| |
| |||||||
Log-Analyse und Auswertung: Yahoo Accounte versenden Spam MailsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.10.2015, 19:43
| #1 |
| |  Yahoo Accounte versenden Spam Mails Hallo! der Titel sagt schon alles eigentlich. wir hatten das schon mal auf einem anderen Laptop, damals war es ein Wust an Trojanern und mir wurde hier kompetenz geholfen. Ich habe selber nur wenig Ahnung, sorry Ein erster Scan mit Mawarebytes war ohne Fund Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-10-2015 durchgeführt von kl (Administrator) auf KL-PC (07-10-2015 20:02:45) Gestartet von C:\Users\kl\Downloads Geladene Profile: kl (Verfügbare Profile: kl & Hiltrud surft & Lotte & Gast) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe () C:\Users\kl\Downloads\Defogger.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation) Startup: C:\Users\Hiltrud surft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-08-19] ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{2FE1D1D8-FCD3-4531-AB5D-6BEEAD89C74F}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{6E2DA28E-FF8A-4D6F-9675-F862D23E1DA8}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{A8365407-54B7-4D2E-97A8-4FA63CF28ADA}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-895131296-3947163188-607037198-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-895131296-3947163188-607037198-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ SearchScopes: HKU\S-1-5-21-895131296-3947163188-607037198-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-895131296-3947163188-607037198-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-17] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-17] (Oracle Corporation) Toolbar: HKU\S-1-5-21-895131296-3947163188-607037198-1003 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\qeisosc7.default FF SelectedSearchEngine: Search By ZoneAlarm FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-27] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-17] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-17] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\qeisosc7.default\user.js [2015-02-12] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-10] (Apple Inc.) FF Extension: Textarea Cache - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\qeisosc7.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2011-12-18] FF Extension: NoScript - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\qeisosc7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-13] FF Extension: Adblock Plus - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\qeisosc7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-16] FF Extension: BetterPrivacy - C:\Users\kl\AppData\Roaming\Mozilla\Firefox\Profiles\qeisosc7.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-03-26] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [615712 2010-04-20] (Broadcom Corporation.) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [21520 2009-05-19] (Lenovo Corporation) R1 funfrm; C:\windows\system32\Drivers\funfrm.sys [54800 2010-03-23] () R0 KL1; C:\windows\System32\DRIVERS\kl1.sys [135776 2014-04-30] (Kaspersky Lab ZAO) R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [488032 2014-04-30] (Kaspersky Lab ZAO) S3 L1E; C:\windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-14] (Atheros Communications, Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-10-07] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [42496 2011-08-02] (Apple, Inc.) [Datei ist nicht signiert] R1 Vsdatant; C:\windows\System32\DRIVERS\vsdatant.sys [456088 2014-05-30] (Check Point Software Technologies Ltd.) S3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider) S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-04-30] (Kaspersky Lab ZAO) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] S3 WinRing0_1_2_0; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-07 20:02 - 2015-10-07 20:03 - 00010539 _____ C:\Users\kl\Downloads\FRST.txt 2015-10-07 20:02 - 2015-10-07 20:02 - 00000000 ____D C:\FRST 2015-10-07 20:00 - 2015-10-07 20:00 - 01697792 _____ (Farbar) C:\Users\kl\Downloads\FRST.exe 2015-10-07 19:59 - 2015-10-07 19:59 - 00000466 _____ C:\Users\kl\Downloads\defogger_disable.log 2015-10-07 19:59 - 2015-10-07 19:59 - 00000000 _____ C:\Users\kl\defogger_reenable 2015-10-07 19:58 - 2015-10-07 19:58 - 00050477 _____ C:\Users\kl\Downloads\Defogger.exe 2015-10-06 22:49 - 2015-10-06 23:52 - 00000000 ___HD C:\$Windows.~BT 2015-10-06 22:49 - 2015-10-06 22:49 - 00001890 _____ C:\windows\diagwrn.xml 2015-10-06 22:49 - 2015-10-06 22:49 - 00001890 _____ C:\windows\diagerr.xml 2015-10-06 22:44 - 2015-10-06 22:44 - 00000000 ____D C:\ESD 2015-10-06 21:43 - 2015-10-06 21:43 - 00000000 ___HD C:\$Windows.~WS 2015-10-06 21:42 - 2015-10-06 21:42 - 18277680 _____ (Microsoft Corporation) C:\Users\kl\Downloads\MediaCreationTool.exe 2015-10-06 11:25 - 2015-10-07 09:28 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-10-06 10:13 - 2015-10-06 10:13 - 00026288 _____ C:\Users\Lotte\Downloads\GWXWebWindows.exe 2015-10-06 10:13 - 2015-10-06 10:13 - 00026288 _____ C:\Users\Lotte\Downloads\GWXWebWindows(1).exe 2015-09-27 18:58 - 2015-08-23 02:44 - 00000000 ____D C:\Users\Lotte\Downloads\mappress-google-maps-for-wordpress 2015-09-10 21:02 - 2015-09-10 21:05 - 00000000 ____D C:\Users\Hiltrud surft\Desktop\Bilder - 1 2015-09-10 20:06 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2015-09-10 20:06 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2015-09-10 20:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2015-09-10 20:06 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2015-09-10 20:06 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll 2015-09-10 20:06 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll 2015-09-10 20:06 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll 2015-09-10 20:06 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll 2015-09-10 20:06 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll 2015-09-10 20:06 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll 2015-09-10 20:06 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe 2015-09-10 20:06 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe 2015-09-10 20:06 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys 2015-09-10 20:05 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2015-09-10 20:05 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-09-10 20:05 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2015-09-10 20:05 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2015-09-10 20:05 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-09-10 20:05 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-09-10 20:05 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe 2015-09-10 20:05 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-09-10 20:05 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-09-10 20:05 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-09-10 20:05 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-09-10 20:05 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-09-10 20:05 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-09-10 20:05 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-09-10 20:05 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-09-10 20:05 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-09-10 20:05 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-09-10 20:05 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-09-10 20:05 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-09-10 20:05 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-09-10 20:05 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll 2015-09-10 20:05 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-09-10 20:05 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-09-10 20:05 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-09-10 20:04 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-09-10 20:04 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-09-10 20:04 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-09-10 20:04 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-09-10 20:04 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-09-10 20:04 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-09-10 20:04 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-09-10 20:04 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-09-10 20:04 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-09-10 20:04 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-09-10 20:04 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-09-10 20:04 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-09-10 20:04 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-09-10 20:04 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-09-10 20:04 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-09-10 20:04 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-09-10 20:04 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-09-10 20:04 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-09-10 20:04 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-09-10 20:04 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-09-10 20:04 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-09-10 20:04 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-09-10 20:04 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-09-10 20:04 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-09-10 20:04 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-09-10 20:04 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-09-10 20:04 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-09-10 20:04 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll 2015-09-10 20:04 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll 2015-09-10 20:03 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-09-10 20:03 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-09-10 20:03 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-09-10 20:03 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-09-10 20:03 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-09-10 20:03 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe 2015-09-10 20:03 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2015-09-10 20:03 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-09-10 20:02 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-09-10 20:02 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-09-10 20:02 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-09-10 20:02 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-09-10 20:02 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-09-10 20:02 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-07 19:59 - 2010-07-10 09:00 - 00000000 ____D C:\Users\kl 2015-10-07 19:52 - 2015-02-12 23:47 - 00098520 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-10-07 19:47 - 2009-07-14 06:34 - 00009920 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-07 19:47 - 2009-07-14 06:34 - 00009920 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-07 19:42 - 2010-03-23 00:03 - 01475561 _____ C:\windows\WindowsUpdate.log 2015-10-07 19:38 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-10-07 19:37 - 2012-12-26 21:15 - 00000527 _____ C:\windows\setupact.log 2015-10-07 09:28 - 2015-02-12 19:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-10-07 09:28 - 2010-01-18 19:12 - 00538224 _____ C:\windows\PFRO.log 2015-10-06 23:51 - 2015-02-12 18:47 - 00030809 ____H C:\windows\system32\BTImages.dat 2015-10-06 23:24 - 2013-03-17 16:27 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-10-06 22:49 - 2012-12-26 21:15 - 00000000 _____ C:\windows\setuperr.log 2015-10-06 22:49 - 2009-07-29 12:27 - 00000000 ____D C:\windows\Panther 2015-10-06 22:10 - 2015-02-13 00:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-10-06 11:02 - 2010-01-18 19:03 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI 2015-09-27 15:07 - 2009-07-14 04:37 - 00000000 ____D C:\windows\rescache 2015-09-27 13:24 - 2012-12-26 19:39 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-09-27 13:24 - 2011-05-16 21:42 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-09-15 20:50 - 2015-02-12 23:47 - 00001060 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-15 20:50 - 2015-02-12 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-15 20:50 - 2015-02-12 23:47 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-09-14 18:33 - 2009-07-14 06:33 - 00411928 _____ C:\windows\system32\FNTCACHE.DAT 2015-09-14 18:31 - 2009-07-29 12:50 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-14 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE 2015-09-10 22:35 - 2010-01-18 18:57 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-10 22:33 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET 2015-09-10 22:27 - 2013-08-16 22:33 - 00000000 ____D C:\windows\system32\MRT ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2010-08-08 20:12 - 2010-10-02 19:56 - 0017408 _____ () C:\Users\kl\AppData\Local\WebpageIcons.db 2011-02-08 21:03 - 2011-02-08 21:03 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Einige Dateien in TEMP: ==================== C:\Users\Gast\AppData\Local\Temp\AskSLib.dll C:\Users\Hiltrud surft\AppData\Local\Temp\4vxsx6fp.dll C:\Users\Hiltrud surft\AppData\Local\Temp\AskSLib.dll C:\Users\Hiltrud surft\AppData\Local\Temp\egraxbhv.dll C:\Users\Hiltrud surft\AppData\Local\Temp\jwfvkcxz.dll C:\Users\Hiltrud surft\AppData\Local\Temp\ubum3oe1.dll C:\Users\Hiltrud surft\AppData\Local\Temp\vcdqyspg.dll C:\Users\kl\AppData\Local\Temp\011dzkrc.dll C:\Users\kl\AppData\Local\Temp\7funsqip.dll C:\Users\kl\AppData\Local\Temp\bvxyjyla.dll C:\Users\kl\AppData\Local\Temp\DeleteEcUninstall.exe C:\Users\kl\AppData\Local\Temp\First15.exe C:\Users\kl\AppData\Local\Temp\gzfsag4a.dll C:\Users\kl\AppData\Local\Temp\jre-8u51-windows-au.exe C:\Users\kl\AppData\Local\Temp\mycrykmh.dll C:\Users\kl\AppData\Local\Temp\no1ocf8a.dll C:\Users\kl\AppData\Local\Temp\ose00000.exe C:\Users\kl\AppData\Local\Temp\VP6Install.exe C:\Users\kl\AppData\Local\Temp\VP6VFW.dll C:\Users\kl\AppData\Local\Temp\_is7EA2.exe C:\Users\Lotte\AppData\Local\Temp\-zsa-kho.dll C:\Users\Lotte\AppData\Local\Temp\1uoah8v_.dll C:\Users\Lotte\AppData\Local\Temp\3idu37ep.dll C:\Users\Lotte\AppData\Local\Temp\4yaudcmu.dll C:\Users\Lotte\AppData\Local\Temp\AskSLib.dll C:\Users\Lotte\AppData\Local\Temp\coronlyy.dll C:\Users\Lotte\AppData\Local\Temp\drm_dialogs.dll C:\Users\Lotte\AppData\Local\Temp\drm_dyndata_7350007.dll C:\Users\Lotte\AppData\Local\Temp\drm_dyndata_7370012.dll C:\Users\Lotte\AppData\Local\Temp\f1rhfffn.dll C:\Users\Lotte\AppData\Local\Temp\gjsaee-w.dll C:\Users\Lotte\AppData\Local\Temp\gjufzcto.dll C:\Users\Lotte\AppData\Local\Temp\h4sfd6xf.dll C:\Users\Lotte\AppData\Local\Temp\hwr3sozq.dll C:\Users\Lotte\AppData\Local\Temp\hx36ce-2.dll C:\Users\Lotte\AppData\Local\Temp\jrq_nr2a.dll C:\Users\Lotte\AppData\Local\Temp\kh39tqfh.dll C:\Users\Lotte\AppData\Local\Temp\kpkfybpy.dll C:\Users\Lotte\AppData\Local\Temp\lbfhwked.dll C:\Users\Lotte\AppData\Local\Temp\m9jtppbv.dll C:\Users\Lotte\AppData\Local\Temp\o9k_fjj8.dll C:\Users\Lotte\AppData\Local\Temp\oh04_b7m.dll C:\Users\Lotte\AppData\Local\Temp\pufeuzoy.dll C:\Users\Lotte\AppData\Local\Temp\q4iekik8.dll C:\Users\Lotte\AppData\Local\Temp\qmprvye2.dll C:\Users\Lotte\AppData\Local\Temp\rzvju1xv.dll C:\Users\Lotte\AppData\Local\Temp\ssdaoh0d.dll C:\Users\Lotte\AppData\Local\Temp\stvlehmr.dll C:\Users\Lotte\AppData\Local\Temp\uphk2uns.dll C:\Users\Lotte\AppData\Local\Temp\v6otzh7l.dll C:\Users\Lotte\AppData\Local\Temp\va4fu7qv.dll C:\Users\Lotte\AppData\Local\Temp\vi7szlpg.dll C:\Users\Lotte\AppData\Local\Temp\w2sqht3s.dll C:\Users\Lotte\AppData\Local\Temp\xwupzso6.dll C:\Users\Lotte\AppData\Local\Temp\ykskitth.dll C:\Users\Lotte\AppData\Local\Temp\ylpu9v30.dll C:\Users\Lotte\AppData\Local\Temp\ytgjxs-i.dll C:\Users\Lotte\AppData\Local\Temp\zzsdmduw.dll C:\Users\Lotte\AppData\Local\Temp\_mtqh2n_.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\explorer.exe => Datei ist digital signiert C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-06 20:23 ==================== Ende vom FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-10-2015
durchgeführt von kl (2015-10-07 20:03:49)
Gestartet von C:\Users\kl\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-07-10 07:00:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-895131296-3947163188-607037198-500 - Administrator - Disabled)
Gast (S-1-5-21-895131296-3947163188-607037198-501 - Limited - Disabled) => C:\Users\Gast
Hiltrud surft (S-1-5-21-895131296-3947163188-607037198-1004 - Limited - Enabled) => C:\Users\Hiltrud surft
HomeGroupUser$ (S-1-5-21-895131296-3947163188-607037198-1007 - Limited - Enabled)
kl (S-1-5-21-895131296-3947163188-607037198-1003 - Administrator - Enabled) => C:\Users\kl
Lotte (S-1-5-21-895131296-3947163188-607037198-1005 - Limited - Enabled) => C:\Users\Lotte
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ZoneAlarm Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.02 - Broadcom Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.4.0 - Conexant)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.27 - Irfan Skiljan)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1900 - Broadcom Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 de) (HKLM\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.38 - Piriform)
Synchredible (HKLM\...\Synchredible_is1) (Version: 4.0.0.4 - ASCOMP Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.0 (HKLM\...\VLC media player) (Version: 1.1.0 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
ZoneAlarm Antivirus (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
29-08-2015 16:48:31 Windows Update
01-09-2015 09:09:03 Windows Update
01-09-2015 09:15:45 Windows-Sicherung
04-09-2015 21:34:46 Windows Update
06-09-2015 21:07:26 Windows-Sicherung
10-09-2015 19:56:07 Windows Update
10-09-2015 22:19:48 Windows Update
14-09-2015 18:47:54 Windows Update
14-09-2015 20:19:53 Windows-Sicherung
27-09-2015 12:59:36 Windows Update
27-09-2015 13:06:10 Windows-Sicherung
27-09-2015 19:00:35 Windows-Sicherung
02-10-2015 15:00:56 Windows Update
05-10-2015 09:55:01 Windows-Sicherung
07-10-2015 09:41:36 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2E2ADB1A-3B8C-4B2F-8884-3B8B55C02237} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {3E8FB9B0-3223-4B9C-A1BC-DFD30C41F9D4} - System32\Tasks\{142044FD-AC10-4043-A030-AAA5E005E25E} => pcalua.exe -a "C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe" -c -U -IKIWHerxa.INF
Task: {A7E2BE1C-B12F-42B0-8A2A-CD0DF4343F72} - System32\Tasks\{510C6EEC-ACDA-45CA-AF6E-C47E07F259D0} => pcalua.exe -a "C:\Program Files\EA GAMES\Die Sims 2\EAUninstall.exe"
Task: {C0E433DB-0C3B-495C-8754-5818C143A547} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-27] (Adobe Systems Incorporated)
Task: {CD2F7705-E1CD-42C9-8288-FA17BEB58ABA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {EB1CEADF-3505-428E-871C-7E8AACAC42B3} - System32\Tasks\{BA6D3752-D848-4609-AE16-8DB917FBA2BE} => C:\Program Files\Skype\\Phone\Skype.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2015-10-07 19:58 - 2015-10-07 19:58 - 00050477 _____ () C:\Users\kl\Downloads\Defogger.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-895131296-3947163188-607037198-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\kl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Power2GoExpress => NA
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VeriFaceManager =>
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{B43D8C96-C149-4D74-9C46-76B384A80715}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{88741739-6CD0-4A41-93B5-0FE42C379ADE}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{DBE6CF67-4E33-4941-8B15-B35D000AFD83}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{689A475D-CF17-4EEB-A26D-7D02A0297AD7}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{BDE34B2F-A3EE-4C20-9612-B8E10C42989E}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{1D2EE3E2-EE09-47EA-BBB9-F3D57B41B07E}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{649990E9-9732-4AEC-A599-582BAEB9C800}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{232B5319-5ACD-43C3-8D7F-826EA4D2A236}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device
Description: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: FingerPrinter Reader
Description: FingerPrinter Reader
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/06/2015 10:04:50 AM) (Source: MsiInstaller) (EventID: 1024) (User: kl-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/05/2015 09:44:52 PM) (Source: MsiInstaller) (EventID: 1024) (User: kl-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/05/2015 07:59:59 PM) (Source: MsiInstaller) (EventID: 1024) (User: kl-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/05/2015 09:56:46 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"
Error: (10/05/2015 09:45:55 AM) (Source: MsiInstaller) (EventID: 1024) (User: kl-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (09/27/2015 08:50:13 PM) (Source: MsiInstaller) (EventID: 1024) (User: kl-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (09/27/2015 07:02:02 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"
Error: (09/27/2015 01:08:33 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"
Error: (09/14/2015 09:22:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: kl-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (09/14/2015 08:21:23 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"
Systemfehler:
=============
Error: (10/07/2015 07:39:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/07/2015 07:39:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/07/2015 07:39:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/07/2015 10:19:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/07/2015 09:30:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/07/2015 09:30:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/07/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/06/2015 11:54:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/06/2015 11:54:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (10/06/2015 11:53:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
CodeIntegrity:
===================================
Date: 2015-04-02 08:01:37.575
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-01 22:23:32.207
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-01 21:28:51.402
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-01 20:53:36.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-31 19:29:59.350
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-31 09:13:56.729
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-30 17:05:11.507
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-30 14:40:15.399
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-30 09:48:41.147
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-28 14:03:56.302
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ThreatFire\TFWAH.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 1844.51 MB
Verfügbarer physikalischer RAM: 702.17 MB
Summe virtueller Speicher: 3689.02 MB
Verfügbarer virtueller Speicher: 2419.24 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:420.55 GB) (Free:263.16 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:29.48 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BEC90B8D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=420.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== Ende vom Addition.txt ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-07 20:24:18
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: go3n7gqc.exe; Driver: C:\Users\kl\AppData\Local\Temp\pxldqpoc.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAdjustPrivilegesToken [0x8E56B822]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwAlpcConnectPort [0x8F0C7B06]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwAlpcCreatePort [0x8F0C8404]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAlpcSendWaitReceivePort [0x8E53565C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwClose [0x8E51F3DE]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwConnectPort [0x8F0C751A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateEvent [0x8E51F954]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateFile [0x8F0C0D54]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateKey [0x8F0E2FFA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateMutant [0x8E51F83A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreatePort [0x8F0C8084]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateSection [0x8E56E6D0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateSemaphore [0x8E51FA74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateThread [0x8E56DC02]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateThreadEx [0x8E56DDA4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateUserProcess [0x8E56D84C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateWaitablePort [0x8F0C81EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDebugActiveProcess [0x8E56D6F2]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDeleteFile [0x8F0C1A94]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDeleteKey [0x8F0E4AEE]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDeleteValueKey [0x8F0E43A0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDeviceIoControlFile [0x8E51F422]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDuplicateObject [0x8E56B964]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwLoadDriver [0x8E56B5CC]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadKey [0x8F0E5580]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadKey2 [0x8F0E57BE]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadKeyEx [0x8F0E5C70]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwMapViewOfSection [0x8F0E7C3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwNotifyChangeKey [0x8E533324]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenEvent [0x8E51F9EA]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwOpenFile [0x8F0C1644]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenMutant [0x8E51F8CA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenProcess [0x8E56D238]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenSection [0x8E56E970]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenSemaphore [0x8E51FB0A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenThread [0x8E56D904]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueryDirectoryObject [0x8E51FB94]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueryObject [0x8E533532]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueueApcThread [0x8E56E380]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwRenameKey [0x8F0E6658]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwReplaceKey [0x8F0E5F3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyPort [0x8E535440]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyWaitReceivePort [0x8E5352CE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyWaitReceivePortEx [0x8E535384]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwRequestWaitReplyPort [0x8F0C70AE]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwRestoreKey [0x8F0E70CC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwResumeThread [0x8E56E0AA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSecureConnectPort [0x8E534D36]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetContextThread [0x8E56E208]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetInformationFile [0x8F0C1EA0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetInformationToken [0x8E51FC36]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetSecurityObject [0x8F0E6BE2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetSystemInformation [0x8E56B6D6]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetValueKey [0x8F0E3AC0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSuspendProcess [0x8E56D43A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSuspendThread [0x8E56DF52]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSystemDebugControl [0x8E51FC48]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwTerminateProcess [0x8E56D59A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwTerminateThread [0x8E56DAFE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwUnmapViewOfSection [0x8E56EAD8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwWriteVirtualMemory [0x8E56E80E]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwReplaceKey + 1525 82E45B55 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E7FBB2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82E86FBC 4 Bytes [22, B8, 56, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82E86FE4 8 Bytes [06, 7B, 0C, 8F, 04, 84, 0C, ...] {PUSH ES; JNP 0xf; POP DWORD [ESP+EAX*4]; OR AL, 0x8f}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82E87028 4 Bytes [5C, 56, 53, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82E87054 4 Bytes [DE, F3, 51, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82E87078 4 Bytes [1A, 75, 0C, 8F]
.text ...
