| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Vorgang written im Speicher konnte nicht..Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.11.2016, 13:34
| #1 |
 |  Vorgang written im Speicher konnte nicht.. Hallo liebes Forum seit ein paar Tagen erscheint der Laptop sehr langsam es dauert Minuten gefühlte Stunden bis der Laptop sich hochfährt.Mittlerweile kommt die Fehlermeldung der Vorgang written konnte nicht ausgeführt werden mit vielen nullen und zahlen die ich so schnell nicht erkannt habe.Dann erscheint ab und an irgendwas mit Jawa web Error...und das ich das Farbschema ändern soll? Was kann das sein?Ich bin völliger Laie und hoffe auf Hilfe danke Olli
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
26.11.2016, 16:42
| #2 |
| /// TB-Ausbilder   | Vorgang written im Speicher konnte nicht.. Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
27.11.2016, 13:21
| #3 |
| | Vorgang written im Speicher konnte nicht.. Hi Matthias
__________________Danke für die schnelle Antwort das kann ich alles erst morgen machen da ich heut abend nicht da bin Lg olli ich kann die daten nicht einfügen immer zu gross im übrigen kann ich FRST nicht stoppen bzw beenden der ist in einer schleife und sucht und sucht immer die gleichen dateien
__________________ |
|
27.11.2016, 14:03
| #4 |
| /// TB-Ausbilder | Vorgang written im Speicher konnte nicht.. Servus, du kannst die Logdateien auch zippen (in ein .zip Archiv packen) und als Anhang mitschicken. |
|
27.11.2016, 14:08
| #5 |
| | Vorgang written im Speicher konnte nicht.. wie macht man das
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
27.11.2016, 14:17
| #6 | |
| /// TB-Ausbilder | Vorgang written im Speicher konnte nicht..Zitat:
Das .zip Archiv dann mit deiner nächsten Antwort als Anhang hochladen und mitschicken. |
|
27.11.2016, 14:24
| #7 |
| | Vorgang written im Speicher konnte nicht.. so richtig
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
27.11.2016, 15:10
| #8 |
| | Vorgang written im Speicher konnte nicht.. so richtig ?
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
27.11.2016, 15:11
| #9 |
| | Vorgang written im Speicher konnte nicht..Code:
ATTFilter 15:06:12.0470 0x13200 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
15:06:14.0400 0x13200 ============================================================
15:06:14.0400 0x13200 Current date / time: 2016/11/27 15:06:14.0400
15:06:14.0400 0x13200 SystemInfo:
15:06:14.0400 0x13200
15:06:14.0400 0x13200 OS Version: 6.1.7601 ServicePack: 1.0
15:06:14.0400 0x13200 Product type: Workstation
15:06:14.0400 0x13200 ComputerName: OLIVER-PC
15:06:14.0400 0x13200 UserName: oliver
15:06:14.0400 0x13200 Windows directory: C:\windows
15:06:14.0400 0x13200 System windows directory: C:\windows
15:06:14.0400 0x13200 Running under WOW64
15:06:14.0400 0x13200 Processor architecture: Intel x64
15:06:14.0400 0x13200 Number of processors: 2
15:06:14.0400 0x13200 Page size: 0x1000
15:06:14.0400 0x13200 Boot type: Normal boot
15:06:14.0400 0x13200 CodeIntegrityOptions = 0x00000001
15:06:14.0400 0x13200 ============================================================
15:06:14.0531 0x13200 KLMD registered as C:\windows\system32\drivers\14911763.sys
15:06:14.0531 0x13200 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
15:06:14.0963 0x13200 System UUID: {968E1096-0D28-8034-52DB-72CCA9FB264E}
15:06:15.0595 0x13200 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:06:15.0595 0x13200 ============================================================
15:06:15.0595 0x13200 \Device\Harddisk0\DR0:
15:06:15.0595 0x13200 MBR partitions:
15:06:15.0595 0x13200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
15:06:15.0595 0x13200 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x16600000
15:06:15.0625 0x13200 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x18E33000, BlocksNum 0x21552800
15:06:15.0625 0x13200 ============================================================
15:06:15.0675 0x13200 C: <-> \Device\Harddisk0\DR0\Partition2
15:06:15.0745 0x13200 D: <-> \Device\Harddisk0\DR0\Partition3
15:06:15.0745 0x13200 ============================================================
15:06:15.0745 0x13200 Initialize success
15:06:15.0745 0x13200 ============================================================
15:06:23.0670 0x8e88 ============================================================
15:06:23.0670 0x8e88 Scan started
15:06:23.0670 0x8e88 Mode: Manual; SigCheck; TDLFS;
15:06:23.0670 0x8e88 ============================================================
15:06:23.0670 0x8e88 KSN ping started
15:06:23.0800 0x8e88 KSN ping finished: true
15:06:24.0604 0x8e88 ================ Scan system memory ========================
15:06:24.0604 0x8e88 System memory - ok
15:06:24.0604 0x8e88 ================ Scan services =============================
15:06:24.0844 0x8e88 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:06:24.0960 0x8e88 1394ohci - ok
15:06:25.0040 0x8e88 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:06:25.0060 0x8e88 ACPI - ok
15:06:25.0100 0x8e88 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:06:25.0140 0x8e88 AcpiPmi - ok
15:06:25.0300 0x8e88 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:06:25.0350 0x8e88 AdobeARMservice - ok
