmgr - ok
17:08:58.0999 0x2e08 [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:08:59.0014 0x2e08 avnetflt - ok
17:08:59.0046 0x2e08 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:08:59.0139 0x2e08 AxInstSV - ok
17:08:59.0190 0x2e08 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:08:59.0259 0x2e08 b06bdrv - ok
17:08:59.0275 0x2e08 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:08:59.0337 0x2e08 b57nd60x - ok
17:08:59.0384 0x2e08 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:08:59.0446 0x2e08 BDESVC - ok
17:08:59.0462 0x2e08 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:08:59.0509 0x2e08 Beep - ok
17:08:59.0587 0x2e08 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:08:59.0649 0x2e08 BFE - ok
17:08:59.0720 0x2e08 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
17:08:59.0878 0x2e08 BITS - ok
17:08:59.0894 0x2e08 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:08:59.0925 0x2e08 blbdrive - ok
17:08:59.0956 0x2e08 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:09:00.0030 0x2e08 bowser - ok
17:09:00.0062 0x2e08 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:09:00.0155 0x2e08 BrFiltLo - ok
17:09:00.0155 0x2e08 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:09:00.0202 0x2e08 BrFiltUp - ok
17:09:00.0233 0x2e08 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
17:09:00.0280 0x2e08 Bridge - ok
17:09:00.0296 0x2e08 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:09:00.0327 0x2e08 BridgeMP - ok
17:09:00.0374 0x2e08 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:09:00.0405 0x2e08 Browser - ok
17:09:00.0420 0x2e08 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:09:00.0498 0x2e08 Brserid - ok
17:09:00.0514 0x2e08 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:00.0545 0x2e08 BrSerWdm - ok
17:09:00.0576 0x2e08 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:00.0608 0x2e08 BrUsbMdm - ok
17:09:00.0623 0x2e08 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:00.0670 0x2e08 BrUsbSer - ok
17:09:00.0717 0x2e08 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:09:00.0779 0x2e08 BthEnum - ok
17:09:00.0795 0x2e08 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:09:00.0842 0x2e08 BTHMODEM - ok
17:09:00.0888 0x2e08 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:09:00.0935 0x2e08 BthPan - ok
17:09:00.0984 0x2e08 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:09:01.0046 0x2e08 BTHPORT - ok
17:09:01.0093 0x2e08 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:09:01.0140 0x2e08 bthserv - ok
17:09:01.0186 0x2e08 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:09:01.0202 0x2e08 BTHUSB - ok
17:09:01.0233 0x2e08 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:09:01.0280 0x2e08 cdfs - ok
17:09:01.0326 0x2e08 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:09:01.0373 0x2e08 cdrom - ok
17:09:01.0404 0x2e08 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:09:01.0451 0x2e08 CertPropSvc - ok
17:09:01.0498 0x2e08 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:09:01.0545 0x2e08 circlass - ok
17:09:01.0576 0x2e08 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
17:09:01.0592 0x2e08 CLFS - ok
17:09:01.0654 0x2e08 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:01.0670 0x2e08 clr_optimization_v2.0.50727_32 - ok
17:09:01.0725 0x2e08 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:01.0747 0x2e08 clr_optimization_v4.0.30319_32 - ok
17:09:01.0762 0x2e08 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:09:01.0799 0x2e08 CmBatt - ok
17:09:01.0833 0x2e08 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:09:01.0849 0x2e08 cmdide - ok
17:09:01.0911 0x2e08 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
17:09:01.0958 0x2e08 CNG - ok
17:09:01.0974 0x2e08 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:09:01.0989 0x2e08 Compbatt - ok
17:09:02.0021 0x2e08 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:09:02.0052 0x2e08 CompositeBus - ok
17:09:02.0052 0x2e08 COMSysApp - ok
17:09:02.0083 0x2e08 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:09:02.0114 0x2e08 crcdisk - ok
17:09:02.0161 0x2e08 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:09:02.0192 0x2e08 CryptSvc - ok
17:09:02.0239 0x2e08 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
17:09:02.0321 0x2e08 CSC - ok
17:09:02.0359 0x2e08 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
17:09:02.0423 0x2e08 CscService - ok
17:09:02.0490 0x2e08 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512, 8F788EB5788CC04D53728FADF72114E0A12CC6F66B6A84EA7C7293722AC76137 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:09:02.0506 0x2e08 dc3d - ok
17:09:02.0545 0x2e08 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
17:09:02.0594 0x2e08 DcomLaunch - ok
17:09:02.0618 0x2e08 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:09:02.0681 0x2e08 defragsvc - ok
17:09:02.0712 0x2e08 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:09:02.0774 0x2e08 DfsC - ok
17:09:02.0805 0x2e08 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:09:02.0837 0x2e08 Dhcp - ok
17:09:02.0946 0x2e08 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
17:09:03.0039 0x2e08 DiagTrack - ok
17:09:03.0071 0x2e08 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:09:03.0117 0x2e08 discache - ok
17:09:03.0133 0x2e08 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:09:03.0149 0x2e08 Disk - ok
17:09:03.0180 0x2e08 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:09:03.0242 0x2e08 Dnscache - ok
17:09:03.0273 0x2e08 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:09:03.0336 0x2e08 dot3svc - ok
17:09:03.0367 0x2e08 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:09:03.0429 0x2e08 DPS - ok
17:09:03.0476 0x2e08 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:09:03.0539 0x2e08 drmkaud - ok
17:09:03.0601 0x2e08 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:09:03.0648 0x2e08 DXGKrnl - ok
17:09:03.0679 0x2e08 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:09:03.0741 0x2e08 EapHost - ok
17:09:03.0882 0x2e08 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:09:04.0069 0x2e08 ebdrv - ok
17:09:04.0178 0x2e08 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\Windows\System32\lsass.exe
17:09:04.0241 0x2e08 EFS - ok
17:09:04.0319 0x2e08 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:09:04.0397 0x2e08 ehRecvr - ok
17:09:04.0428 0x2e08 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:09:04.0490 0x2e08 ehSched - ok
17:09:04.0537 0x2e08 [ CE37E3D51912E59C80C6D84337C0B4CD, CE15CFFCF1D099DC6B9423746DDADCAE6BAFFCF037DD9F3FF154A8E69022A861 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
17:09:04.0568 0x2e08 ElbyCDFL - ok
17:09:04.0631 0x2e08 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
17:09:04.0662 0x2e08 ElbyCDIO - ok
17:09:04.0693 0x2e08 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:09:04.0740 0x2e08 elxstor - ok
17:09:04.0771 0x2e08 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:09:04.0802 0x2e08 ErrDev - ok
17:09:04.0865 0x2e08 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:09:04.0911 0x2e08 EventSystem - ok
17:09:04.0943 0x2e08 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:09:04.0974 0x2e08 exfat - ok
17:09:05.0005 0x2e08 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:09:05.0052 0x2e08 fastfat - ok
17:09:05.0114 0x2e08 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:09:05.0177 0x2e08 Fax - ok
17:09:05.0192 0x2e08 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:09:05.0223 0x2e08 fdc - ok
17:09:05.0270 0x2e08 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:09:05.0317 0x2e08 fdPHost - ok
17:09:05.0333 0x2e08 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:09:05.0395 0x2e08 FDResPub - ok
17:09:05.0411 0x2e08 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:09:05.0426 0x2e08 FileInfo - ok
17:09:05.0442 0x2e08 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:09:05.0489 0x2e08 Filetrace - ok
17:09:05.0520 0x2e08 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:09:05.0551 0x2e08 flpydisk - ok
17:09:05.0598 0x2e08 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:09:05.0613 0x2e08 FltMgr - ok
17:09:05.0691 0x2e08 [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\Windows\system32\FntCache.dll
17:09:05.0785 0x2e08 FontCache - ok
17:09:05.0847 0x2e08 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:09:05.0863 0x2e08 FontCache3.0.0.0 - ok
17:09:05.0894 0x2e08 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:09:05.0925 0x2e08 FsDepends - ok
17:09:05.0988 0x2e08 [ 2B3BF55BA74EB8118F67AB2B450B8EA9, 6D09D75105FE374E0865A2E5C1F9460AF938B6F62604F0C97B31ED9ADD4AFF4E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:09:06.0003 0x2e08 fssfltr - ok
17:09:06.0159 0x2e08 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:09:06.0253 0x2e08 fsssvc - ok
17:09:06.0284 0x2e08 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:09:06.0300 0x2e08 Fs_Rec - ok
17:09:06.0347 0x2e08 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:09:06.0362 0x2e08 fvevol - ok
17:09:06.0393 0x2e08 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:09:06.0409 0x2e08 gagp30kx - ok
17:09:06.0440 0x2e08 [ 007AEA2E06E7CEF7372E40C277163959, 805906ADC7C5473B767932A552FEC7500D0F3F7CB45D8DEFE6A1567F2038EF88 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
17:09:06.0456 0x2e08 ggflt - ok
17:09:06.0471 0x2e08 [ C73DE35960CA75C5AB4AE636B127C64E, 0C22EECD64CC06AB820ED6A2E76FBC7AB072379FD14837CF95BA3EF105ABB745 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
17:09:06.0487 0x2e08 ggsemc - ok
17:09:06.0549 0x2e08 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
17:09:06.0627 0x2e08 gpsvc - ok
17:09:06.0705 0x2e08 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:09:06.0721 0x2e08 gupdate - ok
17:09:06.0737 0x2e08 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:09:06.0752 0x2e08 gupdatem - ok
17:09:06.0768 0x2e08 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:09:06.0830 0x2e08 hcw85cir - ok
17:09:06.0861 0x2e08 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:09:06.0893 0x2e08 HdAudAddService - ok
17:09:06.0908 0x2e08 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:09:06.0924 0x2e08 HDAudBus - ok
17:09:06.0955 0x2e08 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:09:07.0002 0x2e08 HidBatt - ok
17:09:07.0017 0x2e08 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:09:07.0064 0x2e08 HidBth - ok
17:09:07.0095 0x2e08 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:09:07.0142 0x2e08 HidIr - ok
17:09:07.0173 0x2e08 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:09:07.0220 0x2e08 hidserv - ok
17:09:07.0267 0x2e08 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:09:07.0314 0x2e08 HidUsb - ok
17:09:07.0345 0x2e08 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:09:07.0407 0x2e08 hkmsvc - ok
17:09:07.0439 0x2e08 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:09:07.0470 0x2e08 HomeGroupListener - ok
17:09:07.0517 0x2e08 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:09:07.0563 0x2e08 HomeGroupProvider - ok
17:09:07.0595 0x2e08 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:09:07.0610 0x2e08 HpSAMD - ok
17:09:07.0673 0x2e08 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:09:07.0719 0x2e08 HTTP - ok
17:09:07.0751 0x2e08 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:09:07.0766 0x2e08 hwpolicy - ok
17:09:07.0782 0x2e08 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:09:07.0829 0x2e08 i8042prt - ok
17:09:07.0860 0x2e08 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:09:07.0891 0x2e08 iaStorV - ok
17:09:07.0953 0x2e08 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:09:07.0985 0x2e08 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:09:10.0498 0x2e08 Detect skipped due to KSN trusted
17:09:10.0498 0x2e08 IDriverT - ok
17:09:10.0598 0x2e08 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:09:10.0672 0x2e08 idsvc - ok
17:09:10.0719 0x2e08 IEEtwCollectorService - ok
17:09:10.0750 0x2e08 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:09:10.0766 0x2e08 iirsp - ok
17:09:10.0828 0x2e08 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
17:09:10.0875 0x2e08 IKEEXT - ok
17:09:10.0890 0x2e08 IntcAzAudAddService - ok
17:09:10.0906 0x2e08 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:09:10.0922 0x2e08 intelide - ok
17:09:10.0937 0x2e08 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:09:10.0971 0x2e08 intelppm - ok
17:09:11.0024 0x2e08 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:09:11.0076 0x2e08 IPBusEnum - ok
17:09:11.0100 0x2e08 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:09:11.0149 0x2e08 IpFilterDriver - ok
17:09:11.0208 0x2e08 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:09:11.0279 0x2e08 iphlpsvc - ok
17:09:11.0308 0x2e08 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:09:11.0334 0x2e08 IPMIDRV - ok
17:09:11.0381 0x2e08 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:09:11.0428 0x2e08 IPNAT - ok
17:09:11.0459 0x2e08 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:09:11.0521 0x2e08 IRENUM - ok
17:09:11.0568 0x2e08 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:09:11.0584 0x2e08 isapnp - ok
17:09:11.0636 0x2e08 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:09:11.0654 0x2e08 iScsiPrt - ok
17:09:11.0670 0x2e08 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:09:11.0701 0x2e08 kbdclass - ok
17:09:11.0701 0x2e08 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:09:11.0732 0x2e08 kbdhid - ok
17:09:11.0732 0x2e08 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\Windows\system32\lsass.exe
17:09:11.0764 0x2e08 KeyIso - ok
17:09:11.0795 0x2e08 [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:09:11.0810 0x2e08 KSecDD - ok
17:09:11.0842 0x2e08 [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:09:11.0857 0x2e08 KSecPkg - ok
17:09:11.0888 0x2e08 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:09:11.0966 0x2e08 KtmRm - ok
17:09:12.0013 0x2e08 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:09:12.0044 0x2e08 LanmanServer - ok
17:09:12.0060 0x2e08 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:09:12.0126 0x2e08 LanmanWorkstation - ok
17:09:12.0161 0x2e08 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:09:12.0215 0x2e08 lltdio - ok
17:09:12.0264 0x2e08 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:09:12.0322 0x2e08 lltdsvc - ok
17:09:12.0345 0x2e08 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:09:12.0402 0x2e08 lmhosts - ok
17:09:12.0434 0x2e08 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:09:12.0453 0x2e08 LSI_FC - ok
17:09:12.0468 0x2e08 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:09:12.0484 0x2e08 LSI_SAS - ok
17:09:12.0500 0x2e08 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:09:12.0515 0x2e08 LSI_SAS2 - ok
17:09:12.0531 0x2e08 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:09:12.0562 0x2e08 LSI_SCSI - ok
17:09:12.0578 0x2e08 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:09:12.0609 0x2e08 luafv - ok
17:09:12.0656 0x2e08 [ FDBDEDB746A33BAFC17394D1960ADEAF, 6280BD2559A3A0D058BAAF0BB3719F4BEE5841EC9901452CB6D8319666901876 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
17:09:12.0687 0x2e08 mbamchameleon - ok
17:09:12.0734 0x2e08 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:09:12.0765 0x2e08 Mcx2Svc - ok
17:09:12.0765 0x2e08 mdmxsdk - ok
17:09:12.0780 0x2e08 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:09:12.0796 0x2e08 megasas - ok
17:09:12.0827 0x2e08 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:09:12.0843 0x2e08 MegaSR - ok
17:09:12.0936 0x2e08 Microsoft SharePoint Workspace Audit Service - ok
17:09:12.0968 0x2e08 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:09:12.0999 0x2e08 MMCSS - ok
17:09:13.0014 0x2e08 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:09:13.0061 0x2e08 Modem - ok
17:09:13.0092 0x2e08 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:09:13.0139 0x2e08 monitor - ok
17:09:13.0170 0x2e08 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:09:13.0186 0x2e08 mouclass - ok
17:09:13.0202 0x2e08 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:09:13.0248 0x2e08 mouhid - ok
17:09:13.0295 0x2e08 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:09:13.0311 0x2e08 mountmgr - ok
17:09:13.0373 0x2e08 [ 96AA8BA23142CC8E2B30F3CAE0C80254, C65380761373DAD16425211FBA0B4E15F260F79A1FF328B1314076D732EE6F0E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:09:13.0389 0x2e08 MozillaMaintenance - ok
17:09:13.0420 0x2e08 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:09:13.0451 0x2e08 mpio - ok
17:09:13.0467 0x2e08 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:09:13.0514 0x2e08 mpsdrv - ok
17:09:13.0576 0x2e08 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:09:13.0670 0x2e08 MpsSvc - ok
17:09:13.0716 0x2e08 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:09:13.0763 0x2e08 MRxDAV - ok
17:09:13.0810 0x2e08 [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:09:13.0872 0x2e08 mrxsmb - ok
17:09:13.0919 0x2e08 [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:09:13.0966 0x2e08 mrxsmb10 - ok
17:09:14.0028 0x2e08 [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:09:14.0044 0x2e08 mrxsmb20 - ok
17:09:14.0075 0x2e08 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:09:14.0091 0x2e08 msahci - ok
17:09:14.0122 0x2e08 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:09:14.0153 0x2e08 msdsm - ok
17:09:14.0169 0x2e08 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:09:14.0216 0x2e08 MSDTC - ok
17:09:14.0262 0x2e08 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:09:14.0309 0x2e08 Msfs - ok
17:09:14.0340 0x2e08 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:09:14.0387 0x2e08 mshidkmdf - ok
17:09:14.0418 0x2e08 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:09:14.0434 0x2e08 msisadrv - ok
17:09:14.0465 0x2e08 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:09:14.0528 0x2e08 MSiSCSI - ok
17:09:14.0528 0x2e08 msiserver - ok
17:09:14.0559 0x2e08 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:09:14.0590 0x2e08 MSKSSRV - ok
17:09:14.0621 0x2e08 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:09:14.0668 0x2e08 MSPCLOCK - ok
17:09:14.0668 0x2e08 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:09:14.0715 0x2e08 MSPQM - ok
17:09:14.0746 0x2e08 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:09:14.0762 0x2e08 MsRPC - ok
17:09:14.0793 0x2e08 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:09:14.0808 0x2e08 mssmbios - ok
17:09:14.0808 0x2e08 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:09:14.0871 0x2e08 MSTEE - ok
17:09:14.0902 0x2e08 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:09:14.0949 0x2e08 MTConfig - ok
17:09:14.0980 0x2e08 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:09:14.0996 0x2e08 Mup - ok
17:09:15.0058 0x2e08 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:09:15.0120 0x2e08 napagent - ok
17:09:15.0152 0x2e08 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:09:15.0183 0x2e08 NativeWifiP - ok
17:09:15.0276 0x2e08 [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
17:09:15.0323 0x2e08 NAUpdate - ok
17:09:15.0370 0x2e08 [ 0AE25530894A934C6CA600865C6E9D7C, CA3499687E6CC35FEA1D5B6EDA34E4ADA45FA05D025A5A8B80F98BCB44090DC7 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
17:09:15.0386 0x2e08 NBVol - ok
17:09:15.0417 0x2e08 [ 1DDCEF3039C9D90AF3529DEE6699967D, 2F67FB358DB8DA4CAFD65A04DF35976C4C989A3B4DAED63E9752355DAE9EDE5E ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
17:09:15.0432 0x2e08 NBVolUp - ok
17:09:15.0495 0x2e08 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:09:15.0542 0x2e08 NDIS - ok
17:09:15.0573 0x2e08 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:09:15.0604 0x2e08 NdisCap - ok
17:09:15.0635 0x2e08 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:09:15.0682 0x2e08 NdisTapi - ok
17:09:15.0713 0x2e08 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:09:15.0760 0x2e08 Ndisuio - ok
17:09:15.0791 0x2e08 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:09:15.0838 0x2e08 NdisWan - ok
17:09:15.0869 0x2e08 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:09:15.0916 0x2e08 NDProxy - ok
17:09:15.0947 0x2e08 [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
17:09:15.0963 0x2e08 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
17:09:18.0432 0x2e08 Detect skipped due to KSN trusted
17:09:18.0432 0x2e08 Netaapl - ok
17:09:18.0495 0x2e08 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:09:18.0541 0x2e08 NetBIOS - ok
17:09:18.0573 0x2e08 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:09:18.0619 0x2e08 NetBT - ok
17:09:18.0651 0x2e08 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\Windows\system32\lsass.exe
17:09:18.0682 0x2e08 Netlogon - ok
17:09:18.0729 0x2e08 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:09:18.0791 0x2e08 Netman - ok
17:09:18.0838 0x2e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:18.0853 0x2e08 NetMsmqActivator - ok
17:09:18.0885 0x2e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:18.0900 0x2e08 NetPipeActivator - ok
17:09:18.0931 0x2e08 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:09:18.0994 0x2e08 netprofm - ok
17:09:19.0009 0x2e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:19.0025 0x2e08 NetTcpActivator - ok
17:09:19.0041 0x2e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:19.0072 0x2e08 NetTcpPortSharing - ok
17:09:19.0259 0x2e08 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
17:09:19.0462 0x2e08 netw5v32 - ok
17:09:19.0571 0x2e08 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:09:19.0603 0x2e08 nfrd960 - ok
17:09:19.0644 0x2e08 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:09:19.0710 0x2e08 NlaSvc - ok
17:09:19.0723 0x2e08 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:09:19.0780 0x2e08 Npfs - ok
17:09:19.0818 0x2e08 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:09:19.0850 0x2e08 nsi - ok
17:09:19.0866 0x2e08 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:09:19.0912 0x2e08 nsiproxy - ok
17:09:19.0990 0x2e08 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:09:20.0084 0x2e08 Ntfs - ok
17:09:20.0100 0x2e08 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:09:20.0146 0x2e08 Null - ok
17:09:20.0193 0x2e08 [ 7F5D69A031BE0E7BDFB8126E1A212417, E0ECC8D47D9385FC97B962A72F435A94F9AAF88694E84EE8AF7F3D0EBD2C15DC ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
17:09:20.0209 0x2e08 nuvotoncir - detected UnsignedFile.Multi.Generic ( 1 )
17:09:22.0654 0x2e08 Detect skipped due to KSN trusted
17:09:22.0654 0x2e08 nuvotoncir - ok
17:09:23.0151 0x2e08 [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:09:23.0669 0x2e08 nvlddmkm - ok
17:09:23.0731 0x2e08 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:09:23.0763 0x2e08 nvraid - ok
17:09:23.0794 0x2e08 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:09:23.0809 0x2e08 nvstor - ok
17:09:23.0919 0x2e08 [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:09:23.0965 0x2e08 nvsvc - ok
17:09:24.0059 0x2e08 [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:09:24.0137 0x2e08 nvUpdatusService - ok
17:09:24.0153 0x2e08 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:09:24.0184 0x2e08 nv_agp - ok
17:09:24.0215 0x2e08 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:09:24.0262 0x2e08 ohci1394 - ok
17:09:24.0309 0x2e08 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:09:24.0324 0x2e08 ose - ok
17:09:24.0558 0x2e08 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:09:24.0792 0x2e08 osppsvc - ok
17:09:24.0855 0x2e08 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:09:24.0933 0x2e08 p2pimsvc - ok
17:09:24.0964 0x2e08 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:09:25.0026 0x2e08 p2psvc - ok
17:09:25.0073 0x2e08 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:09:25.0120 0x2e08 Parport - ok
17:09:25.0151 0x2e08 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:09:25.0182 0x2e08 partmgr - ok
17:09:25.0198 0x2e08 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:09:25.0229 0x2e08 Parvdm - ok
17:09:25.0291 0x2e08 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
17:09:25.0354 0x2e08 PcaSvc - ok
17:09:25.0369 0x2e08 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:09:25.0401 0x2e08 pci - ok
17:09:25.0432 0x2e08 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:09:25.0447 0x2e08 pciide - ok
17:09:25.0463 0x2e08 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:09:25.0494 0x2e08 pcmcia - ok
17:09:25.0494 0x2e08 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:09:25.0510 0x2e08 pcw - ok
17:09:25.0557 0x2e08 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:09:25.0635 0x2e08 PEAUTH - ok
17:09:25.0713 0x2e08 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:09:25.0822 0x2e08 PeerDistSvc - ok
17:09:25.0915 0x2e08 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:09:26.0040 0x2e08 pla - ok
17:09:26.0118 0x2e08 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:09:26.0165 0x2e08 PlugPlay - ok
17:09:26.0181 0x2e08 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:09:26.0196 0x2e08 PnkBstrA - ok
17:09:26.0243 0x2e08 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:09:26.0305 0x2e08 PNRPAutoReg - ok
17:09:26.0337 0x2e08 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:09:26.0352 0x2e08 PNRPsvc - ok
17:09:26.0399 0x2e08 [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32 C:\Windows\system32\DRIVERS\point32.sys
17:09:26.0415 0x2e08 Point32 - ok
17:09:26.0461 0x2e08 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:09:26.0524 0x2e08 PolicyAgent - ok
17:09:26.0571 0x2e08 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:09:26.0633 0x2e08 Power - ok
17:09:26.0664 0x2e08 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:09:26.0695 0x2e08 PptpMiniport - ok
17:09:26.0742 0x2e08 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:09:26.0773 0x2e08 Processor - ok
17:09:26.0820 0x2e08 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
17:09:26.0851 0x2e08 ProfSvc - ok
17:09:26.0867 0x2e08 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:09:26.0898 0x2e08 ProtectedStorage - ok
17:09:26.0914 0x2e08 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:09:26.0976 0x2e08 Psched - ok
17:09:27.0054 0x2e08 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:09:27.0132 0x2e08 ql2300 - ok
17:09:27.0148 0x2e08 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:09:27.0179 0x2e08 ql40xx - ok
17:09:27.0210 0x2e08 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:09:27.0273 0x2e08 QWAVE - ok
17:09:27.0304 0x2e08 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:09:27.0319 0x2e08 QWAVEdrv - ok
17:09:27.0335 0x2e08 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:09:27.0397 0x2e08 RasAcd - ok
17:09:27.0429 0x2e08 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:09:27.0475 0x2e08 RasAgileVpn - ok
17:09:27.0522 0x2e08 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:09:27.0553 0x2e08 RasAuto - ok
17:09:27.0569 0x2e08 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:09:27.0616 0x2e08 Rasl2tp - ok
17:09:27.0647 0x2e08 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:09:27.0694 0x2e08 RasMan - ok
17:09:27.0709 0x2e08 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:09:27.0772 0x2e08 RasPppoe - ok
17:09:27.0787 0x2e08 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:09:27.0834 0x2e08 RasSstp - ok
17:09:27.0881 0x2e08 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:09:27.0943 0x2e08 rdbss - ok
17:09:27.0975 0x2e08 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:09:27.0990 0x2e08 rdpbus - ok
17:09:28.0037 0x2e08 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:09:28.0068 0x2e08 RDPCDD - ok
17:09:28.0131 0x2e08 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:09:28.0177 0x2e08 RDPDR - ok
17:09:28.0209 0x2e08 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:09:28.0271 0x2e08 RDPENCDD - ok
17:09:28.0302 0x2e08 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:09:28.0349 0x2e08 RDPREFMP - ok
17:09:28.0380 0x2e08 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:09:28.0458 0x2e08 RdpVideoMiniport - ok
17:09:28.0505 0x2e08 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:09:28.0536 0x2e08 RDPWD - ok
17:09:28.0567 0x2e08 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:09:28.0599 0x2e08 rdyboost - ok
17:09:28.0645 0x2e08 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:09:28.0692 0x2e08 RemoteAccess - ok
17:09:28.0739 0x2e08 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:09:28.0786 0x2e08 RemoteRegistry - ok
17:09:28.0833 0x2e08 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:09:28.0879 0x2e08 RFCOMM - ok
17:09:28.0911 0x2e08 [ 7A6648B61661B1421FFAB762E391E33F, D1CDEE8C53EF3D6E72DB4C1D9DD351BFE9804BB0BE1419245B4ABE16679FC5A2 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:09:28.0957 0x2e08 rimmptsk - ok
17:09:28.0973 0x2e08 [ D0A35B7670AA3558EAAB483F64446496, F70976D0214D3D52CCCE552EBC93548A39458B1F8C2D9D1257C4892BF85393E3 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:09:29.0004 0x2e08 rimsptsk - ok
17:09:29.0035 0x2e08 [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:09:29.0067 0x2e08 rismxdp - ok
17:09:29.0098 0x2e08 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:09:29.0160 0x2e08 RpcEptMapper - ok
17:09:29.0191 0x2e08 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:09:29.0223 0x2e08 RpcLocator - ok
17:09:29.0269 0x2e08 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
17:09:29.0301 0x2e08 RpcSs - ok
17:09:29.0332 0x2e08 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:09:29.0394 0x2e08 rspndr - ok
17:09:29.0425 0x2e08 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:09:29.0472 0x2e08 s3cap - ok
17:09:29.0488 0x2e08 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\Windows\system32\lsass.exe
17:09:29.0535 0x2e08 SamSs - ok
17:09:29.0550 0x2e08 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:09:29.0581 0x2e08 sbp2port - ok
17:09:29.0613 0x2e08 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:09:29.0659 0x2e08 SCardSvr - ok
17:09:29.0675 0x2e08 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:09:29.0722 0x2e08 scfilter - ok
17:09:29.0784 0x2e08 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
17:09:29.0878 0x2e08 Schedule - ok
17:09:29.0925 0x2e08 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:09:29.0956 0x2e08 SCPolicySvc - ok
17:09:29.0987 0x2e08 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:09:30.0018 0x2e08 sdbus - ok
17:09:30.0049 0x2e08 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:09:30.0096 0x2e08 SDRSVC - ok
17:09:30.0127 0x2e08 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:09:30.0159 0x2e08 secdrv - ok
17:09:30.0174 0x2e08 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
17:09:30.0237 0x2e08 seclogon - ok
17:09:30.0382 0x2e08 [ A1DA2F0B5BE2B37251611FB5CA7D60BD, 6D46C6CB584145A37C55A85B1A56A67FA0CA7DA90A9F6E5A6AC9CD676FE0A7ED ] second_harmonic C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\supervisor.exe
17:09:30.0414 0x2e08 second_harmonic - detected UnsignedFile.Multi.Generic ( 1 )
17:09:32.0941 0x2e08 second_harmonic ( UnsignedFile.Multi.Generic ) - warning
17:09:35.0521 0x2e08 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:09:35.0567 0x2e08 SENS - ok
17:09:35.0583 0x2e08 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:09:35.0614 0x2e08 SensrSvc - ok
17:09:35.0630 0x2e08 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:09:35.0645 0x2e08 Serenum - ok
17:09:35.0677 0x2e08 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:09:35.0723 0x2e08 Serial - ok
17:09:35.0755 0x2e08 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:09:35.0786 0x2e08 sermouse - ok
17:09:35.0848 0x2e08 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:09:35.0879 0x2e08 SessionEnv - ok
17:09:35.0942 0x2e08 [ 4C0D673281178CB496011A2E28571FC8, 14CFB50F3EA987C4485475B2E5EC85C137949911495245F29FE64723C909C9E8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
17:09:35.0973 0x2e08 sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
17:09:38.0401 0x2e08 Detect skipped due to KSN trusted
17:09:38.0401 0x2e08 sfdrv01 - ok
17:09:38.0475 0x2e08 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:09:38.0506 0x2e08 sffdisk - ok
17:09:38.0537 0x2e08 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:09:38.0568 0x2e08 sffp_mmc - ok
17:09:38.0599 0x2e08 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:09:38.0631 0x2e08 sffp_sd - ok
17:09:38.0678 0x2e08 [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
17:09:38.0693 0x2e08 sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
17:09:41.0161 0x2e08 Detect skipped due to KSN trusted
17:09:41.0161 0x2e08 sfhlp02 - ok
17:09:41.0223 0x2e08 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:09:41.0254 0x2e08 sfloppy - ok
17:09:41.0317 0x2e08 [ EFEBBC1D13FDB77A6AF4EDDFC7232EDF, 32888536C6E632DF78EC09A4CFB990B08ED75DB049DDF2612F548CC8FEB8D503 ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
17:09:41.0348 0x2e08 sfsync02 - detected UnsignedFile.Multi.Generic ( 1 )
17:09:43.0860 0x2e08 Detect skipped due to KSN trusted
17:09:43.0860 0x2e08 sfsync02 - ok
17:09:43.0963 0x2e08 [ D5A7E09D2C6A702809E49190D52ADC9F, 7B3226A7C8C954A04B4543AFAA3079AA9A306E00CBD81346F952B40804608A87 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
17:09:43.0963 0x2e08 sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
17:09:46.0420 0x2e08 Detect skipped due to KSN trusted
17:09:46.0420 0x2e08 sfvfs02 - ok
17:09:46.0541 0x2e08 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:09:46.0587 0x2e08 SharedAccess - ok
17:09:46.0648 0x2e08 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:09:46.0693 0x2e08 ShellHWDetection - ok
17:09:46.0717 0x2e08 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:09:46.0736 0x2e08 sisagp - ok
17:09:46.0763 0x2e08 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:09:46.0783 0x2e08 SiSRaid2 - ok
17:09:46.0809 0x2e08 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:09:46.0829 0x2e08 SiSRaid4 - ok
17:09:46.0854 0x2e08 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:09:46.0890 0x2e08 Smb - ok
17:09:46.0937 0x2e08 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:09:46.0980 0x2e08 SNMPTRAP - ok
17:09:46.0997 0x2e08 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:09:47.0012 0x2e08 spldr - ok
17:09:47.0059 0x2e08 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
17:09:47.0106 0x2e08 Spooler - ok
17:09:47.0262 0x2e08 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:09:47.0422 0x2e08 sppsvc - ok
17:09:47.0480 0x2e08 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:09:47.0531 0x2e08 sppuinotify - ok
17:09:47.0598 0x2e08 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\Windows\system32\Drivers\sptd.sys
17:09:47.0599 0x2e08 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
17:09:47.0604 0x2e08 sptd - detected LockedFile.Multi.Generic ( 1 )
17:09:50.0086 0x2e08 Detect skipped due to KSN trusted
17:09:50.0086 0x2e08 sptd - ok
17:09:50.0148 0x2e08 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:09:50.0195 0x2e08 srv - ok
17:09:50.0210 0x2e08 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:09:50.0257 0x2e08 srv2 - ok
17:09:50.0320 0x2e08 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:09:50.0366 0x2e08 SrvHsfHDA - ok
17:09:50.0413 0x2e08 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:09:50.0491 0x2e08 SrvHsfV92 - ok
17:09:50.0538 0x2e08 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:09:50.0569 0x2e08 SrvHsfWinac - ok
17:09:50.0600 0x2e08 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:09:50.0632 0x2e08 srvnet - ok
17:09:50.0678 0x2e08 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:09:50.0725 0x2e08 SSDPSRV - ok
17:09:50.0756 0x2e08 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:09:50.0772 0x2e08 ssmdrv - ok
17:09:50.0834 0x2e08 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:09:50.0866 0x2e08 SstpSvc - ok
17:09:50.0866 0x2e08 Steam Client Service - ok
17:09:50.0897 0x2e08 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:09:50.0912 0x2e08 stexstor - ok
17:09:50.0959 0x2e08 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:09:51.0022 0x2e08 StiSvc - ok
17:09:51.0068 0x2e08 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:09:51.0084 0x2e08 storflt - ok
17:09:51.0115 0x2e08 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:09:51.0131 0x2e08 storvsc - ok
17:09:51.0146 0x2e08 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
17:09:51.0162 0x2e08 swenum - ok
17:09:51.0193 0x2e08 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:09:51.0256 0x2e08 swprv - ok
17:09:51.0256 0x2e08 Synth3dVsc - ok
17:09:51.0334 0x2e08 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
17:09:51.0443 0x2e08 SysMain - ok
17:09:51.0474 0x2e08 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:09:51.0505 0x2e08 TabletInputService - ok
17:09:51.0536 0x2e08 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:09:51.0599 0x2e08 TapiSrv - ok
17:09:51.0646 0x2e08 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
17:09:51.0692 0x2e08 TBS - ok
17:09:51.0770 0x2e08 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:09:51.0848 0x2e08 Tcpip - ok
17:09:51.0911 0x2e08 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:09:51.0958 0x2e08 TCPIP6 - ok
17:09:52.0004 0x2e08 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:09:52.0020 0x2e08 tcpipreg - ok
17:09:52.0067 0x2e08 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:09:52.0098 0x2e08 TDPIPE - ok
17:09:52.0129 0x2e08 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:09:52.0145 0x2e08 TDTCP - ok
17:09:52.0176 0x2e08 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:09:52.0238 0x2e08 tdx - ok
17:09:52.0254 0x2e08 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:09:52.0270 0x2e08 TermDD - ok
17:09:52.0332 0x2e08 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
17:09:52.0394 0x2e08 TermService - ok
17:09:52.0426 0x2e08 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:09:52.0472 0x2e08 Themes - ok
17:09:52.0472 0x2e08 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:09:52.0519 0x2e08 THREADORDER - ok
17:09:52.0535 0x2e08 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:09:52.0597 0x2e08 TrkWks - ok
17:09:52.0660 0x2e08 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:09:52.0706 0x2e08 TrustedInstaller - ok
17:09:52.0738 0x2e08 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:09:52.0753 0x2e08 tssecsrv - ok
17:09:52.0816 0x2e08 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:09:52.0862 0x2e08 TsUsbFlt - ok
17:09:52.0862 0x2e08 tsusbhub - ok
17:09:52.0909 0x2e08 [ CDDB80CAE568A7068F2C4440390D4B68, ED9D3E46C1BCF9E00D353014DD5ED893EC8949F213317776D8244D92EB9E1F08 ] TT1724ht C:\Windows\system32\drivers\TT1724ht.sys
17:09:52.0925 0x2e08 TT1724ht - ok
17:09:52.0956 0x2e08 [ 1155503966912F49B2AFD2E58C5E5856, 10F21DB4AE466B7905BBED0F60DA725F1AB61C85DABAD8585E68D5288DBF7DE4 ] TT1724sa C:\Windows\system32\drivers\TT1724sa.sys
17:09:52.0987 0x2e08 TT1724sa - ok
17:09:53.0268 0x2e08 [ AF5F31156EE89D35AD6EC3179A805D23, 92CF2FF24963589157DCD6F79A75D9918EC4C002E9C1CD74A14BE084E833DA88 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
17:09:53.0330 0x2e08 TuneUp.UtilitiesSvc - ok
17:09:53.0362 0x2e08 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
17:09:53.0377 0x2e08 TuneUpUtilitiesDrv - ok
17:09:53.0424 0x2e08 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:09:53.0455 0x2e08 tunnel - ok
17:09:53.0471 0x2e08 uafilter - ok
17:09:53.0502 0x2e08 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:09:53.0518 0x2e08 uagp35 - ok
17:09:53.0564 0x2e08 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:09:53.0596 0x2e08 udfs - ok
17:09:53.0642 0x2e08 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:09:53.0689 0x2e08 UI0Detect - ok
17:09:53.0736 0x2e08 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:09:53.0752 0x2e08 uliagpkx - ok
17:09:53.0783 0x2e08 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:09:53.0830 0x2e08 umbus - ok
17:09:53.0845 0x2e08 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:09:53.0892 0x2e08 UmPass - ok
17:09:53.0939 0x2e08 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
17:09:53.0986 0x2e08 UmRdpService - ok
17:09:54.0017 0x2e08 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:09:54.0079 0x2e08 upnphost - ok