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software\Fonts@LogPixels 96
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\Print
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\Print\Printers
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\Print\Printers\Canon MP540 series Printer
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\Print\Printers\Canon MP540 series Printer@PrinterOnLine 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@Attach.ToDesktop 1
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.BitsPerPel 32
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.XResolution 1024
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.YResolution 768
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.VRefresh 1
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.XPanning 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.YPanning 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.Orientation 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.FixedOutput 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@Attach.RelativeX 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@Attach.RelativeY 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@Attach.ToDesktop 1
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.BitsPerPel 32
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.XResolution 1024
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.YResolution 768
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.VRefresh 1
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.XPanning 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.YPanning 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.Orientation 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.FixedOutput 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@Attach.RelativeX 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@Attach.RelativeY 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{B63B58DC-9BF0-4E38-9F7C-E16F894D7CDA}
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{B63B58DC-9BF0-4E38-9F7C-E16F894D7CDA}\0000
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{B63B58DC-9BF0-4E38-9F7C-E16F894D7CDA}\0000@Attach.ToDesktop 1
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_14F1&DEV_5051&SUBSYS_17AAC001&REV_1000
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_14F1&DEV_5051&SUBSYS_17AAC001&REV_1000\4&1082C8B8&0&0201
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_14F1&DEV_5051&SUBSYS_17AAC001&REV_1000\4&1082C8B8&0&0201@CSConfigFlags 0
Reg HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum\ROOT
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe9dbee
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\Software\Fonts@LogPixels 96
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\Print (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\Print\Printers (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\Print\Printers\Canon MP540 series Printer (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\Print\Printers\Canon MP540 series Printer@PrinterOnLine 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6} (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@Attach.ToDesktop 1
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.BitsPerPel 32
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.XResolution 1024
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.YResolution 768
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.VRefresh 1
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.Flags 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.XPanning 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.YPanning 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.Orientation 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@DefaultSettings.FixedOutput 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@Attach.RelativeX 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000@Attach.RelativeY 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@Attach.ToDesktop 1
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.BitsPerPel 32
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.XResolution 1024
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.YResolution 768
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.VRefresh 1
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.Flags 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.XPanning 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.YPanning 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.Orientation 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@DefaultSettings.FixedOutput 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@Attach.RelativeX 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{1A3EB677-F210-43AE-85B9-C6964FF59BF6}\0000\Mon12345678@Attach.RelativeY 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{B63B58DC-9BF0-4E38-9F7C-E16F894D7CDA} (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{B63B58DC-9BF0-4E38-9F7C-E16F894D7CDA}\0000 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Control\VIDEO\{B63B58DC-9BF0-4E38-9F7C-E16F894D7CDA}\0000@Attach.ToDesktop 1
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_14F1&DEV_5051&SUBSYS_17AAC001&REV_1000 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_14F1&DEV_5051&SUBSYS_17AAC001&REV_1000\4&1082C8B8&0&0201 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_14F1&DEV_5051&SUBSYS_17AAC001&REV_1000\4&1082C8B8&0&0201@CSConfigFlags 0
Reg HKLM\SYSTEM\ControlSet002\Hardware Profiles\0001\System\CurrentControlSet\Enum\ROOT (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe9dbee (not active ControlSet)
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@E42ABDCB 2349
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PowerTracker\Data\2015-10-07@DC_MonitorOn_Energy 53388
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PowerTracker\Data\2015-10-07@DC_MonitorOn_Duration 0x2D 0x0D 0x00 0x00 ...
---- EOF - GMER 2.1 ----
|
|
07.10.2015, 20:06
| #2 |
| /// the machine /// TB-Ausbilder    | Yahoo Accounte versenden Spam Mails hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.10.2015, 21:50
| #3 |
| | Yahoo Accounte versenden Spam Mails Thx!
__________________mit beiden Programmen kein Fund Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.07.05
rootkit: v2015.10.06.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18015
kl :: KL-PC [administrator]
07.10.2015 21:22:21
mbar-log-2015-10-07 (21-22-21).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 464437
Time elapsed: 1 hour(s), 16 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 22:39:56.0305 0x0570 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
22:40:05.0614 0x0570 ============================================================
22:40:05.0615 0x0570 Current date / time: 2015/10/07 22:40:05.0614
22:40:05.0615 0x0570 SystemInfo:
22:40:05.0615 0x0570
22:40:05.0634 0x0570 OS Version: 6.1.7601 ServicePack: 1.0
22:40:05.0634 0x0570 Product type: Workstation
22:40:05.0634 0x0570 ComputerName: KL-PC
22:40:05.0634 0x0570 UserName: kl
22:40:05.0634 0x0570 Windows directory: C:\windows
22:40:05.0634 0x0570 System windows directory: C:\windows
22:40:05.0634 0x0570 Processor architecture: Intel x86
22:40:05.0634 0x0570 Number of processors: 4
22:40:05.0634 0x0570 Page size: 0x1000
22:40:05.0634 0x0570 Boot type: Normal boot
22:40:05.0634 0x0570 ============================================================
22:40:26.0504 0x0570 KLMD registered as C:\windows\system32\drivers\75217722.sys
22:40:27.0387 0x0570 System UUID: {53F20E04-15A2-56D7-C44F-8B68CE818635}
22:40:29.0192 0x0570 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:40:29.0283 0x0570 ============================================================
22:40:29.0283 0x0570 \Device\Harddisk0\DR0:
22:40:29.0309 0x0570 MBR partitions:
22:40:29.0309 0x0570 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
22:40:29.0309 0x0570 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34920180
22:40:29.0400 0x0570 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985980, BlocksNum 0x3C7E000
22:40:29.0400 0x0570 ============================================================
22:40:29.0587 0x0570 C: <-> \Device\Harddisk0\DR0\Partition2
22:40:29.0625 0x0570 D: <-> \Device\Harddisk0\DR0\Partition3
22:40:29.0676 0x0570 ============================================================
22:40:29.0676 0x0570 Initialize success
22:40:29.0676 0x0570 ============================================================
22:40:32.0821 0x0c88 ============================================================
22:40:32.0821 0x0c88 Scan started
22:40:32.0821 0x0c88 Mode: Manual;
22:40:32.0821 0x0c88 ============================================================
22:40:32.0821 0x0c88 KSN ping started
22:40:47.0591 0x0c88 KSN ping finished: true
22:40:50.0228 0x0c88 ================ Scan system memory ========================
22:40:50.0228 0x0c88 System memory - ok
22:40:50.0228 0x0c88 ================ Scan services =============================
22:40:50.0727 0x0c88 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
22:40:50.0742 0x0c88 1394ohci - ok
22:40:51.0179 0x0c88 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
22:40:51.0242 0x0c88 ACPI - ok
22:40:51.0366 0x0c88 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
22:40:51.0366 0x0c88 AcpiPmi - ok
22:40:51.0429 0x0c88 [ 87114EFEDEB94AF49323CA61F344716D, B58C92030B08BFA3DF2ACE29F1C0955C9FA77CC6468B920613A98A027B47CB1A ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
22:40:51.0429 0x0c88 ACPIVPC - ok
22:40:51.0725 0x0c88 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:40:51.0725 0x0c88 AdobeARMservice - ok
22:40:51.0975 0x0c88 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:40:51.0990 0x0c88 AdobeFlashPlayerUpdateSvc - ok
22:40:52.0100 0x0c88 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
22:40:52.0131 0x0c88 adp94xx - ok
22:40:52.0209 0x0c88 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
22:40:52.0256 0x0c88 adpahci - ok
22:40:52.0365 0x0c88 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
22:40:52.0380 0x0c88 adpu320 - ok
22:40:52.0427 0x0c88 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:40:52.0427 0x0c88 AeLookupSvc - ok
22:40:52.0692 0x0c88 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
22:40:52.0786 0x0c88 AFD - ok
22:40:52.0895 0x0c88 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
22:40:52.0895 0x0c88 agp440 - ok
22:40:53.0004 0x0c88 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
22:40:53.0020 0x0c88 aic78xx - ok
22:40:53.0176 0x0c88 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
22:40:53.0176 0x0c88 ALG - ok
22:40:53.0270 0x0c88 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
22:40:53.0270 0x0c88 aliide - ok
22:40:53.0316 0x0c88 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
22:40:53.0316 0x0c88 amdagp - ok
22:40:53.0441 0x0c88 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
22:40:53.0441 0x0c88 amdide - ok
22:40:53.0472 0x0c88 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
22:40:53.0472 0x0c88 AmdK8 - ok
22:40:53.0504 0x0c88 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
22:40:53.0504 0x0c88 AmdPPM - ok
22:40:53.0566 0x0c88 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:40:53.0566 0x0c88 amdsata - ok
22:40:53.0738 0x0c88 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
22:40:53.0753 0x0c88 amdsbs - ok
22:40:53.0784 0x0c88 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
22:40:53.0784 0x0c88 amdxata - ok
22:40:53.0831 0x0c88 [ FD6D4BC1CF7D1FEC5A17588007ECAFB5, 458CFC20CF01ADDBB91F4F23F6452AB1372710436733606EAD30383F7AB4E2DD ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
22:40:53.0894 0x0c88 ApfiltrService - ok
22:40:54.0003 0x0c88 [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\windows\system32\drivers\appid.sys
22:40:54.0003 0x0c88 AppID - ok
22:40:54.0143 0x0c88 [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\windows\System32\appidsvc.dll
22:40:54.0143 0x0c88 AppIDSvc - ok
22:40:54.0237 0x0c88 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\windows\System32\appinfo.dll
22:40:54.0237 0x0c88 Appinfo - ok
22:40:54.0315 0x0c88 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
22:40:54.0315 0x0c88 arc - ok
22:40:54.0362 0x0c88 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
22:40:54.0362 0x0c88 arcsas - ok
22:40:54.0424 0x0c88 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:40:54.0424 0x0c88 AsyncMac - ok
22:40:54.0486 0x0c88 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
22:40:54.0486 0x0c88 atapi - ok
22:40:54.0611 0x0c88 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:40:54.0720 0x0c88 AudioEndpointBuilder - ok
22:40:54.0736 0x0c88 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll
22:40:54.0752 0x0c88 Audiosrv - ok
22:40:54.0954 0x0c88 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
22:40:54.0970 0x0c88 AxInstSV - ok
22:40:55.0048 0x0c88 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
22:40:55.0079 0x0c88 b06bdrv - ok
22:40:55.0157 0x0c88 [ 6F41A4C5745BB99F89406F57164F099E, EE4779C2BA2AC55080F6AEE9A134DCA03BE25FBC51E56EC32E1146A8DE5EAA0F ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
22:40:55.0173 0x0c88 b57nd60x - ok
22:40:55.0422 0x0c88 [ CDA161020BF75B12728AE394196AD991, A0D81CA5BE70D2B5FAD9BC6634D008D3CC5A3E80B993202D468DBE87932C65BB ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
22:40:55.0766 0x0c88 BCM43XX - ok
22:40:55.0984 0x0c88 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
22:40:56.0000 0x0c88 BDESVC - ok
22:40:56.0046 0x0c88 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
22:40:56.0046 0x0c88 Beep - ok
22:40:56.0124 0x0c88 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
22:40:56.0187 0x0c88 BFE - ok
22:40:56.0343 0x0c88 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll
22:40:56.0452 0x0c88 BITS - ok
22:40:56.0577 0x0c88 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
22:40:56.0577 0x0c88 blbdrive - ok
22:40:56.0655 0x0c88 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:40:56.0670 0x0c88 bowser - ok
22:40:56.0702 0x0c88 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
22:40:56.0702 0x0c88 BrFiltLo - ok
22:40:56.0748 0x0c88 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
22:40:56.0748 0x0c88 BrFiltUp - ok
22:40:56.0858 0x0c88 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
22:40:56.0858 0x0c88 Browser - ok
22:40:56.0904 0x0c88 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:40:56.0967 0x0c88 Brserid - ok
22:40:57.0045 0x0c88 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:40:57.0045 0x0c88 BrSerWdm - ok
22:40:57.0248 0x0c88 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:40:57.0248 0x0c88 BrUsbMdm - ok
22:40:57.0294 0x0c88 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:40:57.0294 0x0c88 BrUsbSer - ok
22:40:57.0435 0x0c88 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
22:40:57.0435 0x0c88 BthEnum - ok
22:40:57.0466 0x0c88 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
22:40:57.0466 0x0c88 BTHMODEM - ok
22:40:57.0575 0x0c88 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
22:40:57.0575 0x0c88 BthPan - ok
22:40:57.0809 0x0c88 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
22:40:57.0825 0x0c88 BTHPORT - ok
22:40:57.0856 0x0c88 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
22:40:57.0856 0x0c88 bthserv - ok
22:40:57.0996 0x0c88 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
22:40:58.0012 0x0c88 BTHUSB - ok
22:40:58.0121 0x0c88 [ F549C3FB145A4928E40BB1518B2034DC, FAD5B228B43FEC582DBDD91903216C1B170AC3C426E1F3420985988559F2AC49 ] btusbflt C:\windows\system32\drivers\btusbflt.sys
22:40:58.0137 0x0c88 btusbflt - ok
22:40:58.0386 0x0c88 [ F8B4F60768328FAA2FFE2727F66809F8, 7281200791AC91AB88D5D338AA6B5401AA2039E2963F94C13B4887E73C3F8EE7 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
22:40:58.0386 0x0c88 btwaudio - ok
22:40:58.0574 0x0c88 [ FA7446DD38DE84D4988D1F2EBB854589, 5F9C674C6811CC7DA60111B758433800246C967D8C1551391823390D8F4F30A1 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
22:40:58.0589 0x0c88 btwavdt - ok
22:40:58.0776 0x0c88 [ 41A87D6A8E76598BF951E8A3A81E6B2A, 94EF99A7D0CBBB6A7F21CAFA68C3B9F2C8932AF573D03F7AEF7487C653818A59 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
22:40:58.0823 0x0c88 btwdins - ok
22:40:58.0948 0x0c88 [ AAFD7CB76BA61FBB08E302DA208C974A, 1B342095E373ECCA1775B30E92CD337BECEB4BA9F821132C33507A646E6A341C ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
22:40:58.0948 0x0c88 btwl2cap - ok
22:40:59.0026 0x0c88 [ D5862FBC1CBC0404614FD9D85C8D880E, C05BC43415BD646CA950E177F3D3829C6600024061D19CDFB6507DC46A824144 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
22:40:59.0026 0x0c88 btwrchid - ok
22:40:59.0088 0x0c88 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:40:59.0104 0x0c88 cdfs - ok
22:40:59.0229 0x0c88 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:40:59.0229 0x0c88 cdrom - ok
22:40:59.0447 0x0c88 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