15:06:25.0504 0x8e88 [ 7760EB1D134ECD2DCD83C067816F4B18, 03DB710DEF644387C536C90C893654EA05AD4C80362CEBD039F2368A13D491FE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:06:25.0524 0x8e88 AdobeFlashPlayerUpdateSvc - ok
15:06:25.0584 0x8e88 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
15:06:25.0634 0x8e88 adp94xx - ok
15:06:25.0684 0x8e88 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
15:06:25.0704 0x8e88 adpahci - ok
15:06:25.0724 0x8e88 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
15:06:25.0754 0x8e88 adpu320 - ok
15:06:25.0804 0x8e88 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:06:25.0824 0x8e88 AeLookupSvc - ok
15:06:25.0884 0x8e88 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\windows\system32\drivers\afd.sys
15:06:25.0914 0x8e88 AFD - ok
15:06:25.0954 0x8e88 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
15:06:25.0974 0x8e88 agp440 - ok
15:06:26.0014 0x8e88 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
15:06:26.0034 0x8e88 ALG - ok
15:06:26.0064 0x8e88 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
15:06:26.0084 0x8e88 aliide - ok
15:06:26.0114 0x8e88 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
15:06:26.0134 0x8e88 amdide - ok
15:06:26.0174 0x8e88 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
15:06:26.0184 0x8e88 AmdK8 - ok
15:06:26.0204 0x8e88 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:06:26.0214 0x8e88 AmdPPM - ok
15:06:26.0274 0x8e88 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
15:06:26.0284 0x8e88 amdsata - ok
15:06:26.0314 0x8e88 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
15:06:26.0334 0x8e88 amdsbs - ok
15:06:26.0344 0x8e88 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
15:06:26.0354 0x8e88 amdxata - ok
15:06:26.0498 0x8e88 [ 04B856A07EDCFEE14C4CB0D389531020, 38094E6FECF22FBC72B46C4A78519F9E698092DF28A81C5742332FCA6609CB9B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:06:26.0558 0x8e88 AntiVirMailService - ok
15:06:26.0608 0x8e88 [ FE817303FA4308B6149D2FC1D07D0DF2, 471EA57785EE40FE244BB2AF10FB5F5B113F1D79F34CAE28CC46177AB3F15141 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:06:26.0638 0x8e88 AntiVirSchedulerService - ok
15:06:26.0708 0x8e88 [ FE817303FA4308B6149D2FC1D07D0DF2, 471EA57785EE40FE244BB2AF10FB5F5B113F1D79F34CAE28CC46177AB3F15141 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:06:26.0738 0x8e88 AntiVirService - ok
15:06:26.0828 0x8e88 [ 82A7739C01B7FBD6738B08C6FEB13CE5, 49BD8764CC7BB8F3AEFD8A8585A2F492C0B48A6AAACA86BDE7CB6D182EADD703 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:06:26.0888 0x8e88 AntiVirWebService - ok
15:06:26.0948 0x8e88 [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID C:\windows\system32\drivers\appid.sys
15:06:26.0968 0x8e88 AppID - ok
15:06:26.0978 0x8e88 [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:06:26.0998 0x8e88 AppIDSvc - ok
15:06:27.0048 0x8e88 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\windows\System32\appinfo.dll
15:06:27.0068 0x8e88 Appinfo - ok
15:06:27.0248 0x8e88 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:06:27.0268 0x8e88 Apple Mobile Device Service - ok
15:06:27.0338 0x8e88 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
15:06:27.0358 0x8e88 arc - ok
15:06:27.0378 0x8e88 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
15:06:27.0388 0x8e88 arcsas - ok
15:06:27.0538 0x8e88 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:06:27.0558 0x8e88 aspnet_state - ok
15:06:27.0588 0x8e88 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:06:27.0638 0x8e88 AsyncMac - ok
15:06:27.0693 0x8e88 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
15:06:27.0703 0x8e88 atapi - ok
15:06:27.0833 0x8e88 [ 3D68A1EEF77307142636AF5127990BCB, 30926B2E1371287FF39C69C363BE4FAC67C558867D903C555A12316D303A43E8 ] athr C:\windows\system32\DRIVERS\athrx.sys
15:06:27.0943 0x8e88 athr - ok
15:06:28.0013 0x8e88 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:06:28.0053 0x8e88 AudioEndpointBuilder - ok
15:06:28.0083 0x8e88 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\windows\System32\Audiosrv.dll
15:06:28.0113 0x8e88 AudioSrv - ok
15:06:28.0213 0x8e88 [ 3ED4B40C5EF146FB65392B553E65EBA8, 680E31F05E797162A40A67D8B7BF225DC390C38522BA2A28BA5CF70C254AAE6F ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
15:06:28.0233 0x8e88 avgntflt - ok
15:06:28.0283 0x8e88 [ 18AAAC7ED383C465E319B5DD07D0A0B6, B0C394F1ECC475CC4EA104E5B32063ED85083B45FE37372204B21FD5694B652E ] avgtp C:\windows\system32\drivers\avgtpx64.sys
15:06:28.0303 0x8e88 avgtp - ok
15:06:28.0363 0x8e88 [ E745629CBC104D2B446CFB859084BEB5, 3FC86742A44D9867F7CE7FD28DB4591B745495AF6A96E057A5F62ACD87E9E5B5 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
15:06:28.0383 0x8e88 avipbb - ok
15:06:28.0483 0x8e88 [ B9789F30438091DC528797ABFD310B01, 9C8678DFCF4A377954B8FE5C7C49C51B290A216671860200EAE6A4FD5A07E1E0 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:06:28.0503 0x8e88 Avira.ServiceHost - ok
15:06:28.0523 0x8e88 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
15:06:28.0533 0x8e88 avkmgr - ok
15:06:28.0583 0x8e88 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