17:09:54.0126 0x2e08 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:09:54.0157 0x2e08 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
17:10:04.0171 0x2e08 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
17:10:07.0710 0x2e08 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:10:07.0741 0x2e08 usbaudio - ok
17:10:07.0757 0x2e08 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:10:07.0819 0x2e08 usbccgp - ok
17:10:07.0913 0x2e08 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:10:07.0962 0x2e08 usbcir - ok
17:10:07.0978 0x2e08 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:10:08.0025 0x2e08 usbehci - ok
17:10:08.0056 0x2e08 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:10:08.0103 0x2e08 usbhub - ok
17:10:08.0134 0x2e08 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:10:08.0150 0x2e08 usbohci - ok
17:10:08.0181 0x2e08 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:10:08.0196 0x2e08 usbprint - ok
17:10:08.0243 0x2e08 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:10:08.0306 0x2e08 USBSTOR - ok
17:10:08.0321 0x2e08 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:10:08.0352 0x2e08 usbuhci - ok
17:10:08.0384 0x2e08 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:10:08.0399 0x2e08 usbvideo - ok
17:10:08.0445 0x2e08 [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:10:08.0496 0x2e08 usb_rndisx - ok
17:10:08.0522 0x2e08 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:10:08.0564 0x2e08 UxSms - ok
17:10:08.0626 0x2e08 [ 6275822AC454A8A831D063841A4DBB5D, 8CB06BE21F0B902695C2846BA9E49327A07D691EBB37A81EF171805630411365 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:10:08.0642 0x2e08 UxTuneUp - ok
17:10:08.0657 0x2e08 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\Windows\system32\lsass.exe
17:10:08.0673 0x2e08 VaultSvc - ok
17:10:08.0704 0x2e08 [ 1CDAA48CB2F7744B8D25650E050766A5, 97C7BDEAFFDAD337F4101860061BCCE6C519343B7EEEB72C3AD450B59DACCA66 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:10:08.0737 0x2e08 VClone - ok
17:10:08.0768 0x2e08 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:10:08.0800 0x2e08 vdrvroot - ok
17:10:08.0831 0x2e08 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:10:08.0893 0x2e08 vds - ok
17:10:08.0924 0x2e08 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:10:08.0971 0x2e08 vga - ok
17:10:09.0002 0x2e08 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:10:09.0041 0x2e08 VgaSave - ok
17:10:09.0052 0x2e08 VGPU - ok
17:10:09.0084 0x2e08 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:10:09.0106 0x2e08 vhdmp - ok
17:10:09.0126 0x2e08 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:10:09.0144 0x2e08 viaagp - ok
17:10:09.0164 0x2e08 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:10:09.0209 0x2e08 ViaC7 - ok
17:10:09.0248 0x2e08 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:10:09.0265 0x2e08 viaide - ok
17:10:09.0311 0x2e08 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:10:09.0332 0x2e08 vmbus - ok
17:10:09.0366 0x2e08 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:10:09.0382 0x2e08 VMBusHID - ok
17:10:09.0413 0x2e08 [ 3B8F222B23917C041E4DA29CCC57E7D0, 2764C7A11FD5672FBF72CDD4331F1895B5084664919AD4FC855DFDD451403D4C ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
17:10:09.0444 0x2e08 vncmirror - ok
17:10:09.0460 0x2e08 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:10:09.0475 0x2e08 volmgr - ok
17:10:09.0491 0x2e08 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:10:09.0522 0x2e08 volmgrx - ok
17:10:09.0569 0x2e08 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:10:09.0585 0x2e08 volsnap - ok
17:10:09.0616 0x2e08 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:10:09.0647 0x2e08 vsmraid - ok
17:10:09.0709 0x2e08 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:10:09.0787 0x2e08 VSS - ok
17:10:09.0834 0x2e08 vToolbarUpdater18.0.5 - ok
17:10:09.0865 0x2e08 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:10:09.0912 0x2e08 vwifibus - ok
17:10:09.0959 0x2e08 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:10:10.0021 0x2e08 W32Time - ok
17:10:10.0084 0x2e08 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:10:10.0099 0x2e08 WacomPen - ok
17:10:10.0146 0x2e08 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:10:10.0177 0x2e08 WANARP - ok
17:10:10.0193 0x2e08 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:10:10.0224 0x2e08 Wanarpv6 - ok
17:10:10.0630 0x2e08 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:10:10.0708 0x2e08 WatAdminSvc - ok
17:10:10.0786 0x2e08 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:10:10.0879 0x2e08 wbengine - ok
17:10:10.0911 0x2e08 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:10:10.0942 0x2e08 WbioSrvc - ok
17:10:11.0004 0x2e08 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:10:11.0035 0x2e08 wcncsvc - ok
17:10:11.0051 0x2e08 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:10:11.0129 0x2e08 WcsPlugInService - ok
17:10:11.0145 0x2e08 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:10:11.0160 0x2e08 Wd - ok
17:10:11.0223 0x2e08 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:10:11.0254 0x2e08 Wdf01000 - ok
17:10:11.0301 0x2e08 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:10:11.0332 0x2e08 WdiServiceHost - ok
17:10:11.0347 0x2e08 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:10:11.0363 0x2e08 WdiSystemHost - ok
17:10:11.0410 0x2e08 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
17:10:11.0488 0x2e08 WebClient - ok
17:10:11.0519 0x2e08 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:10:11.0550 0x2e08 Wecsvc - ok
17:10:11.0566 0x2e08 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:10:11.0613 0x2e08 wercplsupport - ok
17:10:11.0644 0x2e08 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:10:11.0706 0x2e08 WerSvc - ok
17:10:11.0737 0x2e08 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:10:11.0800 0x2e08 WfpLwf - ok
17:10:11.0815 0x2e08 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:10:11.0831 0x2e08 WIMMount - ok
17:10:11.0862 0x2e08 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
17:10:11.0909 0x2e08 winbondcir - ok
17:10:11.0987 0x2e08 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:10:12.0081 0x2e08 WinDefend - ok
17:10:12.0112 0x2e08 WinHttpAutoProxySvc - ok
17:10:12.0174 0x2e08 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:10:12.0205 0x2e08 Winmgmt - ok
17:10:12.0283 0x2e08 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
17:10:12.0361 0x2e08 WinRM - ok
17:10:12.0439 0x2e08 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:10:12.0471 0x2e08 WinUsb - ok
17:10:12.0549 0x2e08 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:10:12.0642 0x2e08 Wlansvc - ok
17:10:12.0767 0x2e08 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:12.0861 0x2e08 wlidsvc - ok
17:10:12.0892 0x2e08 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:10:12.0907 0x2e08 WmiAcpi - ok
17:10:12.0954 0x2e08 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:10:12.0985 0x2e08 wmiApSrv - ok
17:10:13.0095 0x2e08 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:10:13.0204 0x2e08 WMPNetworkSvc - ok
17:10:13.0235 0x2e08 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:10:13.0266 0x2e08 WPCSvc - ok
17:10:13.0313 0x2e08 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:10:13.0344 0x2e08 WPDBusEnum - ok
17:10:13.0375 0x2e08 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:10:13.0407 0x2e08 ws2ifsl - ok
17:10:13.0438 0x2e08 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
17:10:13.0453 0x2e08 wscsvc - ok
17:10:13.0531 0x2e08 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:10:13.0563 0x2e08 WSDPrintDevice - ok
17:10:13.0578 0x2e08 WSearch - ok
17:10:13.0703 0x2e08 [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\Windows\system32\wuaueng.dll
17:10:13.0859 0x2e08 wuauserv - ok
17:10:13.0906 0x2e08 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:10:13.0937 0x2e08 WudfPf - ok
17:10:13.0968 0x2e08 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:10:13.0999 0x2e08 WUDFRd - ok
17:10:14.0015 0x2e08 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:10:14.0031 0x2e08 wudfsvc - ok
17:10:14.0077 0x2e08 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:10:14.0140 0x2e08 WwanSvc - ok
17:10:14.0202 0x2e08 ================ Scan global ===============================
17:10:14.0280 0x2e08 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:10:14.0311 0x2e08 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:10:14.0343 0x2e08 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:10:14.0374 0x2e08 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:10:14.0421 0x2e08 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:10:14.0436 0x2e08 [ Global ] - ok
17:10:14.0436 0x2e08 ================ Scan MBR ==================================
17:10:14.0452 0x2e08 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:10:15.0216 0x2e08 \Device\Harddisk0\DR0 - ok
17:10:15.0216 0x2e08 ================ Scan VBR ==================================
17:10:15.0216 0x2e08 [ 8C3313B3F522F6BAF75A69970BD63FCE ] \Device\Harddisk0\DR0\Partition1
17:10:15.0232 0x2e08 \Device\Harddisk0\DR0\Partition1 - ok
17:10:15.0232 0x2e08 ================ Scan generic autorun ======================
17:10:15.0279 0x2e08 [ 2F2DF068BED6E62E4C007DF7446B4F19, 96FE78E2B8BD067B7378ECDF1E74939C71EFFBF09B2C184361650DBF4ED0FCC3 ] C:\Windows\PLFSetI.exe
17:10:15.0279 0x2e08 PLFSetI - detected UnsignedFile.Multi.Generic ( 1 )
17:10:17.0774 0x2e08 Detect skipped due to KSN trusted
17:10:17.0774 0x2e08 PLFSetI - ok
17:10:17.0899 0x2e08 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
17:10:17.0914 0x2e08 BCSSync - ok
17:10:17.0992 0x2e08 [ 27F8A7A78773427E5D931628F89D6839, 61A312590322109BEA9EA70345E6FB40435D9BACE2B9CFF3ADF68C7B3D6FA163 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
17:10:18.0039 0x2e08 avgnt - ok
17:10:18.0039 0x2e08 RtHDVCpl - ok
17:10:18.0086 0x2e08 Adobe Reader Speed Launcher - ok
17:10:18.0133 0x2e08 [ 68B7A5320065FCC7F4DF5A0DC3281EA5, 1B0526C04F78A0F824C20AF92C887488A897A228A13DD8939C2E115039466C34 ] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
17:10:18.0133 0x2e08 CloneCDTray - detected UnsignedFile.Multi.Generic ( 1 )
17:10:20.0613 0x2e08 Detect skipped due to KSN trusted
17:10:20.0613 0x2e08 CloneCDTray - ok
17:10:20.0738 0x2e08 [ 1117B2F27B46C0247E68D56A99296A34, 5794F5EC4F84E0F6BEB616433CCFFC2D025F49D1C49B078E2EF3B8061DD336DB ] C:\ProgramData\Apple Computer\iTunes\bending\center_of_gravity.exe
17:10:20.0785 0x2e08 amplitude_modulation - detected UnsignedFile.Multi.Generic ( 1 )
17:10:23.0265 0x2e08 Detect turned to UDS exact due to KSN untrusted
17:10:23.0265 0x2e08 amplitude_modulation ( UDS:DangerousObject.Multi.Generic ) - infected
17:10:23.0265 0x2e08 Force sending object to P2P due to detect: C:\ProgramData\Apple Computer\iTunes\bending\center_of_gravity.exe
17:10:25.0948 0x2e08 Object send P2P result: true
17:10:28.0522 0x2e08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:10:28.0616 0x2e08 Sidebar - ok
17:10:28.0772 0x2e08 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:10:28.0803 0x2e08 mctadmin - ok
17:10:28.0865 0x2e08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:10:28.0912 0x2e08 Sidebar - ok
17:10:28.0912 0x2e08 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:10:28.0943 0x2e08 mctadmin - ok
17:10:28.0975 0x2e08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:10:29.0021 0x2e08 Sidebar - ok
17:10:29.0162 0x2e08 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:10:29.0177 0x2e08 Google Update - ok
17:10:29.0224 0x2e08 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5, 6075E8ADD4136AC6497C1FE9CC937E6652FAD5024AED1CF901CE107078955C4F ] C:\Windows\System32\StikyNot.exe
17:10:29.0271 0x2e08 RESTART_STICKY_NOTES - ok
17:10:29.0380 0x2e08 [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:10:29.0380 0x2e08 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:10:29.0396 0x2e08 sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:10:31.0861 0x2e08 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:10:31.0861 0x2e08 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:10:34.0419 0x2e08 Object send P2P result: true
17:10:36.0931 0x2e08 [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:10:36.0931 0x2e08 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:10:36.0946 0x2e08 link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:10:39.0411 0x2e08 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:10:39.0411 0x2e08 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:10:41.0969 0x2e08 Object send P2P result: true
17:10:44.0450 0x2e08 [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:10:44.0450 0x2e08 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:10:44.0465 0x2e08 government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:10:46.0946 0x2e08 Object required for P2P: [ E318BEA29095CDDBB4250F50F82C50A5 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:10:49.0489 0x2e08 Object send P2P result: true
17:10:49.0489 0x2e08 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:10:49.0489 0x2e08 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:10:52.0047 0x2e08 Object send P2P result: true
17:10:54.0496 0x2e08 [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:10:54.0496 0x2e08 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:10:54.0496 0x2e08 sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:10:54.0496 0x2e08 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:10:54.0496 0x2e08 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:10:57.0070 0x2e08 Object send P2P result: true
17:10:59.0566 0x2e08 [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:10:59.0566 0x2e08 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:10:59.0566 0x2e08 link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:10:59.0566 0x2e08 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:10:59.0566 0x2e08 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:11:02.0125 0x2e08 Object send P2P result: true
17:11:04.0621 0x2e08 [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:11:04.0621 0x2e08 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:11:04.0621 0x2e08 government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:11:04.0621 0x2e08 Object required for P2P: [ E318BEA29095CDDBB4250F50F82C50A5 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:11:07.0179 0x2e08 Object send P2P result: true
17:11:07.0179 0x2e08 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:11:07.0179 0x2e08 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:11:21.0016 0x2e08 Object send P2P result: true
17:11:23.0871 0x2e08 [ 13D5CE17E15B3E2B25646F359D322A60, B9411CAEB8D87ACBEDAA7591674A25F670D2F9260337A2EF92B88B649EDEFF50 ] C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\manganese_lithium.exe
17:11:23.0887 0x2e08 artificial_intelligence - detected UnsignedFile.Multi.Generic ( 1 )
17:11:26.0367 0x2e08 Object required for P2P: [ 13D5CE17E15B3E2B25646F359D322A60 ] C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\manganese_lithium.exe
17:11:28.0910 0x2e08 Object send P2P result: true
17:11:28.0910 0x2e08 artificial_intelligence ( UnsignedFile.Multi.Generic ) - warning
17:11:31.0426 0x2e08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:11:31.0473 0x2e08 Sidebar - ok
17:11:31.0489 0x2e08 AVG-Secure-Search-Update_JUNE2013_TB - ok
17:11:31.0504 0x2e08 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:11:31.0520 0x2e08 Google Update - ok
17:11:31.0536 0x2e08 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:11:31.0567 0x2e08 mctadmin - ok
17:11:31.0598 0x2e08 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:11:31.0661 0x2e08 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:11:31.0723 0x2e08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:11:31.0780 0x2e08 Sidebar - ok
17:11:31.0782 0x2e08 AVG-Secure-Search-Update_JUNE2013_TB - ok
17:11:31.0802 0x2e08 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:11:31.0818 0x2e08 Google Update - ok
17:11:31.0826 0x2e08 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:11:31.0851 0x2e08 mctadmin - ok
17:11:31.0859 0x2e08 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:11:31.0910 0x2e08 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:11:31.0911 0x2e08 Waiting for KSN requests completion. In queue: 2
17:11:32.0912 0x2e08 Waiting for KSN requests completion. In queue: 2
17:11:33.0912 0x2e08 Waiting for KSN requests completion. In queue: 2
17:11:34.0990 0x2e08 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.420 ), 0x40000 ( disabled : updated )
17:11:35.0068 0x2e08 Win FW state via NFP2: enabled ( trusted )
17:11:37.0468 0x2e08 ============================================================
17:11:37.0468 0x2e08 Scan finished
17:11:37.0468 0x2e08 ============================================================
17:11:37.0481 0x2e00 Detected object count: 10
17:11:37.0481 0x2e00 Actual detected object count: 10
17:12:11.0680 0x2e00 second_harmonic ( UnsignedFile.Multi.Generic ) - skipped by user
17:12:11.0680 0x2e00 second_harmonic ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:12:11.0680 0x2e00 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
17:12:11.0680 0x2e00 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:12:11.0680 0x2e00 amplitude_modulation ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:12:11.0680 0x2e00 amplitude_modulation ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:12:11.0696 0x2e00 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:12:11.0696 0x2e00 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:12:11.0696 0x2e00 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:12:11.0696 0x2e00 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:12:11.0696 0x2e00 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:12:11.0696 0x2e00 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:12:11.0696 0x2e00 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:12:11.0696 0x2e00 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:12:11.0711 0x2e00 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:12:11.0711 0x2e00 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:12:11.0711 0x2e00 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:12:11.0711 0x2e00 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:12:11.0711 0x2e00 artificial_intelligence ( UnsignedFile.Multi.Generic ) - skipped by user
17:12:11.0711 0x2e00 artificial_intelligence ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
23.09.2015, 09:22
| #5 |
| /// the machine /// TB-Ausbilder | Fake Inkasso Email mit Anhang geöffnet Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread. Nochmal mit TDSSKiller scannen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.09.2015, 16:29
| #6 |
| | Fake Inkasso Email mit Anhang geöffnet Hallo Danke für deine Zeit. Ich habe nicht die Auswahlmöglichkeit "Cure". Ich habe zur Auswahl "Skip", "Copy to quarantine" und "Delete". Wie sollte ich fortfahren? Edit: Ich habe solange nochmal bei Allen "Skip" ausgewählt, solange du offline bist. Diesmal hat er auch mehr als zuletzt gefunden, deswegen hänge ich nochmal den Log mit an. Gruß Tom Geändert von tom0140 (23.09.2015 um 16:50 Uhr) |
|
23.09.2015, 16:55
| #7 |
| | Fake Inkasso Email mit Anhang geöffnetCode:
ATTFilter 17:21:38.0850 0x2308 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:21:42.0345 0x2308 ============================================================
17:21:42.0345 0x2308 Current date / time: 2015/09/23 17:21:42.0345
17:21:42.0345 0x2308 SystemInfo:
17:21:42.0345 0x2308
17:21:42.0345 0x2308 OS Version: 6.1.7601 ServicePack: 1.0
17:21:42.0345 0x2308 Product type: Workstation
17:21:42.0345 0x2308 ComputerName: TOM-PC
17:21:42.0345 0x2308 UserName: Tom
17:21:42.0345 0x2308 Windows directory: C:\Windows
17:21:42.0345 0x2308 System windows directory: C:\Windows
17:21:42.0345 0x2308 Processor architecture: Intel x86
17:21:42.0345 0x2308 Number of processors: 2
17:21:42.0345 0x2308 Page size: 0x1000
17:21:42.0345 0x2308 Boot type: Normal boot
17:21:42.0345 0x2308 ============================================================
17:21:53.0967 0x2308 KLMD registered as C:\Windows\system32\drivers\63812536.sys
17:21:55.0417 0x2308 System UUID: {41E80AEA-1A26-5AA2-5401-A7B392501519}
17:21:59.0333 0x2308 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:21:59.0333 0x2308 ============================================================
17:21:59.0333 0x2308 \Device\Harddisk0\DR0:
17:21:59.0333 0x2308 MBR partitions:
17:21:59.0333 0x2308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x1B7C4000
17:21:59.0333 0x2308 ============================================================
17:21:59.0380 0x2308 C: <-> \Device\Harddisk0\DR0\Partition1
17:21:59.0395 0x2308 ============================================================
17:21:59.0395 0x2308 Initialize success
17:21:59.0395 0x2308 ============================================================
17:22:11.0971 0x245c ============================================================
17:22:11.0971 0x245c Scan started
17:22:11.0971 0x245c Mode: Manual; SigCheck; TDLFS;
17:22:11.0971 0x245c ============================================================
17:22:11.0971 0x245c KSN ping started
17:22:24.0841 0x245c KSN ping finished: true
17:22:29.0427 0x245c ================ Scan system memory ========================
17:22:29.0427 0x245c System memory - ok
17:22:29.0443 0x245c ================ Scan services =============================
17:22:29.0817 0x245c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:22:30.0145 0x245c 1394ohci - ok
17:22:30.0254 0x245c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:22:30.0285 0x245c ACPI - ok
17:22:30.0317 0x245c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:22:30.0504 0x245c AcpiPmi - ok
17:22:30.0691 0x245c [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:22:30.0753 0x245c AdobeARMservice - ok
17:22:30.0925 0x245c [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:22:30.0941 0x245c AdobeFlashPlayerUpdateSvc - ok
17:22:31.0081 0x245c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:22:31.0112 0x245c adp94xx - ok
17:22:31.0159 0x245c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:22:31.0175 0x245c adpahci - ok
17:22:31.0284 0x245c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:22:31.0315 0x245c adpu320 - ok
17:22:31.0409 0x245c [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:22:31.0518 0x245c AeLookupSvc - ok
17:22:31.0580 0x245c [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
17:22:31.0674 0x245c AFD - ok
17:22:32.0423 0x245c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:22:32.0454 0x245c agp440 - ok
17:22:32.0501 0x245c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:22:32.0516 0x245c aic78xx - ok
17:22:32.0579 0x245c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:22:32.0828 0x245c ALG - ok
17:22:32.0891 0x245c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:22:32.0906 0x245c aliide - ok
17:22:32.0922 0x245c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:22:32.0937 0x245c amdagp - ok
17:22:33.0078 0x245c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:22:33.0093 0x245c amdide - ok
17:22:33.0140 0x245c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:22:33.0281 0x245c AmdK8 - ok
17:22:33.0281 0x245c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:22:33.0452 0x245c AmdPPM - ok
17:22:33.0515 0x245c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:22:33.0530 0x245c amdsata - ok
17:22:33.0608 0x245c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:22:33.0624 0x245c amdsbs - ok
17:22:33.0702 0x245c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:22:33.0717 0x245c amdxata - ok
17:22:33.0733 0x245c Amdxidtun - ok
17:22:34.0201 0x245c [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
17:22:34.0310 0x245c AntiVirMailService - ok
17:22:34.0451 0x245c [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:22:34.0513 0x245c AntiVirSchedulerService - ok
17:22:34.0591 0x245c [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:22:34.0622 0x245c AntiVirService - ok
17:22:34.0763 0x245c [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
17:22:34.0841 0x245c AntiVirWebService - ok
17:22:35.0028 0x245c [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\Windows\system32\drivers\appid.sys
17:22:35.0090 0x245c AppID - ok
17:22:35.0122 0x245c [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:22:35.0558 0x245c AppIDSvc - ok
17:22:35.0730 0x245c [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
17:22:35.0824 0x245c Appinfo - ok
17:22:35.0886 0x245c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:22:36.0104 0x245c AppMgmt - ok
17:22:36.0167 0x245c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:22:36.0182 0x245c arc - ok
17:22:36.0214 0x245c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:22:36.0245 0x245c arcsas - ok
17:22:36.0401 0x245c [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:22:36.0416 0x245c aspnet_state - ok
17:22:36.0448 0x245c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:22:36.0822 0x245c AsyncMac - ok
17:22:37.0040 0x245c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:22:37.0056 0x245c atapi - ok
17:22:37.0352 0x245c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:22:37.0713 0x245c AudioEndpointBuilder - ok
17:22:37.0729 0x245c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:22:37.0760 0x245c Audiosrv - ok
17:22:38.0056 0x245c [ 0FFC36573D7541155F84AC8F8F9D87A6, 50CE44B544CF365C4E99133C69582154C58DEB263892E3EF02C9886C8D652F60 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:22:38.0088 0x245c avgntflt - ok
17:22:38.0166 0x245c [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
17:22:38.0181 0x245c avgtp - ok
17:22:38.0259 0x245c [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:22:38.0275 0x245c avipbb - ok
17:22:38.0384 0x245c [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:22:38.0400 0x245c avkmgr - ok
17:22:38.0493 0x245c [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:22:38.0509 0x245c avnetflt - ok
17:22:38.0587 0x245c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:22:38.0805 0x245c AxInstSV - ok
17:22:38.0883 0x245c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:22:39.0070 0x245c b06bdrv - ok
17:22:39.0133 0x245c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:22:39.0226 0x245c b57nd60x - ok
17:22:39.0289 0x245c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:22:39.0523 0x245c BDESVC - ok
17:22:39.0554 0x245c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:22:39.0882 0x245c Beep - ok
17:22:39.0975 0x245c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:22:40.0209 0x245c BFE - ok
17:22:40.0256 0x245c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
17:22:40.0443 0x245c BITS - ok
17:22:40.0459 0x245c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:22:40.0646 0x245c blbdrive - ok
17:22:40.0708 0x245c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:22:40.0771 0x245c bowser - ok
17:22:40.0896 0x245c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:22:41.0114 0x245c BrFiltLo - ok
17:22:41.0130 0x245c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:22:41.0192 0x245c BrFiltUp - ok
17:22:41.0239 0x245c [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
17:22:41.0348 0x245c Bridge - ok
17:22:41.0364 0x245c [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:22:41.0379 0x245c BridgeMP - ok
17:22:41.0738 0x245c [ 48977666C1B9368507B473F86DC4FCC9, 25FF4AC81C765B11F3DE24B8C212B6BA3AFA151C05FF360575F65D7EFCCDA124 ] brownout C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\parallel.exe
17:22:41.0754 0x245c brownout - detected UnsignedFile.Multi.Generic ( 1 )
17:22:44.0296 0x245c brownout ( UnsignedFile.Multi.Generic ) - warning
17:22:44.0296 0x245c Force sending object to P2P due to detect: brownout
17:22:47.0058 0x245c Object send P2P result: true
17:22:49.0772 0x245c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:22:49.0912 0x245c Browser - ok
17:22:49.0944 0x245c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:22:50.0053 0x245c Brserid - ok
17:22:50.0146 0x245c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:22:50.0209 0x245c BrSerWdm - ok
17:22:50.0256 0x245c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:22:50.0287 0x245c BrUsbMdm - ok
17:22:50.0334 0x245c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:22:50.0380 0x245c BrUsbSer - ok
17:22:50.0490 0x245c [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:22:50.0724 0x245c BthEnum - ok
17:22:50.0739 0x245c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:22:50.0911 0x245c BTHMODEM - ok
17:22:50.0989 0x245c [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:22:51.0036 0x245c BthPan - ok
17:22:51.0114 0x245c [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:22:51.0223 0x245c BTHPORT - ok
17:22:51.0348 0x245c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:22:51.0441 0x245c bthserv - ok
17:22:51.0488 0x245c [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:22:51.0566 0x245c BTHUSB - ok
17:22:51.0628 0x245c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:22:51.0706 0x245c cdfs - ok
17:22:51.0738 0x245c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:22:51.0800 0x245c cdrom - ok
17:22:51.0847 0x245c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:22:51.0940 0x245c CertPropSvc - ok
17:22:52.0050 0x245c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:22:52.0128 0x245c circlass - ok
17:22:52.0206 0x245c [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
17:22:52.0221 0x245c CLFS - ok
17:22:52.0330 0x245c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:22:52.0346 0x245c clr_optimization_v2.0.50727_32 - ok
17:22:52.0424 0x245c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:22:52.0440 0x245c clr_optimization_v4.0.30319_32 - ok
17:22:52.0486 0x245c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:22:52.0564 0x245c CmBatt - ok
17:22:52.0658 0x245c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:22:52.0674 0x245c cmdide - ok
17:22:52.0798 0x245c [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
17:22:53.0032 0x245c CNG - ok
17:22:53.0095 0x245c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:22:53.0110 0x245c Compbatt - ok
17:22:53.0188 0x245c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:22:53.0266 0x245c CompositeBus - ok
17:22:53.0266 0x245c COMSysApp - ok
17:22:53.0344 0x245c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:22:53.0344 0x245c crcdisk - ok
17:22:53.0485 0x245c [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:22:53.0703 0x245c CryptSvc - ok
17:22:53.0781 0x245c [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
17:22:53.0875 0x245c CSC - ok
17:22:53.0937 0x245c [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
17:22:54.0031 0x245c CscService - ok
17:22:54.0187 0x245c [ 90F8539FA0DE4AAFE4FDBE7F95D6A512, 8F788EB5788CC04D53728FADF72114E0A12CC6F66B6A84EA7C7293722AC76137 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:22:54.0202 0x245c dc3d - ok
17:22:54.0249 0x245c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
17:22:54.0296 0x245c DcomLaunch - ok
17:22:54.0405 0x245c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:22:54.0561 0x245c defragsvc - ok
17:22:54.0639 0x245c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:22:54.0717 0x245c DfsC - ok
17:22:54.0764 0x245c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:22:54.0795 0x245c Dhcp - ok
17:22:54.0951 0x245c [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
17:22:55.0138 0x245c DiagTrack - ok
17:22:55.0170 0x245c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:22:55.0294 0x245c discache - ok
17:22:55.0341 0x245c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:22:55.0357 0x245c Disk - ok
17:22:55.0450 0x245c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:22:55.0575 0x245c Dnscache - ok
17:22:55.0653 0x245c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:22:55.0762 0x245c dot3svc - ok
17:22:55.0809 0x245c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:22:55.0887 0x245c DPS - ok
17:22:56.0012 0x245c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:22:56.0121 0x245c drmkaud - ok
17:22:56.0184 0x245c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:22:56.0246 0x245c DXGKrnl - ok
17:22:56.0293 0x245c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:22:56.0402 0x245c EapHost - ok
17:22:56.0589 0x245c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:22:56.0839 0x245c ebdrv - ok
17:22:56.0948 0x245c [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\Windows\System32\lsass.exe
17:22:57.0026 0x245c EFS - ok
17:22:57.0322 0x245c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:22:57.0463 0x245c ehRecvr - ok
17:22:57.0494 0x245c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:22:57.0650 0x245c ehSched - ok
17:22:57.0697 0x245c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:22:57.0744 0x245c elxstor - ok
17:22:57.0837 0x245c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:22:57.0915 0x245c ErrDev - ok
17:22:58.0009 0x245c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:22:58.0118 0x245c EventSystem - ok
17:22:58.0149 0x245c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:22:58.0336 0x245c exfat - ok
17:22:58.0477 0x245c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:22:58.0633 0x245c fastfat - ok
17:22:58.0695 0x245c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:22:58.0867 0x245c Fax - ok
17:22:58.0914 0x245c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:22:59.0054 0x245c fdc - ok
17:22:59.0116 0x245c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:22:59.0272 0x245c fdPHost - ok
17:22:59.0288 0x245c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:22:59.0335 0x245c FDResPub - ok
17:22:59.0366 0x245c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:22:59.0382 0x245c FileInfo - ok
17:22:59.0444 0x245c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:22:59.0506 0x245c Filetrace - ok
17:22:59.0538 0x245c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:22:59.0662 0x245c flpydisk - ok
17:22:59.0694 0x245c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:22:59.0725 0x245c FltMgr - ok
17:22:59.0818 0x245c [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\Windows\system32\FntCache.dll
17:23:00.0006 0x245c FontCache - ok
17:23:00.0193 0x245c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:23:00.0208 0x245c FontCache3.0.0.0 - ok
17:23:00.0302 0x245c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:23:00.0318 0x245c FsDepends - ok
17:23:00.0505 0x245c [ 2B3BF55BA74EB8118F67AB2B450B8EA9, 6D09D75105FE374E0865A2E5C1F9460AF938B6F62604F0C97B31ED9ADD4AFF4E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:23:00.0520 0x245c fssfltr - ok
17:23:00.0754 0x245c [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:23:00.0848 0x245c fsssvc - ok
17:23:01.0066 0x245c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:23:01.0332 0x245c Fs_Rec - ok
17:23:01.0566 0x245c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:23:01.0628 0x245c fvevol - ok
17:23:01.0690 0x245c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:23:01.0722 0x245c gagp30kx - ok
17:23:02.0439 0x245c [ 007AEA2E06E7CEF7372E40C277163959, 805906ADC7C5473B767932A552FEC7500D0F3F7CB45D8DEFE6A1567F2038EF88 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
17:23:02.0470 0x245c ggflt - ok
17:23:02.0548 0x245c [ C73DE35960CA75C5AB4AE636B127C64E, 0C22EECD64CC06AB820ED6A2E76FBC7AB072379FD14837CF95BA3EF105ABB745 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
17:23:02.0580 0x245c ggsemc - ok
17:23:02.0626 0x245c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
17:23:03.0812 0x245c gpsvc - ok
17:23:03.0937 0x245c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:23:03.0952 0x245c gupdate - ok
17:23:03.0968 0x245c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:23:03.0984 0x245c gupdatem - ok
17:23:04.0140 0x245c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:23:04.0436 0x245c hcw85cir - ok
17:23:04.0498 0x245c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:23:04.0514 0x245c HdAudAddService - ok
17:23:04.0561 0x245c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:23:04.0576 0x245c HDAudBus - ok
17:23:05.0434 0x245c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:23:05.0668 0x245c HidBatt - ok
17:23:05.0731 0x245c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:23:05.0918 0x245c HidBth - ok
17:23:05.0949 0x245c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:23:06.0090 0x245c HidIr - ok
17:23:06.0136 0x245c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:23:06.0277 0x245c hidserv - ok
17:23:06.0355 0x245c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:23:06.0448 0x245c HidUsb - ok
17:23:06.0495 0x245c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:23:06.0573 0x245c hkmsvc - ok
17:23:06.0620 0x245c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:23:06.0745 0x245c HomeGroupListener - ok
17:23:06.0823 0x245c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:23:07.0026 0x245c HomeGroupProvider - ok
17:23:07.0088 0x245c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:23:07.0135 0x245c HpSAMD - ok
17:23:07.0260 0x245c [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:23:07.0306 0x245c HTTP - ok
17:23:07.0353 0x245c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:23:07.0369 0x245c hwpolicy - ok
17:23:07.0384 0x245c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:23:07.0762 0x245c i8042prt - ok
17:23:07.0824 0x245c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:23:07.0871 0x245c iaStorV - ok
17:23:08.0058 0x245c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:23:08.0183 0x245c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:23:10.0663 0x245c Detect skipped due to KSN trusted
17:23:10.0663 0x245c IDriverT - ok
17:23:10.0788 0x245c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:23:11.0038 0x245c idsvc - ok
17:23:11.0100 0x245c IEEtwCollectorService - ok
17:23:11.0131 0x245c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:23:11.0147 0x245c iirsp - ok
17:23:11.0225 0x245c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
17:23:11.0287 0x245c IKEEXT - ok
17:23:11.0303 0x245c IntcAzAudAddService - ok
17:23:11.0334 0x245c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:23:11.0350 0x245c intelide - ok
17:23:11.0428 0x245c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:23:11.0443 0x245c intelppm - ok
17:23:11.0521 0x245c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:23:11.0615 0x245c IPBusEnum - ok
17:23:11.0724 0x245c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:23:11.0911 0x245c IpFilterDriver - ok
17:23:11.0958 0x245c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:23:12.0083 0x245c iphlpsvc - ok
17:23:12.0161 0x245c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:23:12.0270 0x245c IPMIDRV - ok
17:23:12.0473 0x245c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:23:12.0707 0x245c IPNAT - ok
17:23:12.0723 0x245c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:23:12.0879 0x245c IRENUM - ok
17:23:12.0894 0x245c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:23:12.0925 0x245c isapnp - ok
17:23:12.0957 0x245c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:23:12.0972 0x245c iScsiPrt - ok
17:23:13.0066 0x245c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:23:13.0081 0x245c kbdclass - ok
17:23:13.0128 0x245c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:23:13.0144 0x245c kbdhid - ok
17:23:13.0175 0x245c [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\Windows\system32\lsass.exe
17:23:13.0191 0x245c KeyIso - ok
17:23:13.0300 0x245c [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:23:13.0347 0x245c KSecDD - ok
17:23:13.0456 0x245c [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:23:13.0471 0x245c KSecPkg - ok
17:23:13.0549 0x245c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:23:14.0267 0x245c KtmRm - ok
17:23:14.0329 0x245c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:23:14.0376 0x245c LanmanServer - ok
17:23:14.0439 0x245c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:23:14.0563 0x245c LanmanWorkstation - ok
17:23:14.0610 0x245c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:23:14.0751 0x245c lltdio - ok
17:23:14.0829 0x245c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:23:15.0749 0x245c lltdsvc - ok