22:40:59.0447 0x0c88 CertPropSvc - ok
22:40:59.0494 0x0c88 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
22:40:59.0510 0x0c88 circlass - ok
22:40:59.0666 0x0c88 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\windows\system32\CLFS.sys
22:40:59.0697 0x0c88 CLFS - ok
22:40:59.0900 0x0c88 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:59.0900 0x0c88 clr_optimization_v2.0.50727_32 - ok
22:41:00.0024 0x0c88 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:41:00.0040 0x0c88 clr_optimization_v4.0.30319_32 - ok
22:41:00.0071 0x0c88 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
22:41:00.0087 0x0c88 CmBatt - ok
22:41:00.0149 0x0c88 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
22:41:00.0149 0x0c88 cmdide - ok
22:41:00.0368 0x0c88 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys
22:41:00.0461 0x0c88 CNG - ok
22:41:00.0570 0x0c88 [ 7C47786B58AE503777DBD12FAE20ED42, 131013B6294B0AEFA2738B89EFD1F7C4ADE02C549BAE3BA61AAA2CACBDB30C33 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys
22:41:00.0602 0x0c88 CnxtHdAudService - ok
22:41:00.0680 0x0c88 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
22:41:00.0695 0x0c88 Compbatt - ok
22:41:00.0867 0x0c88 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
22:41:00.0867 0x0c88 CompositeBus - ok
22:41:00.0882 0x0c88 COMSysApp - ok
22:41:00.0929 0x0c88 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
22:41:00.0945 0x0c88 crcdisk - ok
22:41:01.0007 0x0c88 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\windows\system32\cryptsvc.dll
22:41:01.0023 0x0c88 CryptSvc - ok
22:41:01.0101 0x0c88 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
22:41:01.0210 0x0c88 DcomLaunch - ok
22:41:01.0241 0x0c88 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
22:41:01.0272 0x0c88 defragsvc - ok
22:41:01.0366 0x0c88 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:41:01.0366 0x0c88 DfsC - ok
22:41:01.0553 0x0c88 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
22:41:01.0569 0x0c88 Dhcp - ok
22:41:01.0725 0x0c88 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\windows\system32\diagtrack.dll
22:41:01.0818 0x0c88 DiagTrack - ok
22:41:01.0896 0x0c88 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
22:41:01.0896 0x0c88 discache - ok
22:41:01.0943 0x0c88 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
22:41:01.0959 0x0c88 Disk - ok
22:41:02.0037 0x0c88 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
22:41:02.0037 0x0c88 Dnscache - ok
22:41:02.0115 0x0c88 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
22:41:02.0177 0x0c88 dot3svc - ok
22:41:02.0271 0x0c88 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
22:41:02.0271 0x0c88 DPS - ok
22:41:02.0396 0x0c88 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:41:02.0396 0x0c88 drmkaud - ok
22:41:02.0661 0x0c88 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:41:02.0801 0x0c88 DXGKrnl - ok
22:41:02.0895 0x0c88 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
22:41:02.0910 0x0c88 EapHost - ok
22:41:03.0176 0x0c88 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
22:41:03.0332 0x0c88 ebdrv - ok
22:41:03.0456 0x0c88 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\windows\System32\lsass.exe
22:41:03.0456 0x0c88 EFS - ok
22:41:03.0675 0x0c88 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:41:03.0722 0x0c88 ehRecvr - ok
22:41:03.0878 0x0c88 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
22:41:03.0893 0x0c88 ehSched - ok
22:41:03.0971 0x0c88 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
22:41:04.0049 0x0c88 elxstor - ok
22:41:04.0112 0x0c88 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
22:41:04.0112 0x0c88 ErrDev - ok
22:41:04.0190 0x0c88 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
22:41:04.0283 0x0c88 EventSystem - ok
22:41:04.0439 0x0c88 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
22:41:04.0439 0x0c88 exfat - ok
22:41:04.0517 0x0c88 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
22:41:04.0533 0x0c88 fastfat - ok
22:41:04.0704 0x0c88 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
22:41:04.0782 0x0c88 Fax - ok
22:41:04.0860 0x0c88 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
22:41:04.0860 0x0c88 fdc - ok
22:41:04.0985 0x0c88 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
22:41:04.0985 0x0c88 fdPHost - ok
22:41:05.0063 0x0c88 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
22:41:05.0079 0x0c88 FDResPub - ok
22:41:05.0110 0x0c88 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:41:05.0126 0x0c88 FileInfo - ok
22:41:05.0172 0x0c88 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:41:05.0172 0x0c88 Filetrace - ok
22:41:05.0204 0x0c88 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
22:41:05.0204 0x0c88 flpydisk - ok
22:41:05.0235 0x0c88 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:41:05.0250 0x0c88 FltMgr - ok
22:41:05.0422 0x0c88 [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\windows\system32\FntCache.dll
22:41:05.0516 0x0c88 FontCache - ok
22:41:05.0578 0x0c88 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:41:05.0578 0x0c88 FontCache3.0.0.0 - ok
22:41:05.0625 0x0c88 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:41:05.0640 0x0c88 FsDepends - ok
22:41:05.0718 0x0c88 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:41:05.0718 0x0c88 Fs_Rec - ok
22:41:05.0812 0x0c88 [ F626F291E3F56E8969E35945552FECA3, 47D75C4768E5BEDB3A503D24816D414D649725C2C30D16486A09A6C46ADA59D6 ] funfrm C:\windows\system32\drivers\funfrm.sys
22:41:05.0812 0x0c88 funfrm - ok
22:41:06.0030 0x0c88 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:41:06.0062 0x0c88 fvevol - ok
22:41:06.0108 0x0c88 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
22:41:06.0124 0x0c88 gagp30kx - ok
22:41:06.0171 0x0c88 [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:41:06.0171 0x0c88 GEARAspiWDM - ok
22:41:06.0264 0x0c88 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
22:41:06.0311 0x0c88 gpsvc - ok
22:41:06.0358 0x0c88 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:41:06.0358 0x0c88 hcw85cir - ok
22:41:06.0483 0x0c88 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:41:06.0654 0x0c88 HdAudAddService - ok
22:41:06.0795 0x0c88 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
22:41:06.0795 0x0c88 HDAudBus - ok
22:41:06.0935 0x0c88 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\windows\system32\DRIVERS\HECI.sys
22:41:06.0935 0x0c88 HECI - ok
22:41:07.0029 0x0c88 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
22:41:07.0029 0x0c88 HidBatt - ok
22:41:07.0107 0x0c88 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
22:41:07.0107 0x0c88 HidBth - ok
22:41:07.0185 0x0c88 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
22:41:07.0185 0x0c88 HidIr - ok
22:41:07.0247 0x0c88 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll
22:41:07.0263 0x0c88 hidserv - ok
22:41:07.0372 0x0c88 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
22:41:07.0372 0x0c88 HidUsb - ok
22:41:07.0419 0x0c88 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
22:41:07.0419 0x0c88 hkmsvc - ok
22:41:07.0575 0x0c88 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:41:07.0606 0x0c88 HomeGroupListener - ok
22:41:07.0700 0x0c88 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:41:07.0746 0x0c88 HomeGroupProvider - ok
22:41:07.0824 0x0c88 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
22:41:07.0824 0x0c88 HpSAMD - ok
22:41:07.0996 0x0c88 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\windows\system32\drivers\HTTP.sys
22:41:08.0090 0x0c88 HTTP - ok
22:41:08.0199 0x0c88 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:41:08.0199 0x0c88 hwpolicy - ok
22:41:08.0292 0x0c88 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
22:41:08.0292 0x0c88 i8042prt - ok
22:41:08.0511 0x0c88 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:41:08.0526 0x0c88 IAANTMON - ok
22:41:08.0604 0x0c88 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
22:41:08.0620 0x0c88 iaStor - ok
22:41:08.0714 0x0c88 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:41:08.0745 0x0c88 iaStorV - ok
22:41:08.0901 0x0c88 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:41:08.0948 0x0c88 idsvc - ok
22:41:09.0104 0x0c88 IEEtwCollectorService - ok
22:41:09.0618 0x0c88 [ 40F8A0F85BCE94F766808AEEE8F96FA8, 7D80BA9501F42CD5B41337F7C69B8CD7E57D1EC1C516ECAC2002DF66A8826C78 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
22:41:10.0040 0x0c88 igfx - ok
22:41:10.0149 0x0c88 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
22:41:10.0149 0x0c88 iirsp - ok
22:41:10.0336 0x0c88 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
22:41:10.0414 0x0c88 IKEEXT - ok
22:41:10.0648 0x0c88 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
22:41:10.0648 0x0c88 intelide - ok
22:41:10.0726 0x0c88 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
22:41:10.0726 0x0c88 intelppm - ok
22:41:10.0898 0x0c88 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:41:10.0898 0x0c88 IPBusEnum - ok
22:41:10.0960 0x0c88 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:41:10.0960 0x0c88 IpFilterDriver - ok
22:41:11.0225 0x0c88 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:41:11.0256 0x0c88 iphlpsvc - ok
22:41:11.0319 0x0c88 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
22:41:11.0319 0x0c88 IPMIDRV - ok
22:41:11.0381 0x0c88 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:41:11.0381 0x0c88 IPNAT - ok
22:41:11.0459 0x0c88 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
22:41:11.0459 0x0c88 IRENUM - ok
22:41:11.0490 0x0c88 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
22:41:11.0490 0x0c88 isapnp - ok
22:41:11.0600 0x0c88 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
22:41:11.0662 0x0c88 iScsiPrt - ok
22:41:11.0771 0x0c88 [ C4C95805B85BCE1EB9D20F4A02FC5F9B, 0ED6A3004B0C5020223C2E1F70B7590C6772D5B272A0033679BC610E21EAE670 ] k57nd60x C:\windows\system32\DRIVERS\k57nd60x.sys
22:41:11.0802 0x0c88 k57nd60x - ok
22:41:11.0880 0x0c88 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
22:41:11.0927 0x0c88 kbdclass - ok
22:41:12.0021 0x0c88 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys
22:41:12.0021 0x0c88 kbdhid - ok
22:41:12.0083 0x0c88 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\windows\system32\lsass.exe
22:41:12.0083 0x0c88 KeyIso - ok
22:41:12.0177 0x0c88 [ 2AD446E7A867C48099227415DD66FB34, 7A5C80C19B870EC2AAB448949758972AD1AE2FD7C158ECF4E17DE54A5982B58A ] KL1 C:\windows\system32\DRIVERS\kl1.sys
22:41:12.0177 0x0c88 KL1 - ok
22:41:12.0286 0x0c88 [ CB7B98B51E2DDB6E519EB35DA0E7AFD2, 55C66955192D0D983F9D94C80104D7204103D993D937B140856AF5DB365B4B7D ] KLIF C:\windows\system32\DRIVERS\klif.sys
22:41:12.0348 0x0c88 KLIF - ok
22:41:12.0458 0x0c88 [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:41:12.0458 0x0c88 KSecDD - ok
22:41:12.0504 0x0c88 [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:41:12.0504 0x0c88 KSecPkg - ok
22:41:12.0567 0x0c88 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
22:41:12.0629 0x0c88 KtmRm - ok
22:41:12.0707 0x0c88 [ B05ADCD03AAED42607371186F359D8A5, C93AC79920D5112BD0BF6C0B8C9548AE13D698E7A0CBDB4B053E9C95680CE1B3 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
22:41:12.0723 0x0c88 L1C - ok
22:41:12.0863 0x0c88 [ 8C804B1FFAD1EFA952B747E8285C3B76, 10424290F13F0BF719992B2CFFCDC58121AB2149C149D3B17EF7ECDFF853D67D ] L1E C:\windows\system32\DRIVERS\L1E62x86.sys
22:41:12.0863 0x0c88 L1E - ok
22:41:12.0941 0x0c88 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll
22:41:12.0957 0x0c88 LanmanServer - ok
22:41:13.0066 0x0c88 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:41:13.0066 0x0c88 LanmanWorkstation - ok
22:41:13.0113 0x0c88 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:41:13.0113 0x0c88 lltdio - ok
22:41:13.0253 0x0c88 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
22:41:13.0300 0x0c88 lltdsvc - ok
22:41:13.0378 0x0c88 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
22:41:13.0378 0x0c88 lmhosts - ok
22:41:13.0425 0x0c88 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
22:41:13.0440 0x0c88 LSI_FC - ok
22:41:13.0487 0x0c88 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
22:41:13.0487 0x0c88 LSI_SAS - ok
22:41:13.0518 0x0c88 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
22:41:13.0534 0x0c88 LSI_SAS2 - ok
22:41:13.0628 0x0c88 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
22:41:13.0628 0x0c88 LSI_SCSI - ok
22:41:13.0721 0x0c88 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
22:41:13.0721 0x0c88 luafv - ok
22:41:13.0815 0x0c88 [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
22:41:13.0815 0x0c88 MBAMProtector - ok
22:41:14.0189 0x0c88 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:41:14.0220 0x0c88 MBAMScheduler - ok
22:41:14.0361 0x0c88 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
22:41:14.0423 0x0c88 MBAMService - ok
22:41:14.0501 0x0c88 [ 739164A8B8FB2F1B50A498F20AF7B21E, 8E7A387C3726A863BF251E638D072FA472B698EF6868E9A7A00EF1272F809C64 ] MBAMSwissArmy C:\windows\system32\drivers\3AC0763F.sys
22:41:14.0517 0x0c88 MBAMSwissArmy - ok
22:41:14.0657 0x0c88 [ 490F0F3ED8A970E2BAA38F719242B8F7, 03F902365372639424AB654AEBF6EB2B6B73363275435ADC2D086EAA7112AC3D ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
22:41:14.0657 0x0c88 MBAMWebAccessControl - ok
22:41:14.0704 0x0c88 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:41:14.0720 0x0c88 Mcx2Svc - ok
22:41:14.0735 0x0c88 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
22:41:14.0735 0x0c88 megasas - ok
22:41:14.0844 0x0c88 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
22:41:14.0860 0x0c88 MegaSR - ok
22:41:14.0922 0x0c88 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
22:41:14.0938 0x0c88 MMCSS - ok
22:41:14.0969 0x0c88 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
22:41:14.0985 0x0c88 Modem - ok
22:41:15.0094 0x0c88 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:41:15.0094 0x0c88 monitor - ok
22:41:15.0188 0x0c88 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:41:15.0188 0x0c88 mouclass - ok
22:41:15.0250 0x0c88 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:41:15.0266 0x0c88 mouhid - ok
22:41:15.0390 0x0c88 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:41:15.0406 0x0c88 mountmgr - ok
22:41:15.0578 0x0c88 [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:41:15.0593 0x0c88 MozillaMaintenance - ok
22:41:15.0656 0x0c88 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
22:41:15.0671 0x0c88 mpio - ok
22:41:15.0780 0x0c88 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:41:15.0780 0x0c88 mpsdrv - ok
22:41:15.0905 0x0c88 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
22:41:15.0999 0x0c88 MpsSvc - ok
22:41:16.0217 0x0c88 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:41:16.0248 0x0c88 MRxDAV - ok
22:41:16.0358 0x0c88 [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:41:16.0373 0x0c88 mrxsmb - ok
22:41:16.0436 0x0c88 [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:41:16.0451 0x0c88 mrxsmb10 - ok
22:41:16.0576 0x0c88 [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:41:16.0576 0x0c88 mrxsmb20 - ok
22:41:16.0654 0x0c88 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
22:41:16.0654 0x0c88 msahci - ok
22:41:16.0732 0x0c88 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
22:41:16.0732 0x0c88 msdsm - ok
22:41:16.0763 0x0c88 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
22:41:16.0763 0x0c88 MSDTC - ok
22:41:16.0826 0x0c88 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
22:41:16.0826 0x0c88 Msfs - ok
22:41:16.0841 0x0c88 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:41:16.0841 0x0c88 mshidkmdf - ok
22:41:16.0919 0x0c88 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
22:41:16.0919 0x0c88 msisadrv - ok
22:41:16.0997 0x0c88 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:41:16.0997 0x0c88 MSiSCSI - ok
22:41:17.0013 0x0c88 msiserver - ok
22:41:17.0122 0x0c88 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:41:17.0122 0x0c88 MSKSSRV - ok
22:41:17.0169 0x0c88 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:41:17.0169 0x0c88 MSPCLOCK - ok
22:41:17.0200 0x0c88 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:41:17.0200 0x0c88 MSPQM - ok
22:41:17.0247 0x0c88 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:41:17.0262 0x0c88 MsRPC - ok
22:41:17.0294 0x0c88 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
22:41:17.0294 0x0c88 mssmbios - ok
22:41:17.0387 0x0c88 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:41:17.0387 0x0c88 MSTEE - ok
22:41:17.0434 0x0c88 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
22:41:17.0434 0x0c88 MTConfig - ok
22:41:17.0559 0x0c88 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
22:41:17.0574 0x0c88 Mup - ok
22:41:17.0715 0x0c88 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
22:41:17.0762 0x0c88 napagent - ok
22:41:17.0840 0x0c88 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:41:17.0855 0x0c88 NativeWifiP - ok
22:41:18.0011 0x0c88 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