15:06:28.0593 0x8e88 avnetflt - ok
15:06:28.0633 0x8e88 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
15:06:28.0663 0x8e88 AxInstSV - ok
15:06:28.0703 0x8e88 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
15:06:28.0753 0x8e88 b06bdrv - ok
15:06:28.0793 0x8e88 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
15:06:28.0823 0x8e88 b57nd60a - ok
15:06:28.0873 0x8e88 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
15:06:28.0903 0x8e88 BDESVC - ok
15:06:28.0923 0x8e88 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
15:06:28.0973 0x8e88 Beep - ok
15:06:29.0043 0x8e88 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
15:06:29.0093 0x8e88 BFE - ok
15:06:29.0163 0x8e88 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
15:06:29.0233 0x8e88 BITS - ok
15:06:29.0263 0x8e88 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:06:29.0273 0x8e88 blbdrive - ok
15:06:29.0363 0x8e88 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:06:29.0393 0x8e88 Bonjour Service - ok
15:06:29.0443 0x8e88 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:06:29.0463 0x8e88 bowser - ok
15:06:29.0473 0x8e88 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
15:06:29.0503 0x8e88 BrFiltLo - ok
15:06:29.0523 0x8e88 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
15:06:29.0543 0x8e88 BrFiltUp - ok
15:06:29.0583 0x8e88 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
15:06:29.0635 0x8e88 BridgeMP - ok
15:06:29.0671 0x8e88 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
15:06:29.0711 0x8e88 Browser - ok
15:06:29.0741 0x8e88 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:06:29.0761 0x8e88 Brserid - ok
15:06:29.0781 0x8e88 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:06:29.0801 0x8e88 BrSerWdm - ok
15:06:29.0811 0x8e88 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:06:29.0831 0x8e88 BrUsbMdm - ok
15:06:29.0841 0x8e88 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:06:29.0851 0x8e88 BrUsbSer - ok
15:06:29.0881 0x8e88 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
15:06:29.0903 0x8e88 BTHMODEM - ok
15:06:29.0944 0x8e88 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
15:06:29.0994 0x8e88 bthserv - ok
15:06:30.0024 0x8e88 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:06:30.0074 0x8e88 cdfs - ok
15:06:30.0124 0x8e88 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
15:06:30.0154 0x8e88 cdrom - ok
15:06:30.0194 0x8e88 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
15:06:30.0234 0x8e88 CertPropSvc - ok
15:06:30.0254 0x8e88 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
15:06:30.0284 0x8e88 circlass - ok
15:06:30.0344 0x8e88 [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS C:\windows\system32\CLFS.sys
15:06:30.0374 0x8e88 CLFS - ok
15:06:30.0624 0x8e88 [ BDED70145D7F931CAD02BD531BEB38B7, 6B6355482F7FD44ECD958BBFDC9795C8F79A60EB5294349DCB0DBBECE607A5B6 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
15:06:30.0744 0x8e88 ClickToRunSvc - ok
15:06:30.0814 0x8e88 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:06:30.0824 0x8e88 clr_optimization_v2.0.50727_32 - ok
15:06:30.0874 0x8e88 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:06:30.0894 0x8e88 clr_optimization_v2.0.50727_64 - ok
15:06:30.0994 0x8e88 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:06:31.0024 0x8e88 clr_optimization_v4.0.30319_32 - ok
15:06:31.0074 0x8e88 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:06:31.0094 0x8e88 clr_optimization_v4.0.30319_64 - ok
15:06:31.0124 0x8e88 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:06:31.0144 0x8e88 CmBatt - ok
15:06:31.0164 0x8e88 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
15:06:31.0184 0x8e88 cmdide - ok
15:06:31.0234 0x8e88 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\windows\system32\Drivers\cng.sys
15:06:31.0274 0x8e88 CNG - ok
15:06:31.0294 0x8e88 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
15:06:31.0314 0x8e88 Compbatt - ok
15:06:31.0354 0x8e88 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
15:06:31.0374 0x8e88 CompositeBus - ok
15:06:31.0394 0x8e88 COMSysApp - ok
15:06:31.0414 0x8e88 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
15:06:31.0424 0x8e88 crcdisk - ok
15:06:31.0484 0x8e88 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\windows\system32\cryptsvc.dll
15:06:31.0504 0x8e88 CryptSvc - ok
15:06:31.0641 0x8e88 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:06:31.0681 0x8e88 cvhsvc - ok
15:06:31.0751 0x8e88 [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
15:06:31.0791 0x8e88 dc3d - ok
15:06:31.0871 0x8e88 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\windows\system32\rpcss.dll
15:06:31.0931 0x8e88 DcomLaunch - ok
15:06:31.0971 0x8e88 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
15:06:32.0021 0x8e88 defragsvc - ok
15:06:32.0081 0x8e88 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:06:32.0101 0x8e88 DfsC - ok
15:06:32.0171 0x8e88 [ 1E0F456A03E204F92D24437CD907A512, 8BB28AF33BDEFFECC4EC5C6BFBFBDA525A32FA6A26382353E01FF94BAD2A200C ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
15:06:32.0191 0x8e88 dg_ssudbus - ok
15:06:32.0271 0x8e88 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