17:23:15.0858 0x245c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:23:15.0952 0x245c lmhosts - ok
17:23:15.0999 0x245c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:23:16.0014 0x245c LSI_FC - ok
17:23:16.0123 0x245c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:23:16.0139 0x245c LSI_SAS - ok
17:23:16.0170 0x245c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:23:16.0186 0x245c LSI_SAS2 - ok
17:23:16.0264 0x245c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:23:16.0279 0x245c LSI_SCSI - ok
17:23:16.0311 0x245c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:23:16.0498 0x245c luafv - ok
17:23:16.0545 0x245c [ FDBDEDB746A33BAFC17394D1960ADEAF, 6280BD2559A3A0D058BAAF0BB3719F4BEE5841EC9901452CB6D8319666901876 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
17:23:16.0560 0x245c mbamchameleon - ok
17:23:16.0638 0x245c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:23:17.0059 0x245c Mcx2Svc - ok
17:23:17.0059 0x245c mdmxsdk - ok
17:23:17.0091 0x245c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:23:17.0106 0x245c megasas - ok
17:23:17.0153 0x245c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:23:17.0184 0x245c MegaSR - ok
17:23:17.0496 0x245c Microsoft SharePoint Workspace Audit Service - ok
17:23:17.0559 0x245c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:23:17.0590 0x245c MMCSS - ok
17:23:17.0652 0x245c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:23:17.0808 0x245c Modem - ok
17:23:17.0855 0x245c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:23:17.0933 0x245c monitor - ok
17:23:18.0011 0x245c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:23:18.0027 0x245c mouclass - ok
17:23:18.0073 0x245c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:23:18.0089 0x245c mouhid - ok
17:23:18.0276 0x245c [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:23:18.0292 0x245c mountmgr - ok
17:23:18.0370 0x245c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:23:18.0385 0x245c mpio - ok
17:23:18.0448 0x245c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:23:18.0526 0x245c mpsdrv - ok
17:23:18.0619 0x245c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:23:18.0729 0x245c MpsSvc - ok
17:23:18.0807 0x245c [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:23:18.0869 0x245c MRxDAV - ok
17:23:18.0963 0x245c [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:23:19.0446 0x245c mrxsmb - ok
17:23:19.0524 0x245c [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:23:19.0743 0x245c mrxsmb10 - ok
17:23:19.0805 0x245c [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:23:19.0961 0x245c mrxsmb20 - ok
17:23:20.0008 0x245c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:23:20.0023 0x245c msahci - ok
17:23:20.0070 0x245c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:23:20.0086 0x245c msdsm - ok
17:23:20.0148 0x245c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:23:20.0335 0x245c MSDTC - ok
17:23:20.0429 0x245c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:23:20.0647 0x245c Msfs - ok
17:23:20.0663 0x245c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:23:20.0757 0x245c mshidkmdf - ok
17:23:20.0897 0x245c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:23:20.0913 0x245c msisadrv - ok
17:23:20.0975 0x245c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:23:21.0100 0x245c MSiSCSI - ok
17:23:21.0100 0x245c msiserver - ok
17:23:21.0147 0x245c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:23:21.0178 0x245c MSKSSRV - ok
17:23:21.0225 0x245c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:23:21.0287 0x245c MSPCLOCK - ok
17:23:21.0287 0x245c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:23:21.0349 0x245c MSPQM - ok
17:23:21.0412 0x245c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:23:21.0583 0x245c MsRPC - ok
17:23:21.0630 0x245c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:23:21.0646 0x245c mssmbios - ok
17:23:21.0693 0x245c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:23:21.0802 0x245c MSTEE - ok
17:23:21.0849 0x245c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:23:21.0973 0x245c MTConfig - ok
17:23:22.0020 0x245c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:23:22.0036 0x245c Mup - ok
17:23:22.0098 0x245c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:23:22.0176 0x245c napagent - ok
17:23:22.0301 0x245c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:23:22.0332 0x245c NativeWifiP - ok
17:23:22.0410 0x245c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:23:22.0473 0x245c NDIS - ok
17:23:22.0535 0x245c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:23:22.0566 0x245c NdisCap - ok
17:23:22.0597 0x245c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:23:22.0675 0x245c NdisTapi - ok
17:23:22.0738 0x245c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:23:22.0847 0x245c Ndisuio - ok
17:23:22.0894 0x245c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:23:22.0987 0x245c NdisWan - ok
17:23:23.0065 0x245c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:23:23.0409 0x245c NDProxy - ok
17:23:23.0424 0x245c [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
17:23:23.0440 0x245c Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
17:23:33.0440 0x245c Netaapl ( UnsignedFile.Multi.Generic ) - warning
17:23:33.0440 0x245c Force sending object to P2P due to detect: Netaapl
17:23:37.0091 0x245c Object send P2P result: true
17:23:39.0604 0x245c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:23:39.0823 0x245c NetBIOS - ok
17:23:39.0869 0x245c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:23:39.0994 0x245c NetBT - ok
17:23:40.0041 0x245c [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\Windows\system32\lsass.exe
17:23:40.0072 0x245c Netlogon - ok
17:23:40.0150 0x245c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:23:40.0291 0x245c Netman - ok
17:23:40.0369 0x245c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:23:40.0431 0x245c NetMsmqActivator - ok
17:23:40.0478 0x245c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:23:40.0493 0x245c NetPipeActivator - ok
17:23:40.0571 0x245c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:23:40.0743 0x245c netprofm - ok
17:23:40.0821 0x245c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:23:40.0930 0x245c NetTcpActivator - ok
17:23:41.0024 0x245c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:23:41.0055 0x245c NetTcpPortSharing - ok
17:23:41.0305 0x245c [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
17:23:41.0523 0x245c netw5v32 - ok
17:23:41.0648 0x245c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:23:41.0819 0x245c nfrd960 - ok
17:23:41.0897 0x245c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:23:42.0022 0x245c NlaSvc - ok
17:23:42.0053 0x245c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:23:42.0163 0x245c Npfs - ok
17:23:42.0256 0x245c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:23:42.0287 0x245c nsi - ok
17:23:42.0397 0x245c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:23:42.0475 0x245c nsiproxy - ok
17:23:42.0584 0x245c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:23:42.0849 0x245c Ntfs - ok
17:23:42.0911 0x245c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:23:43.0067 0x245c Null - ok
17:23:43.0130 0x245c [ 7F5D69A031BE0E7BDFB8126E1A212417, E0ECC8D47D9385FC97B962A72F435A94F9AAF88694E84EE8AF7F3D0EBD2C15DC ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
17:23:43.0177 0x245c nuvotoncir - detected UnsignedFile.Multi.Generic ( 1 )
17:23:45.0657 0x245c Detect skipped due to KSN trusted
17:23:45.0657 0x245c nuvotoncir - ok
17:23:46.0125 0x245c [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:23:46.0702 0x245c nvlddmkm - ok
17:23:46.0811 0x245c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:23:46.0843 0x245c nvraid - ok
17:23:46.0905 0x245c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:23:46.0983 0x245c nvstor - ok
17:23:47.0139 0x245c [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:23:47.0217 0x245c nvsvc - ok
17:23:47.0311 0x245c [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:23:47.0467 0x245c nvUpdatusService - ok
17:23:47.0498 0x245c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:23:47.0529 0x245c nv_agp - ok
17:23:47.0623 0x245c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:23:47.0669 0x245c ohci1394 - ok
17:23:47.0794 0x245c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:23:47.0825 0x245c ose - ok
17:23:48.0091 0x245c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:23:48.0325 0x245c osppsvc - ok
17:23:48.0387 0x245c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:23:48.0496 0x245c p2pimsvc - ok
17:23:48.0527 0x245c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:23:48.0605 0x245c p2psvc - ok
17:23:48.0668 0x245c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:23:48.0699 0x245c Parport - ok
17:23:48.0730 0x245c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:23:48.0777 0x245c partmgr - ok
17:23:48.0793 0x245c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:23:48.0839 0x245c Parvdm - ok
17:23:48.0886 0x245c [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
17:23:48.0964 0x245c PcaSvc - ok
17:23:48.0980 0x245c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:23:48.0995 0x245c pci - ok
17:23:49.0027 0x245c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:23:49.0058 0x245c pciide - ok
17:23:49.0120 0x245c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:23:49.0136 0x245c pcmcia - ok
17:23:49.0151 0x245c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:23:49.0167 0x245c pcw - ok
17:23:49.0229 0x245c [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:23:49.0307 0x245c PEAUTH - ok
17:23:49.0385 0x245c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:23:49.0510 0x245c PeerDistSvc - ok
17:23:49.0682 0x245c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:23:49.0822 0x245c pla - ok
17:23:49.0885 0x245c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:23:49.0947 0x245c PlugPlay - ok
17:23:49.0978 0x245c [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:23:49.0994 0x245c PnkBstrA - ok
17:23:50.0025 0x245c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:23:50.0134 0x245c PNRPAutoReg - ok
17:23:50.0150 0x245c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:23:50.0197 0x245c PNRPsvc - ok
17:23:50.0275 0x245c [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32 C:\Windows\system32\DRIVERS\point32.sys
17:23:50.0290 0x245c Point32 - ok
17:23:50.0337 0x245c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:23:50.0431 0x245c PolicyAgent - ok
17:23:50.0477 0x245c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:23:50.0555 0x245c Power - ok
17:23:50.0587 0x245c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:23:50.0633 0x245c PptpMiniport - ok
17:23:50.0649 0x245c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:23:50.0758 0x245c Processor - ok
17:23:50.0852 0x245c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
17:23:50.0945 0x245c ProfSvc - ok
17:23:50.0961 0x245c [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:23:50.0977 0x245c ProtectedStorage - ok
17:23:51.0023 0x245c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:23:51.0086 0x245c Psched - ok
17:23:51.0179 0x245c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:23:51.0304 0x245c ql2300 - ok
17:23:51.0320 0x245c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:23:51.0335 0x245c ql40xx - ok
17:23:51.0382 0x245c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:23:51.0476 0x245c QWAVE - ok
17:23:51.0507 0x245c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:23:51.0523 0x245c QWAVEdrv - ok
17:23:51.0585 0x245c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:23:51.0632 0x245c RasAcd - ok
17:23:51.0663 0x245c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:23:51.0710 0x245c RasAgileVpn - ok
17:23:51.0741 0x245c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:23:51.0772 0x245c RasAuto - ok
17:23:51.0819 0x245c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:23:51.0850 0x245c Rasl2tp - ok
17:23:51.0928 0x245c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:23:52.0022 0x245c RasMan - ok
17:23:52.0084 0x245c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:23:52.0131 0x245c RasPppoe - ok
17:23:52.0162 0x245c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:23:52.0303 0x245c RasSstp - ok
17:23:52.0365 0x245c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:23:52.0427 0x245c rdbss - ok
17:23:52.0490 0x245c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:23:52.0505 0x245c rdpbus - ok
17:23:52.0552 0x245c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:23:52.0615 0x245c RDPCDD - ok
17:23:52.0693 0x245c [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:23:52.0739 0x245c RDPDR - ok
17:23:52.0755 0x245c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:23:52.0817 0x245c RDPENCDD - ok
17:23:52.0942 0x245c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:23:53.0145 0x245c RDPREFMP - ok
17:23:53.0192 0x245c [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:23:53.0379 0x245c RdpVideoMiniport - ok
17:23:53.0410 0x245c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:23:53.0535 0x245c RDPWD - ok
17:23:53.0597 0x245c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:23:53.0613 0x245c rdyboost - ok
17:23:53.0675 0x245c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:23:53.0738 0x245c RemoteAccess - ok
17:23:53.0785 0x245c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:23:53.0894 0x245c RemoteRegistry - ok
17:23:53.0972 0x245c [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:23:54.0003 0x245c RFCOMM - ok
17:23:54.0065 0x245c [ 7A6648B61661B1421FFAB762E391E33F, D1CDEE8C53EF3D6E72DB4C1D9DD351BFE9804BB0BE1419245B4ABE16679FC5A2 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:23:54.0190 0x245c rimmptsk - ok
17:23:54.0206 0x245c [ D0A35B7670AA3558EAAB483F64446496, F70976D0214D3D52CCCE552EBC93548A39458B1F8C2D9D1257C4892BF85393E3 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:23:54.0237 0x245c rimsptsk - ok
17:23:54.0393 0x245c [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:23:54.0409 0x245c rismxdp - ok
17:23:54.0502 0x245c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:23:54.0565 0x245c RpcEptMapper - ok
17:23:54.0611 0x245c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:23:54.0643 0x245c RpcLocator - ok
17:23:54.0674 0x245c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
17:23:54.0721 0x245c RpcSs - ok
17:23:54.0752 0x245c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:23:54.0799 0x245c rspndr - ok
17:23:54.0908 0x245c [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:23:54.0970 0x245c s3cap - ok
17:23:55.0095 0x245c [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\Windows\system32\lsass.exe
17:23:55.0111 0x245c SamSs - ok
17:23:55.0142 0x245c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:23:55.0157 0x245c sbp2port - ok
17:23:55.0220 0x245c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:23:55.0251 0x245c SCardSvr - ok
17:23:55.0282 0x245c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:23:55.0345 0x245c scfilter - ok
17:23:55.0438 0x245c [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
17:23:55.0579 0x245c Schedule - ok
17:23:55.0766 0x245c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:23:55.0797 0x245c SCPolicySvc - ok
17:23:55.0844 0x245c [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:23:55.0875 0x245c sdbus - ok
17:23:55.0953 0x245c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:23:55.0984 0x245c SDRSVC - ok
17:23:56.0015 0x245c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:23:56.0047 0x245c secdrv - ok
17:23:56.0125 0x245c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
17:23:56.0203 0x245c seclogon - ok
17:23:56.0343 0x245c [ A1DA2F0B5BE2B37251611FB5CA7D60BD, 6D46C6CB584145A37C55A85B1A56A67FA0CA7DA90A9F6E5A6AC9CD676FE0A7ED ] second_harmonic C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\supervisor.exe
17:23:56.0374 0x245c second_harmonic - detected UnsignedFile.Multi.Generic ( 1 )
17:23:58.0855 0x245c second_harmonic ( UnsignedFile.Multi.Generic ) - warning
17:24:01.0366 0x245c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:24:01.0444 0x245c SENS - ok
17:24:01.0475 0x245c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:24:01.0569 0x245c SensrSvc - ok
17:24:01.0616 0x245c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:24:01.0631 0x245c Serenum - ok
17:24:01.0663 0x245c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:24:01.0709 0x245c Serial - ok
17:24:01.0756 0x245c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:24:01.0787 0x245c sermouse - ok
17:24:01.0865 0x245c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:24:01.0897 0x245c SessionEnv - ok
17:24:01.0990 0x245c [ 4C0D673281178CB496011A2E28571FC8, 14CFB50F3EA987C4485475B2E5EC85C137949911495245F29FE64723C909C9E8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
17:24:02.0021 0x245c sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
17:24:04.0595 0x245c Detect skipped due to KSN trusted
17:24:04.0595 0x245c sfdrv01 - ok
17:24:04.0829 0x245c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:24:04.0939 0x245c sffdisk - ok
17:24:04.0954 0x245c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:24:05.0079 0x245c sffp_mmc - ok
17:24:05.0141 0x245c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:24:05.0219 0x245c sffp_sd - ok
17:24:05.0329 0x245c [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
17:24:05.0329 0x245c sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
17:24:07.0816 0x245c Detect skipped due to KSN trusted
17:24:07.0816 0x245c sfhlp02 - ok
17:24:07.0941 0x245c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:24:07.0972 0x245c sfloppy - ok
17:24:08.0081 0x245c [ EFEBBC1D13FDB77A6AF4EDDFC7232EDF, 32888536C6E632DF78EC09A4CFB990B08ED75DB049DDF2612F548CC8FEB8D503 ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
17:24:08.0112 0x245c sfsync02 - detected UnsignedFile.Multi.Generic ( 1 )
17:24:10.0593 0x245c Detect skipped due to KSN trusted
17:24:10.0593 0x245c sfsync02 - ok
17:24:10.0702 0x245c [ D5A7E09D2C6A702809E49190D52ADC9F, 7B3226A7C8C954A04B4543AFAA3079AA9A306E00CBD81346F952B40804608A87 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
17:24:10.0702 0x245c sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
17:24:13.0198 0x245c Detect skipped due to KSN trusted
17:24:13.0198 0x245c sfvfs02 - ok
17:24:13.0292 0x245c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:24:13.0338 0x245c SharedAccess - ok
17:24:13.0385 0x245c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:24:13.0448 0x245c ShellHWDetection - ok
17:24:13.0479 0x245c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:24:13.0494 0x245c sisagp - ok
17:24:13.0526 0x245c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:24:13.0541 0x245c SiSRaid2 - ok
17:24:13.0572 0x245c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:24:13.0588 0x245c SiSRaid4 - ok
17:24:13.0604 0x245c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:24:13.0635 0x245c Smb - ok
17:24:13.0697 0x245c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:24:13.0728 0x245c SNMPTRAP - ok
17:24:13.0775 0x245c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:24:13.0791 0x245c spldr - ok
17:24:13.0838 0x245c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
17:24:13.0884 0x245c Spooler - ok
17:24:14.0040 0x245c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:24:14.0243 0x245c sppsvc - ok
17:24:14.0306 0x245c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:24:14.0352 0x245c sppuinotify - ok
17:24:14.0415 0x245c [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\Windows\system32\Drivers\sptd.sys
17:24:14.0415 0x245c Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
17:24:14.0430 0x245c sptd - detected LockedFile.Multi.Generic ( 1 )
17:24:16.0911 0x245c Detect skipped due to KSN trusted
17:24:16.0911 0x245c sptd - ok
17:24:16.0958 0x245c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:24:17.0020 0x245c srv - ok
17:24:17.0036 0x245c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:24:17.0114 0x245c srv2 - ok
17:24:17.0223 0x245c [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:24:17.0301 0x245c SrvHsfHDA - ok
17:24:17.0363 0x245c [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:24:17.0566 0x245c SrvHsfV92 - ok
17:24:17.0769 0x245c [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:24:17.0831 0x245c SrvHsfWinac - ok
17:24:17.0909 0x245c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:24:18.0081 0x245c srvnet - ok
17:24:18.0268 0x245c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:24:18.0330 0x245c SSDPSRV - ok
17:24:18.0393 0x245c [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:24:18.0471 0x245c ssmdrv - ok
17:24:18.0564 0x245c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:24:18.0596 0x245c SstpSvc - ok
17:24:18.0611 0x245c Steam Client Service - ok
17:24:18.0720 0x245c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:24:18.0736 0x245c stexstor - ok
17:24:18.0876 0x245c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:24:19.0001 0x245c StiSvc - ok
17:24:19.0064 0x245c [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:24:19.0110 0x245c storflt - ok
17:24:19.0235 0x245c [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:24:19.0251 0x245c storvsc - ok
17:24:19.0266 0x245c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
17:24:19.0282 0x245c swenum - ok
17:24:19.0376 0x245c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:24:19.0422 0x245c swprv - ok
17:24:19.0438 0x245c Synth3dVsc - ok
17:24:19.0610 0x245c [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
17:24:19.0875 0x245c SysMain - ok
17:24:19.0984 0x245c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:24:20.0015 0x245c TabletInputService - ok
17:24:20.0140 0x245c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:24:20.0234 0x245c TapiSrv - ok
17:24:20.0280 0x245c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
17:24:20.0358 0x245c TBS - ok
17:24:20.0452 0x245c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:24:20.0577 0x245c Tcpip - ok
17:24:20.0702 0x245c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:24:20.0748 0x245c TCPIP6 - ok
17:24:20.0780 0x245c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:24:20.0795 0x245c tcpipreg - ok
17:24:20.0967 0x245c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:24:20.0998 0x245c TDPIPE - ok
17:24:21.0014 0x245c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:24:21.0029 0x245c TDTCP - ok
17:24:21.0123 0x245c [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:24:21.0326 0x245c tdx - ok
17:24:21.0435 0x245c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:24:21.0450 0x245c TermDD - ok
17:24:21.0513 0x245c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
17:24:21.0606 0x245c TermService - ok
17:24:21.0669 0x245c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:24:21.0794 0x245c Themes - ok
17:24:21.0794 0x245c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:24:21.0825 0x245c THREADORDER - ok
17:24:21.0856 0x245c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:24:21.0950 0x245c TrkWks - ok
17:24:22.0012 0x245c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:24:22.0043 0x245c TrustedInstaller - ok
17:24:22.0106 0x245c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:24:22.0121 0x245c tssecsrv - ok
17:24:22.0184 0x245c [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:24:22.0589 0x245c TsUsbFlt - ok
17:24:22.0605 0x245c tsusbhub - ok
17:24:22.0776 0x245c [ CDDB80CAE568A7068F2C4440390D4B68, ED9D3E46C1BCF9E00D353014DD5ED893EC8949F213317776D8244D92EB9E1F08 ] TT1724ht C:\Windows\system32\drivers\TT1724ht.sys
17:24:22.0792 0x245c TT1724ht - ok
17:24:22.0823 0x245c [ 1155503966912F49B2AFD2E58C5E5856, 10F21DB4AE466B7905BBED0F60DA725F1AB61C85DABAD8585E68D5288DBF7DE4 ] TT1724sa C:\Windows\system32\drivers\TT1724sa.sys
17:24:23.0322 0x245c TT1724sa - ok
17:24:23.0697 0x245c [ AF5F31156EE89D35AD6EC3179A805D23, 92CF2FF24963589157DCD6F79A75D9918EC4C002E9C1CD74A14BE084E833DA88 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
17:24:23.0822 0x245c TuneUp.UtilitiesSvc - ok
17:24:23.0868 0x245c [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
17:24:23.0884 0x245c TuneUpUtilitiesDrv - ok
17:24:23.0931 0x245c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:24:23.0978 0x245c tunnel - ok
17:24:23.0993 0x245c uafilter - ok
17:24:24.0087 0x245c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:24:24.0102 0x245c uagp35 - ok
17:24:24.0149 0x245c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:24:24.0180 0x245c udfs - ok
17:24:24.0258 0x245c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:24:24.0399 0x245c UI0Detect - ok
17:24:24.0820 0x245c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:24:25.0007 0x245c uliagpkx - ok
17:24:25.0413 0x245c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:24:25.0709 0x245c umbus - ok
17:24:25.0818 0x245c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:24:25.0881 0x245c UmPass - ok
17:24:26.0037 0x245c [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
17:24:26.0099 0x245c UmRdpService - ok
17:24:26.0271 0x245c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:24:26.0333 0x245c upnphost - ok
17:24:26.0474 0x245c [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:24:26.0489 0x245c USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
17:24:28.0939 0x245c Detect skipped due to KSN trusted
17:24:28.0939 0x245c USBAAPL - ok
17:24:29.0063 0x245c [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:24:29.0188 0x245c usbaudio - ok
17:24:29.0219 0x245c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:24:29.0453 0x245c usbccgp - ok
17:24:29.0516 0x245c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:24:29.0656 0x245c usbcir - ok
17:24:29.0781 0x245c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:24:30.0561 0x245c usbehci - ok
17:24:30.0655 0x245c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:24:31.0154 0x245c usbhub - ok
17:24:31.0341 0x245c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:24:31.0419 0x245c usbohci - ok
17:24:31.0591 0x245c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:24:31.0700 0x245c usbprint - ok
17:24:31.0840 0x245c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:24:32.0137 0x245c USBSTOR - ok
17:24:32.0199 0x245c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:24:32.0261 0x245c usbuhci - ok
17:24:32.0308 0x245c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:24:32.0324 0x245c usbvideo - ok
17:24:32.0386 0x245c [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:24:32.0433 0x245c usb_rndisx - ok
17:24:32.0558 0x245c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:24:32.0636 0x245c UxSms - ok
17:24:32.0745 0x245c [ 6275822AC454A8A831D063841A4DBB5D, 8CB06BE21F0B902695C2846BA9E49327A07D691EBB37A81EF171805630411365 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:24:32.0761 0x245c UxTuneUp - ok
17:24:32.0823 0x245c [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\Windows\system32\lsass.exe
17:24:32.0870 0x245c VaultSvc - ok
17:24:33.0135 0x245c [ 1CDAA48CB2F7744B8D25650E050766A5, 97C7BDEAFFDAD337F4101860061BCCE6C519343B7EEEB72C3AD450B59DACCA66 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:24:33.0182 0x245c VClone - ok
17:24:33.0229 0x245c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:24:33.0244 0x245c vdrvroot - ok
17:24:33.0400 0x245c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:24:33.0463 0x245c vds - ok
17:24:33.0587 0x245c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:24:33.0650 0x245c vga - ok
17:24:33.0775 0x245c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:24:33.0853 0x245c VgaSave - ok
17:24:33.0853 0x245c VGPU - ok
17:24:33.0946 0x245c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:24:33.0962 0x245c vhdmp - ok
17:24:33.0993 0x245c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:24:34.0009 0x245c viaagp - ok
17:24:34.0040 0x245c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:24:34.0102 0x245c ViaC7 - ok
17:24:34.0149 0x245c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:24:34.0165 0x245c viaide - ok
17:24:34.0321 0x245c [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:24:34.0336 0x245c vmbus - ok
17:24:34.0508 0x245c [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:24:34.0523 0x245c VMBusHID - ok
17:24:34.0555 0x245c [ 3B8F222B23917C041E4DA29CCC57E7D0, 2764C7A11FD5672FBF72CDD4331F1895B5084664919AD4FC855DFDD451403D4C ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
17:24:34.0586 0x245c vncmirror - ok
17:24:34.0617 0x245c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:24:34.0633 0x245c volmgr - ok
17:24:34.0711 0x245c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:24:34.0726 0x245c volmgrx - ok
17:24:34.0789 0x245c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:24:34.0804 0x245c volsnap - ok
17:24:34.0835 0x245c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:24:34.0867 0x245c vsmraid - ok
17:24:34.0991 0x245c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:24:35.0132 0x245c VSS - ok
17:24:35.0194 0x245c vToolbarUpdater18.0.5 - ok
17:24:35.0225 0x245c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:24:35.0272 0x245c vwifibus - ok
17:24:35.0350 0x245c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:24:35.0428 0x245c W32Time - ok
17:24:35.0491 0x245c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:24:35.0506 0x245c WacomPen - ok
17:24:36.0629 0x245c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:24:36.0661 0x245c WANARP - ok
17:24:36.0676 0x245c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:24:36.0707 0x245c Wanarpv6 - ok
17:24:36.0910 0x245c [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:24:37.0004 0x245c WatAdminSvc - ok
17:24:37.0097 0x245c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:24:37.0222 0x245c wbengine - ok
17:24:37.0269 0x245c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:24:37.0300 0x245c WbioSrvc - ok
17:24:37.0378 0x245c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:24:37.0409 0x245c wcncsvc - ok
17:24:37.0472 0x245c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:24:37.0612 0x245c WcsPlugInService - ok
17:24:37.0721 0x245c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:24:37.0737 0x245c Wd - ok
17:24:37.0799 0x245c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:24:37.0846 0x245c Wdf01000 - ok
17:24:37.0909 0x245c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:24:37.0973 0x245c WdiServiceHost - ok
17:24:37.0989 0x245c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:24:38.0020 0x245c WdiSystemHost - ok
17:24:38.0067 0x245c [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
17:24:38.0301 0x245c WebClient - ok
17:24:38.0394 0x245c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:24:38.0441 0x245c Wecsvc - ok
17:24:38.0597 0x245c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:24:38.0737 0x245c wercplsupport - ok
17:24:38.0769 0x245c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:24:38.0925 0x245c WerSvc - ok
17:24:38.0956 0x245c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:24:39.0018 0x245c WfpLwf - ok
17:24:39.0112 0x245c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:24:39.0127 0x245c WIMMount - ok
17:24:39.0143 0x245c [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
17:24:39.0283 0x245c winbondcir - ok
17:24:39.0517 0x245c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:24:39.0642 0x245c WinDefend - ok
17:24:39.0783 0x245c WinHttpAutoProxySvc - ok
17:24:39.0923 0x245c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:24:39.0954 0x245c Winmgmt - ok
17:24:40.0048 0x245c [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
17:24:40.0219 0x245c WinRM - ok
17:24:40.0344 0x245c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:24:40.0438 0x245c WinUsb - ok
17:24:40.0531 0x245c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:24:40.0641 0x245c Wlansvc - ok
17:24:40.0968 0x245c [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:24:41.0093 0x245c wlidsvc - ok
17:24:41.0124 0x245c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:24:41.0155 0x245c WmiAcpi - ok
17:24:41.0233 0x245c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:24:41.0311 0x245c wmiApSrv - ok
17:24:41.0405 0x245c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:24:41.0623 0x245c WMPNetworkSvc - ok
17:24:41.0701 0x245c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:24:41.0748 0x245c WPCSvc - ok
17:24:41.0795 0x245c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:24:41.0842 0x245c WPDBusEnum - ok
17:24:41.0935 0x245c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:24:41.0967 0x245c ws2ifsl - ok
17:24:42.0013 0x245c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
17:24:42.0060 0x245c wscsvc - ok
17:24:42.0341 0x245c [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:24:42.0778 0x245c WSDPrintDevice - ok
17:24:42.0793 0x245c WSearch - ok
17:24:43.0558 0x245c [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\Windows\system32\wuaueng.dll
17:24:43.0761 0x245c wuauserv - ok
17:24:43.0839 0x245c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:24:43.0901 0x245c WudfPf - ok
17:24:43.0948 0x245c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:24:43.0963 0x245c WUDFRd - ok
17:24:44.0073 0x245c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:24:44.0104 0x245c wudfsvc - ok
17:24:44.0151 0x245c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:24:44.0275 0x245c WwanSvc - ok
17:24:44.0338 0x245c ================ Scan global ===============================
17:24:44.0494 0x245c [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:24:44.0572 0x245c [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:24:44.0712 0x245c [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:24:44.0743 0x245c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:24:44.0837 0x245c [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:24:44.0853 0x245c [ Global ] - ok
17:24:44.0853 0x245c ================ Scan MBR ==================================
17:24:44.0868 0x245c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:24:47.0895 0x245c \Device\Harddisk0\DR0 - ok
17:24:47.0895 0x245c ================ Scan VBR ==================================
17:24:47.0973 0x245c [ 8C3313B3F522F6BAF75A69970BD63FCE ] \Device\Harddisk0\DR0\Partition1
17:24:47.0973 0x245c \Device\Harddisk0\DR0\Partition1 - ok
17:24:47.0973 0x245c ================ Scan generic autorun ======================
17:24:48.0004 0x245c [ 2F2DF068BED6E62E4C007DF7446B4F19, 96FE78E2B8BD067B7378ECDF1E74939C71EFFBF09B2C184361650DBF4ED0FCC3 ] C:\Windows\PLFSetI.exe
17:24:48.0066 0x245c PLFSetI - detected UnsignedFile.Multi.Generic ( 1 )
17:24:58.0081 0x245c PLFSetI ( UnsignedFile.Multi.Generic ) - warning
17:25:01.0669 0x245c [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
17:25:01.0716 0x245c BCSSync - ok
17:25:01.0794 0x245c [ 27F8A7A78773427E5D931628F89D6839, 61A312590322109BEA9EA70345E6FB40435D9BACE2B9CFF3ADF68C7B3D6FA163 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
17:25:01.0841 0x245c avgnt - ok
17:25:01.0857 0x245c RtHDVCpl - ok
17:25:01.0888 0x245c Adobe Reader Speed Launcher - ok
17:25:02.0044 0x245c [ 76C4A805549B302EC24D3CE8739C4704, 5ECA5F68640FD666A632145D7D9DF817B47ED0C67E145FA5DBE0D384DDEF4AC1 ] C:\ProgramData\Apple Computer\iTunes\bending\image_frequency.exe
17:25:02.0075 0x245c amplitude_modulation - detected UnsignedFile.Multi.Generic ( 1 )
17:25:04.0571 0x245c Detect turned to UDS exact due to KSN untrusted
17:25:04.0571 0x245c amplitude_modulation ( UDS:DangerousObject.Multi.Generic ) - infected
17:25:04.0571 0x245c Force sending object to P2P due to detect: C:\ProgramData\Apple Computer\iTunes\bending\image_frequency.exe
17:25:07.0161 0x245c Object send P2P result: true
17:25:09.0969 0x245c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:25:10.0093 0x245c Sidebar - ok
17:25:10.0234 0x245c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:25:10.0265 0x245c mctadmin - ok
17:25:10.0359 0x245c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:25:10.0405 0x245c Sidebar - ok
17:25:10.0421 0x245c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:25:10.0452 0x245c mctadmin - ok
17:25:10.0515 0x245c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:25:10.0561 0x245c Sidebar - ok
17:25:10.0686 0x245c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:25:10.0702 0x245c Google Update - ok
17:25:10.0749 0x245c [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5, 6075E8ADD4136AC6497C1FE9CC937E6652FAD5024AED1CF901CE107078955C4F ] C:\Windows\System32\StikyNot.exe
17:25:10.0811 0x245c RESTART_STICKY_NOTES - ok
17:25:10.0967 0x245c [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:25:10.0967 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:25:10.0983 0x245c sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:13.0463 0x245c sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:13.0463 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:25:16.0006 0x245c Object send P2P result: true
17:25:18.0533 0x245c [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:25:18.0533 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:25:18.0627 0x245c link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:21.0091 0x245c link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:21.0091 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:25:23.0806 0x245c Object send P2P result: true
17:25:26.0286 0x245c [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:25:26.0286 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:25:26.0302 0x245c government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:28.0845 0x245c Object required for P2P: [ E318BEA29095CDDBB4250F50F82C50A5 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:25:31.0497 0x245c Object send P2P result: true
17:25:31.0497 0x245c government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:31.0497 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:25:34.0071 0x245c Object send P2P result: true
17:25:36.0629 0x245c [ 2ED7B57A489A7D95270E8A1282CBBA26, DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E ] C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:25:36.0629 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe. md5: 2ED7B57A489A7D95270E8A1282CBBA26, sha256: DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E
17:25:36.0723 0x245c act-age - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:39.0189 0x245c act-age ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:39.0189 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:25:41.0763 0x245c Object send P2P result: true
17:25:44.0244 0x245c [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:25:44.0244 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:25:44.0275 0x245c sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:44.0275 0x245c sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:44.0275 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:25:47.0005 0x245c Object send P2P result: true
17:25:49.0563 0x245c [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:25:49.0563 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:25:49.0579 0x245c government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:49.0579 0x245c Object required for P2P: [ E318BEA29095CDDBB4250F50F82C50A5 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:25:52.0231 0x245c Object send P2P result: true
17:25:52.0231 0x245c government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:52.0231 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:25:54.0774 0x245c Object send P2P result: true
17:25:57.0254 0x245c [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:25:57.0254 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:25:57.0254 0x245c link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:25:57.0254 0x245c link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:25:57.0254 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:25:59.0859 0x245c Object send P2P result: true
17:26:02.0324 0x245c [ 2ED7B57A489A7D95270E8A1282CBBA26, DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E ] C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:26:02.0340 0x245c Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe. md5: 2ED7B57A489A7D95270E8A1282CBBA26, sha256: DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E