22:41:18.0058 0x0c88 NDIS - ok
22:41:18.0136 0x0c88 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:41:18.0136 0x0c88 NdisCap - ok
22:41:18.0198 0x0c88 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:41:18.0198 0x0c88 NdisTapi - ok
22:41:18.0292 0x0c88 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:41:18.0308 0x0c88 Ndisuio - ok
22:41:18.0370 0x0c88 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:41:18.0370 0x0c88 NdisWan - ok
22:41:18.0448 0x0c88 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:41:18.0448 0x0c88 NDProxy - ok
22:41:18.0479 0x0c88 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:41:18.0479 0x0c88 NetBIOS - ok
22:41:18.0557 0x0c88 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:41:18.0588 0x0c88 NetBT - ok
22:41:18.0604 0x0c88 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\windows\system32\lsass.exe
22:41:18.0620 0x0c88 Netlogon - ok
22:41:18.0651 0x0c88 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
22:41:18.0682 0x0c88 Netman - ok
22:41:18.0713 0x0c88 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
22:41:18.0729 0x0c88 netprofm - ok
22:41:18.0838 0x0c88 [ 005C38BA492291801AA5F71DAE3C1A7B, E43F0CE95D646B41FC681E0B95721598EA74C45975BEEE1C5EFFB0D238253B0E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:41:18.0838 0x0c88 NetTcpPortSharing - ok
22:41:19.0150 0x0c88 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\windows\system32\DRIVERS\netw5v32.sys
22:41:19.0337 0x0c88 netw5v32 - ok
22:41:19.0509 0x0c88 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
22:41:19.0509 0x0c88 nfrd960 - ok
22:41:19.0634 0x0c88 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll
22:41:19.0696 0x0c88 NlaSvc - ok
22:41:19.0712 0x0c88 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:41:19.0712 0x0c88 Npfs - ok
22:41:19.0743 0x0c88 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
22:41:19.0758 0x0c88 nsi - ok
22:41:19.0836 0x0c88 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:41:19.0836 0x0c88 nsiproxy - ok
22:41:20.0039 0x0c88 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:41:20.0102 0x0c88 Ntfs - ok
22:41:20.0148 0x0c88 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
22:41:20.0148 0x0c88 Null - ok
22:41:20.0180 0x0c88 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
22:41:20.0195 0x0c88 nvraid - ok
22:41:20.0304 0x0c88 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
22:41:20.0336 0x0c88 nvstor - ok
22:41:20.0367 0x0c88 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
22:41:20.0367 0x0c88 nv_agp - ok
22:41:20.0648 0x0c88 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:41:20.0679 0x0c88 odserv - ok
22:41:20.0804 0x0c88 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
22:41:20.0804 0x0c88 ohci1394 - ok
22:41:20.0897 0x0c88 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:41:20.0913 0x0c88 ose - ok
22:41:20.0944 0x0c88 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:41:21.0006 0x0c88 p2pimsvc - ok
22:41:21.0178 0x0c88 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
22:41:21.0272 0x0c88 p2psvc - ok
22:41:21.0318 0x0c88 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
22:41:21.0334 0x0c88 Parport - ok
22:41:21.0365 0x0c88 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
22:41:21.0365 0x0c88 partmgr - ok
22:41:21.0412 0x0c88 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
22:41:21.0412 0x0c88 Parvdm - ok
22:41:21.0459 0x0c88 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll
22:41:21.0474 0x0c88 PcaSvc - ok
22:41:21.0599 0x0c88 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
22:41:21.0599 0x0c88 pci - ok
22:41:21.0677 0x0c88 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
22:41:21.0677 0x0c88 pciide - ok
22:41:21.0740 0x0c88 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
22:41:21.0833 0x0c88 pcmcia - ok
22:41:21.0864 0x0c88 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
22:41:21.0864 0x0c88 pcw - ok
22:41:22.0161 0x0c88 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:41:22.0223 0x0c88 PEAUTH - ok
22:41:22.0426 0x0c88 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
22:41:22.0488 0x0c88 pla - ok
22:41:22.0535 0x0c88 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:41:22.0566 0x0c88 PlugPlay - ok
22:41:22.0598 0x0c88 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:41:22.0598 0x0c88 PNRPAutoReg - ok
22:41:22.0660 0x0c88 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:41:22.0660 0x0c88 PNRPsvc - ok
22:41:22.0832 0x0c88 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:41:22.0878 0x0c88 PolicyAgent - ok
22:41:23.0019 0x0c88 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
22:41:23.0019 0x0c88 Power - ok
22:41:23.0128 0x0c88 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:41:23.0128 0x0c88 PptpMiniport - ok
22:41:23.0191 0x0c88 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
22:41:23.0191 0x0c88 Processor - ok
22:41:23.0300 0x0c88 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll
22:41:23.0315 0x0c88 ProfSvc - ok
22:41:23.0347 0x0c88 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\windows\system32\lsass.exe
22:41:23.0347 0x0c88 ProtectedStorage - ok
22:41:23.0409 0x0c88 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:41:23.0409 0x0c88 Psched - ok
22:41:23.0659 0x0c88 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
22:41:23.0721 0x0c88 ql2300 - ok
22:41:23.0830 0x0c88 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
22:41:23.0861 0x0c88 ql40xx - ok
22:41:23.0924 0x0c88 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
22:41:24.0017 0x0c88 QWAVE - ok
22:41:24.0127 0x0c88 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:41:24.0127 0x0c88 QWAVEdrv - ok
22:41:24.0173 0x0c88 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:41:24.0173 0x0c88 RasAcd - ok
22:41:24.0283 0x0c88 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:41:24.0283 0x0c88 RasAgileVpn - ok
22:41:24.0376 0x0c88 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
22:41:24.0376 0x0c88 RasAuto - ok
22:41:24.0501 0x0c88 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:41:24.0501 0x0c88 Rasl2tp - ok
22:41:24.0579 0x0c88 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
22:41:24.0610 0x0c88 RasMan - ok
22:41:24.0657 0x0c88 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:41:24.0657 0x0c88 RasPppoe - ok
22:41:24.0829 0x0c88 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:41:24.0844 0x0c88 RasSstp - ok
22:41:24.0922 0x0c88 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:41:24.0938 0x0c88 rdbss - ok
22:41:24.0985 0x0c88 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
22:41:24.0985 0x0c88 rdpbus - ok
22:41:25.0156 0x0c88 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:41:25.0156 0x0c88 RDPCDD - ok
22:41:25.0219 0x0c88 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:41:25.0219 0x0c88 RDPENCDD - ok
22:41:25.0265 0x0c88 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:41:25.0265 0x0c88 RDPREFMP - ok
22:41:25.0390 0x0c88 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:41:25.0406 0x0c88 RDPWD - ok
22:41:25.0546 0x0c88 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:41:25.0546 0x0c88 rdyboost - ok
22:41:25.0593 0x0c88 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
22:41:25.0609 0x0c88 RemoteAccess - ok
22:41:25.0624 0x0c88 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
22:41:25.0640 0x0c88 RemoteRegistry - ok
22:41:25.0671 0x0c88 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
22:41:25.0671 0x0c88 RFCOMM - ok
22:41:25.0733 0x0c88 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:41:25.0733 0x0c88 RpcEptMapper - ok
22:41:25.0780 0x0c88 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
22:41:25.0780 0x0c88 RpcLocator - ok
22:41:25.0827 0x0c88 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
22:41:25.0843 0x0c88 RpcSs - ok
22:41:26.0014 0x0c88 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:41:26.0030 0x0c88 rspndr - ok
22:41:26.0061 0x0c88 [ EF8B2AFC3C0751C5E5A59983C8893260, F612ACAD35F6ECC6596003D052B240B7688016FD5D82978727DD408DF36104F3 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
22:41:26.0061 0x0c88 RSUSBSTOR - ok
22:41:26.0077 0x0c88 RtsUIR - ok
22:41:26.0170 0x0c88 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\windows\system32\lsass.exe
22:41:26.0186 0x0c88 SamSs - ok
22:41:26.0217 0x0c88 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
22:41:26.0233 0x0c88 sbp2port - ok
22:41:26.0311 0x0c88 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
22:41:26.0326 0x0c88 SCardSvr - ok
22:41:26.0357 0x0c88 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:41:26.0357 0x0c88 scfilter - ok
22:41:26.0545 0x0c88 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\windows\system32\schedsvc.dll
22:41:26.0576 0x0c88 Schedule - ok
22:41:26.0716 0x0c88 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
22:41:26.0716 0x0c88 SCPolicySvc - ok
22:41:26.0763 0x0c88 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:41:26.0779 0x0c88 SDRSVC - ok
22:41:26.0810 0x0c88 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
22:41:26.0810 0x0c88 secdrv - ok
22:41:26.0872 0x0c88 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
22:41:26.0872 0x0c88 seclogon - ok
22:41:26.0888 0x0c88 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll
22:41:26.0888 0x0c88 SENS - ok
22:41:27.0044 0x0c88 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:41:27.0059 0x0c88 SensrSvc - ok
22:41:27.0075 0x0c88 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
22:41:27.0075 0x0c88 Serenum - ok
22:41:27.0122 0x0c88 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
22:41:27.0137 0x0c88 Serial - ok
22:41:27.0262 0x0c88 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
22:41:27.0262 0x0c88 sermouse - ok
22:41:27.0340 0x0c88 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
22:41:27.0356 0x0c88 SessionEnv - ok
22:41:27.0465 0x0c88 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
22:41:27.0481 0x0c88 sffdisk - ok
22:41:27.0496 0x0c88 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
22:41:27.0496 0x0c88 sffp_mmc - ok
22:41:27.0527 0x0c88 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
22:41:27.0527 0x0c88 sffp_sd - ok
22:41:27.0590 0x0c88 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
22:41:27.0590 0x0c88 sfloppy - ok
22:41:27.0637 0x0c88 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
22:41:27.0699 0x0c88 SharedAccess - ok
22:41:27.0746 0x0c88 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:41:27.0824 0x0c88 ShellHWDetection - ok
22:41:27.0886 0x0c88 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
22:41:27.0886 0x0c88 sisagp - ok
22:41:27.0949 0x0c88 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
22:41:27.0949 0x0c88 SiSRaid2 - ok
22:41:28.0011 0x0c88 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
22:41:28.0011 0x0c88 SiSRaid4 - ok
22:41:28.0058 0x0c88 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:41:28.0058 0x0c88 Smb - ok
22:41:28.0183 0x0c88 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:41:28.0183 0x0c88 SNMPTRAP - ok
22:41:28.0261 0x0c88 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
22:41:28.0261 0x0c88 spldr - ok
22:41:28.0323 0x0c88 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
22:41:28.0370 0x0c88 Spooler - ok
22:41:28.0526 0x0c88 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
22:41:28.0682 0x0c88 sppsvc - ok
22:41:28.0760 0x0c88 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
22:41:28.0775 0x0c88 sppuinotify - ok
22:41:28.0838 0x0c88 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
22:41:28.0885 0x0c88 srv - ok
22:41:28.0916 0x0c88 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:41:28.0947 0x0c88 srv2 - ok
22:41:28.0963 0x0c88 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:41:28.0963 0x0c88 srvnet - ok
22:41:29.0025 0x0c88 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B, CBB57877DF2F4D5CCF39D65E863F4C3EC30E6EBBD95132667908BF6E638E27FA ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
22:41:29.0041 0x0c88 sscdbus - ok
22:41:29.0072 0x0c88 [ 8A1BE0C347814F482F493AEA619D57F6, 868AA830CC581FDB66F065938F8AC69621FD2E1767D5A29BAD1B9DB154C46F4A ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
22:41:29.0072 0x0c88 sscdmdfl - ok
22:41:29.0134 0x0c88 [ 5AB0B1987F682A59B15B78F84C6AD7D0, 1A7FD72E82884D16525F36C0394F2F6845FE9F3580D9A01E6066605E5B72AB8D ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
22:41:29.0134 0x0c88 sscdmdm - ok
22:41:29.0181 0x0c88 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:41:29.0197 0x0c88 SSDPSRV - ok
22:41:29.0243 0x0c88 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
22:41:29.0259 0x0c88 SstpSvc - ok
22:41:29.0337 0x0c88 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
22:41:29.0337 0x0c88 stexstor - ok
22:41:29.0446 0x0c88 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
22:41:29.0509 0x0c88 StiSvc - ok
22:41:29.0743 0x0c88 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
22:41:29.0758 0x0c88 swenum - ok
22:41:29.0836 0x0c88 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
22:41:29.0867 0x0c88 swprv - ok
22:41:29.0961 0x0c88 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\windows\system32\sysmain.dll
22:41:30.0023 0x0c88 SysMain - ok
22:41:30.0148 0x0c88 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
22:41:30.0164 0x0c88 TabletInputService - ok
22:41:30.0195 0x0c88 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
22:41:30.0304 0x0c88 TapiSrv - ok
22:41:30.0367 0x0c88 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
22:41:30.0367 0x0c88 TBS - ok
22:41:30.0460 0x0c88 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:41:30.0569 0x0c88 Tcpip - ok
22:41:30.0694 0x0c88 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:41:30.0710 0x0c88 TCPIP6 - ok
22:41:30.0897 0x0c88 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:41:30.0897 0x0c88 tcpipreg - ok
22:41:31.0006 0x0c88 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
22:41:31.0006 0x0c88 TDPIPE - ok
22:41:31.0084 0x0c88 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
22:41:31.0084 0x0c88 TDTCP - ok
22:41:31.0162 0x0c88 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:41:31.0162 0x0c88 tdx - ok
22:41:31.0240 0x0c88 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
22:41:31.0240 0x0c88 TermDD - ok
22:41:31.0381 0x0c88 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\windows\System32\termsrv.dll
22:41:31.0474 0x0c88 TermService - ok
22:41:31.0537 0x0c88 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
22:41:31.0537 0x0c88 Themes - ok
22:41:31.0661 0x0c88 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
22:41:31.0661 0x0c88 THREADORDER - ok
22:41:31.0755 0x0c88 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
22:41:31.0755 0x0c88 TrkWks - ok
22:41:31.0958 0x0c88 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:41:31.0989 0x0c88 TrustedInstaller - ok
22:41:32.0083 0x0c88 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
22:41:32.0083 0x0c88 tssecsrv - ok
22:41:32.0161 0x0c88 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
22:41:32.0161 0x0c88 TsUsbFlt - ok
22:41:32.0223 0x0c88 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:41:32.0239 0x0c88 tunnel - ok
22:41:32.0285 0x0c88 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
22:41:32.0285 0x0c88 uagp35 - ok
22:41:32.0363 0x0c88 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:41:32.0395 0x0c88 udfs - ok
22:41:32.0519 0x0c88 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
22:41:32.0519 0x0c88 UI0Detect - ok
22:41:32.0691 0x0c88 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
22:41:32.0691 0x0c88 uliagpkx - ok
22:41:32.0785 0x0c88 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\drivers\umbus.sys
22:41:32.0785 0x0c88 umbus - ok
22:41:32.0831 0x0c88 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
22:41:32.0831 0x0c88 UmPass - ok
22:41:32.0863 0x0c88 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
22:41:32.0894 0x0c88 upnphost - ok
22:41:33.0034 0x0c88 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
22:41:33.0034 0x0c88 USBAAPL - ok
22:41:33.0097 0x0c88 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
22:41:33.0112 0x0c88 usbccgp - ok
22:41:33.0112 0x0c88 USBCCID - ok
22:41:33.0284 0x0c88 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
22:41:33.0284 0x0c88 usbcir - ok
22:41:33.0377 0x0c88 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
22:41:33.0377 0x0c88 usbehci - ok
22:41:33.0471 0x0c88 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
22:41:33.0487 0x0c88 usbhub - ok
22:41:33.0502 0x0c88 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys
22:41:33.0518 0x0c88 usbohci - ok
22:41:33.0565 0x0c88 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
22:41:33.0565 0x0c88 usbprint - ok
22:41:33.0705 0x0c88 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\windows\system32\drivers\usbscan.sys
22:41:33.0705 0x0c88 usbscan - ok
22:41:33.0752 0x0c88 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