15:06:32.0311 0x8e88 Dhcp - ok
15:06:32.0421 0x8e88 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\windows\system32\diagtrack.dll
15:06:32.0501 0x8e88 DiagTrack - ok
15:06:32.0531 0x8e88 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
15:06:32.0581 0x8e88 discache - ok
15:06:32.0621 0x8e88 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\windows\system32\drivers\disk.sys
15:06:32.0641 0x8e88 Disk - ok
15:06:32.0681 0x8e88 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:06:32.0701 0x8e88 Dnscache - ok
15:06:32.0741 0x8e88 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
15:06:32.0801 0x8e88 dot3svc - ok
15:06:32.0831 0x8e88 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
15:06:32.0881 0x8e88 DPS - ok
15:06:32.0951 0x8e88 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:06:32.0981 0x8e88 drmkaud - ok
15:06:33.0051 0x8e88 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:06:33.0101 0x8e88 DXGKrnl - ok
15:06:33.0141 0x8e88 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
15:06:33.0191 0x8e88 EapHost - ok
15:06:33.0361 0x8e88 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
15:06:33.0498 0x8e88 ebdrv - ok
15:06:33.0553 0x8e88 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS C:\windows\System32\lsass.exe
15:06:33.0583 0x8e88 EFS - ok
15:06:33.0685 0x8e88 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:06:33.0725 0x8e88 ehRecvr - ok
15:06:33.0755 0x8e88 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
15:06:33.0775 0x8e88 ehSched - ok
15:06:33.0825 0x8e88 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
15:06:33.0855 0x8e88 elxstor - ok
15:06:33.0885 0x8e88 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:06:33.0895 0x8e88 ErrDev - ok
15:06:33.0955 0x8e88 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
15:06:34.0015 0x8e88 EventSystem - ok
15:06:34.0085 0x8e88 [ 24589081B827989B52D954DCD88035D0, 38535A0E9FC0684308EB5D6AA6284669BC9743F11CB605B79883B8C13EF906AD ] EverestDriver C:\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64
15:06:34.0095 0x8e88 EverestDriver - detected UnsignedFile.Multi.Generic ( 1 )
15:06:34.0205 0x8e88 Detect skipped due to KSN trusted
15:06:34.0205 0x8e88 EverestDriver - ok
15:06:34.0235 0x8e88 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
15:06:34.0285 0x8e88 exfat - ok
15:06:34.0325 0x8e88 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:06:34.0375 0x8e88 fastfat - ok
15:06:34.0447 0x8e88 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
15:06:34.0497 0x8e88 Fax - ok
15:06:34.0517 0x8e88 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
15:06:34.0537 0x8e88 fdc - ok
15:06:34.0577 0x8e88 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
15:06:34.0627 0x8e88 fdPHost - ok
15:06:34.0637 0x8e88 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
15:06:34.0687 0x8e88 FDResPub - ok
15:06:34.0717 0x8e88 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:06:34.0727 0x8e88 FileInfo - ok
15:06:34.0747 0x8e88 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:06:34.0797 0x8e88 Filetrace - ok
15:06:34.0817 0x8e88 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
15:06:34.0827 0x8e88 flpydisk - ok
15:06:34.0887 0x8e88 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:06:34.0917 0x8e88 FltMgr - ok
15:06:34.0997 0x8e88 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\windows\system32\FntCache.dll
15:06:35.0067 0x8e88 FontCache - ok
15:06:35.0117 0x8e88 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:06:35.0134 0x8e88 FontCache3.0.0.0 - ok
15:06:35.0162 0x8e88 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:06:35.0172 0x8e88 FsDepends - ok
15:06:35.0202 0x8e88 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:06:35.0222 0x8e88 Fs_Rec - ok
15:06:35.0272 0x8e88 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:06:35.0302 0x8e88 fvevol - ok
15:06:35.0332 0x8e88 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
15:06:35.0352 0x8e88 gagp30kx - ok
15:06:35.0384 0x8e88 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:06:35.0394 0x8e88 GEARAspiWDM - ok
15:06:35.0464 0x8e88 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\windows\System32\gpsvc.dll
15:06:35.0514 0x8e88 gpsvc - ok
15:06:35.0604 0x8e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:06:35.0614 0x8e88 gupdate - ok
15:06:35.0624 0x8e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:06:35.0644 0x8e88 gupdatem - ok
15:06:35.0667 0x8e88 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:06:35.0677 0x8e88 hcw85cir - ok
15:06:35.0747 0x8e88 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:06:35.0777 0x8e88 HdAudAddService - ok
15:06:35.0817 0x8e88 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
15:06:35.0837 0x8e88 HDAudBus - ok
15:06:35.0857 0x8e88 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
15:06:35.0877 0x8e88 HidBatt - ok
15:06:35.0897 0x8e88 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
15:06:35.0917 0x8e88 HidBth - ok
15:06:35.0957 0x8e88 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
15:06:35.0977 0x8e88 HidIr - ok
15:06:36.0007 0x8e88 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
15:06:36.0057 0x8e88 hidserv - ok