17:26:02.0402 0x245c act-age - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:26:02.0402 0x245c act-age ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:26:02.0402 0x245c Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:26:17.0287 0x245c Object send P2P result: true
17:26:27.0942 0x245c [ E6BC6ADD6C205FCDE687E7E0BBE022A8, 40F9248F471FF6BB60684CADD2795C41DF168269ADF9D119ABFFD4A7CE606A59 ] C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\tank_circuit.exe
17:26:29.0049 0x245c artificial_intelligence - detected UnsignedFile.Multi.Generic ( 1 )
17:26:31.0545 0x245c Detect turned to UDS exact due to KSN untrusted
17:26:31.0545 0x245c artificial_intelligence ( UDS:DangerousObject.Multi.Generic ) - infected
17:26:31.0545 0x245c Force sending object to P2P due to detect: C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\tank_circuit.exe
17:26:34.0088 0x245c Object send P2P result: true
17:26:36.0693 0x245c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:26:36.0724 0x245c Sidebar - ok
17:26:36.0740 0x245c AVG-Secure-Search-Update_JUNE2013_TB - ok
17:26:36.0771 0x245c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:26:36.0787 0x245c Google Update - ok
17:26:36.0834 0x245c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:26:36.0849 0x245c mctadmin - ok
17:26:37.0068 0x245c [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:26:37.0177 0x245c Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:26:37.0255 0x245c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:26:37.0333 0x245c Sidebar - ok
17:26:37.0333 0x245c AVG-Secure-Search-Update_JUNE2013_TB - ok
17:26:37.0442 0x245c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:26:37.0458 0x245c Google Update - ok
17:26:37.0473 0x245c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:26:37.0504 0x245c mctadmin - ok
17:26:37.0536 0x245c [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:26:37.0582 0x245c Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:26:37.0582 0x245c Waiting for KSN requests completion. In queue: 2
17:26:38.0596 0x245c Waiting for KSN requests completion. In queue: 2
17:26:39.0602 0x245c Waiting for KSN requests completion. In queue: 2
17:26:40.0678 0x245c AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.420 ), 0x41000 ( enabled : updated )
17:26:40.0694 0x245c Win FW state via NFP2: enabled ( trusted )
17:26:43.0143 0x245c ============================================================
17:26:43.0143 0x245c Scan finished
17:26:43.0143 0x245c ============================================================
17:26:43.0143 0x2454 Detected object count: 14
17:26:43.0143 0x2454 Actual detected object count: 14
17:41:20.0497 0x2454 brownout ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:20.0497 0x2454 brownout ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:20.0498 0x2454 Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:20.0498 0x2454 Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:20.0506 0x2454 second_harmonic ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:20.0506 0x2454 second_harmonic ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:20.0510 0x2454 PLFSetI ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:20.0510 0x2454 PLFSetI ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:20.0512 0x2454 amplitude_modulation ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:41:20.0512 0x2454 amplitude_modulation ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:41:20.0521 0x2454 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0521 0x2454 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0523 0x2454 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0523 0x2454 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0524 0x2454 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0524 0x2454 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0527 0x2454 act-age ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0527 0x2454 act-age ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0529 0x2454 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0529 0x2454 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0535 0x2454 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0535 0x2454 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0538 0x2454 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0538 0x2454 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0540 0x2454 act-age ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:41:20.0540 0x2454 act-age ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:41:20.0542 0x2454 artificial_intelligence ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:41:20.0542 0x2454 artificial_intelligence ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:41:25.0214 0x22e4 Deinitialize success
|
|
24.09.2015, 14:14
| #8 |
| /// the machine /// TB-Ausbilder | Fake Inkasso Email mit Anhang geöffnet Quarantine, wenn möglich.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.09.2015, 16:31
| #9 |
| | Fake Inkasso Email mit Anhang geöffnet Hallo hier der erste Teil des Log nach dem Scan: Code:
ATTFilter 17:00:37.0068 0x0320 ============================================================
17:00:37.0068 0x0320 Scan started
17:00:37.0068 0x0320 Mode: Manual; SigCheck; TDLFS;
17:00:37.0068 0x0320 ============================================================
17:00:37.0068 0x0320 KSN ping started
17:00:51.0202 0x0320 KSN ping finished: true
17:01:00.0640 0x0320 ================ Scan system memory ========================
17:01:00.0640 0x0320 System memory - ok
17:01:00.0640 0x0320 ================ Scan services =============================
17:01:01.0108 0x0320 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:01:01.0170 0x0320 1394ohci - ok
17:01:01.0201 0x0320 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:01:01.0248 0x0320 ACPI - ok
17:01:01.0357 0x0320 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:01:01.0373 0x0320 AcpiPmi - ok
17:01:01.0669 0x0320 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:01:01.0763 0x0320 AdobeARMservice - ok
17:01:01.0950 0x0320 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:01:01.0981 0x0320 AdobeFlashPlayerUpdateSvc - ok
17:01:02.0122 0x0320 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:01:02.0153 0x0320 adp94xx - ok
17:01:02.0169 0x0320 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:01:02.0200 0x0320 adpahci - ok
17:01:02.0231 0x0320 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:01:02.0262 0x0320 adpu320 - ok
17:01:02.0418 0x0320 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:01:02.0652 0x0320 AeLookupSvc - ok
17:01:02.0699 0x0320 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
17:01:02.0902 0x0320 AFD - ok
17:01:02.0980 0x0320 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:01:02.0995 0x0320 agp440 - ok
17:01:03.0105 0x0320 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:01:03.0120 0x0320 aic78xx - ok
17:01:03.0245 0x0320 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:01:03.0261 0x0320 ALG - ok
17:01:03.0307 0x0320 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:01:03.0323 0x0320 aliide - ok
17:01:03.0401 0x0320 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:01:03.0417 0x0320 amdagp - ok
17:01:03.0463 0x0320 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:01:03.0479 0x0320 amdide - ok
17:01:03.0604 0x0320 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:01:03.0697 0x0320 AmdK8 - ok
17:01:03.0697 0x0320 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:01:03.0744 0x0320 AmdPPM - ok
17:01:03.0807 0x0320 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:01:03.0822 0x0320 amdsata - ok
17:01:03.0885 0x0320 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:01:03.0900 0x0320 amdsbs - ok
17:01:03.0916 0x0320 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:01:03.0931 0x0320 amdxata - ok
17:01:03.0931 0x0320 Amdxidtun - ok
17:01:04.0228 0x0320 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
17:01:04.0321 0x0320 AntiVirMailService - ok
17:01:04.0415 0x0320 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:01:04.0446 0x0320 AntiVirSchedulerService - ok
17:01:04.0602 0x0320 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:01:04.0649 0x0320 AntiVirService - ok
17:01:04.0867 0x0320 [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
17:01:05.0023 0x0320 AntiVirWebService - ok
17:01:05.0086 0x0320 [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\Windows\system32\drivers\appid.sys
17:01:05.0242 0x0320 AppID - ok
17:01:05.0320 0x0320 [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:01:05.0351 0x0320 AppIDSvc - ok
17:01:05.0413 0x0320 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
17:01:05.0616 0x0320 Appinfo - ok
17:01:05.0663 0x0320 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:01:05.0803 0x0320 AppMgmt - ok
17:01:05.0866 0x0320 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:01:05.0881 0x0320 arc - ok
17:01:05.0991 0x0320 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:01:06.0006 0x0320 arcsas - ok
17:01:06.0100 0x0320 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:01:06.0115 0x0320 aspnet_state - ok
17:01:06.0209 0x0320 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:01:06.0287 0x0320 AsyncMac - ok
17:01:06.0412 0x0320 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:01:06.0708 0x0320 atapi - ok
17:01:06.0771 0x0320 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:01:06.0817 0x0320 AudioEndpointBuilder - ok
17:01:06.0833 0x0320 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:01:06.0880 0x0320 Audiosrv - ok
17:01:07.0176 0x0320 [ 98A2E56DC1197D36E81F771DB81ED798, 9AD3089D59DDD15DF74CEE49568C3CFFD97976F93B7CA246F4D51FBA5528C6BA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:01:07.0192 0x0320 avgntflt - ok
17:01:07.0379 0x0320 [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
17:01:07.0395 0x0320 avgtp - ok
17:01:07.0441 0x0320 [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:01:07.0457 0x0320 avipbb - ok
17:01:07.0753 0x0320 [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
17:01:07.0769 0x0320 Avira.ServiceHost - ok
17:01:07.0816 0x0320 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:01:07.0831 0x0320 avkmgr - ok
17:01:08.0471 0x0320 [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:01:08.0487 0x0320 avnetflt - ok
17:01:08.0533 0x0320 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:01:08.0627 0x0320 AxInstSV - ok
17:01:08.0752 0x0320 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:01:08.0814 0x0320 b06bdrv - ok
17:01:08.0908 0x0320 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:01:08.0923 0x0320 b57nd60x - ok
17:01:09.0126 0x0320 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:01:09.0282 0x0320 BDESVC - ok
17:01:09.0345 0x0320 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:01:09.0376 0x0320 Beep - ok
17:01:09.0438 0x0320 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:01:09.0547 0x0320 BFE - ok
17:01:09.0641 0x0320 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
17:01:10.0218 0x0320 BITS - ok
17:01:10.0452 0x0320 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:01:10.0811 0x0320 blbdrive - ok
17:01:10.0873 0x0320 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:01:10.0905 0x0320 bowser - ok
17:01:11.0107 0x0320 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:01:11.0201 0x0320 BrFiltLo - ok
17:01:11.0232 0x0320 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:01:11.0310 0x0320 BrFiltUp - ok
17:01:11.0357 0x0320 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
17:01:11.0388 0x0320 Bridge - ok
17:01:11.0404 0x0320 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:01:11.0435 0x0320 BridgeMP - ok
17:01:11.0809 0x0320 [ 48977666C1B9368507B473F86DC4FCC9, 25FF4AC81C765B11F3DE24B8C212B6BA3AFA151C05FF360575F65D7EFCCDA124 ] brownout C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\parallel.exe
17:01:11.0887 0x0320 brownout - detected UnsignedFile.Multi.Generic ( 1 )
17:01:11.0887 0x0320 brownout ( UnsignedFile.Multi.Generic ) - warning
17:01:11.0950 0x0320 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:01:12.0137 0x0320 Browser - ok
17:01:12.0277 0x0320 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:01:12.0402 0x0320 Brserid - ok
17:01:12.0480 0x0320 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:01:12.0636 0x0320 BrSerWdm - ok
17:01:12.0667 0x0320 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:01:12.0823 0x0320 BrUsbMdm - ok
17:01:12.0839 0x0320 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:01:12.0855 0x0320 BrUsbSer - ok
17:01:12.0901 0x0320 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:01:12.0933 0x0320 BthEnum - ok
17:01:12.0964 0x0320 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:01:12.0979 0x0320 BTHMODEM - ok
17:01:13.0011 0x0320 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:01:13.0042 0x0320 BthPan - ok
17:01:13.0104 0x0320 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:01:13.0135 0x0320 BTHPORT - ok
17:01:13.0198 0x0320 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:01:13.0229 0x0320 bthserv - ok
17:01:13.0323 0x0320 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:01:13.0338 0x0320 BTHUSB - ok
17:01:13.0401 0x0320 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:01:13.0479 0x0320 cdfs - ok
17:01:13.0557 0x0320 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:01:13.0603 0x0320 cdrom - ok
17:01:13.0666 0x0320 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:01:13.0697 0x0320 CertPropSvc - ok
17:01:13.0853 0x0320 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:01:13.0869 0x0320 circlass - ok
17:01:13.0900 0x0320 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
17:01:13.0931 0x0320 CLFS - ok
17:01:14.0274 0x0320 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:01:14.0305 0x0320 clr_optimization_v2.0.50727_32 - ok
17:01:14.0337 0x0320 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:01:14.0352 0x0320 clr_optimization_v4.0.30319_32 - ok
17:01:14.0430 0x0320 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:01:14.0446 0x0320 CmBatt - ok
17:01:14.0493 0x0320 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:01:14.0508 0x0320 cmdide - ok
17:01:14.0711 0x0320 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
17:01:14.0805 0x0320 CNG - ok
17:01:14.0883 0x0320 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:01:14.0898 0x0320 Compbatt - ok
17:01:14.0976 0x0320 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:01:15.0023 0x0320 CompositeBus - ok
17:01:15.0023 0x0320 COMSysApp - ok
17:01:15.0054 0x0320 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:01:15.0070 0x0320 crcdisk - ok
17:01:15.0117 0x0320 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:01:15.0148 0x0320 CryptSvc - ok
17:01:15.0226 0x0320 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
17:01:15.0366 0x0320 CSC - ok
17:01:15.0491 0x0320 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
17:01:15.0538 0x0320 CscService - ok
17:01:15.0663 0x0320 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512, 8F788EB5788CC04D53728FADF72114E0A12CC6F66B6A84EA7C7293722AC76137 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:01:15.0678 0x0320 dc3d - ok
17:01:15.0756 0x0320 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
17:01:15.0803 0x0320 DcomLaunch - ok
17:01:15.0928 0x0320 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:01:15.0975 0x0320 defragsvc - ok
17:01:16.0068 0x0320 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:01:16.0115 0x0320 DfsC - ok
17:01:16.0240 0x0320 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:01:16.0287 0x0320 Dhcp - ok
17:01:16.0489 0x0320 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
17:01:16.0661 0x0320 DiagTrack - ok
17:01:16.0755 0x0320 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:01:16.0786 0x0320 discache - ok
17:01:16.0895 0x0320 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:01:16.0911 0x0320 Disk - ok
17:01:16.0973 0x0320 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:01:17.0176 0x0320 Dnscache - ok
17:01:17.0285 0x0320 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:01:17.0535 0x0320 dot3svc - ok
17:01:17.0597 0x0320 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:01:17.0628 0x0320 DPS - ok
17:01:17.0769 0x0320 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:01:17.0893 0x0320 drmkaud - ok
17:01:18.0065 0x0320 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:01:18.0143 0x0320 DXGKrnl - ok
17:01:18.0205 0x0320 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:01:18.0237 0x0320 EapHost - ok
17:01:18.0486 0x0320 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:01:18.0658 0x0320 ebdrv - ok
17:01:18.0689 0x0320 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\Windows\System32\lsass.exe
17:01:18.0736 0x0320 EFS - ok
17:01:18.0876 0x0320 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:01:19.0001 0x0320 ehRecvr - ok
17:01:19.0063 0x0320 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:01:19.0157 0x0320 ehSched - ok
17:01:19.0204 0x0320 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:01:19.0235 0x0320 elxstor - ok
17:01:19.0282 0x0320 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:01:19.0297 0x0320 ErrDev - ok
17:01:19.0360 0x0320 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:01:19.0407 0x0320 EventSystem - ok
17:01:19.0469 0x0320 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:01:19.0516 0x0320 exfat - ok
17:01:19.0563 0x0320 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:01:19.0672 0x0320 fastfat - ok
17:01:19.0734 0x0320 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:01:19.0906 0x0320 Fax - ok
17:01:19.0984 0x0320 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:01:20.0015 0x0320 fdc - ok
17:01:20.0062 0x0320 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:01:20.0187 0x0320 fdPHost - ok
17:01:20.0280 0x0320 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:01:20.0327 0x0320 FDResPub - ok
17:01:20.0358 0x0320 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:01:20.0374 0x0320 FileInfo - ok
17:01:20.0389 0x0320 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:01:20.0530 0x0320 Filetrace - ok
17:01:20.0561 0x0320 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:01:20.0577 0x0320 flpydisk - ok
17:01:20.0717 0x0320 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:01:20.0733 0x0320 FltMgr - ok
17:01:20.0857 0x0320 [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\Windows\system32\FntCache.dll
17:01:20.0982 0x0320 FontCache - ok
17:01:21.0091 0x0320 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:01:21.0107 0x0320 FontCache3.0.0.0 - ok
17:01:21.0232 0x0320 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:01:21.0247 0x0320 FsDepends - ok
17:01:21.0388 0x0320 [ 2B3BF55BA74EB8118F67AB2B450B8EA9, 6D09D75105FE374E0865A2E5C1F9460AF938B6F62604F0C97B31ED9ADD4AFF4E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:01:21.0403 0x0320 fssfltr - ok
17:01:21.0575 0x0320 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:01:21.0684 0x0320 fsssvc - ok
17:01:21.0731 0x0320 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:01:21.0747 0x0320 Fs_Rec - ok
17:01:21.0793 0x0320 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:01:21.0809 0x0320 fvevol - ok
17:01:22.0199 0x0320 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:01:22.0215 0x0320 gagp30kx - ok
17:01:22.0246 0x0320 [ 007AEA2E06E7CEF7372E40C277163959, 805906ADC7C5473B767932A552FEC7500D0F3F7CB45D8DEFE6A1567F2038EF88 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
17:01:22.0261 0x0320 ggflt - ok
17:01:22.0371 0x0320 [ C73DE35960CA75C5AB4AE636B127C64E, 0C22EECD64CC06AB820ED6A2E76FBC7AB072379FD14837CF95BA3EF105ABB745 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
17:01:22.0402 0x0320 ggsemc - ok
17:01:22.0511 0x0320 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
17:01:22.0683 0x0320 gpsvc - ok
17:01:22.0823 0x0320 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:22.0839 0x0320 gupdate - ok
17:01:22.0901 0x0320 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:22.0917 0x0320 gupdatem - ok
17:01:22.0963 0x0320 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:01:22.0995 0x0320 hcw85cir - ok
17:01:23.0104 0x0320 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:01:23.0244 0x0320 HdAudAddService - ok
17:01:23.0307 0x0320 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:01:23.0338 0x0320 HDAudBus - ok
17:01:23.0416 0x0320 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:01:23.0447 0x0320 HidBatt - ok
17:01:23.0525 0x0320 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:01:23.0619 0x0320 HidBth - ok
17:01:23.0650 0x0320 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:01:23.0697 0x0320 HidIr - ok
17:01:23.0743 0x0320 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:01:23.0915 0x0320 hidserv - ok
17:01:23.0946 0x0320 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:01:24.0071 0x0320 HidUsb - ok
17:01:24.0118 0x0320 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:01:24.0196 0x0320 hkmsvc - ok
17:01:24.0243 0x0320 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:01:24.0305 0x0320 HomeGroupListener - ok
17:01:24.0383 0x0320 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:01:24.0461 0x0320 HomeGroupProvider - ok
17:01:24.0586 0x0320 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:01:24.0601 0x0320 HpSAMD - ok
17:01:24.0664 0x0320 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:01:24.0960 0x0320 HTTP - ok
17:01:24.0976 0x0320 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:01:24.0991 0x0320 hwpolicy - ok
17:01:25.0054 0x0320 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:01:25.0132 0x0320 i8042prt - ok
17:01:25.0194 0x0320 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:01:25.0225 0x0320 iaStorV - ok
17:01:25.0335 0x0320 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:01:25.0335 0x0320 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:01:25.0335 0x0320 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:01:25.0428 0x0320 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:01:25.0522 0x0320 idsvc - ok
17:01:25.0631 0x0320 IEEtwCollectorService - ok
17:01:25.0647 0x0320 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:01:25.0678 0x0320 iirsp - ok
17:01:25.0740 0x0320 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
17:01:25.0803 0x0320 IKEEXT - ok
17:01:25.0818 0x0320 IntcAzAudAddService - ok
17:01:25.0881 0x0320 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:01:25.0974 0x0320 intelide - ok
17:01:26.0021 0x0320 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:01:26.0037 0x0320 intelppm - ok
17:01:26.0177 0x0320 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:01:26.0239 0x0320 IPBusEnum - ok
17:01:26.0271 0x0320 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:01:26.0317 0x0320 IpFilterDriver - ok
17:01:26.0380 0x0320 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:01:26.0489 0x0320 iphlpsvc - ok
17:01:26.0614 0x0320 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:01:26.0661 0x0320 IPMIDRV - ok
17:01:26.0754 0x0320 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:01:26.0817 0x0320 IPNAT - ok
17:01:26.0832 0x0320 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:01:26.0863 0x0320 IRENUM - ok
17:01:26.0910 0x0320 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:01:26.0926 0x0320 isapnp - ok
17:01:26.0957 0x0320 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:01:26.0973 0x0320 iScsiPrt - ok
17:01:27.0019 0x0320 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:01:27.0035 0x0320 kbdclass - ok
17:01:27.0082 0x0320 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:01:27.0097 0x0320 kbdhid - ok
17:01:27.0191 0x0320 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\Windows\system32\lsass.exe
17:01:27.0207 0x0320 KeyIso - ok
17:01:27.0316 0x0320 [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:01:27.0409 0x0320 KSecDD - ok
17:01:27.0441 0x0320 [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:01:27.0456 0x0320 KSecPkg - ok
17:01:27.0565 0x0320 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:01:27.0643 0x0320 KtmRm - ok
17:01:27.0737 0x0320 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:01:27.0971 0x0320 LanmanServer - ok
17:01:28.0018 0x0320 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:01:28.0127 0x0320 LanmanWorkstation - ok
17:01:28.0174 0x0320 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:01:28.0267 0x0320 lltdio - ok
17:01:28.0345 0x0320 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:01:28.0455 0x0320 lltdsvc - ok
17:01:28.0501 0x0320 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:01:28.0564 0x0320 lmhosts - ok
17:01:28.0611 0x0320 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:01:28.0626 0x0320 LSI_FC - ok
17:01:28.0704 0x0320 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:01:28.0720 0x0320 LSI_SAS - ok
17:01:28.0735 0x0320 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:01:28.0751 0x0320 LSI_SAS2 - ok
17:01:28.0813 0x0320 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:01:28.0845 0x0320 LSI_SCSI - ok
17:01:28.0938 0x0320 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:01:29.0063 0x0320 luafv - ok
17:01:29.0203 0x0320 [ FDBDEDB746A33BAFC17394D1960ADEAF, 6280BD2559A3A0D058BAAF0BB3719F4BEE5841EC9901452CB6D8319666901876 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
17:01:29.0219 0x0320 mbamchameleon - ok
17:01:29.0297 0x0320 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:01:29.0313 0x0320 Mcx2Svc - ok
17:01:29.0328 0x0320 mdmxsdk - ok
17:01:29.0375 0x0320 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:01:29.0391 0x0320 megasas - ok
17:01:29.0437 0x0320 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:01:29.0469 0x0320 MegaSR - ok
17:01:29.0656 0x0320 Microsoft SharePoint Workspace Audit Service - ok
17:01:29.0687 0x0320 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:01:29.0734 0x0320 MMCSS - ok
17:01:29.0781 0x0320 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:01:29.0812 0x0320 Modem - ok
17:01:29.0890 0x0320 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:01:29.0921 0x0320 monitor - ok
17:01:29.0983 0x0320 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:01:29.0999 0x0320 mouclass - ok
17:01:30.0015 0x0320 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:01:30.0046 0x0320 mouhid - ok
17:01:30.0217 0x0320 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:01:30.0233 0x0320 mountmgr - ok
17:01:30.0311 0x0320 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:01:30.0327 0x0320 mpio - ok
17:01:30.0436 0x0320 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:01:30.0529 0x0320 mpsdrv - ok
17:01:30.0670 0x0320 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:01:30.0810 0x0320 MpsSvc - ok
17:01:30.0873 0x0320 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:01:30.0982 0x0320 MRxDAV - ok
17:01:31.0029 0x0320 [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:01:31.0075 0x0320 mrxsmb - ok
17:01:31.0122 0x0320 [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:01:31.0200 0x0320 mrxsmb10 - ok
17:01:31.0278 0x0320 [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:01:31.0294 0x0320 mrxsmb20 - ok
17:01:31.0387 0x0320 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:01:31.0419 0x0320 msahci - ok
17:01:31.0543 0x0320 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:01:31.0606 0x0320 msdsm - ok
17:01:31.0621 0x0320 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:01:31.0653 0x0320 MSDTC - ok
17:01:31.0777 0x0320 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:01:31.0809 0x0320 Msfs - ok
17:01:31.0871 0x0320 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:01:31.0949 0x0320 mshidkmdf - ok
17:01:31.0980 0x0320 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:01:31.0996 0x0320 msisadrv - ok
17:01:32.0089 0x0320 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:01:32.0152 0x0320 MSiSCSI - ok
17:01:32.0152 0x0320 msiserver - ok
17:01:32.0230 0x0320 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:01:32.0370 0x0320 MSKSSRV - ok
17:01:32.0417 0x0320 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:01:32.0464 0x0320 MSPCLOCK - ok
17:01:32.0511 0x0320 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:01:32.0557 0x0320 MSPQM - ok
17:01:32.0651 0x0320 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:01:32.0667 0x0320 MsRPC - ok
17:01:32.0947 0x0320 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:01:33.0291 0x0320 mssmbios - ok
17:01:33.0322 0x0320 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:01:33.0478 0x0320 MSTEE - ok
17:01:33.0493 0x0320 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:01:33.0525 0x0320 MTConfig - ok
17:01:33.0556 0x0320 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:01:33.0571 0x0320 Mup - ok
17:01:33.0618 0x0320 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:01:33.0727 0x0320 napagent - ok
17:01:33.0805 0x0320 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:01:33.0821 0x0320 NativeWifiP - ok
17:01:33.0930 0x0320 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:01:34.0055 0x0320 NDIS - ok
17:01:34.0133 0x0320 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:01:34.0164 0x0320 NdisCap - ok
17:01:34.0273 0x0320 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:01:34.0305 0x0320 NdisTapi - ok
17:01:34.0336 0x0320 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:01:34.0429 0x0320 Ndisuio - ok
17:01:34.0507 0x0320 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:01:34.0632 0x0320 NdisWan - ok
17:01:34.0679 0x0320 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:01:34.0804 0x0320 NDProxy - ok
17:01:34.0882 0x0320 [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
17:01:34.0882 0x0320 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
17:01:34.0882 0x0320 Netaapl ( UnsignedFile.Multi.Generic ) - warning
17:01:34.0882 0x0320 Force sending object to P2P due to detect: Netaapl
17:01:34.0897 0x0320 Object send P2P result: false
17:01:34.0960 0x0320 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:01:35.0038 0x0320 NetBIOS - ok
17:01:35.0147 0x0320 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:01:35.0256 0x0320 NetBT - ok
17:01:35.0287 0x0320 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\Windows\system32\lsass.exe
17:01:35.0303 0x0320 Netlogon - ok
17:01:35.0428 0x0320 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:01:35.0537 0x0320 Netman - ok
17:01:35.0584 0x0320 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:01:35.0599 0x0320 NetMsmqActivator - ok
17:01:35.0631 0x0320 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:01:35.0693 0x0320 NetPipeActivator - ok
17:01:35.0880 0x0320 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:01:36.0036 0x0320 netprofm - ok
17:01:36.0083 0x0320 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:01:36.0099 0x0320 NetTcpActivator - ok
17:01:36.0177 0x0320 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:01:36.0192 0x0320 NetTcpPortSharing - ok
17:01:36.0426 0x0320 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
17:01:36.0723 0x0320 netw5v32 - ok
17:01:36.0769 0x0320 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:01:36.0785 0x0320 nfrd960 - ok
17:01:36.0894 0x0320 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:01:37.0035 0x0320 NlaSvc - ok
17:01:37.0066 0x0320 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:01:37.0144 0x0320 Npfs - ok
17:01:37.0269 0x0320 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:01:37.0300 0x0320 nsi - ok
17:01:37.0393 0x0320 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:01:37.0409 0x0320 nsiproxy - ok
17:01:37.0534 0x0320 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:01:37.0643 0x0320 Ntfs - ok
17:01:37.0659 0x0320 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:01:37.0705 0x0320 Null - ok
17:01:37.0768 0x0320 [ 7F5D69A031BE0E7BDFB8126E1A212417, E0ECC8D47D9385FC97B962A72F435A94F9AAF88694E84EE8AF7F3D0EBD2C15DC ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
17:01:37.0768 0x0320 nuvotoncir - detected UnsignedFile.Multi.Generic ( 1 )
17:01:37.0768 0x0320 nuvotoncir ( UnsignedFile.Multi.Generic ) - warning
17:01:38.0314 0x0320 [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:01:38.0813 0x0320 nvlddmkm - ok
17:01:38.0922 0x0320 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:01:38.0938 0x0320 nvraid - ok
17:01:39.0031 0x0320 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:01:39.0063 0x0320 nvstor - ok
17:01:39.0156 0x0320 [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:01:39.0265 0x0320 nvsvc - ok
17:01:39.0421 0x0320 [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:01:39.0531 0x0320 nvUpdatusService - ok
17:01:39.0640 0x0320 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:01:39.0655 0x0320 nv_agp - ok
17:01:39.0702 0x0320 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:01:39.0718 0x0320 ohci1394 - ok
17:01:39.0843 0x0320 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:01:39.0905 0x0320 ose - ok
17:01:40.0139 0x0320 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:01:40.0498 0x0320 osppsvc - ok
17:01:40.0560 0x0320 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:01:40.0654 0x0320 p2pimsvc - ok
17:01:40.0701 0x0320 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:01:40.0732 0x0320 p2psvc - ok
17:01:40.0825 0x0320 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:01:40.0872 0x0320 Parport - ok
17:01:40.0935 0x0320 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:01:40.0966 0x0320 partmgr - ok
17:01:40.0981 0x0320 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:01:41.0106 0x0320 Parvdm - ok
17:01:41.0153 0x0320 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
17:01:41.0278 0x0320 PcaSvc - ok
17:01:41.0325 0x0320 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:01:41.0356 0x0320 pci - ok
17:01:41.0418 0x0320 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:01:41.0434 0x0320 pciide - ok
17:01:41.0527 0x0320 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:01:41.0574 0x0320 pcmcia - ok
17:01:41.0574 0x0320 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:01:41.0590 0x0320 pcw - ok
17:01:41.0652 0x0320 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:01:41.0761 0x0320 PEAUTH - ok
17:01:41.0855 0x0320 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:01:41.0933 0x0320 PeerDistSvc - ok
17:01:42.0105 0x0320 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:01:42.0307 0x0320 pla - ok
17:01:42.0463 0x0320 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:01:42.0651 0x0320 PlugPlay - ok
17:01:42.0697 0x0320 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:01:42.0713 0x0320 PnkBstrA - ok
17:01:42.0807 0x0320 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:01:42.0822 0x0320 PNRPAutoReg - ok
17:01:43.0041 0x0320 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:01:43.0072 0x0320 PNRPsvc - ok
17:01:43.0181 0x0320 [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32 C:\Windows\system32\DRIVERS\point32.sys
17:01:43.0197 0x0320 Point32 - ok
17:01:43.0243 0x0320 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:01:43.0321 0x0320 PolicyAgent - ok
17:01:43.0415 0x0320 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:01:43.0493 0x0320 Power - ok
17:01:43.0524 0x0320 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:01:43.0555 0x0320 PptpMiniport - ok
17:01:43.0758 0x0320 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:01:43.0805 0x0320 Processor - ok
17:01:43.0914 0x0320 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
17:01:43.0977 0x0320 ProfSvc - ok
17:01:44.0164 0x0320 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:01:44.0179 0x0320 ProtectedStorage - ok
17:01:44.0273 0x0320 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:01:44.0335 0x0320 Psched - ok
17:01:44.0429 0x0320 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:01:44.0569 0x0320 ql2300 - ok
17:01:44.0601 0x0320 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:01:44.0616 0x0320 ql40xx - ok
17:01:44.0663 0x0320 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:01:44.0772 0x0320 QWAVE - ok
17:01:44.0991 0x0320 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:01:45.0115 0x0320 QWAVEdrv - ok
17:01:45.0131 0x0320 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:01:45.0209 0x0320 RasAcd - ok
17:01:45.0256 0x0320 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:01:45.0303 0x0320 RasAgileVpn - ok
17:01:45.0365 0x0320 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:01:45.0396 0x0320 RasAuto - ok
17:01:45.0474 0x0320 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:01:45.0521 0x0320 Rasl2tp - ok
17:01:45.0599 0x0320 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:01:45.0630 0x0320 RasMan - ok
17:01:45.0739 0x0320 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:01:45.0817 0x0320 RasPppoe - ok
17:01:45.0864 0x0320 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:01:45.0958 0x0320 RasSstp - ok
17:01:46.0020 0x0320 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:01:46.0083 0x0320 rdbss - ok
17:01:46.0176 0x0320 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:01:46.0254 0x0320 rdpbus - ok
17:01:46.0285 0x0320 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:01:46.0317 0x0320 RDPCDD - ok
17:01:46.0379 0x0320 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:01:46.0395 0x0320 RDPDR - ok
17:01:46.0473 0x0320 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:01:46.0551 0x0320 RDPENCDD - ok
17:01:46.0660 0x0320 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:01:46.0707 0x0320 RDPREFMP - ok
17:01:46.0785 0x0320 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:01:46.0816 0x0320 RdpVideoMiniport - ok
17:01:46.0863 0x0320 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:01:47.0003 0x0320 RDPWD - ok
17:01:47.0112 0x0320 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:01:47.0128 0x0320 rdyboost - ok
17:01:47.0237 0x0320 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:01:47.0424 0x0320 RemoteAccess - ok
17:01:47.0502 0x0320 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:01:47.0674 0x0320 RemoteRegistry - ok
17:01:47.0736 0x0320 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:01:47.0799 0x0320 RFCOMM - ok
17:01:47.0830 0x0320 [ 7A6648B61661B1421FFAB762E391E33F, D1CDEE8C53EF3D6E72DB4C1D9DD351BFE9804BB0BE1419245B4ABE16679FC5A2 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:01:47.0923 0x0320 rimmptsk - ok
17:01:47.0939 0x0320 [ D0A35B7670AA3558EAAB483F64446496, F70976D0214D3D52CCCE552EBC93548A39458B1F8C2D9D1257C4892BF85393E3 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:01:47.0986 0x0320 rimsptsk - ok
17:01:48.0017 0x0320 [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:01:48.0064 0x0320 rismxdp - ok
17:01:48.0095 0x0320 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:01:48.0126 0x0320 RpcEptMapper - ok
17:01:48.0173 0x0320 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:01:48.0251 0x0320 RpcLocator - ok
17:01:48.0298 0x0320 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
17:01:48.0329 0x0320 RpcSs - ok
17:01:48.0485 0x0320 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:01:48.0532 0x0320 rspndr - ok
17:01:48.0610 0x0320 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:01:49.0000 0x0320 s3cap - ok
17:01:49.0109 0x0320 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\Windows\system32\lsass.exe
17:01:49.0125 0x0320 SamSs - ok
17:01:49.0156 0x0320 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:01:49.0171 0x0320 sbp2port - ok
17:01:49.0265 0x0320 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:01:49.0327 0x0320 SCardSvr - ok
17:01:49.0421 0x0320 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:01:49.0499 0x0320 scfilter - ok
17:01:49.0624 0x0320 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
17:01:49.0717 0x0320 Schedule - ok
17:01:49.0749 0x0320 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:01:49.0780 0x0320 SCPolicySvc - ok
17:01:49.0998 0x0320 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:01:50.0076 0x0320 sdbus - ok
17:01:50.0107 0x0320 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:01:50.0154 0x0320 SDRSVC - ok
17:01:50.0185 0x0320 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:01:50.0217 0x0320 secdrv - ok