22:41:33.0752 0x0c88 USBSTOR - ok
22:41:33.0783 0x0c88 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
22:41:33.0783 0x0c88 usbuhci - ok
22:41:33.0892 0x0c88 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
22:41:33.0923 0x0c88 usbvideo - ok
22:41:33.0986 0x0c88 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
22:41:33.0986 0x0c88 UxSms - ok
22:41:34.0017 0x0c88 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\windows\system32\lsass.exe
22:41:34.0017 0x0c88 VaultSvc - ok
22:41:34.0095 0x0c88 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
22:41:34.0095 0x0c88 vdrvroot - ok
22:41:34.0189 0x0c88 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
22:41:34.0235 0x0c88 vds - ok
22:41:34.0423 0x0c88 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
22:41:34.0423 0x0c88 vga - ok
22:41:34.0469 0x0c88 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
22:41:34.0469 0x0c88 VgaSave - ok
22:41:34.0657 0x0c88 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
22:41:34.0672 0x0c88 vhdmp - ok
22:41:34.0797 0x0c88 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
22:41:34.0813 0x0c88 viaagp - ok
22:41:34.0859 0x0c88 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
22:41:34.0859 0x0c88 ViaC7 - ok
22:41:34.0922 0x0c88 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
22:41:34.0922 0x0c88 viaide - ok
22:41:35.0000 0x0c88 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
22:41:35.0000 0x0c88 volmgr - ok
22:41:35.0156 0x0c88 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:41:35.0171 0x0c88 volmgrx - ok
22:41:35.0234 0x0c88 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
22:41:35.0249 0x0c88 volsnap - ok
22:41:35.0374 0x0c88 [ 9257FF91AEA61F05B200F2CBBDB67BDF, CCFC55843B526E483D31DD0FC723E5D346D78352861F6ECBC3EAD07145F317D1 ] Vsdatant C:\windows\system32\DRIVERS\vsdatant.sys
22:41:35.0405 0x0c88 Vsdatant - ok
22:41:35.0655 0x0c88 [ ABC70D66394C27F0B50E41A19E89C2D7, EFB1354DDB5599D13D5397EB34EC865D7F23344650C64C5A04622430A6B22B77 ] vsmon C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
22:41:35.0733 0x0c88 vsmon - ok
22:41:35.0780 0x0c88 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
22:41:35.0795 0x0c88 vsmraid - ok
22:41:35.0842 0x0c88 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
22:41:35.0920 0x0c88 VSS - ok
22:41:35.0967 0x0c88 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
22:41:35.0967 0x0c88 vwifibus - ok
22:41:35.0983 0x0c88 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:41:35.0983 0x0c88 vwififlt - ok
22:41:36.0014 0x0c88 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
22:41:36.0014 0x0c88 vwifimp - ok
22:41:36.0045 0x0c88 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
22:41:36.0061 0x0c88 W32Time - ok
22:41:36.0123 0x0c88 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
22:41:36.0123 0x0c88 WacomPen - ok
22:41:36.0154 0x0c88 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
22:41:36.0154 0x0c88 WANARP - ok
22:41:36.0170 0x0c88 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
22:41:36.0170 0x0c88 Wanarpv6 - ok
22:41:36.0279 0x0c88 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
22:41:36.0341 0x0c88 WatAdminSvc - ok
22:41:36.0466 0x0c88 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
22:41:36.0544 0x0c88 wbengine - ok
22:41:36.0575 0x0c88 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
22:41:36.0575 0x0c88 WbioSrvc - ok
22:41:36.0638 0x0c88 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
22:41:36.0653 0x0c88 wcncsvc - ok
22:41:36.0685 0x0c88 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:41:36.0685 0x0c88 WcsPlugInService - ok
22:41:36.0731 0x0c88 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
22:41:36.0731 0x0c88 Wd - ok
22:41:36.0794 0x0c88 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
22:41:36.0872 0x0c88 Wdf01000 - ok
22:41:36.0919 0x0c88 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\windows\system32\wdi.dll
22:41:36.0934 0x0c88 WdiServiceHost - ok
22:41:36.0934 0x0c88 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\windows\system32\wdi.dll
22:41:36.0934 0x0c88 WdiSystemHost - ok
22:41:36.0997 0x0c88 [ EA4E9DD00E69B35F9BD3D39ACB113E3F, 908F7D0116E7CDD05171EDA004D527880E25ECD06DFA82AEA53428C152BF59B1 ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys
22:41:36.0997 0x0c88 wdmirror - ok
22:41:37.0043 0x0c88 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\windows\System32\webclnt.dll
22:41:37.0059 0x0c88 WebClient - ok
22:41:37.0090 0x0c88 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
22:41:37.0090 0x0c88 Wecsvc - ok
22:41:37.0137 0x0c88 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
22:41:37.0137 0x0c88 wercplsupport - ok
22:41:37.0215 0x0c88 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
22:41:37.0215 0x0c88 WerSvc - ok
22:41:37.0340 0x0c88 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
22:41:37.0340 0x0c88 WfpLwf - ok
22:41:37.0387 0x0c88 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4, A6020D41FEA0CC76D0C3CA3A88F3E9493022CD5A549E18B02D69A482B579F339 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
22:41:37.0387 0x0c88 WimFltr - ok
22:41:37.0433 0x0c88 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
22:41:37.0433 0x0c88 WIMMount - ok
22:41:37.0574 0x0c88 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:41:37.0636 0x0c88 WinDefend - ok
22:41:37.0652 0x0c88 WinHttpAutoProxySvc - ok
22:41:37.0761 0x0c88 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
22:41:37.0761 0x0c88 Winmgmt - ok
22:41:37.0808 0x0c88 WinRing0_1_2_0 - ok
22:41:37.0995 0x0c88 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\windows\system32\WsmSvc.dll
22:41:38.0057 0x0c88 WinRM - ok
22:41:38.0135 0x0c88 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\drivers\WinUsb.sys
22:41:38.0135 0x0c88 WinUsb - ok
22:41:38.0213 0x0c88 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
22:41:38.0307 0x0c88 Wlansvc - ok
22:41:38.0416 0x0c88 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
22:41:38.0416 0x0c88 WmiAcpi - ok
22:41:38.0463 0x0c88 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
22:41:38.0463 0x0c88 wmiApSrv - ok
22:41:38.0666 0x0c88 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:41:38.0728 0x0c88 WMPNetworkSvc - ok
22:41:38.0775 0x0c88 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
22:41:38.0775 0x0c88 WPCSvc - ok
22:41:38.0853 0x0c88 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
22:41:38.0853 0x0c88 WPDBusEnum - ok
22:41:38.0915 0x0c88 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
22:41:38.0915 0x0c88 ws2ifsl - ok
22:41:38.0931 0x0c88 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll
22:41:38.0931 0x0c88 wscsvc - ok
22:41:38.0931 0x0c88 WSearch - ok
22:41:38.0993 0x0c88 [ BAEDC491374DEFD5E76336901D6D397D, E9DBE0E1361F0FD6CEF5B46DE2464B9604FE19CF59B7524D6EA8A063F718AB69 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
22:41:39.0009 0x0c88 wsvd - ok
22:41:39.0134 0x0c88 [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\windows\system32\wuaueng.dll
22:41:39.0243 0x0c88 wuauserv - ok
22:41:39.0259 0x0c88 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
22:41:39.0259 0x0c88 WudfPf - ok
22:41:39.0290 0x0c88 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
22:41:39.0290 0x0c88 WUDFRd - ok
22:41:39.0337 0x0c88 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
22:41:39.0337 0x0c88 wudfsvc - ok
22:41:39.0399 0x0c88 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll
22:41:39.0399 0x0c88 WwanSvc - ok
22:41:39.0446 0x0c88 [ A8A49F0427D783BFF78BC3226B4ABD0D, BE074147C825292C5A4CB859EE0238061511753F24348975BC51B313F370DD2C ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
22:41:39.0461 0x0c88 ZAPrivacyService - ok
22:41:39.0539 0x0c88 ================ Scan global ===============================
22:41:39.0633 0x0c88 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\windows\system32\basesrv.dll
22:41:39.0664 0x0c88 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\windows\system32\winsrv.dll
22:41:39.0711 0x0c88 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\windows\system32\winsrv.dll
22:41:39.0789 0x0c88 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
22:41:39.0851 0x0c88 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\windows\system32\services.exe
22:41:39.0883 0x0c88 [ Global ] - ok
22:41:39.0883 0x0c88 ================ Scan MBR ==================================
22:41:39.0914 0x0c88 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:41:40.0475 0x0c88 \Device\Harddisk0\DR0 - ok
22:41:40.0475 0x0c88 ================ Scan VBR ==================================
22:41:40.0507 0x0c88 [ C98A1924B196E8E2D3AAB7B0055F6A39 ] \Device\Harddisk0\DR0\Partition1
22:41:40.0507 0x0c88 \Device\Harddisk0\DR0\Partition1 - ok
22:41:40.0522 0x0c88 [ 2DDCDDD8A65135245E91F7D8CD04E1FE ] \Device\Harddisk0\DR0\Partition2
22:41:40.0522 0x0c88 \Device\Harddisk0\DR0\Partition2 - ok
22:41:40.0631 0x0c88 [ CBCB8FBBB514A4E02A232D9C07CE4933 ] \Device\Harddisk0\DR0\Partition3
22:41:40.0631 0x0c88 \Device\Harddisk0\DR0\Partition3 - ok
22:41:40.0647 0x0c88 ================ Scan generic autorun ======================
22:41:40.0678 0x0c88 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
22:41:40.0678 0x0c88 IAAnotif - ok
22:41:40.0725 0x0c88 [ 6ACC44D3C8B72617061A6D2B66C7D5A7, 2CCA5D68B8C9640AADAF42E0260CFB94DDF60213D7BB3FFA6DCB673C096DB86C ] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
22:41:40.0725 0x0c88 ZoneAlarm - ok
22:41:40.0803 0x0c88 [ 157B5DF2CBCE17A0CEECB0FF4297700E, D212EC0108D92FF3A84CF6DCA81F11DF028F1C5217FCA4CD47EE1A170FCAC10D ] C:\windows\system32\igfxtray.exe
|
|
07.10.2015, 21:52
| #4 |
| | Yahoo Accounte versenden Spam MailsCode:
ATTFilter 22:41:40.0819 0x0c88 IgfxTray - ok 22:41:40.0834 0x0c88 [ 9A30BDDE96721FE6D6B2BA0593F69C81, 840F07D9A50C623CCD7BF278B9ABDDBCE69881DD6A3F6A99861A553F98DDE421 ] C:\windows\system32\hkcmd.exe 22:41:40.0850 0x0c88 HotKeysCmds - ok 22:41:40.0943 0x0c88 [ FEC63BCD1A1DDE7A990223D0F12655D7, FFBE21587263DA615D06BBFDCC5A2AACA99528266BAB15C9AE37B57EC5B4D113 ] C:\windows\system32\igfxpers.exe 22:41:40.0959 0x0c88 Persistence - ok 22:41:41.0053 0x0c88 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe 22:41:41.0053 0x0c88 SunJavaUpdateSched - ok 22:41:41.0224 0x0c88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 22:41:41.0302 0x0c88 Sidebar - ok 22:41:41.0349 0x0c88 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 22:41:41.0349 0x0c88 mctadmin - ok 22:41:41.0396 0x0c88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 22:41:41.0427 0x0c88 Sidebar - ok 22:41:41.0427 0x0c88 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 22:41:41.0443 0x0c88 mctadmin - ok 22:41:41.0474 0x0c88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe 22:41:41.0489 0x0c88 Sidebar - ok 22:41:41.0505 0x0c88 Waiting for KSN requests completion. In queue: 96 22:41:42.0519 0x0c88 Waiting for KSN requests completion. In queue: 96 22:41:43.0533 0x0c88 Waiting for KSN requests completion. In queue: 96 22:41:45.0031 0x0c88 AV detected via SS2: ZoneAlarm Antivirus, C:\Program Files\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.2.15.0 ), 0x41000 ( enabled : updated ) 22:41:45.0046 0x0c88 FW detected via SS2: ZoneAlarm Firewall, C:\Program Files\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.2.15.0 ), 0x41010 ( enabled ) 22:41:47.0558 0x0c88 ============================================================ 22:41:47.0558 0x0c88 Scan finished 22:41:47.0558 0x0c88 ============================================================ 22:41:47.0558 0x1530 Detected object count: 0 22:41:47.0558 0x1530 Actual detected object count: 0 22:42:45.0044 0x12c8 ============================================================ 22:42:45.0044 0x12c8 Scan started 22:42:45.0044 0x12c8 Mode: Manual; SigCheck; TDLFS; 22:42:45.0044 0x12c8 ============================================================ 22:42:45.0044 0x12c8 KSN ping started 22:42:58.0538 0x12c8 KSN ping finished: true 22:42:59.0021 0x12c8 ================ Scan system memory ======================== 22:42:59.0021 0x12c8 System memory - ok 22:42:59.0021 0x12c8 ================ Scan services ============================= 22:42:59.0318 0x12c8 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 22:43:00.0020 0x12c8 1394ohci - ok 22:43:00.0082 0x12c8 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys 22:43:00.0113 0x12c8 ACPI - ok 22:43:00.0129 0x12c8 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 22:43:00.0379 0x12c8 AcpiPmi - ok 22:43:00.0394 0x12c8 [ 87114EFEDEB94AF49323CA61F344716D, B58C92030B08BFA3DF2ACE29F1C0955C9FA77CC6468B920613A98A027B47CB1A ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys 22:43:00.0597 0x12c8 ACPIVPC - ok 22:43:00.0815 0x12c8 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 22:43:00.0847 0x12c8 AdobeARMservice - ok 22:43:00.0925 0x12c8 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:43:00.0987 0x12c8 AdobeFlashPlayerUpdateSvc - ok 22:43:01.0065 0x12c8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys 22:43:01.0143 0x12c8 adp94xx - ok 22:43:01.0174 0x12c8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys 22:43:01.0190 0x12c8 adpahci - ok 22:43:01.0252 0x12c8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys 22:43:01.0268 0x12c8 adpu320 - ok 22:43:01.0315 0x12c8 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 22:43:01.0439 0x12c8 AeLookupSvc - ok 22:43:01.0502 0x12c8 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys 22:43:01.0673 0x12c8 AFD - ok 22:43:01.0720 0x12c8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys 22:43:01.0736 0x12c8 agp440 - ok 22:43:01.0783 0x12c8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys 22:43:01.0798 0x12c8 aic78xx - ok 22:43:01.0845 0x12c8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe 22:43:01.0939 0x12c8 ALG - ok 22:43:02.0110 0x12c8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys 22:43:02.0126 0x12c8 aliide - ok 22:43:02.0157 0x12c8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys 22:43:02.0173 0x12c8 amdagp - ok 22:43:02.0251 0x12c8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys 22:43:02.0266 0x12c8 amdide - ok 22:43:02.0313 0x12c8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 22:43:02.0407 0x12c8 AmdK8 - ok 22:43:02.0469 0x12c8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 22:43:02.0500 0x12c8 AmdPPM - ok 22:43:02.0547 0x12c8 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys 22:43:02.0594 0x12c8 amdsata - ok 22:43:02.0625 0x12c8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys 22:43:02.0641 0x12c8 amdsbs - ok 22:43:02.0672 0x12c8 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys 22:43:02.0687 0x12c8 amdxata - ok 22:43:02.0719 0x12c8 [ FD6D4BC1CF7D1FEC5A17588007ECAFB5, 458CFC20CF01ADDBB91F4F23F6452AB1372710436733606EAD30383F7AB4E2DD ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys 22:43:02.0734 0x12c8 ApfiltrService - ok 22:43:02.0828 0x12c8 [ C532028F7EFF8831BE6B5E3C417E07FA, 9D3C91F4DE0456F2BD4BAB044A3281F895A8EBF259F15E3BA6299965F5B8ABED ] AppID C:\windows\system32\drivers\appid.sys 22:43:02.0999 0x12c8 AppID - ok 22:43:03.0109 0x12c8 [ 7A152F43A6B25D63D1279511258FE381, 416B592DAB9ECA4AEBD336F35AC622FA240E229F31BFB52E6084BAA48CC6F397 ] AppIDSvc C:\windows\System32\appidsvc.dll 22:43:03.0218 0x12c8 AppIDSvc - ok 22:43:03.0280 0x12c8 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\windows\System32\appinfo.dll 22:43:03.0389 0x12c8 Appinfo - ok 22:43:03.0483 0x12c8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys 22:43:03.0499 0x12c8 arc - ok 22:43:03.0561 0x12c8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys 22:43:03.0577 0x12c8 arcsas - ok 22:43:03.0592 0x12c8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 22:43:03.0779 0x12c8 AsyncMac - ok 22:43:03.0811 0x12c8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys 22:43:03.0826 0x12c8 atapi - ok 22:43:03.0982 0x12c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 22:43:04.0201 0x12c8 AudioEndpointBuilder - ok 22:43:04.0310 0x12c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll 22:43:04.0388 0x12c8 Audiosrv - ok 22:43:04.0435 0x12c8 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll 22:43:04.0700 0x12c8 AxInstSV - ok 22:43:04.0793 0x12c8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys 22:43:04.0949 0x12c8 b06bdrv - ok 22:43:05.0027 0x12c8 [ 6F41A4C5745BB99F89406F57164F099E, EE4779C2BA2AC55080F6AEE9A134DCA03BE25FBC51E56EC32E1146A8DE5EAA0F ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys 22:43:05.0043 0x12c8 b57nd60x - ok 22:43:05.0215 0x12c8 [ CDA161020BF75B12728AE394196AD991, A0D81CA5BE70D2B5FAD9BC6634D008D3CC5A3E80B993202D468DBE87932C65BB ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys 22:43:05.0293 0x12c8 BCM43XX - ok 22:43:05.0339 0x12c8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll 22:43:05.0636 0x12c8 BDESVC - ok 22:43:05.0761 0x12c8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys 22:43:05.0807 0x12c8 Beep - ok 22:43:05.0995 0x12c8 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll 22:43:06.0151 0x12c8 BFE - ok 22:43:06.0229 0x12c8 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll 22:43:06.0385 0x12c8 BITS - ok 22:43:06.0463 0x12c8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 22:43:06.0541 0x12c8 blbdrive - ok 22:43:06.0650 0x12c8 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys 22:43:06.0899 0x12c8 bowser - ok 22:43:06.0946 0x12c8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys 22:43:06.0977 0x12c8 BrFiltLo - ok 22:43:07.0024 0x12c8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys 22:43:07.0071 0x12c8 BrFiltUp - ok 22:43:07.0118 0x12c8 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll 22:43:07.0430 0x12c8 Browser - ok 22:43:07.0461 0x12c8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys 22:43:07.0679 0x12c8 Brserid - ok 22:43:07.0742 0x12c8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 22:43:07.0820 0x12c8 BrSerWdm - ok 22:43:07.0882 0x12c8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 22:43:07.0960 0x12c8 BrUsbMdm - ok 22:43:07.0976 0x12c8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 22:43:08.0023 0x12c8 BrUsbSer - ok 22:43:08.0163 0x12c8 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys 22:43:08.0553 0x12c8 BthEnum - ok 22:43:08.0615 0x12c8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys 22:43:08.0662 0x12c8 BTHMODEM - ok 22:43:08.0725 0x12c8 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys 22:43:08.0865 0x12c8 BthPan - ok 22:43:08.0943 0x12c8 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys 22:43:09.0083 0x12c8 BTHPORT - ok 22:43:09.0224 0x12c8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll 22:43:09.0286 0x12c8 bthserv - ok 22:43:09.0349 0x12c8 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys 22:43:09.0458 0x12c8 BTHUSB - ok 22:43:09.0707 0x12c8 [ F549C3FB145A4928E40BB1518B2034DC, FAD5B228B43FEC582DBDD91903216C1B170AC3C426E1F3420985988559F2AC49 ] btusbflt C:\windows\system32\drivers\btusbflt.sys 22:43:09.0723 0x12c8 btusbflt - ok 22:43:09.0754 0x12c8 [ F8B4F60768328FAA2FFE2727F66809F8, 7281200791AC91AB88D5D338AA6B5401AA2039E2963F94C13B4887E73C3F8EE7 ] btwaudio C:\windows\system32\drivers\btwaudio.sys 22:43:09.0817 0x12c8 btwaudio - ok 22:43:09.0926 0x12c8 [ FA7446DD38DE84D4988D1F2EBB854589, 5F9C674C6811CC7DA60111B758433800246C967D8C1551391823390D8F4F30A1 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys 22:43:09.0957 0x12c8 btwavdt - ok 22:43:10.0269 0x12c8 [ 41A87D6A8E76598BF951E8A3A81E6B2A, 94EF99A7D0CBBB6A7F21CAFA68C3B9F2C8932AF573D03F7AEF7487C653818A59 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe 22:43:10.0347 0x12c8 btwdins - ok 22:43:10.0409 0x12c8 [ AAFD7CB76BA61FBB08E302DA208C974A, 1B342095E373ECCA1775B30E92CD337BECEB4BA9F821132C33507A646E6A341C ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys 22:43:10.0409 0x12c8 btwl2cap - ok 22:43:10.0612 0x12c8 [ D5862FBC1CBC0404614FD9D85C8D880E, C05BC43415BD646CA950E177F3D3829C6600024061D19CDFB6507DC46A824144 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys 22:43:10.0628 0x12c8 btwrchid - ok 22:43:10.0753 0x12c8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 22:43:10.0815 0x12c8 cdfs - ok 22:43:11.0080 0x12c8 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 22:43:11.0127 0x12c8 cdrom - ok 22:43:11.0221 0x12c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll 22:43:11.0377 0x12c8 CertPropSvc - ok 22:43:11.0642 0x12c8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys 22:43:11.0704 0x12c8 circlass - ok 22:43:11.0907 0x12c8 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\windows\system32\CLFS.sys 22:43:11.0938 0x12c8 CLFS - ok 22:43:12.0125 0x12c8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:43:12.0141 0x12c8 clr_optimization_v2.0.50727_32 - ok 22:43:12.0235 0x12c8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:43:12.0328 0x12c8 clr_optimization_v4.0.30319_32 - ok 22:43:12.0469 0x12c8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 22:43:12.0593 0x12c8 CmBatt - ok 22:43:12.0625 0x12c8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys 22:43:12.0640 0x12c8 cmdide - ok 22:43:12.0827 0x12c8 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys 22:43:13.0077 0x12c8 CNG - ok 22:43:13.0249 0x12c8 [ 7C47786B58AE503777DBD12FAE20ED42, 131013B6294B0AEFA2738B89EFD1F7C4ADE02C549BAE3BA61AAA2CACBDB30C33 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys 22:43:13.0529 0x12c8 CnxtHdAudService - ok 22:43:13.0592 0x12c8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 22:43:13.0623 0x12c8 Compbatt - ok 22:43:13.0779 0x12c8 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 22:43:13.0857 0x12c8 CompositeBus - ok 22:43:13.0857 0x12c8 COMSysApp - ok 22:43:13.0888 0x12c8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys 22:43:13.0904 0x12c8 crcdisk - ok 22:43:14.0060 0x12c8 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\windows\system32\cryptsvc.dll 22:43:14.0294 0x12c8 CryptSvc - ok 22:43:14.0356 0x12c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll 22:43:14.0512 0x12c8 DcomLaunch - ok 22:43:14.0543 0x12c8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll 22:43:14.0668 0x12c8 defragsvc - ok 22:43:14.0731 0x12c8 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys 22:43:14.0840 0x12c8 DfsC - ok 22:43:14.0918 0x12c8 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll 22:43:15.0074 0x12c8 Dhcp - ok 22:43:15.0183 0x12c8 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\windows\system32\diagtrack.dll 22:43:15.0355 0x12c8 DiagTrack - ok 22:43:15.0417 0x12c8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys 22:43:15.0526 0x12c8 discache - ok 22:43:15.0651 0x12c8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys 22:43:15.0682 0x12c8 Disk - ok 22:43:15.0760 0x12c8 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll 22:43:15.0932 0x12c8 Dnscache - ok 22:43:16.0010 0x12c8 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll 22:43:16.0103 0x12c8 dot3svc - ok 22:43:16.0166 0x12c8 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll 22:43:16.0244 0x12c8 DPS - ok 22:43:16.0291 0x12c8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys 22:43:16.0509 0x12c8 drmkaud - ok 22:43:16.0634 0x12c8 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 22:43:16.0681 0x12c8 DXGKrnl - ok 22:43:16.0727 0x12c8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll 22:43:16.0790 0x12c8 EapHost - ok 22:43:16.0946 0x12c8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys 22:43:17.0133 0x12c8 ebdrv - ok 22:43:17.0211 0x12c8 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] EFS C:\windows\System32\lsass.exe 22:43:17.0320 0x12c8 EFS - ok 22:43:17.0523 0x12c8 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe 22:43:17.0648 0x12c8 ehRecvr - ok 22:43:17.0742 0x12c8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe 22:43:17.0835 0x12c8 ehSched - ok 22:43:17.0929 0x12c8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys 22:43:18.0256 0x12c8 elxstor - ok 22:43:18.0459 0x12c8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys 22:43:18.0522 0x12c8 ErrDev - ok 22:43:18.0646 0x12c8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll 22:43:18.0693 0x12c8 EventSystem - ok 22:43:18.0724 0x12c8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys 22:43:18.0802 0x12c8 exfat - ok 22:43:18.0834 0x12c8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys 22:43:18.0896 0x12c8 fastfat - ok 22:43:19.0068 0x12c8 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe 22:43:19.0333 0x12c8 Fax - ok 22:43:19.0348 0x12c8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys 22:43:19.0411 0x12c8 fdc - ok 22:43:19.0442 0x12c8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll 22:43:19.0504 0x12c8 fdPHost - ok 22:43:19.0598 0x12c8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll 22:43:19.0676 0x12c8 FDResPub - ok 22:43:19.0785 0x12c8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 22:43:19.0816 0x12c8 FileInfo - ok 22:43:19.0863 0x12c8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys 22:43:19.0988 0x12c8 Filetrace - ok 22:43:20.0019 0x12c8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 22:43:20.0113 0x12c8 flpydisk - ok 22:43:20.0191 0x12c8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 22:43:20.0206 0x12c8 FltMgr - ok 22:43:20.0440 0x12c8 [ 37DE123FE4276D8EC7F3C5B10C236238, 93CA47B9A96D904DD177FC0E04DECDF13756C8FA3C7613913DB4BF29A70ECE96 ] FontCache C:\windows\system32\FntCache.dll 22:43:20.0550 0x12c8 FontCache - ok 22:43:20.0628 0x12c8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 22:43:20.0643 0x12c8 FontCache3.0.0.0 - ok 22:43:20.0706 0x12c8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys 22:43:20.0721 0x12c8 FsDepends - ok 22:43:20.0752 0x12c8 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 22:43:20.0768 0x12c8 Fs_Rec - ok 22:43:20.0940 0x12c8 [ F626F291E3F56E8969E35945552FECA3, 47D75C4768E5BEDB3A503D24816D414D649725C2C30D16486A09A6C46ADA59D6 ] funfrm C:\windows\system32\drivers\funfrm.sys 22:43:20.0955 0x12c8 funfrm - ok 22:43:21.0080 0x12c8 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 22:43:21.0158 0x12c8 fvevol - ok 22:43:21.0205 0x12c8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys 22:43:21.0220 0x12c8 gagp30kx - ok 22:43:21.0267 0x12c8 [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 22:43:21.0298 0x12c8 GEARAspiWDM - ok 22:43:21.0408 0x12c8 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll 22:43:21.0532 0x12c8 gpsvc - ok 22:43:21.0579 0x12c8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 22:43:21.0766 0x12c8 hcw85cir - ok 22:43:21.0844 0x12c8 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 22:43:21.0938 0x12c8 HdAudAddService - ok 22:43:22.0172 0x12c8 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys 22:43:22.0219 0x12c8 HDAudBus - ok 22:43:22.0312 0x12c8 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\windows\system32\DRIVERS\HECI.sys 22:43:22.0375 0x12c8 HECI - ok 22:43:22.0484 0x12c8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys 22:43:22.0515 0x12c8 HidBatt - ok 22:43:22.0546 0x12c8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys 22:43:22.0593 0x12c8 HidBth - ok 22:43:22.0687 0x12c8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys 22:43:22.0780 0x12c8 HidIr - ok 22:43:22.0843 0x12c8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll 22:43:22.0905 0x12c8 hidserv - ok 22:43:22.0983 0x12c8 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 22:43:23.0233 0x12c8 HidUsb - ok 22:43:23.0264 0x12c8 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll 22:43:23.0311 0x12c8 hkmsvc - ok 22:43:23.0373 0x12c8 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll 22:43:23.0560 0x12c8 HomeGroupListener - ok 22:43:23.0654 0x12c8 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll 22:43:23.0732 0x12c8 HomeGroupProvider - ok 22:43:23.0904 0x12c8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 22:43:23.0919 0x12c8 HpSAMD - ok 22:43:24.0106 0x12c8 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\windows\system32\drivers\HTTP.sys 22:43:24.0231 0x12c8 HTTP - ok 22:43:24.0294 0x12c8 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 22:43:24.0325 0x12c8 hwpolicy - ok 22:43:24.0481 0x12c8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 22:43:24.0512 0x12c8 i8042prt - ok 22:43:24.0621 0x12c8 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 22:43:24.0637 0x12c8 IAANTMON - ok 22:43:24.0746 0x12c8 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 22:43:24.0840 0x12c8 iaStor - ok 22:43:24.0933 0x12c8 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 22:43:24.0964 0x12c8 iaStorV - ok 22:43:25.0042 0x12c8 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:43:25.0136 0x12c8 idsvc - ok 22:43:25.0245 0x12c8 IEEtwCollectorService - ok 22:43:25.0729 0x12c8 [ 40F8A0F85BCE94F766808AEEE8F96FA8, 7D80BA9501F42CD5B41337F7C69B8CD7E57D1EC1C516ECAC2002DF66A8826C78 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys 22:43:26.0306 0x12c8 igfx - ok 22:43:26.0431 0x12c8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys 22:43:26.0462 0x12c8 iirsp - ok 22:43:26.0602 0x12c8 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll 22:43:26.0727 0x12c8 IKEEXT - ok 22:43:26.0852 0x12c8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys 22:43:26.0883 0x12c8 intelide - ok 22:43:26.0977 0x12c8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 22:43:27.0039 0x12c8 intelppm - ok 22:43:27.0086 0x12c8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll 22:43:27.0133 0x12c8 IPBusEnum - ok 22:43:27.0180 0x12c8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 22:43:27.0211 0x12c8 IpFilterDriver - ok 22:43:27.0382 0x12c8 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 22:43:27.0523 0x12c8 iphlpsvc - ok 22:43:27.0570 0x12c8 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 22:43:27.0616 0x12c8 IPMIDRV - ok 22:43:27.0679 0x12c8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys 22:43:27.0741 0x12c8 IPNAT - ok 22:43:27.0804 0x12c8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys 22:43:27.0850 0x12c8 IRENUM - ok 22:43:27.0928 0x12c8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys 22:43:27.0960 0x12c8 isapnp - ok 22:43:28.0053 0x12c8 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 22:43:28.0069 0x12c8 iScsiPrt - ok 22:43:28.0147 0x12c8 [ C4C95805B85BCE1EB9D20F4A02FC5F9B, 0ED6A3004B0C5020223C2E1F70B7590C6772D5B272A0033679BC610E21EAE670 ] k57nd60x C:\windows\system32\DRIVERS\k57nd60x.sys 22:43:28.0225 0x12c8 k57nd60x - ok 22:43:28.0287 0x12c8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys 22:43:28.0303 0x12c8 kbdclass - ok 22:43:28.0396 0x12c8 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys 22:43:28.0428 0x12c8 kbdhid - ok 22:43:28.0615 0x12c8 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] KeyIso C:\windows\system32\lsass.exe 22:43:28.0677 0x12c8 KeyIso - ok 22:43:28.0802 0x12c8 [ 2AD446E7A867C48099227415DD66FB34, 7A5C80C19B870EC2AAB448949758972AD1AE2FD7C158ECF4E17DE54A5982B58A ] KL1 C:\windows\system32\DRIVERS\kl1.sys 22:43:28.0849 0x12c8 KL1 - ok 22:43:28.0942 0x12c8 [ CB7B98B51E2DDB6E519EB35DA0E7AFD2, 55C66955192D0D983F9D94C80104D7204103D993D937B140856AF5DB365B4B7D ] KLIF C:\windows\system32\DRIVERS\klif.sys 22:43:28.0989 0x12c8 KLIF - ok 22:43:29.0067 0x12c8 [ 88246FD556E98BF416AC00C418B83D1D, 917EC561EB1C4D8D736DFDCD8456389B3DB0E8CB5AE900FB507F7F1550048BAD ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 22:43:29.0083 0x12c8 KSecDD - ok 22:43:29.0114 0x12c8 [ C41140DBF0BEA35E480A9CF9823B2B08, 142C4EB8AF27C9B649F24BEECFA1FD3E2B160BC8E8172A04526B73BB157CAD3A ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 22:43:29.0145 0x12c8 KSecPkg - ok 22:43:29.0176 0x12c8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll 22:43:29.0270 0x12c8 KtmRm - ok 22:43:29.0348 0x12c8 [ B05ADCD03AAED42607371186F359D8A5, C93AC79920D5112BD0BF6C0B8C9548AE13D698E7A0CBDB4B053E9C95680CE1B3 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys 22:43:29.0364 0x12c8 L1C - ok 22:43:29.0426 0x12c8 [ 8C804B1FFAD1EFA952B747E8285C3B76, 10424290F13F0BF719992B2CFFCDC58121AB2149C149D3B17EF7ECDFF853D67D ] L1E C:\windows\system32\DRIVERS\L1E62x86.sys 22:43:29.0504 0x12c8 L1E - ok 22:43:29.0660 0x12c8 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll 22:43:29.0754 0x12c8 LanmanServer - ok 22:43:29.0816 0x12c8 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll 22:43:29.0894 0x12c8 LanmanWorkstation - ok 22:43:29.0941 0x12c8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 22:43:30.0050 0x12c8 lltdio - ok 22:43:30.0097 0x12c8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll 22:43:30.0190 0x12c8 lltdsvc - ok 22:43:30.0206 0x12c8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll 22:43:30.0315 0x12c8 lmhosts - ok 22:43:30.0456 0x12c8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys 22:43:30.0471 0x12c8 LSI_FC - ok 22:43:30.0502 0x12c8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys 22:43:30.0518 0x12c8 LSI_SAS - ok 22:43:30.0549 0x12c8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys 22:43:30.0580 0x12c8 LSI_SAS2 - ok 22:43:30.0627 0x12c8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys 22:43:30.0643 0x12c8 LSI_SCSI - ok 22:43:30.0674 0x12c8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys 22:43:30.0830 0x12c8 luafv - ok 22:43:30.0892 0x12c8 [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector C:\windows\system32\drivers\mbam.sys 22:43:30.0924 0x12c8 MBAMProtector - ok 22:43:31.0158 0x12c8 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe 22:43:31.0282 0x12c8 MBAMScheduler - ok 22:43:31.0376 0x12c8 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe 22:43:31.0485 0x12c8 MBAMService - ok 22:43:31.0626 0x12c8 [ 739164A8B8FB2F1B50A498F20AF7B21E, 8E7A387C3726A863BF251E638D072FA472B698EF6868E9A7A00EF1272F809C64 ] MBAMSwissArmy C:\windows\system32\drivers\3AC0763F.sys 22:43:31.0641 0x12c8 MBAMSwissArmy - ok 22:43:31.0797 0x12c8 [ 490F0F3ED8A970E2BAA38F719242B8F7, 03F902365372639424AB654AEBF6EB2B6B73363275435ADC2D086EAA7112AC3D ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys 22:43:31.0813 0x12c8 MBAMWebAccessControl - ok 22:43:31.0891 0x12c8 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 22:43:31.0938 0x12c8 Mcx2Svc - ok 22:43:31.0953 0x12c8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys 22:43:31.0969 0x12c8 megasas - ok 22:43:32.0062 0x12c8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys 22:43:32.0140 0x12c8 MegaSR - ok 22:43:32.0281 0x12c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll 22:43:32.0328 0x12c8 MMCSS - ok 22:43:32.0374 0x12c8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys 22:43:32.0406 0x12c8 Modem - ok 22:43:32.0452 0x12c8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys 22:43:32.0468 0x12c8 monitor - ok 22:43:32.0530 0x12c8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 22:43:32.0562 0x12c8 mouclass - ok 22:43:32.0593 0x12c8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 22:43:32.0655 0x12c8 mouhid - ok 22:43:32.0811 0x12c8 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\windows\system32\drivers\mountmgr.sys 22:43:32.0842 0x12c8 mountmgr - ok 22:43:32.0983 0x12c8 [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 22:43:32.0998 0x12c8 MozillaMaintenance - ok 22:43:33.0154 0x12c8 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys 22:43:33.0186 0x12c8 mpio - ok 22:43:33.0264 0x12c8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 22:43:33.0310 0x12c8 mpsdrv - ok 22:43:33.0451 0x12c8 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll 22:43:33.0607 0x12c8 MpsSvc - ok 22:43:33.0685 0x12c8 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 22:43:33.0763 0x12c8 MRxDAV - ok 22:43:33.0872 0x12c8 [ BAF4E2BE25E8EDFDAA98AA17D92E3C35, 1C7C7A7217962BE8338F8F989A2DBA2C0FD8A1CCC4E773EA5D02F291C2AF0BCA ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 22:43:33.0950 0x12c8 mrxsmb - ok 22:43:34.0028 0x12c8 [ 300E85A19AFD4DF992AB6297C6E64CA1, B794DC07336DA64ECB8F6F695978C5B67FBFC7D1B60F3AD94D970FC9DE05A095 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 22:43:34.0122 0x12c8 mrxsmb10 - ok 22:43:34.0168 0x12c8 [ 70EF9F86474BA28A6898228E1C9ABDCB, 5BCCE0A1D33F7A0780350F3AA870468DB7B51F4FBA267AF663BC946B2259E0F8 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 22:43:34.0278 0x12c8 mrxsmb20 - ok 22:43:34.0402 0x12c8 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys 22:43:34.0418 0x12c8 msahci - ok 22:43:34.0543 0x12c8 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys 22:43:34.0574 0x12c8 msdsm - ok 22:43:34.0590 0x12c8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe 22:43:34.0683 0x12c8 MSDTC - ok 22:43:34.0730 0x12c8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys 22:43:34.0777 0x12c8 Msfs - ok 22:43:34.0792 0x12c8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 22:43:34.0824 0x12c8 mshidkmdf - ok 22:43:34.0886 0x12c8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys 22:43:34.0902 0x12c8 msisadrv - ok 22:43:34.0948 0x12c8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll 22:43:34.0980 0x12c8 MSiSCSI - ok 22:43:34.0995 0x12c8 msiserver - ok 22:43:35.0058 0x12c8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 22:43:35.0089 0x12c8 MSKSSRV - ok 22:43:35.0167 0x12c8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 22:43:35.0198 0x12c8 MSPCLOCK - ok 22:43:35.0260 0x12c8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 22:43:35.0292 0x12c8 MSPQM - ok 22:43:35.0416 0x12c8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys 22:43:35.0432 0x12c8 MsRPC - ok 22:43:35.0494 0x12c8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys 22:43:35.0510 0x12c8 mssmbios - ok 22:43:35.0604 0x12c8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys 22:43:35.0666 0x12c8 MSTEE - ok 22:43:35.0744 0x12c8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys 22:43:35.0806 0x12c8 MTConfig - ok 22:43:35.0900 0x12c8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys 22:43:35.0916 0x12c8 Mup - ok 22:43:35.0962 0x12c8 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll 22:43:36.0009 0x12c8 napagent - ok 22:43:36.0087 0x12c8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 22:43:36.0150 0x12c8 NativeWifiP - ok 22:43:36.0337 0x12c8 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys 22:43:36.0399 0x12c8 NDIS - ok 22:43:36.0462 0x12c8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 22:43:36.0524 0x12c8 NdisCap - ok 22:43:36.0602 0x12c8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 22:43:36.0633 0x12c8 NdisTapi - ok 22:43:36.0727 0x12c8 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 22:43:36.0820 0x12c8 Ndisuio - ok 22:43:36.0867 0x12c8 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 22:43:36.0961 0x12c8 NdisWan - ok 22:43:37.0148 0x12c8 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys 22:43:37.0179 0x12c8 NDProxy - ok 22:43:37.0242 0x12c8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 22:43:37.0413 0x12c8 NetBIOS - ok 22:43:37.0538 0x12c8 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 22:43:37.0663 0x12c8 NetBT - ok 22:43:37.0710 0x12c8 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] Netlogon C:\windows\system32\lsass.exe 22:43:37.0725 0x12c8 Netlogon - ok 22:43:37.0928 0x12c8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll 22:43:38.0115 0x12c8 Netman - ok 22:43:38.0162 0x12c8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll 22:43:38.0224 0x12c8 netprofm - ok 22:43:38.0287 0x12c8 [ 005C38BA492291801AA5F71DAE3C1A7B, E43F0CE95D646B41FC681E0B95721598EA74C45975BEEE1C5EFFB0D238253B0E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:43:38.0334 0x12c8 NetTcpPortSharing - ok 22:43:38.0599 0x12c8 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\windows\system32\DRIVERS\netw5v32.sys 22:43:38.0926 0x12c8 netw5v32 - ok 22:43:39.0020 0x12c8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys 22:43:39.0036 0x12c8 nfrd960 - ok 22:43:39.0176 0x12c8 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll 22:43:39.0348 0x12c8 NlaSvc - ok 22:43:39.0363 0x12c8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys 22:43:39.0457 0x12c8 Npfs - ok 22:43:39.0550 0x12c8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll 22:43:39.0660 0x12c8 nsi - ok 22:43:39.0722 0x12c8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 22:43:39.0800 0x12c8 nsiproxy - ok 22:43:39.0940 0x12c8 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys 22:43:40.0050 0x12c8 Ntfs - ok 22:43:40.0081 0x12c8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys 22:43:40.0143 0x12c8 Null - ok 22:43:40.0221 0x12c8 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys 22:43:40.0252 0x12c8 nvraid - ok 22:43:40.0284 0x12c8 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys 22:43:40.0299 0x12c8 nvstor - ok 22:43:40.0362 0x12c8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 22:43:40.0393 0x12c8 nv_agp - ok 22:43:40.0533 0x12c8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 22:43:40.0611 0x12c8 odserv - ok 22:43:40.0658 0x12c8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 22:43:40.0720 0x12c8 ohci1394 - ok 22:43:40.0923 0x12c8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:43:40.0970 0x12c8 ose - ok 22:43:41.0001 0x12c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll 22:43:41.0298 0x12c8 p2pimsvc - ok 22:43:41.0360 0x12c8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll 22:43:41.0438 0x12c8 p2psvc - ok 22:43:41.0469 0x12c8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys 22:43:41.0516 0x12c8 Parport - ok 22:43:41.0610 0x12c8 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys 22:43:41.0656 0x12c8 partmgr - ok 22:43:41.0688 0x12c8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys 22:43:41.0781 0x12c8 Parvdm - ok 22:43:41.0828 0x12c8 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll 22:43:41.0906 0x12c8 PcaSvc - ok 22:43:41.0953 0x12c8 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys 22:43:41.0984 0x12c8 pci - ok 22:43:42.0015 0x12c8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys 22:43:42.0031 0x12c8 pciide - ok 22:43:42.0140 0x12c8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 22:43:42.0187 0x12c8 pcmcia - ok 22:43:42.0374 0x12c8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys 22:43:42.0405 0x12c8 pcw - ok 22:43:42.0514 0x12c8 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys 22:43:42.0608 0x12c8 PEAUTH - ok 22:43:42.0733 0x12c8 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll 22:43:42.0873 0x12c8 pla - ok 22:43:42.0951 0x12c8 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll 22:43:43.0123 0x12c8 PlugPlay - ok 22:43:43.0154 0x12c8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 22:43:43.0263 0x12c8 PNRPAutoReg - ok 22:43:43.0310 0x12c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll 22:43:43.0341 0x12c8 PNRPsvc - ok 22:43:43.0419 0x12c8 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 22:43:43.0482 0x12c8 PolicyAgent - ok 22:43:43.0591 0x12c8 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll 22:43:43.0684 0x12c8 Power - ok 22:43:43.0731 0x12c8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 22:43:43.0762 0x12c8 PptpMiniport - ok 22:43:43.0809 0x12c8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys 22:43:43.0856 0x12c8 Processor - ok 22:43:43.0965 0x12c8 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll 22:43:44.0012 0x12c8 ProfSvc - ok 22:43:44.0043 0x12c8 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] ProtectedStorage C:\windows\system32\lsass.exe 22:43:44.0059 0x12c8 ProtectedStorage - ok 22:43:44.0137 0x12c8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys 22:43:44.0184 0x12c8 Psched - ok 22:43:44.0277 0x12c8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys 22:43:44.0386 0x12c8 ql2300 - ok 22:43:44.0433 0x12c8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys 22:43:44.0449 0x12c8 ql40xx - ok 22:43:44.0496 0x12c8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll 22:43:44.0667 0x12c8 QWAVE - ok 22:43:44.0776 0x12c8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 22:43:44.0932 0x12c8 QWAVEdrv - ok 22:43:45.0010 0x12c8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 22:43:45.0073 0x12c8 RasAcd - ok 22:43:45.0104 0x12c8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 22:43:45.0135 0x12c8 RasAgileVpn - ok 22:43:45.0198 0x12c8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll 22:43:45.0229 0x12c8 RasAuto - ok 22:43:45.0307 0x12c8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 22:43:45.0354 0x12c8 Rasl2tp - ok 22:43:45.0416 0x12c8 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll 22:43:45.0463 0x12c8 RasMan - ok 22:43:45.0603 0x12c8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 22:43:45.0697 0x12c8 RasPppoe - ok 22:43:45.0775 0x12c8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 22:43:45.0837 0x12c8 RasSstp - ok 22:43:45.0946 0x12c8 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 22:43:45.0993 0x12c8 rdbss - ok 22:43:46.0040 0x12c8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys 22:43:46.0087 0x12c8 rdpbus - ok 22:43:46.0180 0x12c8 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 22:43:46.0212 0x12c8 RDPCDD - ok 22:43:46.0321 0x12c8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 22:43:46.0383 0x12c8 RDPENCDD - ok 22:43:46.0430 0x12c8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 22:43:46.0508 0x12c8 RDPREFMP - ok 22:43:46.0586 0x12c8 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys 22:43:46.0695 0x12c8 RDPWD - ok 22:43:46.0851 0x12c8 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 22:43:46.0882 0x12c8 rdyboost - ok 22:43:46.0929 0x12c8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll 22:43:47.0054 0x12c8 RemoteAccess - ok 22:43:47.0116 0x12c8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll 22:43:47.0194 0x12c8 RemoteRegistry - ok 22:43:47.0257 0x12c8 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys 22:43:47.0272 0x12c8 RFCOMM - ok 22:43:47.0319 0x12c8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 22:43:47.0382 0x12c8 RpcEptMapper - ok 22:43:47.0413 0x12c8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe 22:43:47.0428 0x12c8 RpcLocator - ok 22:43:47.0475 0x12c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll 22:43:47.0522 0x12c8 RpcSs - ok 22:43:47.0631 0x12c8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 22:43:47.0662 0x12c8 rspndr - ok 22:43:47.0881 0x12c8 [ EF8B2AFC3C0751C5E5A59983C8893260, F612ACAD35F6ECC6596003D052B240B7688016FD5D82978727DD408DF36104F3 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys 22:43:47.0974 0x12c8 RSUSBSTOR - ok 22:43:47.0974 0x12c8 RtsUIR - ok 22:43:48.0021 0x12c8 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] SamSs C:\windows\system32\lsass.exe 22:43:48.0037 0x12c8 SamSs - ok 22:43:48.0115 0x12c8 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys 22:43:48.0130 0x12c8 sbp2port - ok 22:43:48.0208 0x12c8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll 22:43:48.0302 0x12c8 SCardSvr - ok 22:43:48.0349 0x12c8 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 22:43:48.0380 0x12c8 scfilter - ok 22:43:48.0536 0x12c8 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\windows\system32\schedsvc.dll 22:43:48.0676 0x12c8 Schedule - ok 22:43:48.0708 0x12c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll 22:43:48.0739 0x12c8 SCPolicySvc - ok 22:43:48.0770 0x12c8 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll 22:43:49.0035 0x12c8 SDRSVC - ok 22:43:49.0113 0x12c8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys 22:43:49.0254 0x12c8 secdrv - ok 22:43:49.0347 0x12c8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll 22:43:49.0488 0x12c8 seclogon - ok 22:43:49.0612 0x12c8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll 22:43:49.0690 0x12c8 SENS - ok 22:43:49.0800 0x12c8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll 22:43:50.0065 0x12c8 SensrSvc - ok 22:43:50.0143 0x12c8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys 22:43:50.0158 0x12c8 Serenum - ok 22:43:50.0252 0x12c8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys 22:43:50.0346 0x12c8 Serial - ok 22:43:50.0377 0x12c8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys 22:43:50.0424 0x12c8 sermouse - ok 22:43:50.0517 0x12c8 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll 22:43:50.0595 0x12c8 SessionEnv - ok 22:43:50.0658 0x12c8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys 22:43:50.0720 0x12c8 sffdisk - ok 22:43:50.0736 0x12c8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 22:43:50.0814 0x12c8 sffp_mmc - ok 22:43:50.0829 0x12c8 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 22:43:50.0845 0x12c8 sffp_sd - ok 22:43:50.0907 0x12c8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys 22:43:50.0938 0x12c8 sfloppy - ok 22:43:51.0032 0x12c8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll 22:43:51.0172 0x12c8 SharedAccess - ok 22:43:51.0282 0x12c8 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll 22:43:51.0391 0x12c8 ShellHWDetection - ok 22:43:51.0469 0x12c8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys 22:43:51.0500 0x12c8 sisagp - ok 22:43:51.0531 0x12c8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys 22:43:51.0547 0x12c8 SiSRaid2 - ok 22:43:51.0609 0x12c8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys 22:43:51.0625 0x12c8 SiSRaid4 - ok 22:43:51.0703 0x12c8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys 22:43:51.0812 0x12c8 Smb - ok 22:43:51.0890 0x12c8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe 22:43:51.0906 0x12c8 SNMPTRAP - ok 22:43:51.0968 0x12c8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys 22:43:51.0984 0x12c8 spldr - ok 22:43:52.0030 0x12c8 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe 22:43:52.0202 0x12c8 Spooler - ok 22:43:52.0374 0x12c8 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe 22:43:52.0576 0x12c8 sppsvc - ok 22:43:52.0686 0x12c8 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll 22:43:52.0826 0x12c8 sppuinotify - ok 22:43:52.0888 0x12c8 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys 22:43:53.0091 0x12c8 srv - ok 22:43:53.0200 0x12c8 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 22:43:53.0232 0x12c8 srv2 - ok 22:43:53.0278 0x12c8 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 22:43:53.0294 0x12c8 srvnet - ok 22:43:53.0356 0x12c8 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B, CBB57877DF2F4D5CCF39D65E863F4C3EC30E6EBBD95132667908BF6E638E27FA ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys 22:43:53.0466 0x12c8 sscdbus - ok 22:43:53.0544 0x12c8 [ 8A1BE0C347814F482F493AEA619D57F6, 868AA830CC581FDB66F065938F8AC69621FD2E1767D5A29BAD1B9DB154C46F4A ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys 22:43:53.0575 0x12c8 sscdmdfl - ok 22:43:53.0606 0x12c8 [ 5AB0B1987F682A59B15B78F84C6AD7D0, 1A7FD72E82884D16525F36C0394F2F6845FE9F3580D9A01E6066605E5B72AB8D ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys 22:43:53.0622 0x12c8 sscdmdm - ok 22:43:53.0668 0x12c8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll 22:43:53.0778 0x12c8 SSDPSRV - ok 22:43:53.0809 0x12c8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll 22:43:53.0840 0x12c8 SstpSvc - ok 22:43:53.0902 0x12c8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys 22:43:53.0918 0x12c8 stexstor - ok 22:43:54.0012 0x12c8 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll 22:43:54.0074 0x12c8 StiSvc - ok 22:43:54.0152 0x12c8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys 22:43:54.0168 0x12c8 swenum - ok 22:43:54.0292 0x12c8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll 22:43:54.0495 0x12c8 swprv - ok 22:43:54.0620 0x12c8 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\windows\system32\sysmain.dll 22:43:54.0792 0x12c8 SysMain - ok 22:43:54.0838 0x12c8 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll 22:43:54.0870 0x12c8 TabletInputService - ok 22:43:54.0932 0x12c8 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll 22:43:54.0994 0x12c8 TapiSrv - ok 22:43:55.0088 0x12c8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll 22:43:55.0197 0x12c8 TBS - ok 22:43:55.0338 0x12c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys 22:43:55.0431 0x12c8 Tcpip - ok 22:43:55.0540 0x12c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 22:43:55.0603 0x12c8 TCPIP6 - ok 22:43:55.0650 0x12c8 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 22:43:55.0728 0x12c8 tcpipreg - ok 22:43:55.0774 0x12c8 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 22:43:55.0837 0x12c8 TDPIPE - ok 22:43:55.0915 0x12c8 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 22:43:55.0930 0x12c8 TDTCP - ok 22:43:56.0055 0x12c8 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\windows\system32\DRIVERS\tdx.sys 22:43:56.0149 0x12c8 tdx - ok 22:43:56.0164 0x12c8 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys 22:43:56.0180 0x12c8 TermDD - ok 22:43:56.0336 0x12c8 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\windows\System32\termsrv.dll 22:43:56.0523 0x12c8 TermService - ok 22:43:56.0554 0x12c8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll 22:43:56.0570 0x12c8 Themes - ok 22:43:56.0617 0x12c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll 22:43:56.0648 0x12c8 THREADORDER - ok 22:43:56.0742 0x12c8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll 22:43:56.0804 0x12c8 TrkWks - ok 22:43:56.0976 0x12c8 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 22:43:57.0054 0x12c8 TrustedInstaller - ok 22:43:57.0225 0x12c8 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 22:43:57.0288 0x12c8 tssecsrv - ok 22:43:57.0381 0x12c8 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 22:43:57.0756 0x12c8 TsUsbFlt - ok 22:43:58.0005 0x12c8 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 22:43:58.0052 0x12c8 tunnel - ok 22:43:58.0255 0x12c8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys 22:43:58.0286 0x12c8 uagp35 - ok 22:43:58.0458 0x12c8 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys 22:43:58.0520 0x12c8 udfs - ok 22:43:58.0660 0x12c8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe 22:43:58.0692 0x12c8 UI0Detect - ok 22:43:58.0832 0x12c8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 22:43:58.0848 0x12c8 uliagpkx - ok 22:43:58.0926 0x12c8 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\drivers\umbus.sys 22:43:58.0941 0x12c8 umbus - ok 22:43:58.0972 0x12c8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys 22:43:58.0988 0x12c8 UmPass - ok 22:43:59.0050 0x12c8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll 22:43:59.0175 0x12c8 upnphost - ok 22:43:59.0316 0x12c8 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys 22:43:59.0362 0x12c8 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 ) 22:43:59.0362 0x12c8 Detect skipped due to KSN trusted 22:43:59.0362 0x12c8 USBAAPL - ok 22:43:59.0425 0x12c8 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 22:43:59.0643 0x12c8 usbccgp - ok 22:43:59.0659 0x12c8 USBCCID - ok 22:43:59.0893 0x12c8 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys 22:44:00.0049 0x12c8 usbcir - ok 22:44:00.0174 0x12c8 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\DRIVERS\usbehci.sys 22:44:00.0220 0x12c8 usbehci - ok 22:44:00.0486 0x12c8 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 22:44:00.0642 0x12c8 usbhub - ok 22:44:00.0766 0x12c8 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys 22:44:00.0969 0x12c8 usbohci - ok 22:44:01.0172 0x12c8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 22:44:01.0297 0x12c8 usbprint - ok 22:44:01.0375 0x12c8 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\windows\system32\drivers\usbscan.sys 22:44:01.0484 0x12c8 usbscan - ok 22:44:01.0515 0x12c8 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 22:44:01.0593 0x12c8 USBSTOR - ok 22:44:01.0640 0x12c8 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\drivers\usbuhci.sys 22:44:01.0656 0x12c8 usbuhci - ok 22:44:01.0734 0x12c8 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\system32\Drivers\usbvideo.sys 22:44:01.0812 0x12c8 usbvideo - ok 22:44:01.0858 0x12c8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll 22:44:01.0968 0x12c8 UxSms - ok 22:44:02.0014 0x12c8 [ 88142648ED929E6D2178CC3B8C13C00F, 7E6B6B2CF61C56FBF8F2A96BDA2E9506467A9A883BFD3BEA78A4F500851E76DB ] VaultSvc C:\windows\system32\lsass.exe 22:44:02.0030 0x12c8 VaultSvc - ok 22:44:02.0108 0x12c8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 22:44:02.0124 0x12c8 vdrvroot - ok 22:44:02.0217 0x12c8 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe 22:44:02.0326 0x12c8 vds - ok 22:44:02.0451 0x12c8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys 22:44:02.0576 0x12c8 vga - ok 22:44:02.0592 0x12c8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys 22:44:02.0701 0x12c8 VgaSave - ok 22:44:02.0748 0x12c8 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys 22:44:02.0841 0x12c8 vhdmp - ok 22:44:02.0872 0x12c8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys 22:44:02.0904 0x12c8 viaagp - ok 22:44:02.0935 0x12c8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys 22:44:02.0950 0x12c8 ViaC7 - ok 22:44:03.0028 0x12c8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys 22:44:03.0060 0x12c8 viaide - ok 22:44:03.0091 0x12c8 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys 22:44:03.0106 0x12c8 volmgr - ok 22:44:03.0169 0x12c8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys 22:44:03.0231 0x12c8 volmgrx - ok 22:44:03.0278 0x12c8 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys 22:44:03.0403 0x12c8 volsnap - ok 22:44:03.0512 0x12c8 [ 9257FF91AEA61F05B200F2CBBDB67BDF, CCFC55843B526E483D31DD0FC723E5D346D78352861F6ECBC3EAD07145F317D1 ] Vsdatant C:\windows\system32\DRIVERS\vsdatant.sys 22:44:03.0684 0x12c8 Vsdatant - ok 22:44:03.0980 0x12c8 [ ABC70D66394C27F0B50E41A19E89C2D7, EFB1354DDB5599D13D5397EB34EC865D7F23344650C64C5A04622430A6B22B77 ] vsmon C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe 22:44:04.0167 0x12c8 vsmon - ok 22:44:04.0276 0x12c8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys 22:44:04.0339 0x12c8 vsmraid - ok 22:44:04.0464 0x12c8 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe 22:44:04.0682 0x12c8 VSS - ok 22:44:04.0713 0x12c8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 22:44:04.0729 0x12c8 vwifibus - ok 22:44:04.0760 0x12c8 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 22:44:04.0838 0x12c8 vwififlt - ok 22:44:04.0932 0x12c8 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys 22:44:04.0947 0x12c8 vwifimp - ok 22:44:05.0056 0x12c8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll 22:44:05.0181 0x12c8 W32Time - ok 22:44:05.0244 0x12c8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys 22:44:05.0259 0x12c8 WacomPen - ok 22:44:05.0275 0x12c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 22:44:05.0353 0x12c8 WANARP - ok 22:44:05.0353 0x12c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 22:44:05.0400 0x12c8 Wanarpv6 - ok 22:44:05.0524 0x12c8 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe 22:44:05.0602 0x12c8 WatAdminSvc - ok 22:44:05.0743 0x12c8 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe 22:44:05.0899 0x12c8 wbengine - ok 22:44:05.0946 0x12c8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 22:44:05.0977 0x12c8 WbioSrvc - ok 22:44:06.0055 0x12c8 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll 22:44:06.0086 0x12c8 wcncsvc - ok 22:44:06.0164 0x12c8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 22:44:06.0336 0x12c8 WcsPlugInService - ok 22:44:06.0367 0x12c8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys 22:44:06.0382 0x12c8 Wd - ok 22:44:06.0523 0x12c8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 22:44:06.0648 0x12c8 Wdf01000 - ok 22:44:06.0694 0x12c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\windows\system32\wdi.dll 22:44:06.0741 0x12c8 WdiServiceHost - ok 22:44:06.0741 0x12c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\windows\system32\wdi.dll 22:44:06.0757 0x12c8 WdiSystemHost - ok 22:44:06.0804 0x12c8 [ EA4E9DD00E69B35F9BD3D39ACB113E3F, 908F7D0116E7CDD05171EDA004D527880E25ECD06DFA82AEA53428C152BF59B1 ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys 22:44:06.0819 0x12c8 wdmirror - ok 22:44:06.0850 0x12c8 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\windows\System32\webclnt.dll 22:44:07.0006 0x12c8 WebClient - ok 22:44:07.0084 0x12c8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll 22:44:07.0162 0x12c8 Wecsvc - ok 22:44:07.0178 0x12c8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll 22:44:07.0209 0x12c8 wercplsupport - ok 22:44:07.0350 0x12c8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll 22:44:07.0428 0x12c8 WerSvc - ok 22:44:07.0615 0x12c8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 22:44:07.0646 0x12c8 WfpLwf - ok 22:44:07.0802 0x12c8 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4, A6020D41FEA0CC76D0C3CA3A88F3E9493022CD5A549E18B02D69A482B579F339 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys 22:44:07.0818 0x12c8 WimFltr - ok 22:44:07.0880 0x12c8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys 22:44:07.0896 0x12c8 WIMMount - ok 22:44:08.0176 0x12c8 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 22:44:08.0395 0x12c8 WinDefend - ok 22:44:08.0410 0x12c8 WinHttpAutoProxySvc - ok 22:44:08.0520 0x12c8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 22:44:08.0598 0x12c8 Winmgmt - ok 22:44:08.0644 0x12c8 WinRing0_1_2_0 - ok 22:44:08.0738 0x12c8 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\windows\system32\WsmSvc.dll 22:44:08.0941 0x12c8 WinRM - ok 22:44:09.0097 0x12c8 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\drivers\WinUsb.sys 22:44:09.0128 0x12c8 WinUsb - ok 22:44:09.0253 0x12c8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll 22:44:09.0362 0x12c8 Wlansvc - ok 22:44:09.0518 0x12c8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys 22:44:09.0534 0x12c8 WmiAcpi - ok 22:44:09.0565 0x12c8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 22:44:09.0596 0x12c8 wmiApSrv - ok 22:44:09.0783 0x12c8 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 22:44:10.0017 0x12c8 WMPNetworkSvc - ok 22:44:10.0064 0x12c8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll 22:44:10.0189 0x12c8 WPCSvc - ok 22:44:10.0236 0x12c8 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 22:44:10.0345 0x12c8 WPDBusEnum - ok 22:44:10.0392 0x12c8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 22:44:10.0470 0x12c8 ws2ifsl - ok 22:44:10.0501 0x12c8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll 22:44:10.0532 0x12c8 wscsvc - ok 22:44:10.0532 0x12c8 WSearch - ok 22:44:10.0594 0x12c8 [ BAEDC491374DEFD5E76336901D6D397D, E9DBE0E1361F0FD6CEF5B46DE2464B9604FE19CF59B7524D6EA8A063F718AB69 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys 22:44:10.0610 0x12c8 wsvd - ok 22:44:10.0828 0x12c8 [ 3EFC48CE17BE25D2F8C04C5A0FAE1F53, 6439396AE1C59966E3C0DF519956F9D25568155174004F9562F764CEF8A49802 ] wuauserv C:\windows\system32\wuaueng.dll 22:44:10.0984 0x12c8 wuauserv - ok 22:44:11.0047 0x12c8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys 22:44:11.0109 0x12c8 WudfPf - ok 22:44:11.0140 0x12c8 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 22:44:11.0187 0x12c8 WUDFRd - ok 22:44:11.0281 0x12c8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll 22:44:11.0312 0x12c8 wudfsvc - ok 22:44:11.0343 0x12c8 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll 22:44:11.0562 0x12c8 WwanSvc - ok 22:44:11.0640 0x12c8 [ A8A49F0427D783BFF78BC3226B4ABD0D, BE074147C825292C5A4CB859EE0238061511753F24348975BC51B313F370DD2C ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe 22:44:11.0655 0x12c8 ZAPrivacyService - ok 22:44:11.0780 0x12c8 ================ Scan global =============================== 22:44:11.0858 0x12c8 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\windows\system32\basesrv.dll 22:44:11.0905 0x12c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\windows\system32\winsrv.dll 22:44:11.0983 0x12c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\windows\system32\winsrv.dll 22:44:12.0076 0x12c8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll 22:44:12.0154 0x12c8 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\windows\system32\services.exe 22:44:12.0201 0x12c8 [ Global ] - ok 22:44:12.0201 0x12c8 ================ Scan MBR ================================== 22:44:12.0232 0x12c8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 22:44:15.0696 0x12c8 \Device\Harddisk0\DR0 - ok 22:44:15.0696 0x12c8 ================ Scan VBR ================================== 22:44:15.0711 0x12c8 [ C98A1924B196E8E2D3AAB7B0055F6A39 ] \Device\Harddisk0\DR0\Partition1 22:44:15.0727 0x12c8 \Device\Harddisk0\DR0\Partition1 - ok 22:44:15.0774 0x12c8 [ 2DDCDDD8A65135245E91F7D8CD04E1FE ] \Device\Harddisk0\DR0\Partition2 22:44:15.0774 0x12c8 \Device\Harddisk0\DR0\Partition2 - ok 22:44:15.0836 0x12c8 [ CBCB8FBBB514A4E02A232D9C07CE4933 ] \Device\Harddisk0\DR0\Partition3 22:44:15.0836 0x12c8 \Device\Harddisk0\DR0\Partition3 - ok 22:44:15.0836 0x12c8 ================ Scan generic autorun ====================== 22:44:15.0867 0x12c8 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe 22:44:15.0898 0x12c8 IAAnotif - ok 22:44:15.0976 0x12c8 [ 6ACC44D3C8B72617061A6D2B66C7D5A7, 2CCA5D68B8C9640AADAF42E0260CFB94DDF60213D7BB3FFA6DCB673C096DB86C ] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe 22:44:16.0008 0x12c8 ZoneAlarm - ok 22:44:16.0101 0x12c8 [ 157B5DF2CBCE17A0CEECB0FF4297700E, D212EC0108D92FF3A84CF6DCA81F11DF028F1C5217FCA4CD47EE1A170FCAC10D ] C:\windows\system32\igfxtray.exe 22:44:16.0117 0x12c8 IgfxTray - ok 22:44:16.0179 0x12c8 [ 9A30BDDE96721FE6D6B2BA0593F69C81, 840F07D9A50C623CCD7BF278B9ABDDBCE69881DD6A3F6A99861A553F98DDE421 ] C:\windows\system32\hkcmd.exe 22:44:16.0257 0x12c8 HotKeysCmds - ok 22:44:16.0351 0x12c8 [ FEC63BCD1A1DDE7A990223D0F12655D7, FFBE21587263DA615D06BBFDCC5A2AACA99528266BAB15C9AE37B57EC5B4D113 ] C:\windows\system32\igfxpers.exe 22:44:16.0366 0x12c8 Persistence - ok 22:44:16.0460 0x12c8 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe 22:44:16.0538 0x12c8 SunJavaUpdateSched - ok 22:44:16.0788 0x12c8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 22:44:17.0022 0x12c8 Sidebar - ok 22:44:17.0068 0x12c8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 22:44:17.0084 0x12c8 mctadmin - ok 22:44:17.0146 0x12c8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 22:44:17.0224 0x12c8 Sidebar - ok 22:44:17.0256 0x12c8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 22:44:17.0271 0x12c8 mctadmin - ok 22:44:17.0334 0x12c8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe 22:44:17.0380 0x12c8 Sidebar - ok 22:44:17.0474 0x12c8 AV detected via SS2: ZoneAlarm Antivirus, C:\Program Files\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.2.15.0 ), 0x41000 ( enabled : updated ) 22:44:17.0490 0x12c8 FW detected via SS2: ZoneAlarm Firewall, C:\Program Files\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.2.15.0 ), 0x41010 ( enabled ) 22:44:32.0310 0x12c8 ============================================================ 22:44:32.0310 0x12c8 Scan finished 22:44:32.0310 0x12c8 ============================================================ 22:44:32.0310 0x1010 Detected object count: 0 22:44:32.0310 0x1010 Actual detected object count: 0 |
|
08.10.2015, 19:20
| #5 |
| /// the machine /// TB-Ausbilder | Yahoo Accounte versenden Spam Mails Keine MAlware. Mail Account von allen nicht-windows-Geräten löschen, PW ändern.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.10.2015, 19:41
| #6 |
| | Yahoo Accounte versenden Spam Mails Vielen Dank! |
|
09.10.2015, 23:40
| #7 |
| /// the machine /// TB-Ausbilder | Yahoo Accounte versenden Spam Mails Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Yahoo Accounte versenden Spam Mails |
| antivirus, bonjour, canon, cpu, desktop, dnsapi.dll, excel, firefox, flash player, helper, home, homepage, installation, kaspersky, mozilla, prozesse, registry, rundll, scan, secur, security, software, speicherplatz, svchost.exe, system, trojaner, win10, windows |
Linear-Darstellung