15:06:36.0097 0x8e88 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
15:06:36.0127 0x8e88 HidUsb - ok
15:06:36.0147 0x8e88 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
15:06:36.0197 0x8e88 hkmsvc - ok
15:06:36.0237 0x8e88 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:06:36.0277 0x8e88 HomeGroupListener - ok
15:06:36.0317 0x8e88 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:06:36.0337 0x8e88 HomeGroupProvider - ok
15:06:36.0397 0x8e88 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:06:36.0407 0x8e88 HpSAMD - ok
15:06:36.0487 0x8e88 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:06:36.0537 0x8e88 HTTP - ok
15:06:36.0557 0x8e88 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:06:36.0567 0x8e88 hwpolicy - ok
15:06:36.0627 0x8e88 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
15:06:36.0647 0x8e88 i8042prt - ok
15:06:36.0717 0x8e88 [ 073A606333B6F7BBF20AA856DF7F0997, 513927CA430511A5B95F6CBE5FBD20F8C2202B609F88C4526C174A4FF7F761FC ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:06:36.0747 0x8e88 iaStor - ok
15:06:36.0817 0x8e88 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:06:36.0847 0x8e88 iaStorV - ok
15:06:36.0917 0x8e88 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:06:36.0957 0x8e88 idsvc - ok
15:06:36.0997 0x8e88 IEEtwCollectorService - ok
15:06:37.0391 0x8e88 [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
15:06:37.0842 0x8e88 igfx - ok
15:06:37.0882 0x8e88 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
15:06:37.0902 0x8e88 iirsp - ok
15:06:37.0962 0x8e88 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
15:06:38.0002 0x8e88 IKEEXT - ok
15:06:38.0052 0x8e88 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
15:06:38.0082 0x8e88 Impcd - ok
15:06:38.0234 0x8e88 [ 028E40182A6F0374978C755F85B9F07C, 747B5B4E56076A77C7936B71CE20FD413A1869ACF9E4218A1B8EF8D4E8C82A3B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:06:38.0344 0x8e88 IntcAzAudAddService - ok
15:06:38.0384 0x8e88 [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
15:06:38.0418 0x8e88 IntcDAud - ok
15:06:38.0438 0x8e88 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
15:06:38.0458 0x8e88 intelide - ok
15:06:38.0498 0x8e88 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:06:38.0518 0x8e88 intelppm - ok
15:06:38.0538 0x8e88 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:06:38.0598 0x8e88 IPBusEnum - ok
15:06:38.0638 0x8e88 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:06:38.0688 0x8e88 IpFilterDriver - ok
15:06:38.0758 0x8e88 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:06:38.0798 0x8e88 iphlpsvc - ok
15:06:38.0818 0x8e88 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:06:38.0838 0x8e88 IPMIDRV - ok
15:06:38.0868 0x8e88 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:06:38.0928 0x8e88 IPNAT - ok
15:06:38.0988 0x8e88 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:06:39.0018 0x8e88 iPod Service - ok
15:06:39.0048 0x8e88 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
15:06:39.0068 0x8e88 IRENUM - ok
15:06:39.0098 0x8e88 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:06:39.0108 0x8e88 isapnp - ok
15:06:39.0148 0x8e88 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:06:39.0168 0x8e88 iScsiPrt - ok
15:06:39.0218 0x8e88 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
15:06:39.0228 0x8e88 kbdclass - ok
15:06:39.0278 0x8e88 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
15:06:39.0298 0x8e88 kbdhid - ok
15:06:39.0308 0x8e88 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso C:\windows\system32\lsass.exe
15:06:39.0328 0x8e88 KeyIso - ok
15:06:39.0378 0x8e88 [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:06:39.0398 0x8e88 KSecDD - ok
15:06:39.0418 0x8e88 [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:06:39.0438 0x8e88 KSecPkg - ok
15:06:39.0448 0x8e88 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
15:06:39.0498 0x8e88 ksthunk - ok
15:06:39.0548 0x8e88 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
15:06:39.0608 0x8e88 KtmRm - ok
15:06:39.0648 0x8e88 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
15:06:39.0698 0x8e88 LanmanServer - ok
15:06:39.0728 0x8e88 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:06:39.0778 0x8e88 LanmanWorkstation - ok
15:06:39.0828 0x8e88 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:06:39.0878 0x8e88 lltdio - ok
15:06:39.0928 0x8e88 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:06:39.0988 0x8e88 lltdsvc - ok
15:06:40.0008 0x8e88 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
15:06:40.0058 0x8e88 lmhosts - ok
15:06:40.0098 0x8e88 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
15:06:40.0118 0x8e88 LSI_FC - ok
15:06:40.0128 0x8e88 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
15:06:40.0148 0x8e88 LSI_SAS - ok
15:06:40.0158 0x8e88 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
15:06:40.0168 0x8e88 LSI_SAS2 - ok
15:06:40.0188 0x8e88 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
15:06:40.0208 0x8e88 LSI_SCSI - ok
15:06:40.0228 0x8e88 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
15:06:40.0278 0x8e88 luafv - ok
15:06:40.0318 0x8e88 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:06:40.0338 0x8e88 Mcx2Svc - ok