17:01:50.0263 0x0320 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
17:01:50.0404 0x0320 seclogon - ok
17:01:50.0544 0x0320 [ A1DA2F0B5BE2B37251611FB5CA7D60BD, 6D46C6CB584145A37C55A85B1A56A67FA0CA7DA90A9F6E5A6AC9CD676FE0A7ED ] second_harmonic C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\supervisor.exe
17:01:50.0591 0x0320 second_harmonic - detected UnsignedFile.Multi.Generic ( 1 )
17:01:50.0591 0x0320 second_harmonic ( UnsignedFile.Multi.Generic ) - warning
17:01:50.0700 0x0320 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:01:50.0763 0x0320 SENS - ok
17:01:50.0825 0x0320 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:01:50.0841 0x0320 SensrSvc - ok
17:01:50.0965 0x0320 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:01:50.0981 0x0320 Serenum - ok
17:01:51.0028 0x0320 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:01:51.0090 0x0320 Serial - ok
17:01:51.0106 0x0320 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:01:51.0168 0x0320 sermouse - ok
17:01:51.0246 0x0320 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:01:51.0309 0x0320 SessionEnv - ok
17:01:51.0418 0x0320 [ 4C0D673281178CB496011A2E28571FC8, 14CFB50F3EA987C4485475B2E5EC85C137949911495245F29FE64723C909C9E8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
17:01:51.0449 0x0320 sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
17:01:51.0449 0x0320 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
17:01:51.0449 0x0320 Force sending object to P2P due to detect: sfdrv01
17:01:51.0449 0x0320 Object send P2P result: false
17:01:51.0480 0x0320 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:01:51.0558 0x0320 sffdisk - ok
17:01:51.0636 0x0320 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:01:51.0667 0x0320 sffp_mmc - ok
17:01:51.0699 0x0320 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:01:51.0761 0x0320 sffp_sd - ok
17:01:51.0808 0x0320 [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
17:01:51.0823 0x0320 sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
17:01:51.0823 0x0320 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
17:01:51.0855 0x0320 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:01:51.0886 0x0320 sfloppy - ok
17:01:51.0933 0x0320 [ EFEBBC1D13FDB77A6AF4EDDFC7232EDF, 32888536C6E632DF78EC09A4CFB990B08ED75DB049DDF2612F548CC8FEB8D503 ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
17:01:51.0964 0x0320 sfsync02 - detected UnsignedFile.Multi.Generic ( 1 )
17:01:51.0964 0x0320 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
17:01:51.0979 0x0320 [ D5A7E09D2C6A702809E49190D52ADC9F, 7B3226A7C8C954A04B4543AFAA3079AA9A306E00CBD81346F952B40804608A87 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
17:01:52.0011 0x0320 sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
17:01:52.0011 0x0320 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
17:01:52.0073 0x0320 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:01:52.0213 0x0320 SharedAccess - ok
17:01:52.0323 0x0320 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:01:52.0385 0x0320 ShellHWDetection - ok
17:01:52.0416 0x0320 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:01:52.0432 0x0320 sisagp - ok
17:01:52.0494 0x0320 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:01:52.0510 0x0320 SiSRaid2 - ok
17:01:52.0541 0x0320 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:01:52.0572 0x0320 SiSRaid4 - ok
17:01:52.0603 0x0320 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:01:52.0635 0x0320 Smb - ok
17:01:52.0713 0x0320 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:01:52.0744 0x0320 SNMPTRAP - ok
17:01:52.0869 0x0320 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:01:52.0884 0x0320 spldr - ok
17:01:52.0947 0x0320 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
17:01:53.0040 0x0320 Spooler - ok
17:01:53.0259 0x0320 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:01:53.0461 0x0320 sppsvc - ok
17:01:53.0571 0x0320 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:01:53.0649 0x0320 sppuinotify - ok
17:01:53.0711 0x0320 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\Windows\system32\Drivers\sptd.sys
17:01:53.0711 0x0320 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
17:01:53.0711 0x0320 sptd - detected LockedFile.Multi.Generic ( 1 )
17:01:53.0711 0x0320 sptd ( LockedFile.Multi.Generic ) - warning
17:01:53.0883 0x0320 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:01:53.0992 0x0320 srv - ok
17:01:54.0007 0x0320 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:01:54.0085 0x0320 srv2 - ok
17:01:54.0132 0x0320 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:01:54.0179 0x0320 SrvHsfHDA - ok
17:01:54.0257 0x0320 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:01:54.0351 0x0320 SrvHsfV92 - ok
17:01:54.0413 0x0320 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:01:54.0475 0x0320 SrvHsfWinac - ok
17:01:54.0522 0x0320 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:01:54.0569 0x0320 srvnet - ok
17:01:54.0616 0x0320 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:01:54.0678 0x0320 SSDPSRV - ok
17:01:54.0772 0x0320 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:01:54.0787 0x0320 ssmdrv - ok
17:01:54.0834 0x0320 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:01:54.0865 0x0320 SstpSvc - ok
17:01:54.0897 0x0320 Steam Client Service - ok
17:01:54.0943 0x0320 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:01:54.0959 0x0320 stexstor - ok
17:01:55.0053 0x0320 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:01:55.0240 0x0320 StiSvc - ok
17:01:55.0318 0x0320 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:01:55.0333 0x0320 storflt - ok
17:01:55.0380 0x0320 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:01:55.0396 0x0320 storvsc - ok
17:01:55.0427 0x0320 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
17:01:55.0443 0x0320 swenum - ok
17:01:55.0599 0x0320 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:01:55.0708 0x0320 swprv - ok
17:01:55.0723 0x0320 Synth3dVsc - ok
17:01:55.0864 0x0320 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
17:01:56.0269 0x0320 SysMain - ok
17:01:56.0363 0x0320 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:01:56.0410 0x0320 TabletInputService - ok
17:01:56.0457 0x0320 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:01:56.0581 0x0320 TapiSrv - ok
17:01:56.0644 0x0320 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
17:01:56.0706 0x0320 TBS - ok
17:01:56.0815 0x0320 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:01:56.0909 0x0320 Tcpip - ok
17:01:57.0003 0x0320 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:01:57.0049 0x0320 TCPIP6 - ok
17:01:57.0143 0x0320 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:01:57.0159 0x0320 tcpipreg - ok
17:01:57.0252 0x0320 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:01:57.0393 0x0320 TDPIPE - ok
17:01:57.0424 0x0320 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:01:57.0455 0x0320 TDTCP - ok
17:01:57.0580 0x0320 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:01:57.0829 0x0320 tdx - ok
17:01:57.0845 0x0320 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:01:57.0861 0x0320 TermDD - ok
17:01:57.0923 0x0320 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
17:01:58.0204 0x0320 TermService - ok
17:01:58.0235 0x0320 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:01:58.0344 0x0320 Themes - ok
17:01:58.0360 0x0320 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:01:58.0391 0x0320 THREADORDER - ok
17:01:58.0453 0x0320 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:01:58.0734 0x0320 TrkWks - ok
17:01:59.0155 0x0320 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:01:59.0218 0x0320 TrustedInstaller - ok
17:01:59.0280 0x0320 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:01:59.0296 0x0320 tssecsrv - ok
17:01:59.0405 0x0320 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:01:59.0592 0x0320 TsUsbFlt - ok
17:01:59.0592 0x0320 tsusbhub - ok
17:01:59.0655 0x0320 [ CDDB80CAE568A7068F2C4440390D4B68, ED9D3E46C1BCF9E00D353014DD5ED893EC8949F213317776D8244D92EB9E1F08 ] TT1724ht C:\Windows\system32\drivers\TT1724ht.sys
17:01:59.0670 0x0320 TT1724ht - ok
17:01:59.0748 0x0320 [ 1155503966912F49B2AFD2E58C5E5856, 10F21DB4AE466B7905BBED0F60DA725F1AB61C85DABAD8585E68D5288DBF7DE4 ] TT1724sa C:\Windows\system32\drivers\TT1724sa.sys
17:01:59.0857 0x0320 TT1724sa - ok
17:01:59.0998 0x0320 [ AF5F31156EE89D35AD6EC3179A805D23, 92CF2FF24963589157DCD6F79A75D9918EC4C002E9C1CD74A14BE084E833DA88 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
17:02:00.0123 0x0320 TuneUp.UtilitiesSvc - ok
17:02:00.0185 0x0320 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
17:02:00.0185 0x0320 TuneUpUtilitiesDrv - ok
17:02:00.0232 0x0320 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:02:00.0263 0x0320 tunnel - ok
17:02:00.0279 0x0320 uafilter - ok
17:02:00.0388 0x0320 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:02:00.0403 0x0320 uagp35 - ok
17:02:00.0481 0x0320 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:02:00.0575 0x0320 udfs - ok
17:02:00.0669 0x0320 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:02:00.0731 0x0320 UI0Detect - ok
17:02:00.0793 0x0320 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:02:00.0809 0x0320 uliagpkx - ok
17:02:00.0887 0x0320 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:02:00.0981 0x0320 umbus - ok
17:02:01.0090 0x0320 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:02:01.0105 0x0320 UmPass - ok
17:02:01.0168 0x0320 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
17:02:01.0277 0x0320 UmRdpService - ok
17:02:01.0324 0x0320 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:02:01.0402 0x0320 upnphost - ok
17:02:01.0495 0x0320 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:02:01.0527 0x0320 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
17:02:01.0527 0x0320 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
17:02:01.0573 0x0320 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:02:01.0667 0x0320 usbaudio - ok
17:02:01.0698 0x0320 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:02:01.0761 0x0320 usbccgp - ok
17:02:01.0854 0x0320 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:02:01.0932 0x0320 usbcir - ok
17:02:01.0963 0x0320 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:02:02.0010 0x0320 usbehci - ok
17:02:02.0073 0x0320 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:02:02.0104 0x0320 usbhub - ok
17:02:02.0166 0x0320 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:02:02.0213 0x0320 usbohci - ok
17:02:02.0322 0x0320 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:02:02.0353 0x0320 usbprint - ok
17:02:02.0400 0x0320 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:02:02.0541 0x0320 USBSTOR - ok
17:02:02.0603 0x0320 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:02:02.0619 0x0320 usbuhci - ok
17:02:02.0650 0x0320 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:02:02.0681 0x0320 usbvideo - ok
17:02:02.0743 0x0320 [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:02:02.0775 0x0320 usb_rndisx - ok
17:02:02.0884 0x0320 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:02:02.0931 0x0320 UxSms - ok
17:02:03.0055 0x0320 [ 6275822AC454A8A831D063841A4DBB5D, 8CB06BE21F0B902695C2846BA9E49327A07D691EBB37A81EF171805630411365 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:02:03.0071 0x0320 UxTuneUp - ok
17:02:03.0087 0x0320 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\Windows\system32\lsass.exe
17:02:03.0102 0x0320 VaultSvc - ok
17:02:03.0258 0x0320 [ 1CDAA48CB2F7744B8D25650E050766A5, 97C7BDEAFFDAD337F4101860061BCCE6C519343B7EEEB72C3AD450B59DACCA66 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:02:03.0305 0x0320 VClone - ok
17:02:03.0383 0x0320 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:02:03.0399 0x0320 vdrvroot - ok
17:02:03.0492 0x0320 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:02:03.0555 0x0320 vds - ok
17:02:03.0726 0x0320 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:02:03.0742 0x0320 vga - ok
17:02:03.0773 0x0320 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:02:03.0804 0x0320 VgaSave - ok
17:02:03.0820 0x0320 VGPU - ok
17:02:03.0851 0x0320 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:02:03.0882 0x0320 vhdmp - ok
17:02:03.0913 0x0320 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:02:03.0929 0x0320 viaagp - ok
17:02:03.0960 0x0320 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:02:03.0991 0x0320 ViaC7 - ok
17:02:04.0054 0x0320 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:02:04.0069 0x0320 viaide - ok
17:02:04.0132 0x0320 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:02:04.0147 0x0320 vmbus - ok
17:02:04.0350 0x0320 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:02:04.0397 0x0320 VMBusHID - ok
17:02:04.0428 0x0320 [ 3B8F222B23917C041E4DA29CCC57E7D0, 2764C7A11FD5672FBF72CDD4331F1895B5084664919AD4FC855DFDD451403D4C ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
17:02:04.0475 0x0320 vncmirror - ok
17:02:04.0491 0x0320 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:02:04.0506 0x0320 volmgr - ok
17:02:04.0709 0x0320 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:02:04.0725 0x0320 volmgrx - ok
17:02:04.0771 0x0320 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:02:04.0803 0x0320 volsnap - ok
17:02:04.0881 0x0320 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:02:04.0959 0x0320 vsmraid - ok
17:02:05.0068 0x0320 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:02:05.0130 0x0320 VSS - ok
17:02:05.0130 0x0320 vToolbarUpdater18.0.5 - ok
17:02:05.0177 0x0320 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:02:05.0193 0x0320 vwifibus - ok
17:02:05.0286 0x0320 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:02:05.0364 0x0320 W32Time - ok
17:02:05.0411 0x0320 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:02:05.0427 0x0320 WacomPen - ok
17:02:05.0473 0x0320 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:02:05.0505 0x0320 WANARP - ok
17:02:05.0520 0x0320 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:02:05.0536 0x0320 Wanarpv6 - ok
17:02:05.0848 0x0320 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:02:05.0988 0x0320 WatAdminSvc - ok
17:02:06.0082 0x0320 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:02:06.0285 0x0320 wbengine - ok
17:02:06.0331 0x0320 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:02:06.0363 0x0320 WbioSrvc - ok
17:02:06.0425 0x0320 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:02:06.0456 0x0320 wcncsvc - ok
17:02:06.0487 0x0320 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:02:06.0565 0x0320 WcsPlugInService - ok
17:02:06.0597 0x0320 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:02:06.0612 0x0320 Wd - ok
17:02:06.0659 0x0320 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:02:06.0706 0x0320 Wdf01000 - ok
17:02:06.0753 0x0320 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:02:06.0877 0x0320 WdiServiceHost - ok
17:02:06.0893 0x0320 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:02:06.0924 0x0320 WdiSystemHost - ok
17:02:07.0002 0x0320 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
17:02:07.0096 0x0320 WebClient - ok
17:02:07.0127 0x0320 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:02:07.0236 0x0320 Wecsvc - ok
17:02:07.0267 0x0320 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:02:07.0299 0x0320 wercplsupport - ok
17:02:07.0361 0x0320 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:02:07.0408 0x0320 WerSvc - ok
17:02:07.0486 0x0320 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:02:07.0533 0x0320 WfpLwf - ok
17:02:07.0579 0x0320 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:02:07.0595 0x0320 WIMMount - ok
17:02:07.0626 0x0320 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
17:02:07.0657 0x0320 winbondcir - ok
17:02:07.0782 0x0320 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:02:07.0923 0x0320 WinDefend - ok
17:02:07.0938 0x0320 WinHttpAutoProxySvc - ok
17:02:08.0203 0x0320 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:02:08.0250 0x0320 Winmgmt - ok
17:02:08.0359 0x0320 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
17:02:08.0515 0x0320 WinRM - ok
17:02:08.0609 0x0320 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:02:08.0640 0x0320 WinUsb - ok
17:02:08.0827 0x0320 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:02:08.0921 0x0320 Wlansvc - ok
17:02:09.0077 0x0320 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:02:09.0186 0x0320 wlidsvc - ok
17:02:09.0233 0x0320 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:02:09.0249 0x0320 WmiAcpi - ok
17:02:09.0311 0x0320 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:02:09.0327 0x0320 wmiApSrv - ok
17:02:09.0514 0x0320 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:02:09.0561 0x0320 WMPNetworkSvc - ok
17:02:09.0608 0x0320 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:02:09.0670 0x0320 WPCSvc - ok
17:02:09.0904 0x0320 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:02:09.0982 0x0320 WPDBusEnum - ok
17:02:10.0029 0x0320 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:02:10.0060 0x0320 ws2ifsl - ok
17:02:10.0154 0x0320 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
17:02:10.0263 0x0320 wscsvc - ok
17:02:10.0325 0x0320 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:02:10.0341 0x0320 WSDPrintDevice - ok
17:02:10.0356 0x0320 WSearch - ok
17:02:10.0528 0x0320 [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\Windows\system32\wuaueng.dll
17:02:10.0700 0x0320 wuauserv - ok
17:02:10.0809 0x0320 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:02:10.0902 0x0320 WudfPf - ok
17:02:10.0934 0x0320 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:02:10.0965 0x0320 WUDFRd - ok
17:02:11.0058 0x0320 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:02:11.0074 0x0320 wudfsvc - ok
17:02:11.0152 0x0320 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:02:11.0183 0x0320 WwanSvc - ok
17:02:11.0230 0x0320 ================ Scan global
|
|
24.09.2015, 16:32
| #10 |
| | Fake Inkasso Email mit Anhang geöffnet Der 2. Teil des 1. Logs: Code:
ATTFilter ===============================
17:02:11.0308 0x0320 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:02:11.0433 0x0320 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:02:11.0464 0x0320 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:02:11.0604 0x0320 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:02:11.0698 0x0320 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:02:11.0714 0x0320 [ Global ] - ok
17:02:11.0714 0x0320 ================ Scan MBR ==================================
17:02:11.0745 0x0320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:02:12.0790 0x0320 \Device\Harddisk0\DR0 - ok
17:02:12.0806 0x0320 ================ Scan VBR ==================================
17:02:13.0055 0x0320 [ 8C3313B3F522F6BAF75A69970BD63FCE ] \Device\Harddisk0\DR0\Partition1
17:02:13.0055 0x0320 \Device\Harddisk0\DR0\Partition1 - ok
17:02:13.0055 0x0320 ================ Scan generic autorun ======================
17:02:13.0102 0x0320 [ 2F2DF068BED6E62E4C007DF7446B4F19, 96FE78E2B8BD067B7378ECDF1E74939C71EFFBF09B2C184361650DBF4ED0FCC3 ] C:\Windows\PLFSetI.exe
17:02:13.0102 0x0320 PLFSetI - detected UnsignedFile.Multi.Generic ( 1 )
17:02:13.0102 0x0320 PLFSetI ( UnsignedFile.Multi.Generic ) - warning
17:02:13.0258 0x0320 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
17:02:13.0274 0x0320 BCSSync - ok
17:02:13.0274 0x0320 RtHDVCpl - ok
17:02:13.0320 0x0320 Adobe Reader Speed Launcher - ok
17:02:13.0383 0x0320 [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:02:13.0445 0x0320 Avira SystrayStartTrigger - ok
17:02:13.0835 0x0320 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
17:02:14.0069 0x0320 avgnt - ok
17:02:14.0225 0x0320 [ 410B874688999A169CE6F7991268FA3A, 31211A630226D6E681F341C08D52D8C22A3C0DD76B70D82443C8366CA17DD9BB ] C:\ProgramData\Apple Computer\iTunes\bending\chroma.exe
17:02:14.0350 0x0320 amplitude_modulation - detected UnsignedFile.Multi.Generic ( 1 )
17:02:14.0350 0x0320 amplitude_modulation ( UnsignedFile.Multi.Generic ) - warning
17:02:14.0350 0x0320 Force sending object to P2P due to detect: C:\ProgramData\Apple Computer\iTunes\bending\chroma.exe
17:02:14.0350 0x0320 Object send P2P result: false
17:02:14.0537 0x0320 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:02:14.0646 0x0320 Sidebar - ok
17:02:14.0709 0x0320 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:02:14.0740 0x0320 mctadmin - ok
17:02:14.0818 0x0320 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:02:14.0849 0x0320 Sidebar - ok
17:02:14.0865 0x0320 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:02:14.0896 0x0320 mctadmin - ok
17:02:14.0974 0x0320 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:02:15.0021 0x0320 Sidebar - ok
17:02:15.0816 0x0320 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:02:15.0926 0x0320 Google Update - ok
17:02:15.0972 0x0320 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5, 6075E8ADD4136AC6497C1FE9CC937E6652FAD5024AED1CF901CE107078955C4F ] C:\Windows\System32\StikyNot.exe
17:02:16.0019 0x0320 RESTART_STICKY_NOTES - ok
17:02:16.0222 0x0320 [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:02:16.0222 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:02:16.0331 0x0320 sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:16.0331 0x0320 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:16.0331 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:02:16.0331 0x0320 Object send P2P result: false
17:02:16.0362 0x0320 [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:02:16.0362 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:02:16.0378 0x0320 link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:16.0378 0x0320 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:16.0378 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:02:16.0378 0x0320 Object send P2P result: false
17:02:16.0440 0x0320 [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:02:16.0440 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:02:16.0456 0x0320 government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:16.0456 0x0320 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:16.0456 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:02:16.0456 0x0320 Object send P2P result: false
17:02:16.0518 0x0320 [ 2ED7B57A489A7D95270E8A1282CBBA26, DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E ] C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:02:16.0518 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe. md5: 2ED7B57A489A7D95270E8A1282CBBA26, sha256: DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E
17:02:16.0534 0x0320 act-age - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:16.0534 0x0320 act-age ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:16.0534 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:02:16.0534 0x0320 Object send P2P result: false
17:02:16.0659 0x0320 [ DA275210B45D1A0873441D754A18C6F8, 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40 ] C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:02:16.0659 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe. md5: DA275210B45D1A0873441D754A18C6F8, sha256: 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40
17:02:16.0659 0x0320 job-prompt - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:16.0659 0x0320 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:16.0659 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:02:16.0659 0x0320 Object send P2P result: false
17:02:16.0706 0x0320 [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:02:16.0706 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:02:16.0721 0x0320 link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:16.0721 0x0320 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:16.0721 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:02:16.0721 0x0320 Object send P2P result: false
17:02:17.0018 0x0320 [ 6699D46E6E8F89FCB5A20DF2B78BDDF6, 3B1BFF6379613E137280874E007BA31173A37F52167093970A788C0716A93BB1 ] C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\farad.exe
17:02:17.0018 0x0320 Suspicious file ( Hidden ): C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\farad.exe. md5: 6699D46E6E8F89FCB5A20DF2B78BDDF6, sha256: 3B1BFF6379613E137280874E007BA31173A37F52167093970A788C0716A93BB1
17:02:17.0018 0x0320 artificial_intelligence - detected HiddenFile.Multi.Generic ( 1 )
17:02:17.0018 0x0320 artificial_intelligence ( HiddenFile.Multi.Generic ) - warning
17:02:17.0049 0x0320 [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:02:17.0049 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:02:17.0049 0x0320 government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:17.0049 0x0320 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:17.0049 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:02:17.0064 0x0320 Object send P2P result: false
17:02:17.0096 0x0320 [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:02:17.0096 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:02:17.0096 0x0320 sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:17.0096 0x0320 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:17.0096 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:02:17.0096 0x0320 Object send P2P result: false
17:02:17.0127 0x0320 [ 2ED7B57A489A7D95270E8A1282CBBA26, DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E ] C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:02:17.0127 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe. md5: 2ED7B57A489A7D95270E8A1282CBBA26, sha256: DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E
17:02:17.0142 0x0320 act-age - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:17.0142 0x0320 act-age ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:17.0142 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:02:17.0158 0x0320 Object send P2P result: false
17:02:17.0236 0x0320 [ DA275210B45D1A0873441D754A18C6F8, 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40 ] C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:02:17.0236 0x0320 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe. md5: DA275210B45D1A0873441D754A18C6F8, sha256: 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40
17:02:17.0252 0x0320 job-prompt - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:02:17.0252 0x0320 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:02:17.0252 0x0320 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:02:17.0252 0x0320 Object send P2P result: false
17:02:17.0392 0x0320 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:02:17.0439 0x0320 Sidebar - ok
17:02:17.0439 0x0320 AVG-Secure-Search-Update_JUNE2013_TB - ok
17:02:17.0610 0x0320 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:02:17.0626 0x0320 Google Update - ok
17:02:17.0938 0x0320 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:02:17.0969 0x0320 mctadmin - ok
17:02:18.0047 0x0320 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:02:18.0156 0x0320 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:02:18.0266 0x0320 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:02:18.0312 0x0320 Sidebar - ok
17:02:18.0312 0x0320 AVG-Secure-Search-Update_JUNE2013_TB - ok
17:02:18.0359 0x0320 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:02:18.0375 0x0320 Google Update - ok
17:02:18.0437 0x0320 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:02:18.0453 0x0320 mctadmin - ok
17:02:18.0500 0x0320 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:02:18.0546 0x0320 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:02:18.0562 0x0320 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41010 ( enabled : outofdate )
17:02:18.0562 0x0320 Win FW state via NFP2: enabled ( trusted )
17:02:18.0562 0x0320 ============================================================
17:02:18.0562 0x0320 Scan finished
17:02:18.0562 0x0320 ============================================================
17:02:18.0578 0x22d4 Detected object count: 24
17:02:18.0578 0x22d4 Actual detected object count: 24
17:02:27.0629 0x22d4 C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\parallel.exe - copied to quarantine
17:02:27.0645 0x22d4 brownout ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:27.0919 0x22d4 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
17:02:27.0933 0x22d4 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0050 0x22d4 C:\Windows\system32\DRIVERS\netaapl.sys - copied to quarantine
17:02:28.0053 0x22d4 Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0089 0x22d4 C:\Windows\system32\DRIVERS\nuvotoncir.sys - copied to quarantine
17:02:28.0093 0x22d4 nuvotoncir ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0154 0x22d4 C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\supervisor.exe - copied to quarantine
17:02:28.0170 0x22d4 second_harmonic ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0295 0x22d4 C:\Windows\system32\drivers\sfdrv01.sys - copied to quarantine
17:02:28.0295 0x22d4 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0341 0x22d4 C:\Windows\system32\drivers\sfhlp02.sys - copied to quarantine
17:02:28.0357 0x22d4 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0419 0x22d4 C:\Windows\system32\drivers\sfsync02.sys - copied to quarantine
17:02:28.0419 0x22d4 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0638 0x22d4 C:\Windows\system32\drivers\sfvfs02.sys - copied to quarantine
17:02:28.0653 0x22d4 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:28.0938 0x22d4 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
17:02:28.0938 0x22d4 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
17:02:29.0063 0x22d4 C:\Windows\system32\Drivers\usbaapl.sys - copied to quarantine
17:02:29.0063 0x22d4 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:29.0141 0x22d4 C:\Windows\PLFSetI.exe - copied to quarantine
17:02:29.0141 0x22d4 PLFSetI ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:29.0562 0x22d4 C:\ProgramData\Apple Computer\iTunes\bending\chroma.exe - copied to quarantine
17:02:29.0562 0x22d4 amplitude_modulation ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:02:29.0983 0x22d4 C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe - copied to quarantine
17:02:29.0983 0x22d4 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:30.0014 0x22d4 C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe - copied to quarantine
17:02:30.0014 0x22d4 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:30.0170 0x22d4 C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe - copied to quarantine
17:02:30.0170 0x22d4 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:30.0404 0x22d4 C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe - copied to quarantine
17:02:30.0404 0x22d4 act-age ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:30.0654 0x22d4 C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe - copied to quarantine
17:02:30.0654 0x22d4 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:30.0716 0x22d4 C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe - copied to quarantine
17:02:30.0716 0x22d4 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:31.0200 0x22d4 C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\farad.exe - copied to quarantine
17:02:31.0200 0x22d4 artificial_intelligence ( HiddenFile.Multi.Generic ) - User select action: Quarantine
17:02:31.0637 0x22d4 C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe - copied to quarantine
17:02:31.0637 0x22d4 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:32.0261 0x22d4 C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe - copied to quarantine
17:02:32.0261 0x22d4 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:32.0495 0x22d4 C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe - copied to quarantine
17:02:32.0495 0x22d4 act-age ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:32.0557 0x22d4 C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe - copied to quarantine
17:02:32.0557 0x22d4 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Quarantine
17:02:36.0886 0x1864 Deinitialize success
|
|
24.09.2015, 16:34
| #11 |
| | Fake Inkasso Email mit Anhang geöffnet Der erste Teil des 2. Log nach dem Reboot: Code:
ATTFilter 17:09:14.0097 0x1b58 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:09:18.0809 0x1b58 ============================================================
17:09:18.0809 0x1b58 Current date / time: 2015/09/24 17:09:18.0809
17:09:18.0809 0x1b58 SystemInfo:
17:09:18.0809 0x1b58
17:09:18.0809 0x1b58 OS Version: 6.1.7601 ServicePack: 1.0
17:09:18.0809 0x1b58 Product type: Workstation
17:09:18.0809 0x1b58 ComputerName: TOM-PC
17:09:18.0809 0x1b58 UserName: Tom
17:09:18.0809 0x1b58 Windows directory: C:\Windows
17:09:18.0809 0x1b58 System windows directory: C:\Windows
17:09:18.0809 0x1b58 Processor architecture: Intel x86
17:09:18.0809 0x1b58 Number of processors: 2
17:09:18.0809 0x1b58 Page size: 0x1000
17:09:18.0809 0x1b58 Boot type: Normal boot
17:09:18.0809 0x1b58 ============================================================
17:09:37.0388 0x1b58 KLMD registered as C:\Windows\system32\drivers\15544996.sys
17:09:39.0338 0x1b58 System UUID: {41E80AEA-1A26-5AA2-5401-A7B392501519}
17:09:40.0290 0x1b58 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:09:40.0290 0x1b58 ============================================================
17:09:40.0290 0x1b58 \Device\Harddisk0\DR0:
17:09:40.0290 0x1b58 MBR partitions:
17:09:40.0290 0x1b58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x1B7C4000
17:09:40.0290 0x1b58 ============================================================
17:09:40.0321 0x1b58 C: <-> \Device\Harddisk0\DR0\Partition1
17:09:40.0337 0x1b58 ============================================================
17:09:40.0337 0x1b58 Initialize success
17:09:40.0337 0x1b58 ============================================================
17:09:47.0856 0x1860 ============================================================
17:09:47.0856 0x1860 Scan started
17:09:47.0856 0x1860 Mode: Manual; SigCheck; TDLFS;
17:09:47.0856 0x1860 ============================================================
17:09:47.0856 0x1860 KSN ping started
17:09:50.0664 0x1860 KSN ping finished: true
17:09:57.0294 0x1860 ================ Scan system memory ========================
17:09:57.0294 0x1860 System memory - ok
17:09:57.0294 0x1860 ================ Scan services =============================
17:09:57.0559 0x1860 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:09:59.0696 0x1860 1394ohci - ok
17:09:59.0961 0x1860 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:09:59.0993 0x1860 ACPI - ok
17:10:00.0071 0x1860 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:10:00.0539 0x1860 AcpiPmi - ok
17:10:00.0866 0x1860 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:00.0882 0x1860 AdobeARMservice - ok
17:10:01.0053 0x1860 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:01.0085 0x1860 AdobeFlashPlayerUpdateSvc - ok
17:10:01.0163 0x1860 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:10:01.0194 0x1860 adp94xx - ok
17:10:01.0397 0x1860 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:10:01.0490 0x1860 adpahci - ok
17:10:01.0537 0x1860 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:10:01.0553 0x1860 adpu320 - ok
17:10:01.0646 0x1860 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:10:01.0833 0x1860 AeLookupSvc - ok
17:10:01.0880 0x1860 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
17:10:02.0052 0x1860 AFD - ok
17:10:02.0192 0x1860 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:10:02.0208 0x1860 agp440 - ok
17:10:02.0270 0x1860 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:10:02.0286 0x1860 aic78xx - ok
17:10:02.0317 0x1860 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:10:02.0442 0x1860 ALG - ok
17:10:02.0489 0x1860 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:10:02.0504 0x1860 aliide - ok
17:10:02.0551 0x1860 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:10:02.0567 0x1860 amdagp - ok
17:10:02.0629 0x1860 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:10:02.0645 0x1860 amdide - ok
17:10:02.0676 0x1860 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:10:02.0816 0x1860 AmdK8 - ok
17:10:02.0816 0x1860 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:10:02.0925 0x1860 AmdPPM - ok
17:10:02.0988 0x1860 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:10:03.0003 0x1860 amdsata - ok
17:10:03.0019 0x1860 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:10:03.0035 0x1860 amdsbs - ok
17:10:03.0081 0x1860 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:10:03.0097 0x1860 amdxata - ok
17:10:03.0097 0x1860 Amdxidtun - ok
17:10:03.0596 0x1860 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
17:10:03.0643 0x1860 AntiVirMailService - ok
17:10:03.0830 0x1860 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:10:03.0861 0x1860 AntiVirSchedulerService - ok
17:10:03.0939 0x1860 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:10:03.0955 0x1860 AntiVirService - ok
17:10:04.0127 0x1860 [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
17:10:04.0173 0x1860 AntiVirWebService - ok
17:10:04.0236 0x1860 [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\Windows\system32\drivers\appid.sys
17:10:04.0329 0x1860 AppID - ok
17:10:04.0345 0x1860 [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:10:04.0423 0x1860 AppIDSvc - ok
17:10:04.0485 0x1860 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
17:10:04.0595 0x1860 Appinfo - ok
17:10:04.0657 0x1860 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:10:04.0829 0x1860 AppMgmt - ok
17:10:05.0016 0x1860 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:10:05.0078 0x1860 arc - ok
17:10:05.0156 0x1860 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:10:05.0219 0x1860 arcsas - ok
17:10:05.0421 0x1860 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:10:05.0655 0x1860 aspnet_state - ok
17:10:05.0671 0x1860 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:05.0874 0x1860 AsyncMac - ok
17:10:05.0952 0x1860 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:10:05.0967 0x1860 atapi - ok
17:10:06.0045 0x1860 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:06.0295 0x1860 AudioEndpointBuilder - ok
17:10:06.0357 0x1860 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:10:06.0451 0x1860 Audiosrv - ok
17:10:06.0560 0x1860 [ 98A2E56DC1197D36E81F771DB81ED798, 9AD3089D59DDD15DF74CEE49568C3CFFD97976F93B7CA246F4D51FBA5528C6BA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:10:06.0607 0x1860 avgntflt - ok
17:10:06.0669 0x1860 [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
17:10:06.0685 0x1860 avgtp - ok
17:10:06.0841 0x1860 [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:10:06.0857 0x1860 avipbb - ok
17:10:06.0997 0x1860 [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
17:10:07.0028 0x1860 Avira.ServiceHost - ok
17:10:07.0075 0x1860 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:10:07.0091 0x1860 avkmgr - ok
17:10:07.0153 0x1860 [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:10:07.0169 0x1860 avnetflt - ok
17:10:07.0293 0x1860 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:10:07.0418 0x1860 AxInstSV - ok
17:10:07.0465 0x1860 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:10:07.0590 0x1860 b06bdrv - ok
17:10:07.0808 0x1860 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:10:08.0058 0x1860 b57nd60x - ok
17:10:08.0120 0x1860 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:10:08.0495 0x1860 BDESVC - ok
17:10:08.0526 0x1860 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:10:08.0775 0x1860 Beep - ok
17:10:08.0838 0x1860 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:10:09.0056 0x1860 BFE - ok
17:10:09.0103 0x1860 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
17:10:09.0633 0x1860 BITS - ok
17:10:09.0649 0x1860 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:10:10.0273 0x1860 blbdrive - ok
17:10:10.0304 0x1860 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:10:10.0491 0x1860 bowser - ok
17:10:10.0523 0x1860 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:10:10.0803 0x1860 BrFiltLo - ok
17:10:10.0835 0x1860 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:10:11.0006 0x1860 BrFiltUp - ok
17:10:11.0053 0x1860 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