15:06:40.0358 0x8e88 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
15:06:40.0368 0x8e88 megasas - ok
15:06:40.0390 0x8e88 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
15:06:40.0420 0x8e88 MegaSR - ok
15:06:40.0450 0x8e88 [ BA7E071E855D4C502916164A31B05D4D, 11B250AA98EAAB4A15A8796CABAFCFC20B8E049513BF66FFAA0F6C2BEED958A5 ] MHIKEY10 C:\windows\system32\Drivers\MHIKEY10x64.sys
15:06:40.0480 0x8e88 MHIKEY10 - ok
15:06:40.0520 0x8e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
15:06:40.0570 0x8e88 MMCSS - ok
15:06:40.0592 0x8e88 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
15:06:40.0642 0x8e88 Modem - ok
15:06:40.0672 0x8e88 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:06:40.0692 0x8e88 monitor - ok
15:06:40.0712 0x8e88 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:06:40.0732 0x8e88 mouclass - ok
15:06:40.0752 0x8e88 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:06:40.0772 0x8e88 mouhid - ok
15:06:40.0822 0x8e88 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:06:40.0832 0x8e88 mountmgr - ok
15:06:40.0872 0x8e88 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
15:06:40.0892 0x8e88 mpio - ok
15:06:40.0912 0x8e88 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:06:40.0962 0x8e88 mpsdrv - ok
15:06:41.0022 0x8e88 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
15:06:41.0092 0x8e88 MpsSvc - ok
15:06:41.0122 0x8e88 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:06:41.0162 0x8e88 MRxDAV - ok
15:06:41.0202 0x8e88 [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:06:41.0222 0x8e88 mrxsmb - ok
15:06:41.0262 0x8e88 [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:06:41.0292 0x8e88 mrxsmb10 - ok
15:06:41.0342 0x8e88 [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:06:41.0362 0x8e88 mrxsmb20 - ok
15:06:41.0392 0x8e88 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
15:06:41.0412 0x8e88 msahci - ok
15:06:41.0422 0x8e88 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:06:41.0442 0x8e88 msdsm - ok
15:06:41.0462 0x8e88 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
15:06:41.0492 0x8e88 MSDTC - ok
15:06:41.0512 0x8e88 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
15:06:41.0563 0x8e88 Msfs - ok
15:06:41.0583 0x8e88 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:06:41.0633 0x8e88 mshidkmdf - ok
15:06:41.0663 0x8e88 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:06:41.0683 0x8e88 msisadrv - ok
15:06:41.0713 0x8e88 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:06:41.0763 0x8e88 MSiSCSI - ok
15:06:41.0763 0x8e88 msiserver - ok
15:06:41.0803 0x8e88 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:06:41.0853 0x8e88 MSKSSRV - ok
15:06:41.0863 0x8e88 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:06:41.0903 0x8e88 MSPCLOCK - ok
15:06:41.0923 0x8e88 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:06:41.0973 0x8e88 MSPQM - ok
15:06:42.0023 0x8e88 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:06:42.0053 0x8e88 MsRPC - ok
15:06:42.0063 0x8e88 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
15:06:42.0083 0x8e88 mssmbios - ok
15:06:42.0103 0x8e88 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:06:42.0153 0x8e88 MSTEE - ok
15:06:42.0163 0x8e88 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
15:06:42.0183 0x8e88 MTConfig - ok
15:06:42.0203 0x8e88 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
15:06:42.0223 0x8e88 Mup - ok
15:06:42.0263 0x8e88 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
15:06:42.0323 0x8e88 napagent - ok
15:06:42.0373 0x8e88 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:06:42.0413 0x8e88 NativeWifiP - ok
15:06:42.0503 0x8e88 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\windows\system32\drivers\ndis.sys
15:06:42.0553 0x8e88 NDIS - ok
15:06:42.0573 0x8e88 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:06:42.0623 0x8e88 NdisCap - ok
15:06:42.0667 0x8e88 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:06:42.0711 0x8e88 NdisTapi - ok
15:06:42.0731 0x8e88 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:06:42.0781 0x8e88 Ndisuio - ok
15:06:42.0811 0x8e88 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:06:42.0861 0x8e88 NdisWan - ok
15:06:42.0891 0x8e88 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:06:42.0941 0x8e88 NDProxy - ok
15:06:42.0961 0x8e88 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:06:43.0011 0x8e88 NetBIOS - ok
15:06:43.0051 0x8e88 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:06:43.0071 0x8e88 NetBT - ok
15:06:43.0091 0x8e88 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon C:\windows\system32\lsass.exe
15:06:43.0111 0x8e88 Netlogon - ok
15:06:43.0141 0x8e88 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
15:06:43.0201 0x8e88 Netman - ok
15:06:43.0251 0x8e88 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:06:43.0271 0x8e88 NetMsmqActivator - ok
15:06:43.0281 0x8e88 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:06:43.0301 0x8e88 NetPipeActivator - ok
15:06:43.0321 0x8e88 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
15:06:43.0381 0x8e88 netprofm - ok
15:06:43.0441 0x8e88 [ F3A1D8B7317939813568992D1BFDDE37, 816829E4B8DF5C6A2B09685ED45E844D8DE2C2721C90490A2957227025D057A0 ] netr7364 C:\windows\system32\DRIVERS\netr7364.sys
15:06:43.0481 0x8e88 netr7364 - ok
15:06:43.0491 0x8e88 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:06:43.0511 0x8e88 NetTcpActivator - ok
15:06:43.0511 0x8e88 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:06:43.0531 0x8e88 NetTcpPortSharing - ok
15:06:43.0571 0x8e88 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
15:06:43.0591 0x8e88 nfrd960 - ok
15:06:43.0621 0x8e88 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
15:06:43.0661 0x8e88 NlaSvc - ok
15:06:43.0721 0x8e88 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:06:43.0771 0x8e88 Npfs - ok
15:06:43.0801 0x8e88 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
15:06:43.0851 0x8e88 nsi - ok
15:06:43.0861 0x8e88 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:06:43.0901 0x8e88 nsiproxy - ok
15:06:44.0001 0x8e88 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:06:44.0071 0x8e88 Ntfs - ok
15:06:44.0091 0x8e88 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
15:06:44.0141 0x8e88 Null - ok
15:06:44.0181 0x8e88 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:06:44.0231 0x8e88 nvraid - ok
15:06:44.0251 0x8e88 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:06:44.0271 0x8e88 nvstor - ok
15:06:44.0291 0x8e88 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:06:44.0311 0x8e88 nv_agp - ok
15:06:44.0341 0x8e88 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:06:44.0361 0x8e88 ohci1394 - ok
15:06:44.0531 0x8e88 [ 03500C343CEF835CAD0B62C8726A4C62, 76F4C5A3F81F7B59BA8062512773EB30A123288BF9DE515840B510F1E6C42E62 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:06:44.0671 0x8e88 Origin Client Service - ok
15:06:44.0841 0x8e88 [ 9E569623B98A37D5C1B4A6DAF2B16529, A09838AA316CA969EF5C066A6BF7D49F3DC532A01F4CEF2D66122F1234938CF3 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
15:06:44.0921 0x8e88 Origin Web Helper Service - ok
15:06:45.0011 0x8e88 [ 90488CE0BF08D3FCCF090E9A3CD16945, 7ACEACCEDAD2D25CB79689E4F6A2840AACA743ADA078371D7C9225A1C4C12DE3 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:06:45.0031 0x8e88 ose - ok
15:06:45.0301 0x8e88 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:06:45.0541 0x8e88 osppsvc - ok
15:06:45.0593 0x8e88 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:06:45.0623 0x8e88 p2pimsvc - ok
15:06:45.0674 0x8e88 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
15:06:45.0714 0x8e88 p2psvc - ok
15:06:45.0744 0x8e88 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
15:06:45.0764 0x8e88 Parport - ok
15:06:45.0794 0x8e88 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
15:06:45.0804 0x8e88 partmgr - ok
15:06:45.0854 0x8e88 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\windows\System32\pcasvc.dll
15:06:45.0894 0x8e88 PcaSvc - ok
15:06:45.0894 0x8e88 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
15:06:45.0924 0x8e88 pci - ok
15:06:45.0944 0x8e88 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
15:06:45.0964 0x8e88 pciide - ok
15:06:45.0984 0x8e88 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
15:06:46.0004 0x8e88 pcmcia - ok
15:06:46.0014 0x8e88 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
15:06:46.0024 0x8e88 pcw - ok
15:06:46.0064 0x8e88 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:06:46.0124 0x8e88 PEAUTH - ok
15:06:46.0214 0x8e88 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
15:06:46.0234 0x8e88 PerfHost - ok
15:06:46.0304 0x8e88 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
15:06:46.0394 0x8e88 pla - ok
15:06:46.0434 0x8e88 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:06:46.0484 0x8e88 PlugPlay - ok
15:06:46.0524 0x8e88 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:06:46.0534 0x8e88 PNRPAutoReg - ok
15:06:46.0564 0x8e88 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:06:46.0595 0x8e88 PNRPsvc - ok
15:06:46.0635 0x8e88 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:06:46.0675 0x8e88 PolicyAgent - ok
15:06:46.0705 0x8e88 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
15:06:46.0755 0x8e88 Power - ok
15:06:46.0795 0x8e88 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:06:46.0845 0x8e88 PptpMiniport - ok
15:06:46.0865 0x8e88 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
15:06:46.0885 0x8e88 Processor - ok
15:06:46.0925 0x8e88 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
15:06:46.0965 0x8e88 ProfSvc - ok
15:06:46.0975 0x8e88 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\windows\system32\lsass.exe
15:06:46.0995 0x8e88 ProtectedStorage - ok
15:06:47.0035 0x8e88 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:06:47.0085 0x8e88 Psched - ok
15:06:47.0135 0x8e88 PxHlpa64 - ok
15:06:47.0215 0x8e88 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
15:06:47.0285 0x8e88 ql2300 - ok
15:06:47.0315 0x8e88 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
15:06:47.0335 0x8e88 ql40xx - ok
15:06:47.0365 0x8e88 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
15:06:47.0395 0x8e88 QWAVE - ok
15:06:47.0419 0x8e88 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:06:47.0441 0x8e88 QWAVEdrv - ok