17:10:11.0365 0x1860 Bridge - ok
17:10:11.0381 0x1860 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:10:11.0552 0x1860 BridgeMP - ok
17:10:11.0786 0x1860 [ 48977666C1B9368507B473F86DC4FCC9, 25FF4AC81C765B11F3DE24B8C212B6BA3AFA151C05FF360575F65D7EFCCDA124 ] brownout C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\parallel.exe
17:10:11.0880 0x1860 brownout - detected UnsignedFile.Multi.Generic ( 1 )
17:10:15.0078 0x1860 brownout ( UnsignedFile.Multi.Generic ) - warning
17:10:20.0101 0x1860 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:10:20.0366 0x1860 Browser - ok
17:10:20.0382 0x1860 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:10:20.0538 0x1860 Brserid - ok
17:10:20.0585 0x1860 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:10:20.0663 0x1860 BrSerWdm - ok
17:10:20.0803 0x1860 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:10:20.0834 0x1860 BrUsbMdm - ok
17:10:21.0006 0x1860 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:10:21.0068 0x1860 BrUsbSer - ok
17:10:21.0146 0x1860 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:10:21.0255 0x1860 BthEnum - ok
17:10:21.0318 0x1860 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:10:21.0380 0x1860 BTHMODEM - ok
17:10:21.0521 0x1860 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:10:21.0583 0x1860 BthPan - ok
17:10:21.0833 0x1860 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:10:21.0895 0x1860 BTHPORT - ok
17:10:21.0973 0x1860 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:10:22.0082 0x1860 bthserv - ok
17:10:22.0113 0x1860 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:10:22.0129 0x1860 BTHUSB - ok
17:10:22.0160 0x1860 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:10:22.0207 0x1860 cdfs - ok
17:10:22.0254 0x1860 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:10:22.0379 0x1860 cdrom - ok
17:10:22.0441 0x1860 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:10:22.0644 0x1860 CertPropSvc - ok
17:10:22.0675 0x1860 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:10:22.0815 0x1860 circlass - ok
17:10:22.0847 0x1860 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
17:10:22.0878 0x1860 CLFS - ok
17:10:22.0971 0x1860 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:23.0065 0x1860 clr_optimization_v2.0.50727_32 - ok
17:10:23.0081 0x1860 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:23.0393 0x1860 clr_optimization_v4.0.30319_32 - ok
17:10:23.0424 0x1860 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:10:23.0736 0x1860 CmBatt - ok
17:10:23.0814 0x1860 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:10:23.0876 0x1860 cmdide - ok
17:10:23.0985 0x1860 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
17:10:24.0141 0x1860 CNG - ok
17:10:24.0204 0x1860 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:10:24.0282 0x1860 Compbatt - ok
17:10:24.0344 0x1860 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:10:24.0391 0x1860 CompositeBus - ok
17:10:24.0391 0x1860 COMSysApp - ok
17:10:24.0438 0x1860 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:10:25.0046 0x1860 crcdisk - ok
17:10:25.0155 0x1860 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:10:25.0280 0x1860 CryptSvc - ok
17:10:25.0452 0x1860 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
17:10:25.0561 0x1860 CSC - ok
17:10:25.0670 0x1860 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
17:10:25.0904 0x1860 CscService - ok
17:10:26.0123 0x1860 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512, 8F788EB5788CC04D53728FADF72114E0A12CC6F66B6A84EA7C7293722AC76137 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:10:26.0138 0x1860 dc3d - ok
17:10:26.0232 0x1860 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
17:10:26.0279 0x1860 DcomLaunch - ok
17:10:26.0372 0x1860 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:10:26.0435 0x1860 defragsvc - ok
17:10:26.0481 0x1860 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:10:26.0715 0x1860 DfsC - ok
17:10:26.0825 0x1860 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:10:26.0856 0x1860 Dhcp - ok
17:10:27.0168 0x1860 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
17:10:27.0620 0x1860 DiagTrack - ok
17:10:27.0651 0x1860 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:10:27.0854 0x1860 discache - ok
17:10:27.0932 0x1860 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:10:27.0948 0x1860 Disk - ok
17:10:28.0151 0x1860 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:10:28.0338 0x1860 Dnscache - ok
17:10:28.0385 0x1860 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:10:28.0697 0x1860 dot3svc - ok
17:10:28.0899 0x1860 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:10:28.0962 0x1860 DPS - ok
17:10:29.0133 0x1860 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:10:29.0305 0x1860 drmkaud - ok
17:10:29.0399 0x1860 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:10:29.0477 0x1860 DXGKrnl - ok
17:10:29.0586 0x1860 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:10:29.0648 0x1860 EapHost - ok
17:10:29.0867 0x1860 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:10:30.0085 0x1860 ebdrv - ok
17:10:30.0194 0x1860 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\Windows\System32\lsass.exe
17:10:30.0288 0x1860 EFS - ok
17:10:30.0381 0x1860 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:10:30.0459 0x1860 ehRecvr - ok
17:10:30.0506 0x1860 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:10:30.0678 0x1860 ehSched - ok
17:10:30.0834 0x1860 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:10:30.0865 0x1860 elxstor - ok
17:10:30.0927 0x1860 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:10:30.0959 0x1860 ErrDev - ok
17:10:31.0037 0x1860 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:10:31.0146 0x1860 EventSystem - ok
17:10:31.0177 0x1860 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:10:31.0224 0x1860 exfat - ok
17:10:31.0349 0x1860 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:10:31.0505 0x1860 fastfat - ok
17:10:31.0551 0x1860 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:10:31.0629 0x1860 Fax - ok
17:10:31.0661 0x1860 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:10:31.0723 0x1860 fdc - ok
17:10:31.0832 0x1860 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:10:31.0910 0x1860 fdPHost - ok
17:10:31.0941 0x1860 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:10:31.0988 0x1860 FDResPub - ok
17:10:32.0035 0x1860 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:10:32.0051 0x1860 FileInfo - ok
17:10:32.0129 0x1860 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:10:32.0175 0x1860 Filetrace - ok
17:10:32.0269 0x1860 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:10:32.0331 0x1860 flpydisk - ok
17:10:32.0378 0x1860 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:10:32.0409 0x1860 FltMgr - ok
17:10:32.0534 0x1860 [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\Windows\system32\FntCache.dll
17:10:32.0675 0x1860 FontCache - ok
17:10:32.0862 0x1860 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:10:32.0878 0x1860 FontCache3.0.0.0 - ok
17:10:32.0924 0x1860 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:10:32.0940 0x1860 FsDepends - ok
17:10:33.0049 0x1860 [ 2B3BF55BA74EB8118F67AB2B450B8EA9, 6D09D75105FE374E0865A2E5C1F9460AF938B6F62604F0C97B31ED9ADD4AFF4E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:10:33.0065 0x1860 fssfltr - ok
17:10:33.0392 0x1860 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:10:33.0517 0x1860 fsssvc - ok
17:10:33.0642 0x1860 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:10:33.0689 0x1860 Fs_Rec - ok
17:10:33.0829 0x1860 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:10:33.0845 0x1860 fvevol - ok
17:10:33.0892 0x1860 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:10:33.0907 0x1860 gagp30kx - ok
17:10:34.0001 0x1860 [ 007AEA2E06E7CEF7372E40C277163959, 805906ADC7C5473B767932A552FEC7500D0F3F7CB45D8DEFE6A1567F2038EF88 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
17:10:34.0016 0x1860 ggflt - ok
17:10:34.0141 0x1860 [ C73DE35960CA75C5AB4AE636B127C64E, 0C22EECD64CC06AB820ED6A2E76FBC7AB072379FD14837CF95BA3EF105ABB745 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
17:10:34.0157 0x1860 ggsemc - ok
17:10:34.0235 0x1860 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
17:10:34.0328 0x1860 gpsvc - ok
17:10:34.0406 0x1860 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:10:34.0422 0x1860 gupdate - ok
17:10:34.0484 0x1860 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:10:34.0500 0x1860 gupdatem - ok
17:10:34.0547 0x1860 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:10:34.0656 0x1860 hcw85cir - ok
17:10:34.0781 0x1860 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:34.0812 0x1860 HdAudAddService - ok
17:10:34.0859 0x1860 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:10:34.0874 0x1860 HDAudBus - ok
17:10:34.0937 0x1860 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:10:34.0999 0x1860 HidBatt - ok
17:10:35.0077 0x1860 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:10:35.0218 0x1860 HidBth - ok
17:10:35.0280 0x1860 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:10:35.0374 0x1860 HidIr - ok
17:10:35.0452 0x1860 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:10:36.0076 0x1860 hidserv - ok
17:10:36.0154 0x1860 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:10:36.0419 0x1860 HidUsb - ok
17:10:36.0450 0x1860 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:10:36.0590 0x1860 hkmsvc - ok
17:10:36.0637 0x1860 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:36.0731 0x1860 HomeGroupListener - ok
17:10:36.0824 0x1860 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:36.0902 0x1860 HomeGroupProvider - ok
17:10:36.0980 0x1860 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:10:37.0012 0x1860 HpSAMD - ok
17:10:37.0308 0x1860 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:10:37.0386 0x1860 HTTP - ok
17:10:37.0448 0x1860 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:10:37.0464 0x1860 hwpolicy - ok
17:10:37.0542 0x1860 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:10:37.0636 0x1860 i8042prt - ok
17:10:37.0698 0x1860 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:10:37.0729 0x1860 iaStorV - ok
17:10:37.0870 0x1860 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:10:37.0963 0x1860 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:10:47.0978 0x1860 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:10:51.0847 0x1860 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:10:52.0050 0x1860 idsvc - ok
17:10:52.0112 0x1860 IEEtwCollectorService - ok
17:10:52.0144 0x1860 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:10:52.0159 0x1860 iirsp - ok
17:10:52.0237 0x1860 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
17:10:52.0300 0x1860 IKEEXT - ok
17:10:52.0315 0x1860 IntcAzAudAddService - ok
17:10:52.0362 0x1860 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:10:52.0393 0x1860 intelide - ok
17:10:52.0440 0x1860 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:10:52.0487 0x1860 intelppm - ok
17:10:52.0580 0x1860 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:10:52.0643 0x1860 IPBusEnum - ok
17:10:52.0674 0x1860 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:52.0783 0x1860 IpFilterDriver - ok
17:10:52.0846 0x1860 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:10:52.0924 0x1860 iphlpsvc - ok
17:10:52.0955 0x1860 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:10:53.0017 0x1860 IPMIDRV - ok
17:10:53.0080 0x1860 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:10:53.0204 0x1860 IPNAT - ok
17:10:53.0236 0x1860 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:10:53.0314 0x1860 IRENUM - ok
17:10:53.0360 0x1860 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:10:53.0376 0x1860 isapnp - ok
17:10:53.0407 0x1860 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:10:53.0438 0x1860 iScsiPrt - ok
17:10:53.0454 0x1860 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:53.0470 0x1860 kbdclass - ok
17:10:53.0516 0x1860 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:53.0532 0x1860 kbdhid - ok
17:10:53.0563 0x1860 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\Windows\system32\lsass.exe
17:10:53.0579 0x1860 KeyIso - ok
17:10:53.0641 0x1860 [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:10:53.0672 0x1860 KSecDD - ok
17:10:53.0828 0x1860 [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:10:53.0860 0x1860 KSecPkg - ok
17:10:53.0922 0x1860 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:10:54.0031 0x1860 KtmRm - ok
17:10:54.0078 0x1860 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:10:54.0109 0x1860 LanmanServer - ok
17:10:54.0140 0x1860 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:54.0203 0x1860 LanmanWorkstation - ok
17:10:54.0250 0x1860 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:10:54.0328 0x1860 lltdio - ok
17:10:54.0390 0x1860 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:10:54.0515 0x1860 lltdsvc - ok
17:10:54.0546 0x1860 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:10:54.0608 0x1860 lmhosts - ok
17:10:54.0640 0x1860 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:10:54.0655 0x1860 LSI_FC - ok
17:10:54.0702 0x1860 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:10:54.0764 0x1860 LSI_SAS - ok
17:10:54.0811 0x1860 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:10:54.0827 0x1860 LSI_SAS2 - ok
17:10:54.0889 0x1860 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:10:54.0905 0x1860 LSI_SCSI - ok
17:10:54.0952 0x1860 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:10:54.0983 0x1860 luafv - ok
17:10:55.0045 0x1860 [ FDBDEDB746A33BAFC17394D1960ADEAF, 6280BD2559A3A0D058BAAF0BB3719F4BEE5841EC9901452CB6D8319666901876 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
17:10:55.0061 0x1860 mbamchameleon - ok
17:10:55.0092 0x1860 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:10:55.0123 0x1860 Mcx2Svc - ok
17:10:55.0123 0x1860 mdmxsdk - ok
17:10:55.0170 0x1860 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:10:55.0232 0x1860 megasas - ok
17:10:55.0248 0x1860 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:10:55.0279 0x1860 MegaSR - ok
17:10:55.0451 0x1860 Microsoft SharePoint Workspace Audit Service - ok
17:10:55.0529 0x1860 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:10:55.0560 0x1860 MMCSS - ok
17:10:55.0591 0x1860 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:10:55.0654 0x1860 Modem - ok
17:10:55.0700 0x1860 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:10:55.0778 0x1860 monitor - ok
17:10:55.0810 0x1860 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:10:55.0825 0x1860 mouclass - ok
17:10:55.0888 0x1860 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:10:55.0934 0x1860 mouhid - ok
17:10:55.0997 0x1860 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:10:56.0012 0x1860 mountmgr - ok
17:10:56.0059 0x1860 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:10:56.0106 0x1860 mpio - ok
17:10:56.0137 0x1860 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:10:56.0215 0x1860 mpsdrv - ok
17:10:56.0278 0x1860 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:10:56.0933 0x1860 MpsSvc - ok
17:10:57.0026 0x1860 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:10:57.0432 0x1860 MRxDAV - ok
17:10:57.0853 0x1860 [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:57.0931 0x1860 mrxsmb - ok
17:10:58.0056 0x1860 [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:58.0103 0x1860 mrxsmb10 - ok
17:10:58.0243 0x1860 [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:58.0337 0x1860 mrxsmb20 - ok
17:10:58.0368 0x1860 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:10:58.0384 0x1860 msahci - ok
17:10:58.0430 0x1860 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:10:58.0446 0x1860 msdsm - ok
17:10:58.0477 0x1860 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:10:58.0555 0x1860 MSDTC - ok
17:10:58.0602 0x1860 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:10:58.0727 0x1860 Msfs - ok
17:10:58.0820 0x1860 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:10:58.0898 0x1860 mshidkmdf - ok
17:10:58.0945 0x1860 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:10:58.0976 0x1860 msisadrv - ok
17:10:59.0054 0x1860 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:10:59.0179 0x1860 MSiSCSI - ok
17:10:59.0195 0x1860 msiserver - ok
17:10:59.0242 0x1860 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:10:59.0273 0x1860 MSKSSRV - ok
17:10:59.0320 0x1860 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:59.0398 0x1860 MSPCLOCK - ok
17:10:59.0413 0x1860 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:10:59.0507 0x1860 MSPQM - ok
17:10:59.0554 0x1860 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:10:59.0585 0x1860 MsRPC - ok
17:10:59.0678 0x1860 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:10:59.0710 0x1860 mssmbios - ok
17:10:59.0850 0x1860 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:11:00.0240 0x1860 MSTEE - ok
17:11:00.0287 0x1860 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:11:00.0396 0x1860 MTConfig - ok
17:11:00.0427 0x1860 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:11:00.0458 0x1860 Mup - ok
17:11:00.0521 0x1860 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:11:00.0599 0x1860 napagent - ok
17:11:00.0630 0x1860 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:11:00.0661 0x1860 NativeWifiP - ok
17:11:00.0817 0x1860 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:11:00.0864 0x1860 NDIS - ok
17:11:00.0911 0x1860 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:11:00.0958 0x1860 NdisCap - ok
17:11:00.0989 0x1860 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:01.0114 0x1860 NdisTapi - ok
17:11:01.0223 0x1860 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:01.0519 0x1860 Ndisuio - ok
17:11:01.0566 0x1860 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:01.0894 0x1860 NdisWan - ok
17:11:01.0956 0x1860 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:11:01.0987 0x1860 NDProxy - ok
17:11:02.0034 0x1860 [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
17:11:02.0050 0x1860 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
17:11:04.0780 0x1860 Detect skipped due to KSN trusted
17:11:04.0780 0x1860 Netaapl - ok
17:11:04.0858 0x1860 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:11:04.0920 0x1860 NetBIOS - ok
17:11:04.0998 0x1860 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:11:05.0076 0x1860 NetBT - ok
17:11:05.0123 0x1860 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\Windows\system32\lsass.exe
17:11:05.0154 0x1860 Netlogon - ok
17:11:05.0232 0x1860 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:11:05.0310 0x1860 Netman - ok
17:11:05.0450 0x1860 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:05.0638 0x1860 NetMsmqActivator - ok
17:11:05.0653 0x1860 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:05.0669 0x1860 NetPipeActivator - ok
17:11:05.0809 0x1860 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:11:05.0950 0x1860 netprofm - ok
17:11:05.0965 0x1860 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:05.0981 0x1860 NetTcpActivator - ok
17:11:06.0043 0x1860 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:06.0106 0x1860 NetTcpPortSharing - ok
17:11:06.0308 0x1860 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
17:11:06.0667 0x1860 netw5v32 - ok
17:11:06.0808 0x1860 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:11:06.0823 0x1860 nfrd960 - ok
17:11:06.0901 0x1860 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:11:07.0229 0x1860 NlaSvc - ok
17:11:07.0260 0x1860 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:11:07.0494 0x1860 Npfs - ok
17:11:07.0525 0x1860 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:11:07.0588 0x1860 nsi - ok
17:11:07.0619 0x1860 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:11:07.0681 0x1860 nsiproxy - ok
17:11:08.0009 0x1860 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:11:08.0087 0x1860 Ntfs - ok
17:11:08.0118 0x1860 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:11:08.0196 0x1860 Null - ok
17:11:08.0227 0x1860 [ 7F5D69A031BE0E7BDFB8126E1A212417, E0ECC8D47D9385FC97B962A72F435A94F9AAF88694E84EE8AF7F3D0EBD2C15DC ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
17:11:08.0258 0x1860 nuvotoncir - detected UnsignedFile.Multi.Generic ( 1 )
17:11:11.0753 0x1860 Detect skipped due to KSN trusted
17:11:11.0753 0x1860 nuvotoncir - ok
17:11:12.0268 0x1860 [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:11:12.0970 0x1860 nvlddmkm - ok
17:11:13.0110 0x1860 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:11:13.0141 0x1860 nvraid - ok
17:11:13.0204 0x1860 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:11:13.0219 0x1860 nvstor - ok
17:11:13.0484 0x1860 [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:11:13.0516 0x1860 nvsvc - ok
17:11:13.0843 0x1860 [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:11:13.0906 0x1860 nvUpdatusService - ok
17:11:13.0937 0x1860 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:11:13.0952 0x1860 nv_agp - ok
17:11:13.0999 0x1860 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:11:14.0062 0x1860 ohci1394 - ok
17:11:14.0155 0x1860 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:11:14.0171 0x1860 ose - ok
17:11:15.0575 0x1860 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:11:15.0809 0x1860 osppsvc - ok
17:11:16.0355 0x1860 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:11:16.0448 0x1860 p2pimsvc - ok
17:11:16.0511 0x1860 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:11:16.0558 0x1860 p2psvc - ok
17:11:16.0620 0x1860 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:11:16.0667 0x1860 Parport - ok
17:11:16.0792 0x1860 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:11:16.0807 0x1860 partmgr - ok
17:11:16.0838 0x1860 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:11:16.0994 0x1860 Parvdm - ok
17:11:17.0041 0x1860 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
17:11:17.0135 0x1860 PcaSvc - ok
17:11:17.0166 0x1860 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:11:17.0182 0x1860 pci - ok
17:11:17.0384 0x1860 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:11:17.0447 0x1860 pciide - ok
17:11:17.0540 0x1860 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:11:17.0556 0x1860 pcmcia - ok
17:11:17.0587 0x1860 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:11:17.0603 0x1860 pcw - ok
17:11:17.0696 0x1860 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:11:17.0884 0x1860 PEAUTH - ok
17:11:17.0946 0x1860 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:11:18.0118 0x1860 PeerDistSvc - ok
17:11:18.0242 0x1860 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:11:18.0554 0x1860 pla - ok
17:11:18.0648 0x1860 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:11:18.0695 0x1860 PlugPlay - ok
17:11:18.0851 0x1860 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:11:18.0866 0x1860 PnkBstrA - ok
17:11:18.0913 0x1860 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:11:18.0976 0x1860 PNRPAutoReg - ok
17:11:19.0038 0x1860 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:11:19.0069 0x1860 PNRPsvc - ok
17:11:19.0163 0x1860 [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32 C:\Windows\system32\DRIVERS\point32.sys
17:11:19.0178 0x1860 Point32 - ok
17:11:19.0225 0x1860 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:11:19.0381 0x1860 PolicyAgent - ok
17:11:19.0506 0x1860 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:11:19.0568 0x1860 Power - ok
17:11:19.0600 0x1860 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:11:19.0709 0x1860 PptpMiniport - ok
17:11:19.0802 0x1860 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:11:19.0880 0x1860 Processor - ok
17:11:19.0927 0x1860 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
17:11:19.0958 0x1860 ProfSvc - ok
17:11:20.0005 0x1860 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:11:20.0021 0x1860 ProtectedStorage - ok
17:11:20.0083 0x1860 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:11:20.0161 0x1860 Psched - ok
17:11:20.0286 0x1860 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:11:20.0380 0x1860 ql2300 - ok
17:11:20.0411 0x1860 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:11:20.0442 0x1860 ql40xx - ok
17:11:20.0504 0x1860 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:11:20.0785 0x1860 QWAVE - ok
17:11:20.0848 0x1860 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:11:20.0879 0x1860 QWAVEdrv - ok
17:11:20.0957 0x1860 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:11:21.0050 0x1860 RasAcd - ok
17:11:21.0097 0x1860 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:11:21.0160 0x1860 RasAgileVpn - ok
17:11:21.0206 0x1860 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:11:21.0253 0x1860 RasAuto - ok
17:11:21.0284 0x1860 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:11:21.0316 0x1860 Rasl2tp - ok
17:11:21.0378 0x1860 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:11:21.0534 0x1860 RasMan - ok
17:11:21.0581 0x1860 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:11:21.0690 0x1860 RasPppoe - ok
17:11:21.0799 0x1860 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:11:21.0830 0x1860 RasSstp - ok
17:11:21.0955 0x1860 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:11:22.0064 0x1860 rdbss - ok
17:11:22.0142 0x1860 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:11:22.0158 0x1860 rdpbus - ok
17:11:22.0189 0x1860 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:11:22.0252 0x1860 RDPCDD - ok
17:11:22.0345 0x1860 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:11:22.0376 0x1860 RDPDR - ok
17:11:22.0408 0x1860 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:11:22.0579 0x1860 RDPENCDD - ok
17:11:22.0595 0x1860 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:11:22.0657 0x1860 RDPREFMP - ok
17:11:22.0688 0x1860 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:11:22.0798 0x1860 RdpVideoMiniport - ok
17:11:22.0876 0x1860 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:11:22.0907 0x1860 RDPWD - ok
17:11:23.0094 0x1860 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:11:23.0156 0x1860 rdyboost - ok
17:11:23.0250 0x1860 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:11:23.0297 0x1860 RemoteAccess - ok
17:11:23.0375 0x1860 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:11:23.0453 0x1860 RemoteRegistry - ok
17:11:23.0546 0x1860 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:11:23.0609 0x1860 RFCOMM - ok
17:11:23.0687 0x1860 [ 7A6648B61661B1421FFAB762E391E33F, D1CDEE8C53EF3D6E72DB4C1D9DD351BFE9804BB0BE1419245B4ABE16679FC5A2 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:11:23.0812 0x1860 rimmptsk - ok
17:11:23.0843 0x1860 [ D0A35B7670AA3558EAAB483F64446496, F70976D0214D3D52CCCE552EBC93548A39458B1F8C2D9D1257C4892BF85393E3 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:11:23.0874 0x1860 rimsptsk - ok
17:11:23.0905 0x1860 [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:11:23.0921 0x1860 rismxdp - ok
17:11:24.0061 0x1860 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:11:24.0280 0x1860 RpcEptMapper - ok
17:11:24.0436 0x1860 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:11:24.0498 0x1860 RpcLocator - ok
17:11:24.0638 0x1860 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
17:11:24.0810 0x1860 RpcSs - ok
17:11:24.0919 0x1860 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:11:25.0122 0x1860 rspndr - ok
17:11:25.0169 0x1860 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:11:25.0434 0x1860 s3cap - ok
17:11:25.0465 0x1860 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\Windows\system32\lsass.exe
17:11:25.0496 0x1860 SamSs - ok
17:11:25.0606 0x1860 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:11:25.0652 0x1860 sbp2port - ok
17:11:26.0136 0x1860 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:11:26.0245 0x1860 SCardSvr - ok
17:11:26.0323 0x1860 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:11:26.0698 0x1860 scfilter - ok
17:11:26.0822 0x1860 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
17:11:26.0947 0x1860 Schedule - ok
17:11:26.0978 0x1860 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:11:27.0010 0x1860 SCPolicySvc - ok
17:11:27.0041 0x1860 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:11:27.0072 0x1860 sdbus - ok
17:11:27.0103 0x1860 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:11:27.0166 0x1860 SDRSVC - ok
17:11:27.0212 0x1860 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:11:27.0228 0x1860 secdrv - ok
17:11:27.0337 0x1860 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
17:11:27.0415 0x1860 seclogon - ok
17:11:27.0618 0x1860 [ A1DA2F0B5BE2B37251611FB5CA7D60BD, 6D46C6CB584145A37C55A85B1A56A67FA0CA7DA90A9F6E5A6AC9CD676FE0A7ED ] second_harmonic C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\class_b\supervisor.exe
17:11:27.0696 0x1860 second_harmonic - detected UnsignedFile.Multi.Generic ( 1 )
17:11:30.0691 0x1860 Detect turned to UDS exact due to KSN untrusted
17:11:30.0691 0x1860 second_harmonic ( UDS:DangerousObject.Multi.Generic ) - infected
17:11:30.0691 0x1860 Force sending object to P2P due to detect: second_harmonic
17:11:34.0576 0x1860 Object send P2P result: true
17:11:37.0196 0x1860 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:11:37.0493 0x1860 SENS - ok
17:11:37.0555 0x1860 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:11:37.0571 0x1860 SensrSvc - ok
17:11:37.0602 0x1860 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:11:37.0618 0x1860 Serenum - ok
17:11:37.0820 0x1860 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:11:38.0271 0x1860 Serial - ok
17:11:38.0291 0x1860 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:11:38.0371 0x1860 sermouse - ok
17:11:38.0449 0x1860 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:11:38.0480 0x1860 SessionEnv - ok
17:11:38.0761 0x1860 [ 4C0D673281178CB496011A2E28571FC8, 14CFB50F3EA987C4485475B2E5EC85C137949911495245F29FE64723C909C9E8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
17:11:38.0902 0x1860 sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
17:11:41.0741 0x1860 Detect skipped due to KSN trusted
17:11:41.0741 0x1860 sfdrv01 - ok
17:11:41.0850 0x1860 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:11:41.0975 0x1860 sffdisk - ok
17:11:42.0037 0x1860 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:11:42.0084 0x1860 sffp_mmc - ok
17:11:42.0131 0x1860 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:11:42.0146 0x1860 sffp_sd - ok
17:11:42.0271 0x1860 [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
17:11:42.0334 0x1860 sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
17:11:45.0266 0x1860 Detect skipped due to KSN trusted
17:11:45.0266 0x1860 sfhlp02 - ok
17:11:45.0329 0x1860 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:11:45.0407 0x1860 sfloppy - ok
17:11:45.0469 0x1860 [ EFEBBC1D13FDB77A6AF4EDDFC7232EDF, 32888536C6E632DF78EC09A4CFB990B08ED75DB049DDF2612F548CC8FEB8D503 ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
17:11:45.0500 0x1860 sfsync02 - detected UnsignedFile.Multi.Generic ( 1 )
17:11:48.0184 0x1860 Detect skipped due to KSN trusted
17:11:48.0184 0x1860 sfsync02 - ok
17:11:48.0246 0x1860 [ D5A7E09D2C6A702809E49190D52ADC9F, 7B3226A7C8C954A04B4543AFAA3079AA9A306E00CBD81346F952B40804608A87 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
17:11:48.0293 0x1860 sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
17:11:51.0116 0x1860 Detect skipped due to KSN trusted
17:11:51.0116 0x1860 sfvfs02 - ok
17:11:51.0272 0x1860 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:11:51.0382 0x1860 SharedAccess - ok
17:11:51.0428 0x1860 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:11:51.0475 0x1860 ShellHWDetection - ok
17:11:51.0506 0x1860 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:11:51.0538 0x1860 sisagp - ok
17:11:51.0740 0x1860 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:11:51.0756 0x1860 SiSRaid2 - ok
17:11:51.0787 0x1860 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:11:51.0803 0x1860 SiSRaid4 - ok
17:11:51.0834 0x1860 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:11:51.0881 0x1860 Smb - ok
17:11:51.0959 0x1860 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:11:52.0068 0x1860 SNMPTRAP - ok
17:11:52.0115 0x1860 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:11:52.0130 0x1860 spldr - ok
17:11:52.0208 0x1860 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
17:11:52.0302 0x1860 Spooler - ok
17:11:52.0505 0x1860 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:11:52.0770 0x1860 sppsvc - ok
17:11:52.0926 0x1860 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:11:52.0973 0x1860 sppuinotify - ok
17:11:53.0035 0x1860 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\Windows\system32\Drivers\sptd.sys
17:11:53.0035 0x1860 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
17:11:53.0051 0x1860 sptd - detected LockedFile.Multi.Generic ( 1 )
17:12:03.0066 0x1860 sptd ( LockedFile.Multi.Generic ) - warning
17:12:03.0066 0x1860 Force sending object to P2P due to detect: sptd
17:12:07.0138 0x1860 Object send P2P result: true
17:12:10.0242 0x1860 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:12:10.0336 0x1860 srv - ok
17:12:10.0351 0x1860 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:12:10.0429 0x1860 srv2 - ok
17:12:10.0507 0x1860 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:12:10.0570 0x1860 SrvHsfHDA - ok
17:12:10.0616 0x1860 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:12:10.0741 0x1860 SrvHsfV92 - ok
17:12:10.0772 0x1860 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:12:10.0819 0x1860 SrvHsfWinac - ok
17:12:10.0850 0x1860 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:12:10.0913 0x1860 srvnet - ok
17:12:10.0975 0x1860 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:12:11.0006 0x1860 SSDPSRV - ok
17:12:11.0084 0x1860 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:12:11.0100 0x1860 ssmdrv - ok
17:12:11.0147 0x1860 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:12:11.0178 0x1860 SstpSvc - ok
17:12:11.0194 0x1860 Steam Client Service - ok
17:12:11.0240 0x1860 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:12:11.0256 0x1860 stexstor - ok
17:12:11.0334 0x1860 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:12:11.0443 0x1860 StiSvc - ok
17:12:11.0521 0x1860 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:12:11.0537 0x1860 storflt - ok
17:12:11.0584 0x1860 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:12:11.0599 0x1860 storvsc - ok
17:12:11.0630 0x1860 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
17:12:11.0677 0x1860 swenum - ok
17:12:11.0740 0x1860 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:12:11.0833 0x1860 swprv - ok
17:12:11.0833 0x1860 Synth3dVsc - ok
17:12:11.0958 0x1860 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
17:12:12.0145 0x1860 SysMain - ok
17:12:12.0208 0x1860 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:12:12.0379 0x1860 TabletInputService - ok
17:12:12.0488 0x1860 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:12:12.0644 0x1860 TapiSrv - ok
17:12:12.0722 0x1860 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
17:12:12.0863 0x1860 TBS - ok
17:12:12.0972 0x1860 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:12:13.0112 0x1860 Tcpip - ok
17:12:13.0175 0x1860 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:12:13.0222 0x1860 TCPIP6 - ok
17:12:13.0284 0x1860 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:12:13.0300 0x1860 tcpipreg - ok
17:12:13.0346 0x1860 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:12:13.0378 0x1860 TDPIPE - ok
17:12:13.0409 0x1860 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:12:13.0424 0x1860 TDTCP - ok
17:12:13.0518 0x1860 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:12:13.0658 0x1860 tdx - ok
17:12:13.0690 0x1860 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:12:13.0721 0x1860 TermDD - ok
17:12:13.0799 0x1860 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
17:12:13.0892 0x1860 TermService - ok
17:12:13.0955 0x1860 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:12:14.0033 0x1860 Themes - ok
17:12:14.0048 0x1860 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:12:14.0080 0x1860 THREADORDER - ok
17:12:14.0126 0x1860 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:12:14.0236 0x1860 TrkWks - ok
17:12:14.0329 0x1860 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:12:14.0392 0x1860 TrustedInstaller - ok
17:12:14.0423 0x1860 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:12:14.0454 0x1860 tssecsrv - ok
17:12:14.0485 0x1860 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:12:14.0579 0x1860 TsUsbFlt - ok
17:12:14.0579 0x1860 tsusbhub - ok
17:12:14.0626 0x1860 [ CDDB80CAE568A7068F2C4440390D4B68, ED9D3E46C1BCF9E00D353014DD5ED893EC8949F213317776D8244D92EB9E1F08 ] TT1724ht C:\Windows\system32\drivers\TT1724ht.sys
17:12:14.0641 0x1860 TT1724ht - ok
17:12:14.0688 0x1860 [ 1155503966912F49B2AFD2E58C5E5856, 10F21DB4AE466B7905BBED0F60DA725F1AB61C85DABAD8585E68D5288DBF7DE4 ] TT1724sa C:\Windows\system32\drivers\TT1724sa.sys
17:12:14.0719 0x1860 TT1724sa - ok
17:12:14.0969 0x1860 [ AF5F31156EE89D35AD6EC3179A805D23, 92CF2FF24963589157DCD6F79A75D9918EC4C002E9C1CD74A14BE084E833DA88 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
17:12:15.0109 0x1860 TuneUp.UtilitiesSvc - ok
17:12:15.0140 0x1860 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
17:12:15.0140 0x1860 TuneUpUtilitiesDrv - ok
17:12:15.0218 0x1860 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:12:15.0250 0x1860 tunnel - ok
17:12:15.0265 0x1860 uafilter - ok
17:12:15.0374 0x1860 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:12:15.0390 0x1860 uagp35 - ok
17:12:15.0499 0x1860 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:12:15.0546 0x1860 udfs - ok
17:12:15.0608 0x1860 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:12:15.0686 0x1860 UI0Detect - ok
17:12:15.0749 0x1860 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:12:15.0764 0x1860 uliagpkx - ok
17:12:15.0842 0x1860 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:12:15.0905 0x1860 umbus - ok
17:12:15.0936 0x1860 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:12:15.0983 0x1860 UmPass - ok
17:12:16.0092 0x1860 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
17:12:16.0201 0x1860 UmRdpService - ok
17:12:16.0248 0x1860 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:12:16.0342 0x1860 upnphost - ok
17:12:16.0576 0x1860 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:12:16.0669 0x1860 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
17:12:24.0485 0x1860 Detect skipped due to KSN trusted
17:12:24.0485 0x1860 USBAAPL - ok
17:12:24.0641 0x1860 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:12:24.0766 0x1860 usbaudio - ok
17:12:24.0797 0x1860 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:12:24.0859 0x1860 usbccgp - ok
17:12:24.0906 0x1860 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:12:24.0968 0x1860 usbcir - ok
17:12:25.0015 0x1860 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:12:25.0046 0x1860 usbehci - ok
17:12:25.0140 0x1860 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:12:25.0780 0x1860 usbhub - ok
17:12:25.0967 0x1860 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:12:25.0982 0x1860 usbohci - ok
17:12:26.0029 0x1860 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:12:26.0060 0x1860 usbprint - ok
17:12:26.0295 0x1860 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:12:26.0809 0x1860 USBSTOR - ok
17:12:26.0887 0x1860 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:12:26.0981 0x1860 usbuhci - ok
17:12:27.0043 0x1860 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:12:27.0153 0x1860 usbvideo - ok
17:12:27.0324 0x1860 [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:12:27.0527 0x1860 usb_rndisx - ok
17:12:27.0667 0x1860 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:12:27.0886 0x1860 UxSms - ok
17:12:28.0026 0x1860 [ 6275822AC454A8A831D063841A4DBB5D, 8CB06BE21F0B902695C2846BA9E49327A07D691EBB37A81EF171805630411365 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:12:29.0383 0x1860 UxTuneUp - ok
17:12:29.0446 0x1860 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\Windows\system32\lsass.exe
17:12:29.0477 0x1860 VaultSvc - ok
17:12:29.0571 0x1860 [ 1CDAA48CB2F7744B8D25650E050766A5, 97C7BDEAFFDAD337F4101860061BCCE6C519343B7EEEB72C3AD450B59DACCA66 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:12:29.0602 0x1860 VClone - ok
17:12:29.0649 0x1860 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:12:29.0680 0x1860 vdrvroot - ok
17:12:29.0820 0x1860 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:12:29.0898 0x1860 vds - ok
17:12:29.0961 0x1860 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:12:30.0101 0x1860 vga - ok
17:12:30.0195 0x1860 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:12:30.0241 0x1860 VgaSave - ok
17:12:30.0257 0x1860 VGPU - ok
17:12:30.0366 0x1860 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:12:30.0382 0x1860 vhdmp - ok
17:12:30.0413 0x1860 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:12:30.0631 0x1860 viaagp - ok
17:12:30.0678 0x1860 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:12:30.0819 0x1860 ViaC7 - ok
17:12:30.0850 0x1860 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:12:30.0881 0x1860 viaide - ok
17:12:30.0959 0x1860 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:12:30.0975 0x1860 vmbus - ok
17:12:31.0053 0x1860 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:12:31.0068 0x1860 VMBusHID - ok
17:12:31.0146 0x1860 [ 3B8F222B23917C041E4DA29CCC57E7D0, 2764C7A11FD5672FBF72CDD4331F1895B5084664919AD4FC855DFDD451403D4C ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
17:12:31.0224 0x1860 vncmirror - ok
17:12:31.0255 0x1860 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:12:31.0271 0x1860 volmgr - ok
17:12:31.0302 0x1860 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:12:31.0333 0x1860 volmgrx - ok
17:12:31.0427 0x1860 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:12:31.0443 0x1860 volsnap - ok
17:12:31.0489 0x1860 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:12:31.0521 0x1860 vsmraid - ok
17:12:31.0614 0x1860 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:12:31.0723 0x1860 VSS - ok
17:12:31.0817 0x1860 vToolbarUpdater18.0.5 - ok
17:12:31.0879 0x1860 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:12:31.0942 0x1860 vwifibus - ok
17:12:32.0020 0x1860 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:12:32.0176 0x1860 W32Time - ok
17:12:32.0269 0x1860 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:12:32.0301 0x1860 WacomPen - ok
17:12:32.0347 0x1860 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:12:32.0379 0x1860 WANARP - ok
17:12:32.0394 0x1860 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:12:32.0441 0x1860 Wanarpv6 - ok
17:12:32.0613 0x1860 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:12:32.0815 0x1860 WatAdminSvc - ok
17:12:32.0893 0x1860 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:12:33.0143 0x1860 wbengine - ok
17:12:33.0205 0x1860 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:12:33.0237 0x1860 WbioSrvc - ok
17:12:33.0393 0x1860 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:12:33.0439 0x1860 wcncsvc - ok
17:12:33.0471 0x1860 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:12:33.0564 0x1860 WcsPlugInService - ok
17:12:33.0658 0x1860 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:12:33.0673 0x1860 Wd - ok
17:12:33.0954 0x1860 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:12:34.0001 0x1860 Wdf01000 - ok
17:12:34.0188 0x1860 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:12:34.0266 0x1860 WdiServiceHost - ok
17:12:34.0282 0x1860 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:12:34.0344 0x1860 WdiSystemHost - ok
17:12:34.0453 0x1860 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
17:12:34.0656 0x1860 WebClient - ok
17:12:34.0875 0x1860 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:12:34.0953 0x1860 Wecsvc - ok
17:12:34.0968 0x1860 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:12:35.0124 0x1860 wercplsupport - ok
17:12:35.0171 0x1860 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:12:35.0265 0x1860 WerSvc - ok
17:12:35.0639 0x1860 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:12:35.0795 0x1860 WfpLwf - ok
17:12:35.0842 0x1860 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:12:35.0857 0x1860 WIMMount - ok
17:12:35.0889 0x1860 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
17:12:36.0247 0x1860 winbondcir - ok
17:12:36.0341 0x1860 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:12:36.0497 0x1860 WinDefend - ok
17:12:36.0622 0x1860 WinHttpAutoProxySvc - ok
17:12:36.0747 0x1860 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:12:36.0793 0x1860 Winmgmt - ok
17:12:36.0965 0x1860 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
17:12:37.0199 0x1860 WinRM - ok
17:12:37.0573 0x1860 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:12:37.0605 0x1860 WinUsb - ok
17:12:37.0761 0x1860 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:12:37.0948 0x1860 Wlansvc - ok
17:12:38.0213 0x1860 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:12:38.0322 0x1860 wlidsvc - ok
17:12:38.0369 0x1860 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:12:38.0385 0x1860 WmiAcpi - ok
17:12:38.0447 0x1860 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:12:38.0650 0x1860 wmiApSrv - ok
17:12:38.0790 0x1860 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:12:38.0931 0x1860 WMPNetworkSvc - ok
17:12:39.0040 0x1860 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:12:39.0243 0x1860 WPCSvc - ok
17:12:39.0289 0x1860 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:12:39.0321 0x1860 WPDBusEnum - ok
17:12:39.0399 0x1860 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:12:39.0430 0x1860 ws2ifsl - ok
17:12:39.0492 0x1860 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
17:12:39.0523 0x1860 wscsvc - ok
17:12:39.0601 0x1860 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:12:39.0633 0x1860 WSDPrintDevice - ok
17:12:39.0648 0x1860 WSearch - ok
17:12:39.0789 0x1860 [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\Windows\system32\wuaueng.dll
17:12:41.0099 0x1860 wuauserv - ok
17:12:41.0239 0x1860 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:12:41.0271 0x1860 WudfPf - ok
17:12:41.0317 0x1860 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:41.0349 0x1860 WUDFRd - ok
17:12:41.0505 0x1860 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:12:41.0520 0x1860 wudfsvc - ok
17:12:41.0629 0x1860 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:12:41.0817 0x1860 WwanSvc - ok
17:12:41.0863 0x1860 ================ Scan global
|
|
24.09.2015, 16:35
| #12 |
| | Fake Inkasso Email mit Anhang geöffnet Und abschließend der zweite Teil des 2. Logs nach dem Reboot: Code:
ATTFilter ===============================
17:12:41.0988 0x1860 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:12:42.0051 0x1860 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:12:42.0097 0x1860 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
17:12:42.0129 0x1860 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:12:42.0191 0x1860 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:12:42.0191 0x1860 [ Global ] - ok
17:12:42.0207 0x1860 ================ Scan MBR ==================================
17:12:42.0238 0x1860 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:12:44.0593 0x1860 \Device\Harddisk0\DR0 - ok
17:12:44.0593 0x1860 ================ Scan VBR ==================================
17:12:44.0640 0x1860 [ 8C3313B3F522F6BAF75A69970BD63FCE ] \Device\Harddisk0\DR0\Partition1
17:12:44.0640 0x1860 \Device\Harddisk0\DR0\Partition1 - ok
17:12:44.0640 0x1860 ================ Scan generic autorun ======================
17:12:44.0687 0x1860 [ 2F2DF068BED6E62E4C007DF7446B4F19, 96FE78E2B8BD067B7378ECDF1E74939C71EFFBF09B2C184361650DBF4ED0FCC3 ] C:\Windows\PLFSetI.exe
17:12:44.0796 0x1860 PLFSetI - detected UnsignedFile.Multi.Generic ( 1 )
17:12:47.0433 0x1860 Detect skipped due to KSN trusted
17:12:47.0433 0x1860 PLFSetI - ok
17:12:47.0557 0x1860 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
17:12:47.0573 0x1860 BCSSync - ok
17:12:47.0573 0x1860 RtHDVCpl - ok
17:12:47.0651 0x1860 Adobe Reader Speed Launcher - ok
17:12:47.0885 0x1860 [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:12:47.0901 0x1860 Avira SystrayStartTrigger - ok
17:12:48.0431 0x1860 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
17:12:48.0509 0x1860 avgnt - ok
17:12:48.0681 0x1860 [ 410B874688999A169CE6F7991268FA3A, 31211A630226D6E681F341C08D52D8C22A3C0DD76B70D82443C8366CA17DD9BB ] C:\ProgramData\Apple Computer\iTunes\bending\window_comparator.exe
17:12:48.0899 0x1860 amplitude_modulation - detected UnsignedFile.Multi.Generic ( 1 )
17:12:51.0769 0x1860 amplitude_modulation ( UnsignedFile.Multi.Generic ) - warning
17:12:54.0609 0x1860 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:12:54.0889 0x1860 Sidebar - ok
17:12:55.0061 0x1860 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:12:55.0123 0x1860 mctadmin - ok
17:12:55.0279 0x1860 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:12:55.0326 0x1860 Sidebar - ok
17:12:55.0342 0x1860 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:12:55.0373 0x1860 mctadmin - ok
17:12:55.0467 0x1860 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:12:55.0498 0x1860 Sidebar - ok
17:12:55.0857 0x1860 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:12:55.0935 0x1860 Google Update - ok
17:12:55.0966 0x1860 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5, 6075E8ADD4136AC6497C1FE9CC937E6652FAD5024AED1CF901CE107078955C4F ] C:\Windows\System32\StikyNot.exe
17:12:56.0028 0x1860 RESTART_STICKY_NOTES - ok
17:12:56.0387 0x1860 [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:12:56.0387 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:12:56.0449 0x1860 sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:12:59.0304 0x1860 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:12:59.0304 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:13:02.0253 0x1860 Object send P2P result: true
17:13:04.0858 0x1860 [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:13:04.0858 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:13:04.0951 0x1860 link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:13:07.0837 0x1860 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:13:07.0837 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:13:21.0675 0x1860 Object send P2P result: true
17:13:24.0295 0x1860 [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:13:24.0342 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:13:24.0451 0x1860 government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:13:27.0228 0x1860 Object required for P2P: [ E318BEA29095CDDBB4250F50F82C50A5 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:13:33.0468 0x1860 Object send P2P result: true
17:13:33.0468 0x1860 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:13:33.0468 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:13:36.0370 0x1860 Object send P2P result: true
17:13:38.0881 0x1860 [ 2ED7B57A489A7D95270E8A1282CBBA26, DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E ] C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:13:38.0881 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe. md5: 2ED7B57A489A7D95270E8A1282CBBA26, sha256: DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E
17:13:38.0944 0x1860 act-age - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:13:41.0627 0x1860 act-age ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:13:41.0627 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:13:44.0529 0x1860 Object send P2P result: true
17:13:47.0259 0x1860 [ DA275210B45D1A0873441D754A18C6F8, 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40 ] C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:13:47.0259 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe. md5: DA275210B45D1A0873441D754A18C6F8, sha256: 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40
17:13:47.0337 0x1860 job-prompt - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:13:50.0176 0x1860 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:13:50.0176 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:13:53.0109 0x1860 Object send P2P result: true
17:13:55.0792 0x1860 [ E318BEA29095CDDBB4250F50F82C50A5, 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:13:55.0792 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe. md5: E318BEA29095CDDBB4250F50F82C50A5, sha256: 0DE75D79027150FE77A4E503C09AE67B622C5E80AA6840FB1C8FA64B3E4F47F0
17:13:55.0823 0x1860 government-complain - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:13:55.0823 0x1860 Object required for P2P: [ E318BEA29095CDDBB4250F50F82C50A5 ] C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:13:58.0756 0x1860 Object send P2P result: true
17:13:58.0756 0x1860 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:13:58.0756 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Government-closet\government-mouth.exe
17:14:04.0668 0x1860 Object send P2P result: true
17:14:07.0351 0x1860 [ C4DF44DD36792807FF4A7D896C575A4E, 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED ] C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:14:07.0351 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe. md5: C4DF44DD36792807FF4A7D896C575A4E, sha256: 9F41D45A90976A930491288D3350AE07DA38FAFC28EDDDA0873F2E12624D49ED
17:14:07.0398 0x1860 sentence-mess - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:14:07.0398 0x1860 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:14:07.0398 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Sentencecouple\sentence-tie.exe
17:14:10.0128 0x1860 Object send P2P result: true
17:14:12.0718 0x1860 [ 32CB46AB8F463B75406607DF499CF69A, 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0 ] C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:14:12.0718 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe. md5: 32CB46AB8F463B75406607DF499CF69A, sha256: 725B0ACE1885A51C38036E80FE44136FF58D81F4BADFD851CD5C49C80A6B82D0
17:14:12.0718 0x1860 link_doctor - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:14:12.0718 0x1860 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:14:12.0718 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Linkpress\linkbend.exe
17:14:15.0682 0x1860 Object send P2P result: true
17:14:18.0412 0x1860 [ DA275210B45D1A0873441D754A18C6F8, 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40 ] C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:14:18.0412 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe. md5: DA275210B45D1A0873441D754A18C6F8, sha256: 9CD8603C153E2542991FE0F219A6CAEAB6F97E395F5350F883AA36357AF5CE40
17:14:18.0443 0x1860 job-prompt - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:14:18.0443 0x1860 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:14:18.0443 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Job_trip\job-deliver.exe
17:14:21.0251 0x1860 Object send P2P result: true
17:14:35.0946 0x1860 [ 2ED7B57A489A7D95270E8A1282CBBA26, DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E ] C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:14:35.0946 0x1860 Suspicious file ( NoAccess ): C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe. md5: 2ED7B57A489A7D95270E8A1282CBBA26, sha256: DCD9CFDE34DF8EFF8B4B66600E3354345EA62831DFA74D1D3EC03E7554E9539E
17:14:36.0040 0x1860 act-age - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
17:14:36.0040 0x1860 act-age ( Trojan-Spy.Win32.ZBot.gen ) - infected
17:14:36.0040 0x1860 Force sending object to P2P due to detect: C:\Users\Tom\AppData\Local\Temp\Act_station\act-traffic.exe
17:14:38.0801 0x1860 Object send P2P result: true
17:14:41.0547 0x1860 [ 4EF6433A0116B63592BA7A55CF31B643, 60A6147CCD9C71E34EE1EB7A449EB481588EF342CE544C5140FA21466C6EF181 ] C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\gamma.exe
17:14:41.0656 0x1860 artificial_intelligence - detected UnsignedFile.Multi.Generic ( 1 )
17:14:44.0526 0x1860 Detect turned to UDS exact due to KSN untrusted
17:14:44.0526 0x1860 artificial_intelligence ( UDS:DangerousObject.Multi.Generic ) - infected
17:14:44.0526 0x1860 Force sending object to P2P due to detect: C:\ProgramData\Avira\Antivirus\IDX\international_telecomm\gamma.exe
17:14:47.0568 0x1860 Object send P2P result: true
17:14:50.0314 0x1860 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:14:50.0423 0x1860 Sidebar - ok
17:14:50.0423 0x1860 AVG-Secure-Search-Update_JUNE2013_TB - ok
17:14:50.0564 0x1860 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:14:50.0564 0x1860 Google Update - ok
17:14:50.0876 0x1860 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:14:50.0907 0x1860 mctadmin - ok
17:14:51.0110 0x1860 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:14:51.0188 0x1860 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:14:51.0281 0x1860 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:14:51.0312 0x1860 Sidebar - ok
17:14:51.0344 0x1860 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:14:51.0375 0x1860 mctadmin - ok
17:14:51.0546 0x1860 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:14:51.0593 0x1860 Sidebar - ok
17:14:51.0593 0x1860 AVG-Secure-Search-Update_JUNE2013_TB - ok
17:14:51.0656 0x1860 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
17:14:51.0671 0x1860 Google Update - ok
17:14:51.0687 0x1860 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:14:51.0718 0x1860 mctadmin - ok
17:14:51.0780 0x1860 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
17:14:51.0812 0x1860 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
17:14:51.0812 0x1860 Waiting for KSN requests completion. In queue: 2
17:14:52.0826 0x1860 Waiting for KSN requests completion. In queue: 2
17:14:53.0840 0x1860 Waiting for KSN requests completion. In queue: 2
17:14:54.0932 0x1860 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41010 ( enabled : outofdate )
17:14:54.0978 0x1860 Win FW state via NFP2: enabled ( trusted )
17:14:57.0646 0x1860 ============================================================
17:14:57.0646 0x1860 Scan finished
17:14:57.0646 0x1860 ============================================================
17:14:57.0646 0x1850 Detected object count: 16
17:14:57.0646 0x1850 Actual detected object count: 16
17:15:31.0170 0x1850 brownout ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:31.0170 0x1850 brownout ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:31.0170 0x1850 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:31.0170 0x1850 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:31.0170 0x1850 second_harmonic ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:15:31.0170 0x1850 second_harmonic ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:15:31.0170 0x1850 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:15:31.0170 0x1850 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:15:31.0186 0x1850 amplitude_modulation ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:31.0186 0x1850 amplitude_modulation ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:31.0186 0x1850 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0186 0x1850 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0186 0x1850 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0186 0x1850 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0186 0x1850 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0186 0x1850 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0202 0x1850 act-age ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0202 0x1850 act-age ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0202 0x1850 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0202 0x1850 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0202 0x1850 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0202 0x1850 government-complain ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0202 0x1850 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0202 0x1850 sentence-mess ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0217 0x1850 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0217 0x1850 link_doctor ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0217 0x1850 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0217 0x1850 job-prompt ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0217 0x1850 act-age ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
17:15:31.0217 0x1850 act-age ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
17:15:31.0233 0x1850 artificial_intelligence ( UDS:DangerousObject.Multi.Generic ) - skipped by user
17:15:31.0233 0x1850 artificial_intelligence ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
17:15:36.0755 0x1644 Deinitialize success
|
|
25.09.2015, 17:56
| #13 |
| /// the machine /// TB-Ausbilder | Fake Inkasso Email mit Anhang geöffnet Dann jetzt nochmal mit Delete.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.09.2015, 20:22
| #14 |
| | Fake Inkasso Email mit Anhang geöffnet Erledigt. Scheinbar startet er nun nicht mehr, zumindest bekomme ich kein Bild mehr. Was sollte ich nun tun? Gruß Tom Edit: nach ein paar Bootversuchen startet er nun wieder. Wie soll ich weiter vorgehen? Edit2: nach dem Anmelden wurde TDSSKiller geöffnet und ich hab nochmal gescannt, hier der nächste Log: Code:
ATTFilter 21:39:04.0732 0x0c14 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:39:04.0919 0x0c14 ============================================================
21:39:04.0919 0x0c14 Current date / time: 2015/09/25 21:39:04.0919
21:39:04.0919 0x0c14 SystemInfo:
21:39:04.0919 0x0c14
21:39:04.0919 0x0c14 OS Version: 6.1.7601 ServicePack: 1.0
21:39:04.0919 0x0c14 Product type: Workstation
21:39:04.0919 0x0c14 ComputerName: TOM-PC
21:39:04.0919 0x0c14 UserName: Tom
21:39:04.0919 0x0c14 Windows directory: C:\Windows
21:39:04.0919 0x0c14 System windows directory: C:\Windows
21:39:04.0919 0x0c14 Processor architecture: Intel x86
21:39:04.0919 0x0c14 Number of processors: 2
21:39:04.0919 0x0c14 Page size: 0x1000
21:39:04.0919 0x0c14 Boot type: Normal boot
21:39:04.0919 0x0c14 ============================================================
21:39:22.0130 0x0c14 KLMD registered as C:\Windows\system32\drivers\86771101.sys
21:39:24.0064 0x0c14 System UUID: {41E80AEA-1A26-5AA2-5401-A7B392501519}
21:39:25.0780 0x0c14 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:39:25.0780 0x0c14 ============================================================
21:39:25.0780 0x0c14 \Device\Harddisk0\DR0:
21:39:25.0780 0x0c14 MBR partitions:
21:39:25.0780 0x0c14 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x1B7C4000
21:39:25.0780 0x0c14 ============================================================
21:39:25.0858 0x0c14 C: <-> \Device\Harddisk0\DR0\Partition1
21:39:25.0858 0x0c14 ============================================================
21:39:25.0858 0x0c14 Initialize success
21:39:25.0858 0x0c14 ============================================================
21:39:51.0327 0x0a30 ============================================================
21:39:51.0327 0x0a30 Scan started
21:39:51.0327 0x0a30 Mode: Manual; SigCheck; TDLFS;
21:39:51.0327 0x0a30 ============================================================
21:39:51.0327 0x0a30 KSN ping started
21:39:51.0374 0x0a30 KSN ping finished: false
21:40:05.0351 0x0a30 ================ Scan system memory ========================
21:40:05.0351 0x0a30 System memory - ok
21:40:05.0351 0x0a30 ================ Scan services =============================
21:40:06.0943 0x0a30 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:40:40.0701 0x0a30 1394ohci - ok
21:40:40.0748 0x0a30 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:40:40.0779 0x0a30 ACPI - ok
21:40:40.0826 0x0a30 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:40:40.0919 0x0a30 AcpiPmi - ok
21:40:41.0107 0x0a30 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:40:41.0138 0x0a30 AdobeARMservice - ok
21:40:41.0263 0x0a30 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:40:41.0294 0x0a30 AdobeFlashPlayerUpdateSvc - ok
21:40:41.0341 0x0a30 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:40:41.0372 0x0a30 adp94xx - ok
21:40:41.0403 0x0a30 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:40:41.0419 0x0a30 adpahci - ok
21:40:41.0465 0x0a30 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:40:41.0497 0x0a30 adpu320 - ok
21:40:41.0543 0x0a30 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:40:41.0699 0x0a30 AeLookupSvc - ok
21:40:41.0746 0x0a30 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
21:40:41.0949 0x0a30 AFD - ok
21:40:42.0011 0x0a30 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:40:42.0027 0x0a30 agp440 - ok
21:40:42.0058 0x0a30 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:40:42.0074 0x0a30 aic78xx - ok
21:40:42.0121 0x0a30 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
21:40:42.0214 0x0a30 ALG - ok
21:40:42.0245 0x0a30 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
21:40:42.0261 0x0a30 aliide - ok
21:40:42.0277 0x0a30 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:40:42.0292 0x0a30 amdagp - ok
21:40:42.0323 0x0a30 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
21:40:42.0339 0x0a30 amdide - ok
21:40:42.0401 0x0a30 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:40:42.0526 0x0a30 AmdK8 - ok
21:40:42.0573 0x0a30 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:40:42.0682 0x0a30 AmdPPM - ok
21:40:42.0713 0x0a30 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:40:42.0729 0x0a30 amdsata - ok
21:40:42.0776 0x0a30 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:40:42.0791 0x0a30 amdsbs - ok
21:40:42.0807 0x0a30 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:40:42.0823 0x0a30 amdxata - ok
21:40:42.0823 0x0a30 Amdxidtun - ok
21:40:43.0213 0x0a30 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
21:40:43.0259 0x0a30 AntiVirMailService - ok
21:40:43.0384 0x0a30 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:40:43.0431 0x0a30 AntiVirSchedulerService - ok
21:40:43.0540 0x0a30 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:40:43.0571 0x0a30 AntiVirService - ok
21:40:43.0790 0x0a30 [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
21:40:43.0852 0x0a30 AntiVirWebService - ok
21:40:43.0915 0x0a30 [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\Windows\system32\drivers\appid.sys
21:40:43.0977 0x0a30 AppID - ok
21:40:43.0993 0x0a30 [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:40:44.0117 0x0a30 AppIDSvc - ok
21:40:44.0149 0x0a30 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
21:40:44.0227 0x0a30 Appinfo - ok
21:40:44.0273 0x0a30 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:40:44.0351 0x0a30 AppMgmt - ok
21:40:44.0398 0x0a30 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:40:44.0414 0x0a30 arc - ok
21:40:44.0429 0x0a30 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:40:44.0461 0x0a30 arcsas - ok
21:40:44.0663 0x0a30 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:40:44.0804 0x0a30 aspnet_state - ok
21:40:44.0835 0x0a30 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:40:44.0991 0x0a30 AsyncMac - ok
21:40:45.0022 0x0a30 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
21:40:45.0038 0x0a30 atapi - ok
21:40:45.0100 0x0a30 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:40:45.0194 0x0a30 AudioEndpointBuilder - ok
21:40:45.0209 0x0a30 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:40:45.0241 0x0a30 Audiosrv - ok
21:40:45.0334 0x0a30 [ 98A2E56DC1197D36E81F771DB81ED798, 9AD3089D59DDD15DF74CEE49568C3CFFD97976F93B7CA246F4D51FBA5528C6BA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:40:45.0350 0x0a30 avgntflt - ok
21:40:45.0381 0x0a30 [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
21:40:45.0397 0x0a30 avgtp - ok
21:40:45.0490 0x0a30 [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:40:45.0506 0x0a30 avipbb - ok
21:40:45.0787 0x0a30 [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
21:40:45.0802 0x0a30 Avira.ServiceHost - ok
21:40:45.0896 0x0a30 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:40:45.0911 0x0a30 avkmgr - ok
21:40:45.0974 0x0a30 [ D289EE6DCF0A6393AE24416D73114E79, EF018B706DA5D583AA26DCA69E132D67D2B189F1EDFCAF2503A2FDABE105C04A ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:40:46.0021 0x0a30 avnetflt - ok
21:40:46.0083 0x0a30 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:40:46.0192 0x0a30 AxInstSV - ok
21:40:46.0270 0x0a30 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:40:46.0348 0x0a30 b06bdrv - ok
21:40:46.0379 0x0a30 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:40:46.0442 0x0a30 b57nd60x - ok
21:40:46.0489 0x0a30 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
21:40:46.0567 0x0a30 BDESVC - ok
21:40:46.0660 0x0a30 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
21:40:46.0738 0x0a30 Beep - ok
21:40:46.0832 0x0a30 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
21:40:46.0925 0x0a30 BFE - ok
21:40:46.0957 0x0a30 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
21:40:47.0128 0x0a30 BITS - ok
21:40:47.0144 0x0a30 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:40:47.0175 0x0a30 blbdrive - ok
21:40:47.0222 0x0a30 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:40:47.0300 0x0a30 bowser - ok
21:40:47.0331 0x0a30 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:40:47.0425 0x0a30 BrFiltLo - ok
21:40:47.0440 0x0a30 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:40:47.0471 0x0a30 BrFiltUp - ok
21:40:47.0518 0x0a30 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
21:40:47.0565 0x0a30 Bridge - ok
21:40:47.0627 0x0a30 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:40:47.0659 0x0a30 BridgeMP - ok
21:40:47.0705 0x0a30 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
21:40:47.0752 0x0a30 Browser - ok
21:40:47.0799 0x0a30 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:40:47.0877 0x0a30 Brserid - ok
21:40:47.0908 0x0a30 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:40:47.0955 0x0a30 BrSerWdm - ok
21:40:48.0017 0x0a30 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:40:48.0080 0x0a30 BrUsbMdm - ok
21:40:48.0095 0x0a30 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:40:48.0127 0x0a30 BrUsbSer - ok
21:40:48.0173 0x0a30 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:40:48.0251 0x0a30 BthEnum - ok
21:40:48.0283 0x0a30 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:40:48.0314 0x0a30 BTHMODEM - ok
21:40:48.0361 0x0a30 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:40:48.0423 0x0a30 BthPan - ok
21:40:48.0470 0x0a30 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:40:48.0548 0x0a30 BTHPORT - ok
21:40:48.0673 0x0a30 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
21:40:48.0766 0x0a30 bthserv - ok
21:40:48.0829 0x0a30 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:40:48.0860 0x0a30 BTHUSB - ok
21:40:49.0000 0x0a30 carnot_cycle - ok
21:40:49.0032 0x0a30 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:40:49.0110 0x0a30 cdfs - ok
21:40:49.0156 0x0a30 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:40:49.0203 0x0a30 cdrom - ok
21:40:49.0234 0x0a30 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
21:40:49.0297 0x0a30 CertPropSvc - ok
21:40:49.0328 0x0a30 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:40:49.0375 0x0a30 circlass - ok
21:40:49.0422 0x0a30 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
21:40:49.0484 0x0a30 CLFS - ok
21:40:49.0562 0x0a30 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:40:49.0578 0x0a30 clr_optimization_v2.0.50727_32 - ok
21:40:49.0687 0x0a30 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:40:49.0874 0x0a30 clr_optimization_v4.0.30319_32 - ok
21:40:49.0890 0x0a30 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:40:49.0921 0x0a30 CmBatt - ok
21:40:49.0968 0x0a30 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:40:49.0983 0x0a30 cmdide - ok
21:40:50.0139 0x0a30 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
21:40:50.0295 0x0a30 CNG - ok
21:40:50.0326 0x0a30 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:40:50.0342 0x0a30 Compbatt - ok
21:40:50.0404 0x0a30 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:40:50.0436 0x0a30 CompositeBus - ok
21:40:50.0436 0x0a30 COMSysApp - ok
21:40:50.0467 0x0a30 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:40:50.0482 0x0a30 crcdisk - ok
21:40:50.0514 0x0a30 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:40:50.0560 0x0a30 CryptSvc - ok
21:40:50.0670 0x0a30 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
21:40:50.0779 0x0a30 CSC - ok
21:40:50.0857 0x0a30 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
21:40:50.0966 0x0a30 CscService - ok
21:40:51.0044 0x0a30 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512, 8F788EB5788CC04D53728FADF72114E0A12CC6F66B6A84EA7C7293722AC76137 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
21:40:51.0060 0x0a30 dc3d - ok
21:40:51.0106 0x0a30 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
21:40:51.0153 0x0a30 DcomLaunch - ok
21:40:51.0184 0x0a30 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
21:40:51.0262 0x0a30 defragsvc - ok
21:40:51.0356 0x0a30 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:40:51.0481 0x0a30 DfsC - ok
21:40:51.0512 0x0a30 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:40:51.0543 0x0a30 Dhcp - ok
21:40:51.0762 0x0a30 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
21:40:51.0964 0x0a30 DiagTrack - ok
21:40:51.0996 0x0a30 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
21:40:52.0042 0x0a30 discache - ok
21:40:52.0074 0x0a30 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:40:52.0089 0x0a30 Disk - ok
21:40:52.0136 0x0a30 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:40:52.0214 0x0a30 Dnscache - ok
21:40:52.0261 0x0a30 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
21:40:52.0354 0x0a30 dot3svc - ok
21:40:52.0464 0x0a30 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
21:40:52.0526 0x0a30 DPS - ok
21:40:52.0588 0x0a30 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:40:52.0698 0x0a30 drmkaud - ok
21:40:52.0760 0x0a30 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:40:52.0807 0x0a30 DXGKrnl - ok
21:40:52.0854 0x0a30 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
21:40:52.0994 0x0a30 EapHost - ok
21:40:53.0150 0x0a30 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:40:53.0290 0x0a30 ebdrv - ok
21:40:53.0368 0x0a30 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\Windows\System32\lsass.exe
21:40:53.0400 0x0a30 EFS - ok
21:40:53.0478 0x0a30 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:40:53.0556 0x0a30 ehRecvr - ok
21:40:53.0587 0x0a30 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
21:40:53.0758 0x0a30 ehSched - ok
21:40:53.0805 0x0a30 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:40:53.0852 0x0a30 elxstor - ok
21:40:53.0883 0x0a30 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:40:53.0930 0x0a30 ErrDev - ok
21:40:53.0992 0x0a30 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
21:40:54.0055 0x0a30 EventSystem - ok
21:40:54.0070 0x0a30 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
21:40:54.0117 0x0a30 exfat - ok
21:40:54.0148 0x0a30 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:40:54.0226 0x0a30 fastfat - ok
21:40:54.0273 0x0a30 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
21:40:54.0320 0x0a30 Fax - ok
21:40:54.0336 0x0a30 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:40:54.0367 0x0a30 fdc - ok
21:40:54.0414 0x0a30 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
21:40:54.0476 0x0a30 fdPHost - ok
21:40:54.0507 0x0a30 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
21:40:54.0570 0x0a30 FDResPub - ok
21:40:54.0648 0x0a30 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:40:54.0663 0x0a30 FileInfo - ok
21:40:54.0679 0x0a30 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:40:54.0726 0x0a30 Filetrace - ok
21:40:54.0757 0x0a30 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:40:54.0804 0x0a30 flpydisk - ok
21:40:54.0835 0x0a30 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:40:54.0850 0x0a30 FltMgr - ok
21:40:54.0944 0x0a30 [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\Windows\system32\FntCache.dll
21:40:55.0069 0x0a30 FontCache - ok
21:40:55.0131 0x0a30 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:40:55.0147 0x0a30 FontCache3.0.0.0 - ok
21:40:55.0178 0x0a30 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:40:55.0318 0x0a30 FsDepends - ok
21:40:55.0396 0x0a30 [ 2B3BF55BA74EB8118F67AB2B450B8EA9, 6D09D75105FE374E0865A2E5C1F9460AF938B6F62604F0C97B31ED9ADD4AFF4E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:40:55.0412 0x0a30 fssfltr - ok
21:40:55.0693 0x0a30 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:40:55.0786 0x0a30 fsssvc - ok
21:40:55.0849 0x0a30 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:40:55.0880 0x0a30 Fs_Rec - ok
21:40:55.0927 0x0a30 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:40:55.0958 0x0a30 fvevol - ok
21:40:55.0989 0x0a30 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:40:56.0005 0x0a30 gagp30kx - ok
21:40:56.0052 0x0a30 [ 007AEA2E06E7CEF7372E40C277163959, 805906ADC7C5473B767932A552FEC7500D0F3F7CB45D8DEFE6A1567F2038EF88 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
21:40:56.0067 0x0a30 ggflt - ok
21:40:56.0083 0x0a30 [ C73DE35960CA75C5AB4AE636B127C64E, 0C22EECD64CC06AB820ED6A2E76FBC7AB072379FD14837CF95BA3EF105ABB745 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
21:40:56.0098 0x0a30 ggsemc - ok
21:40:56.0161 0x0a30 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
21:40:56.0270 0x0a30 gpsvc - ok
21:40:56.0364 0x0a30 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:40:56.0364 0x0a30 gupdate - ok
21:40:56.0395 0x0a30 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:40:56.0410 0x0a30 gupdatem - ok
21:40:56.0457 0x0a30 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:40:56.0582 0x0a30 hcw85cir - ok
21:40:56.0691 0x0a30 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:40:56.0738 0x0a30 HdAudAddService - ok
21:40:56.0769 0x0a30 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:40:56.0800 0x0a30 HDAudBus - ok
21:40:56.0816 0x0a30 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:40:56.0847 0x0a30 HidBatt - ok
21:40:56.0863 0x0a30 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:40:56.0941 0x0a30 HidBth - ok
21:40:56.0956 0x0a30 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:40:57.0050 0x0a30 HidIr - ok
21:40:57.0081 0x0a30 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
21:40:57.0222 0x0a30 hidserv - ok
21:40:57.0253 0x0a30 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:40:57.0487 0x0a30 HidUsb - ok
21:40:57.0565 0x0a30 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
21:40:57.0674 0x0a30 hkmsvc - ok
21:40:57.0705 0x0a30 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:40:57.0736 0x0a30 HomeGroupListener - ok
21:40:57.0768 0x0a30 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:40:57.0830 0x0a30 HomeGroupProvider - ok
21:40:57.0877 0x0a30 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:40:57.0908 0x0a30 HpSAMD - ok
21:40:57.0986 0x0a30 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:40:58.0048 0x0a30 HTTP - ok
21:40:58.0064 0x0a30 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:40:58.0080 0x0a30 hwpolicy - ok
21:40:58.0126 0x0a30 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:40:58.0189 0x0a30 i8042prt - ok
21:40:58.0220 0x0a30 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:40:58.0236 0x0a30 iaStorV - ok
21:40:58.0392 0x0a30 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:40:58.0470 0x0a30 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:40:58.0532 0x0a30 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:40:58.0797 0x0a30 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:40:58.0906 0x0a30 idsvc - ok
21:40:58.0953 0x0a30 IEEtwCollectorService - ok
21:40:58.0984 0x0a30 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:40:59.0000 0x0a30 iirsp - ok
21:40:59.0078 0x0a30 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
21:40:59.0140 0x0a30 IKEEXT - ok
21:40:59.0156 0x0a30 IntcAzAudAddService - ok
21:40:59.0187 0x0a30 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
21:40:59.0203 0x0a30 intelide - ok
21:40:59.0218 0x0a30 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:40:59.0234 0x0a30 intelppm - ok
21:40:59.0296 0x0a30 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:40:59.0359 0x0a30 IPBusEnum - ok
21:40:59.0374 0x0a30 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:40:59.0452 0x0a30 IpFilterDriver - ok
21:40:59.0515 0x0a30 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:40:59.0577 0x0a30 iphlpsvc - ok
21:40:59.0686 0x0a30 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:40:59.0733 0x0a30 IPMIDRV - ok
21:40:59.0796 0x0a30 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:40:59.0842 0x0a30 IPNAT - ok
21:40:59.0874 0x0a30 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:40:59.0967 0x0a30 IRENUM - ok
21:41:00.0014 0x0a30 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:41:00.0030 0x0a30 isapnp - ok
21:41:00.0076 0x0a30 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:41:00.0108 0x0a30 iScsiPrt - ok
21:41:00.0123 0x0a30 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:41:00.0139 0x0a30 kbdclass - ok
21:41:00.0186 0x0a30 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:41:00.0201 0x0a30 kbdhid - ok
21:41:00.0248 0x0a30 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\Windows\system32\lsass.exe
21:41:00.0264 0x0a30 KeyIso - ok
21:41:00.0310 0x0a30 [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:41:00.0326 0x0a30 KSecDD - ok
21:41:00.0342 0x0a30 [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:41:00.0373 0x0a30 KSecPkg - ok
21:41:00.0420 0x0a30 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:41:00.0482 0x0a30 KtmRm - ok
21:41:00.0529 0x0a30 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:41:00.0560 0x0a30 LanmanServer - ok
21:41:00.0654 0x0a30 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:41:00.0732 0x0a30 LanmanWorkstation - ok
21:41:00.0794 0x0a30 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:41:00.0888 0x0a30 lltdio - ok
21:41:00.0950 0x0a30 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:41:01.0028 0x0a30 lltdsvc - ok
21:41:01.0059 0x0a30 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:41:01.0122 0x0a30 lmhosts - ok
21:41:01.0168 0x0a30 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:41:01.0184 0x0a30 LSI_FC - ok
21:41:01.0246 0x0a30 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:41:01.0262 0x0a30 LSI_SAS - ok
21:41:01.0340 0x0a30 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:41:01.0356 0x0a30 LSI_SAS2 - ok
21:41:01.0402 0x0a30 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:41:01.0418 0x0a30 LSI_SCSI - ok
21:41:01.0449 0x0a30 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
21:41:01.0512 0x0a30 luafv - ok
21:41:01.0574 0x0a30 [ FDBDEDB746A33BAFC17394D1960ADEAF, 6280BD2559A3A0D058BAAF0BB3719F4BEE5841EC9901452CB6D8319666901876 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
21:41:01.0621 0x0a30 mbamchameleon - ok
21:41:01.0683 0x0a30 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:41:01.0699 0x0a30 Mcx2Svc - ok
21:41:01.0714 0x0a30 mdmxsdk - ok
21:41:01.0746 0x0a30 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:41:01.0761 0x0a30 megasas - ok
21:41:01.0792 0x0a30 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:41:01.0808 0x0a30 MegaSR - ok
21:41:01.0933 0x0a30 Microsoft SharePoint Workspace Audit Service - ok
21:41:02.0026 0x0a30 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
21:41:02.0058 0x0a30 MMCSS - ok
21:41:02.0073 0x0a30 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
21:41:02.0136 0x0a30 Modem - ok
21:41:02.0198 0x0a30 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:41:02.0229 0x0a30 monitor - ok
21:41:02.0260 0x0a30 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:41:02.0276 0x0a30 mouclass - ok
21:41:02.0307 0x0a30 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:41:02.0323 0x0a30 mouhid - ok
21:41:02.0370 0x0a30 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:41:02.0401 0x0a30 mountmgr - ok
21:41:02.0463 0x0a30 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
21:41:02.0479 0x0a30 mpio - ok
21:41:02.0510 0x0a30 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:41:02.0588 0x0a30 mpsdrv - ok
21:41:02.0713 0x0a30 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:41:02.0791 0x0a30 MpsSvc - ok
21:41:02.0853 0x0a30 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:41:02.0916 0x0a30 MRxDAV - ok
21:41:02.0962 0x0a30 [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:41:03.0087 0x0a30 mrxsmb - ok
21:41:03.0134 0x0a30 [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:41:03.0196 0x0a30 mrxsmb10 - ok
21:41:03.0243 0x0a30 [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:41:03.0274 0x0a30 mrxsmb20 - ok
21:41:03.0290 0x0a30 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
21:41:03.0306 0x0a30 msahci - ok
21:41:03.0368 0x0a30 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:41:03.0399 0x0a30 msdsm - ok
21:41:03.0430 0x0a30 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
21:41:03.0477 0x0a30 MSDTC - ok
21:41:03.0524 0x0a30 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:41:03.0586 0x0a30 Msfs - ok
21:41:03.0664 0x0a30 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:41:03.0727 0x0a30 mshidkmdf - ok
21:41:03.0774 0x0a30 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:41:03.0789 0x0a30 msisadrv - ok
21:41:03.0836 0x0a30 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:41:03.0898 0x0a30 MSiSCSI - ok
21:41:03.0898 0x0a30 msiserver - ok
21:41:04.0008 0x0a30 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:41:04.0086 0x0a30 MSKSSRV - ok
21:41:04.0101 0x0a30 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:41:04.0164 0x0a30 MSPCLOCK - ok
21:41:04.0164 0x0a30 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:41:04.0210 0x0a30 MSPQM - ok
21:41:04.0242 0x0a30 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:41:04.0273 0x0a30 MsRPC - ok
21:41:04.0304 0x0a30 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:41:04.0304 0x0a30 mssmbios - ok
21:41:04.0320 0x0a30 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:41:04.0444 0x0a30 MSTEE - ok
21:41:04.0460 0x0a30 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:41:04.0491 0x0a30 MTConfig - ok
21:41:04.0522 0x0a30 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
21:41:04.0538 0x0a30 Mup - ok
21:41:04.0585 0x0a30 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
21:41:04.0678 0x0a30 napagent - ok
21:41:04.0725 0x0a30 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:41:04.0741 0x0a30 NativeWifiP - ok
21:41:04.0803 0x0a30 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:41:04.0866 0x0a30 NDIS - ok
21:41:04.0881 0x0a30 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:41:04.0975 0x0a30 NdisCap - ok
21:41:04.0990 0x0a30 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:41:05.0068 0x0a30 NdisTapi - ok
21:41:05.0115 0x0a30 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:41:05.0209 0x0a30 Ndisuio - ok
21:41:05.0256 0x0a30 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:41:05.0302 0x0a30 NdisWan - ok
21:41:05.0334 0x0a30 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:41:05.0365 0x0a30 NDProxy - ok
21:41:05.0412 0x0a30 [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
21:41:05.0427 0x0a30 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
21:41:05.0427 0x0a30 Netaapl ( UnsignedFile.Multi.Generic ) - warning
21:41:05.0474 0x0a30 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:41:05.0521 0x0a30 NetBIOS - ok
21:41:05.0568 0x0a30 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:41:05.0739 0x0a30 NetBT - ok
21:41:05.0770 0x0a30 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\Windows\system32\lsass.exe
21:41:05.0786 0x0a30 Netlogon - ok
21:41:05.0833 0x0a30 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
21:41:05.0895 0x0a30 Netman - ok
21:41:05.0989 0x0a30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:41:06.0145 0x0a30 NetMsmqActivator - ok
21:41:06.0145 0x0a30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:41:06.0160 0x0a30 NetPipeActivator - ok
21:41:06.0223 0x0a30 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
21:41:06.0316 0x0a30 netprofm - ok
21:41:06.0316 0x0a30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:41:06.0348 0x0a30 NetTcpActivator - ok
21:41:06.0348 0x0a30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:41:06.0363 0x0a30 NetTcpPortSharing - ok
21:41:06.0535 0x0a30 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
21:41:06.0738 0x0a30 netw5v32 - ok
21:41:06.0816 0x0a30 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:41:06.0831 0x0a30 nfrd960 - ok
21:41:06.0925 0x0a30 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:41:06.0987 0x0a30 NlaSvc - ok
21:41:07.0003 0x0a30 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:41:07.0050 0x0a30 Npfs - ok
21:41:07.0096 0x0a30 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
21:41:07.0128 0x0a30 nsi - ok
21:41:07.0143 0x0a30 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:41:07.0190 0x0a30 nsiproxy - ok
21:41:07.0315 0x0a30 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:41:07.0377 0x0a30 Ntfs - ok
21:41:07.0393 0x0a30 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
21:41:07.0440 0x0a30 Null - ok
21:41:07.0502 0x0a30 [ 7F5D69A031BE0E7BDFB8126E1A212417, E0ECC8D47D9385FC97B962A72F435A94F9AAF88694E84EE8AF7F3D0EBD2C15DC ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
21:41:07.0518 0x0a30 nuvotoncir - detected UnsignedFile.Multi.Generic ( 1 )
21:41:07.0518 0x0a30 nuvotoncir ( UnsignedFile.Multi.Generic ) - warning
21:41:08.0064 0x0a30 [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:41:08.0360 0x0a30 nvlddmkm - ok
21:41:08.0422 0x0a30 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:41:08.0438 0x0a30 nvraid - ok
21:41:08.0454 0x0a30 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:41:08.0469 0x0a30 nvstor - ok
21:41:08.0578 0x0a30 [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:41:08.0610 0x0a30 nvsvc - ok
21:41:08.0766 0x0a30 [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:41:08.0844 0x0a30 nvUpdatusService - ok
21:41:08.0906 0x0a30 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:41:09.0015 0x0a30 nv_agp - ok
21:41:09.0078 0x0a30 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:41:09.0140 0x0a30 ohci1394 - ok
21:41:09.0234 0x0a30 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:41:09.0249 0x0a30 ose - ok
21:41:09.0468 0x0a30 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:41:09.0717 0x0a30 osppsvc - ok
21:41:09.0826 0x0a30 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:41:09.0889 0x0a30 p2pimsvc - ok
21:41:09.0920 0x0a30 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
21:41:09.0967 0x0a30 p2psvc - ok
21:41:09.0998 0x0a30 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:41:10.0060 0x0a30 Parport - ok
21:41:10.0092 0x0a30 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:41:10.0107 0x0a30 partmgr - ok
21:41:10.0138 0x0a30 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:41:10.0170 0x0a30 Parvdm - ok
21:41:10.0216 0x0a30 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
21:41:10.0294 0x0a30 PcaSvc - ok
21:41:10.0310 0x0a30 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
21:41:10.0326 0x0a30 pci - ok
21:41:10.0357 0x0a30 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
21:41:10.0372 0x0a30 pciide - ok
21:41:10.0450 0x0a30 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:41:10.0482 0x0a30 pcmcia - ok
21:41:10.0497 0x0a30 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
21:41:10.0513 0x0a30 pcw - ok
21:41:10.0560 0x0a30 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:41:10.0653 0x0a30 PEAUTH - ok
21:41:10.0731 0x0a30 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:41:10.0840 0x0a30 PeerDistSvc - ok
21:41:10.0965 0x0a30 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
21:41:11.0152 0x0a30 pla - ok
21:41:11.0230 0x0a30 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:41:11.0262 0x0a30 PlugPlay - ok
21:41:11.0308 0x0a30 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
21:41:11.0308 0x0a30 PnkBstrA - ok
21:41:11.0355 0x0a30 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:41:11.0449 0x0a30 PNRPAutoReg - ok
21:41:11.0480 0x0a30 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:41:11.0496 0x0a30 PNRPsvc - ok
21:41:11.0542 0x0a30 [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32 C:\Windows\system32\DRIVERS\point32.sys
21:41:11.0558 0x0a30 Point32 - ok
21:41:11.0667 0x0a30 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:41:11.0730 0x0a30 PolicyAgent - ok
21:41:11.0761 0x0a30 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
21:41:11.0808 0x0a30 Power - ok
21:41:11.0886 0x0a30 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:41:11.0932 0x0a30 PptpMiniport - ok
21:41:11.0964 0x0a30 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:41:12.0026 0x0a30 Processor - ok
21:41:12.0057 0x0a30 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
21:41:12.0104 0x0a30 ProfSvc - ok
21:41:12.0120 0x0a30 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\Windows\system32\lsass.exe
21:41:12.0135 0x0a30 ProtectedStorage - ok
21:41:12.0151 0x0a30 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:41:12.0213 0x0a30 Psched - ok
21:41:12.0291 0x0a30 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:41:12.0400 0x0a30 ql2300 - ok
21:41:12.0416 0x0a30 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:41:12.0432 0x0a30 ql40xx - ok
21:41:12.0478 0x0a30 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
21:41:12.0556 0x0a30 QWAVE - ok
21:41:12.0588 0x0a30 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:41:12.0650 0x0a30 QWAVEdrv - ok
21:41:12.0681 0x0a30 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:41:12.0744 0x0a30 RasAcd - ok
21:41:12.0790 0x0a30 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:41:12.0868 0x0a30 RasAgileVpn - ok
21:41:12.0946 0x0a30 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
21:41:13.0009 0x0a30 RasAuto - ok
21:41:13.0024 0x0a30 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:41:13.0056 0x0a30 Rasl2tp - ok
21:41:13.0087 0x0a30 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
21:41:13.0196 0x0a30 RasMan - ok
21:41:13.0227 0x0a30 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:41:13.0274 0x0a30 RasPppoe - ok
21:41:13.0305 0x0a30 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:41:13.0336 0x0a30 RasSstp - ok
21:41:13.0368 0x0a30 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:41:13.0430 0x0a30 rdbss - ok
21:41:13.0461 0x0a30 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:41:13.0477 0x0a30 rdpbus - ok
21:41:13.0524 0x0a30 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:41:13.0648 0x0a30 RDPCDD - ok
21:41:13.0695 0x0a30 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:41:13.0742 0x0a30 RDPDR - ok
21:41:13.0820 0x0a30 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:41:13.0929 0x0a30 RDPENCDD - ok
21:41:13.0976 0x0a30 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:41:14.0023 0x0a30 RDPREFMP - ok
21:41:14.0085 0x0a30 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:41:14.0179 0x0a30 RdpVideoMiniport - ok
21:41:14.0288 0x0a30 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:41:14.0350 0x0a30 RDPWD - ok
21:41:14.0538 0x0a30 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:41:14.0553 0x0a30 rdyboost - ok
21:41:14.0740 0x0a30 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:41:14.0818 0x0a30 RemoteAccess - ok
21:41:14.0865 0x0a30 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:41:14.0928 0x0a30 RemoteRegistry - ok
21:41:14.0990 0x0a30 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:41:15.0115 0x0a30 RFCOMM - ok
21:41:15.0177 0x0a30 [ 7A6648B61661B1421FFAB762E391E33F, D1CDEE8C53EF3D6E72DB4C1D9DD351BFE9804BB0BE1419245B4ABE16679FC5A2 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
21:41:15.0271 0x0a30 rimmptsk - ok
21:41:15.0286 0x0a30 [ D0A35B7670AA3558EAAB483F64446496, F70976D0214D3D52CCCE552EBC93548A39458B1F8C2D9D1257C4892BF85393E3 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
21:41:15.0302 0x0a30 rimsptsk - ok
21:41:15.0333 0x0a30 [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
21:41:15.0364 0x0a30 rismxdp - ok
21:41:15.0396 0x0a30 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:41:15.0458 0x0a30 RpcEptMapper - ok
21:41:15.0505 0x0a30 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
21:41:15.0520 0x0a30 RpcLocator - ok
21:41:15.0567 0x0a30 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
21:41:15.0598 0x0a30 RpcSs - ok
21:41:15.0661 0x0a30 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:41:15.0723 0x0a30 rspndr - ok
21:41:15.0801 0x0a30 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:41:15.0879 0x0a30 s3cap - ok
21:41:15.0910 0x0a30 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\Windows\system32\lsass.exe
21:41:15.0926 0x0a30 SamSs - ok
21:41:15.0973 0x0a30 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:41:15.0988 0x0a30 sbp2port - ok
21:41:16.0051 0x0a30 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:41:16.0082 0x0a30 SCardSvr - ok
21:41:16.0113 0x0a30 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:41:16.0207 0x0a30 scfilter - ok
21:41:16.0332 0x0a30 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
21:41:16.0503 0x0a30 Schedule - ok
21:41:16.0956 0x0a30 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:41:17.0002 0x0a30 SCPolicySvc - ok
21:41:17.0049 0x0a30 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
21:41:17.0096 0x0a30 sdbus - ok
21:41:17.0127 0x0a30 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:41:17.0174 0x0a30 SDRSVC - ok
21:41:17.0221 0x0a30 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:41:17.0236 0x0a30 secdrv - ok
21:41:17.0283 0x0a30 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
21:41:17.0408 0x0a30 seclogon - ok
21:41:17.0439 0x0a30 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
21:41:17.0517 0x0a30 SENS - ok
21:41:17.0564 0x0a30 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:41:17.0642 0x0a30 SensrSvc - ok
21:41:17.0689 0x0a30 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:41:17.0704 0x0a30 Serenum - ok
21:41:17.0736 0x0a30 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:41:17.0829 0x0a30 Serial - ok
21:41:17.0860 0x0a30 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:41:17.0907 0x0a30 sermouse - ok
21:41:17.0954 0x0a30 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
21:41:17.0985 0x0a30 SessionEnv - ok
21:41:18.0048 0x0a30 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:41:18.0126 0x0a30 sffdisk - ok
21:41:18.0157 0x0a30 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:41:18.0204 0x0a30 sffp_mmc - ok
21:41:18.0235 0x0a30 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:41:18.0282 0x0a30 sffp_sd - ok
21:41:18.0328 0x0a30 [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
21:41:18.0344 0x0a30 sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
21:41:18.0344 0x0a30 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
21:41:18.0375 0x0a30 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:41:18.0406 0x0a30 sfloppy - ok
21:41:18.0469 0x0a30 [ D5A7E09D2C6A702809E49190D52ADC9F, 7B3226A7C8C954A04B4543AFAA3079AA9A306E00CBD81346F952B40804608A87 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
21:41:18.0469 0x0a30 sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
21:41:18.0469 0x0a30 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
21:41:18.0469 0x0a30 Force sending object to P2P due to detect: sfvfs02
21:41:18.0469 0x0a30 Object send P2P result: false
21:41:18.0531 0x0a30 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:41:18.0562 0x0a30 SharedAccess - ok
21:41:18.0687 0x0a30 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:41:18.0734 0x0a30 ShellHWDetection - ok
21:41:18.0750 0x0a30 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:41:18.0781 0x0a30 sisagp - ok
21:41:18.0812 0x0a30 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:41:18.0828 0x0a30 SiSRaid2 - ok
21:41:18.0843 0x0a30 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:41:18.0859 0x0a30 SiSRaid4 - ok
21:41:18.0890 0x0a30 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:41:18.0921 0x0a30 Smb - ok
21:41:18.0999 0x0a30 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:41:19.0062 0x0a30 SNMPTRAP - ok
21:41:19.0077 0x0a30 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
21:41:19.0093 0x0a30 spldr - ok
21:41:19.0140 0x0a30 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
21:41:19.0186 0x0a30 Spooler - ok
21:41:19.0342 0x0a30 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
21:41:19.0498 0x0a30 sppsvc - ok
21:41:19.0576 0x0a30 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:41:19.0670 0x0a30 sppuinotify - ok
21:41:19.0732 0x0a30 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\Windows\system32\Drivers\sptd.sys
21:41:19.0732 0x0a30 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
21:41:19.0795 0x0a30 sptd - detected LockedFile.Multi.Generic ( 1 )
21:41:19.0795 0x0a30 sptd ( LockedFile.Multi.Generic ) - warning
21:41:19.0842 0x0a30 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:41:19.0904 0x0a30 srv - ok
21:41:19.0920 0x0a30 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:41:19.0951 0x0a30 srv2 - ok
21:41:20.0013 0x0a30 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:41:20.0122 0x0a30 SrvHsfHDA - ok
21:41:20.0169 0x0a30 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:41:20.0232 0x0a30 SrvHsfV92 - ok
21:41:20.0263 0x0a30 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:41:20.0294 0x0a30 SrvHsfWinac - ok
21:41:20.0356 0x0a30 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:41:20.0419 0x0a30 srvnet - ok
21:41:20.0466 0x0a30 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:41:20.0497 0x0a30 SSDPSRV - ok
21:41:20.0559 0x0a30 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
21:41:20.0575 0x0a30 ssmdrv - ok
21:41:20.0653 0x0a30 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:41:20.0684 0x0a30 SstpSvc - ok
21:41:20.0700 0x0a30 Steam Client Service - ok
21:41:20.0731 0x0a30 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:41:20.0746 0x0a30 stexstor - ok
21:41:20.0793 0x0a30 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
21:41:20.0887 0x0a30 StiSvc - ok
21:41:20.0949 0x0a30 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:41:20.0965 0x0a30 storflt - ok
21:41:20.0980 0x0a30 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:41:20.0996 0x0a30 storvsc - ok
21:41:21.0027 0x0a30 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
21:41:21.0043 0x0a30 swenum - ok
21:41:21.0090 0x0a30 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
21:41:21.0121 0x0a30 swprv - ok
21:41:21.0136 0x0a30 Synth3dVsc - ok
21:41:21.0214 0x0a30 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
21:41:21.0355 0x0a30 SysMain - ok
21:41:21.0386 0x0a30 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:41:21.0417 0x0a30 TabletInputService - ok
21:41:21.0448 0x0a30 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
21:41:21.0526 0x0a30 TapiSrv - ok
21:41:21.0573 0x0a30 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
21:41:21.0620 0x0a30 TBS - ok
21:41:21.0745 0x0a30 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:41:21.0838 0x0a30 Tcpip - ok
21:41:21.0901 0x0a30 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:41:21.0948 0x0a30 TCPIP6 - ok
21:41:21.0979 0x0a30 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:41:21.0994 0x0a30 tcpipreg - ok
21:41:22.0057 0x0a30 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:41:22.0088 0x0a30 TDPIPE - ok
21:41:22.0104 0x0a30 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:41:22.0119 0x0a30 TDTCP - ok
21:41:22.0182 0x0a30 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:41:22.0260 0x0a30 tdx - ok
21:41:22.0306 0x0a30 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:41:22.0322 0x0a30 TermDD - ok
21:41:22.0447 0x0a30 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
21:41:22.0509 0x0a30 TermService - ok
21:41:22.0540 0x0a30 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
21:41:22.0587 0x0a30 Themes - ok
21:41:22.0618 0x0a30 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
21:41:22.0650 0x0a30 THREADORDER - ok
21:41:22.0681 0x0a30 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
21:41:22.0743 0x0a30 TrkWks - ok
21:41:22.0806 0x0a30 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:41:22.0837 0x0a30 TrustedInstaller - ok
21:41:22.0884 0x0a30 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:41:22.0899 0x0a30 tssecsrv - ok
21:41:22.0977 0x0a30 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:41:23.0024 0x0a30 TsUsbFlt - ok
21:41:23.0040 0x0a30 tsusbhub - ok
21:41:23.0102 0x0a30 [ CDDB80CAE568A7068F2C4440390D4B68, ED9D3E46C1BCF9E00D353014DD5ED893EC8949F213317776D8244D92EB9E1F08 ] TT1724ht C:\Windows\system32\drivers\TT1724ht.sys
21:41:23.0118 0x0a30 TT1724ht - ok
21:41:23.0149 0x0a30 [ 1155503966912F49B2AFD2E58C5E5856, 10F21DB4AE466B7905BBED0F60DA725F1AB61C85DABAD8585E68D5288DBF7DE4 ] TT1724sa C:\Windows\system32\drivers\TT1724sa.sys
21:41:23.0196 0x0a30 TT1724sa - ok
21:41:23.0320 0x0a30 [ AF5F31156EE89D35AD6EC3179A805D23, 92CF2FF24963589157DCD6F79A75D9918EC4C002E9C1CD74A14BE084E833DA88 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
21:41:23.0414 0x0a30 TuneUp.UtilitiesSvc - ok
21:41:23.0445 0x0a30 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
21:41:23.0445 0x0a30 TuneUpUtilitiesDrv - ok
21:41:23.0492 0x0a30 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:41:23.0508 0x0a30 tunnel - ok
21:41:23.0523 0x0a30 uafilter - ok
21:41:23.0554 0x0a30 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:41:23.0570 0x0a30 uagp35 - ok
21:41:23.0710 0x0a30 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:41:23.0742 0x0a30 udfs - ok
21:41:23.0788 0x0a30 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:41:23.0866 0x0a30 UI0Detect - ok
21:41:23.0898 0x0a30 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:41:23.0913 0x0a30 uliagpkx - ok
21:41:23.0944 0x0a30 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:41:23.0960 0x0a30 umbus - ok
21:41:23.0976 0x0a30 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:41:24.0022 0x0a30 UmPass - ok
21:41:24.0069 0x0a30 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
21:41:24.0163 0x0a30 UmRdpService - ok
21:41:24.0194 0x0a30 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
21:41:24.0256 0x0a30 upnphost - ok
21:41:24.0334 0x0a30 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:41:24.0428 0x0a30 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
21:41:24.0428 0x0a30 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
21:41:24.0490 0x0a30 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:41:24.0537 0x0a30 usbaudio - ok
21:41:24.0568 0x0a30 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:41:24.0693 0x0a30 usbccgp - ok
21:41:24.0724 0x0a30 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:41:24.0771 0x0a30 usbcir - ok
21:41:24.0802 0x0a30 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:41:24.0834 0x0a30 usbehci - ok
21:41:24.0896 0x0a30 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:41:24.0943 0x0a30 usbhub - ok
21:41:24.0974 0x0a30 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:41:25.0052 0x0a30 usbohci - ok
21:41:25.0099 0x0a30 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:41:25.0114 0x0a30 usbprint - ok
21:41:25.0208 0x0a30 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:41:25.0255 0x0a30 USBSTOR - ok
21:41:25.0286 0x0a30 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:41:25.0302 0x0a30 usbuhci - ok
21:41:25.0333 0x0a30 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:41:25.0348 0x0a30 usbvideo - ok
21:41:25.0395 0x0a30 [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
21:41:25.0426 0x0a30 usb_rndisx - ok
21:41:25.0442 0x0a30 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
21:41:25.0504 0x0a30 UxSms - ok
21:41:25.0567 0x0a30 [ 6275822AC454A8A831D063841A4DBB5D, 8CB06BE21F0B902695C2846BA9E49327A07D691EBB37A81EF171805630411365 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:41:25.0582 0x0a30 UxTuneUp - ok
21:41:25.0676 0x0a30 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\Windows\system32\lsass.exe
21:41:25.0692 0x0a30 VaultSvc - ok
21:41:25.0770 0x0a30 [ 1CDAA48CB2F7744B8D25650E050766A5, 97C7BDEAFFDAD337F4101860061BCCE6C519343B7EEEB72C3AD450B59DACCA66 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
21:41:25.0801 0x0a30 VClone - ok
21:41:25.0848 0x0a30 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:41:25.0863 0x0a30 vdrvroot - ok
21:41:25.0910 0x0a30 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
21:41:25.0988 0x0a30 vds - ok
21:41:26.0019 0x0a30 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:41:26.0082 0x0a30 vga - ok
21:41:26.0113 0x0a30 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:41:26.0175 0x0a30 VgaSave - ok
21:41:26.0175 0x0a30 VGPU - ok
21:41:26.0222 0x0a30 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:41:26.0238 0x0a30 vhdmp - ok
21:41:26.0284 0x0a30 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:41:26.0300 0x0a30 viaagp - ok
21:41:26.0331 0x0a30 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:41:26.0440 0x0a30 ViaC7 - ok
21:41:26.0472 0x0a30 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
21:41:26.0487 0x0a30 viaide - ok
21:41:26.0534 0x0a30 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:41:26.0550 0x0a30 vmbus - ok
21:41:26.0581 0x0a30 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:41:26.0643 0x0a30 VMBusHID - ok
21:41:26.0690 0x0a30 [ 3B8F222B23917C041E4DA29CCC57E7D0, 2764C7A11FD5672FBF72CDD4331F1895B5084664919AD4FC855DFDD451403D4C ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
21:41:26.0721 0x0a30 vncmirror - ok
21:41:26.0721 0x0a30 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:41:26.0737 0x0a30 volmgr - ok
21:41:26.0784 0x0a30 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:41:26.0799 0x0a30 volmgrx - ok
21:41:26.0846 0x0a30 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:41:26.0862 0x0a30 volsnap - ok
21:41:26.0893 0x0a30 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:41:26.0955 0x0a30 vsmraid - ok
21:41:27.0018 0x0a30 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
21:41:27.0096 0x0a30 VSS - ok
21:41:27.0174 0x0a30 vToolbarUpdater18.0.5 - ok
21:41:27.0220 0x0a30 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:41:27.0267 0x0a30 vwifibus - ok
21:41:27.0330 0x0a30 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
21:41:27.0408 0x0a30 W32Time - ok
21:41:27.0486 0x0a30 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:41:27.0517 0x0a30 WacomPen - ok
21:41:27.0688 0x0a30 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:41:27.0720 0x0a30 WANARP - ok
21:41:27.0720 0x0a30 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:41:27.0751 0x0a30 Wanarpv6 - ok
21:41:27.0876 0x0a30 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:41:28.0000 0x0a30 WatAdminSvc - ok
21:41:28.0063 0x0a30 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
21:41:28.0203 0x0a30 wbengine - ok
21:41:28.0281 0x0a30 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:41:28.0312 0x0a30 WbioSrvc - ok
21:41:28.0359 0x0a30 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:41:28.0390 0x0a30 wcncsvc - ok
21:41:28.0437 0x0a30 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:41:28.0515 0x0a30 WcsPlugInService - ok
21:41:28.0578 0x0a30 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:41:28.0624 0x0a30 Wd - ok
21:41:28.0734 0x0a30 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:41:28.0780 0x0a30 Wdf01000 - ok
21:41:28.0827 0x0a30 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:41:28.0921 0x0a30 WdiServiceHost - ok
21:41:28.0936 0x0a30 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:41:28.0952 0x0a30 WdiSystemHost - ok
21:41:28.0983 0x0a30 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
21:41:29.0092 0x0a30 WebClient - ok
21:41:29.0124 0x0a30 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:41:29.0170 0x0a30 Wecsvc - ok
21:41:29.0186 0x0a30 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:41:29.0233 0x0a30 wercplsupport - ok
21:41:29.0264 0x0a30 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
21:41:29.0326 0x0a30 WerSvc - ok
21:41:29.0358 0x0a30 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:41:29.0404 0x0a30 WfpLwf - ok
21:41:29.0436 0x0a30 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:41:29.0451 0x0a30 WIMMount - ok
21:41:29.0467 0x0a30 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
21:41:29.0560 0x0a30 winbondcir - ok
21:41:29.0716 0x0a30 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:41:29.0841 0x0a30 WinDefend - ok
21:41:29.0888 0x0a30 WinHttpAutoProxySvc - ok
21:41:29.0950 0x0a30 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:41:29.0982 0x0a30 Winmgmt - ok
21:41:30.0060 0x0a30 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
21:41:30.0169 0x0a30 WinRM - ok
21:41:30.0231 0x0a30 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:41:30.0278 0x0a30 WinUsb - ok
21:41:30.0372 0x0a30 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:41:30.0465 0x0a30 Wlansvc - ok
21:41:30.0574 0x0a30 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:41:30.0715 0x0a30 wlidsvc - ok
21:41:30.0777 0x0a30 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:41:30.0824 0x0a30 WmiAcpi - ok
21:41:30.0871 0x0a30 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:41:30.0918 0x0a30 wmiApSrv - ok
21:41:31.0027 0x0a30 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:41:31.0136 0x0a30 WMPNetworkSvc - ok
21:41:31.0167 0x0a30 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:41:31.0198 0x0a30 WPCSvc - ok
21:41:31.0230 0x0a30 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:41:31.0261 0x0a30 WPDBusEnum - ok
21:41:31.0339 0x0a30 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:41:31.0370 0x0a30 ws2ifsl - ok
21:41:31.0417 0x0a30 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
21:41:31.0448 0x0a30 wscsvc - ok
21:41:31.0495 0x0a30 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:41:31.0542 0x0a30 WSDPrintDevice - ok
21:41:31.0557 0x0a30 WSearch - ok
21:41:31.0791 0x0a30 [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\Windows\system32\wuaueng.dll
21:41:31.0932 0x0a30 wuauserv - ok
21:41:31.0963 0x0a30 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:41:32.0025 0x0a30 WudfPf - ok
21:41:32.0041 0x0a30 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:41:32.0119 0x0a30 WUDFRd - ok
21:41:32.0181 0x0a30 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:41:32.0228 0x0a30 wudfsvc - ok
21:41:32.0275 0x0a30 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
21:41:32.0337 0x0a30 WwanSvc - ok
21:41:32.0384 0x0a30 ================ Scan global ===============================
21:41:32.0462 0x0a30 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
21:41:32.0524 0x0a30 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
21:41:32.0556 0x0a30 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
21:41:32.0571 0x0a30 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:41:32.0727 0x0a30 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
21:41:32.0727 0x0a30 [ Global ] - ok
21:41:32.0727 0x0a30 ================ Scan MBR ==================================
21:41:32.0790 0x0a30 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:41:33.0913 0x0a30 \Device\Harddisk0\DR0 - ok
21:41:33.0928 0x0a30 ================ Scan VBR ==================================
21:41:34.0022 0x0a30 [ 8C3313B3F522F6BAF75A69970BD63FCE ] \Device\Harddisk0\DR0\Partition1
21:41:34.0022 0x0a30 \Device\Harddisk0\DR0\Partition1 - ok
21:41:34.0022 0x0a30 ================ Scan generic autorun ======================
21:41:34.0131 0x0a30 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
21:41:34.0162 0x0a30 BCSSync - ok
21:41:34.0162 0x0a30 RtHDVCpl - ok
21:41:34.0194 0x0a30 Adobe Reader Speed Launcher - ok
21:41:34.0303 0x0a30 [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:41:34.0318 0x0a30 Avira SystrayStartTrigger - ok
21:41:34.0786 0x0a30 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
21:41:34.0818 0x0a30 avgnt - ok
21:41:34.0958 0x0a30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:41:35.0098 0x0a30 Sidebar - ok
21:41:35.0239 0x0a30 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:41:35.0270 0x0a30 mctadmin - ok
21:41:35.0332 0x0a30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:41:35.0379 0x0a30 Sidebar - ok
21:41:35.0379 0x0a30 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:41:35.0410 0x0a30 mctadmin - ok
21:41:35.0442 0x0a30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:41:35.0504 0x0a30 Sidebar - ok
21:41:36.0081 0x0a30 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
21:41:36.0097 0x0a30 Google Update - ok
21:41:36.0175 0x0a30 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5, 6075E8ADD4136AC6497C1FE9CC937E6652FAD5024AED1CF901CE107078955C4F ] C:\Windows\System32\StikyNot.exe
21:41:36.0253 0x0a30 RESTART_STICKY_NOTES - ok
21:41:36.0768 0x0a30 sentence-mess - ok
21:41:36.0783 0x0a30 link_doctor - ok
21:41:36.0799 0x0a30 government-complain - ok
21:41:36.0814 0x0a30 act-age - ok
21:41:36.0830 0x0a30 job-prompt - ok
21:41:36.0877 0x0a30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:41:36.0955 0x0a30 Sidebar - ok
21:41:36.0970 0x0a30 AVG-Secure-Search-Update_JUNE2013_TB - ok
21:41:37.0002 0x0a30 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
21:41:37.0033 0x0a30 Google Update - ok
21:41:37.0173 0x0a30 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:41:37.0189 0x0a30 mctadmin - ok
21:41:37.0298 0x0a30 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
21:41:37.0360 0x0a30 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
21:41:37.0407 0x0a30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:41:37.0454 0x0a30 Sidebar - ok
21:41:37.0454 0x0a30 AVG-Secure-Search-Update_JUNE2013_TB - ok
21:41:37.0516 0x0a30 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
21:41:37.0532 0x0a30 Google Update - ok
21:41:37.0594 0x0a30 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:41:37.0610 0x0a30 mctadmin - ok
21:41:37.0672 0x0a30 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\system32\cmd.exe
21:41:37.0704 0x0a30 Uninstall C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
21:41:37.0750 0x0a30 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41010 ( enabled : outofdate )
21:41:37.0750 0x0a30 Win FW state via NFP2: enabled ( trusted )
21:41:37.0750 0x0a30 ============================================================
21:41:37.0750 0x0a30 Scan finished
21:41:37.0750 0x0a30 ============================================================
21:41:37.0766 0x0868 Detected object count: 7
21:41:37.0766 0x0868 Actual detected object count: 7
21:41:50.0074 0x0868 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:41:50.0074 0x0868 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:41:50.0074 0x0868 Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user
21:41:50.0074 0x0868 Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:41:50.0074 0x0868 nuvotoncir ( UnsignedFile.Multi.Generic ) - skipped by user
21:41:50.0074 0x0868 nuvotoncir ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:41:50.0090 0x0868 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
21:41:50.0090 0x0868 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:41:50.0090 0x0868 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
21:41:50.0090 0x0868 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:41:50.0090 0x0868 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:41:50.0106 0x0868 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:41:50.0106 0x0868 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
21:41:50.0106 0x0868 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:41:55.0144 0x0bc8 Deinitialize success
Geändert von tom0140 (25.09.2015 um 20:45 Uhr) |
|
26.09.2015, 19:33
| #15 |
| /// the machine /// TB-Ausbilder | Fake Inkasso Email mit Anhang geöffnet schauen wir mal von aussen: Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Fake Inkasso Email mit Anhang geöffnet |
| amplitude, antivir, antivirus, avira, cid, computer, cpu, desktop, dnsapi.dll, email, flash player, google, helper, install.exe, logfile, mozilla, popup, prozesse, realtek, registry, rundll, scan, secure search, software, svchost.exe, system, udp, virus, windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