15:06:47.0451 0x8e88 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:06:47.0501 0x8e88 RasAcd - ok
15:06:47.0551 0x8e88 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:06:47.0591 0x8e88 RasAgileVpn - ok
15:06:47.0621 0x8e88 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
15:06:47.0663 0x8e88 RasAuto - ok
15:06:47.0703 0x8e88 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:06:47.0753 0x8e88 Rasl2tp - ok
15:06:47.0783 0x8e88 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
15:06:47.0843 0x8e88 RasMan - ok
15:06:47.0863 0x8e88 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:06:47.0913 0x8e88 RasPppoe - ok
15:06:47.0933 0x8e88 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:06:47.0983 0x8e88 RasSstp - ok
15:06:48.0023 0x8e88 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:06:48.0083 0x8e88 rdbss - ok
15:06:48.0103 0x8e88 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
15:06:48.0123 0x8e88 rdpbus - ok
15:06:48.0163 0x8e88 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:06:48.0213 0x8e88 RDPCDD - ok
15:06:48.0243 0x8e88 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:06:48.0293 0x8e88 RDPENCDD - ok
15:06:48.0313 0x8e88 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:06:48.0353 0x8e88 RDPREFMP - ok
15:06:48.0465 0x8e88 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
15:06:48.0495 0x8e88 RdpVideoMiniport - ok
15:06:48.0535 0x8e88 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:06:48.0565 0x8e88 RDPWD - ok
15:06:48.0615 0x8e88 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:06:48.0635 0x8e88 rdyboost - ok
15:06:48.0665 0x8e88 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
15:06:48.0715 0x8e88 RemoteAccess - ok
15:06:48.0745 0x8e88 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:06:48.0805 0x8e88 RemoteRegistry - ok
15:06:48.0905 0x8e88 [ 7CCAEBCAB6FC1ED0206C07E083E79207, 40BFA1BEDFF093652279494EDD397FC094794B76916C2681D0544D6793314DFE ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:06:48.0925 0x8e88 RichVideo - ok
15:06:48.0945 0x8e88 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:06:48.0995 0x8e88 RpcEptMapper - ok
15:06:49.0015 0x8e88 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
15:06:49.0045 0x8e88 RpcLocator - ok
15:06:49.0105 0x8e88 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\windows\system32\rpcss.dll
15:06:49.0135 0x8e88 RpcSs - ok
15:06:49.0175 0x8e88 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:06:49.0225 0x8e88 rspndr - ok
15:06:49.0255 0x8e88 [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
15:06:49.0285 0x8e88 RTL8167 - ok
15:06:49.0367 0x8e88 [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\windows\SysWOW64\drivers\rtport.sys
15:06:49.0375 0x8e88 rtport - ok
15:06:49.0425 0x8e88 [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\windows\system32\Drivers\SABI.sys
15:06:49.0455 0x8e88 SABI - ok
15:06:49.0475 0x8e88 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs C:\windows\system32\lsass.exe
15:06:49.0495 0x8e88 SamSs - ok
15:06:49.0515 0x8e88 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:06:49.0535 0x8e88 sbp2port - ok
15:06:49.0565 0x8e88 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:06:49.0625 0x8e88 SCardSvr - ok
15:06:49.0666 0x8e88 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:06:49.0707 0x8e88 scfilter - ok
15:06:49.0807 0x8e88 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
15:06:49.0877 0x8e88 Schedule - ok
15:06:49.0907 0x8e88 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
15:06:49.0957 0x8e88 SCPolicySvc - ok
15:06:50.0047 0x8e88 [ B60E9769655DDEE8368E3ABB6668E076, EECA05B36C6F837FA6DB2EDD78E17E9EA5F0D793B869CB99A08C61AB485A1E67 ] ScrybeUpdater C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
15:06:50.0097 0x8e88 ScrybeUpdater - ok
15:06:50.0137 0x8e88 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:06:50.0177 0x8e88 SDRSVC - ok
15:06:50.0217 0x8e88 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
15:06:50.0247 0x8e88 secdrv - ok
15:06:50.0277 0x8e88 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\windows\system32\seclogon.dll
15:06:50.0317 0x8e88 seclogon - ok
15:06:50.0337 0x8e88 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
15:06:50.0397 0x8e88 SENS - ok
15:06:50.0419 0x8e88 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
15:06:50.0449 0x8e88 SensrSvc - ok
15:06:50.0489 0x8e88 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
15:06:50.0499 0x8e88 Serenum - ok
15:06:50.0539 0x8e88 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
15:06:50.0559 0x8e88 Serial - ok
15:06:50.0579 0x8e88 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
15:06:50.0599 0x8e88 sermouse - ok
15:06:50.0639 0x8e88 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
15:06:50.0699 0x8e88 SessionEnv - ok
15:06:50.0729 0x8e88 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:06:50.0759 0x8e88 sffdisk - ok
15:06:50.0769 0x8e88 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:06:50.0789 0x8e88 sffp_mmc - ok
15:06:50.0799 0x8e88 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:06:50.0819 0x8e88 sffp_sd - ok
15:06:50.0839 0x8e88 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
15:06:50.0859 0x8e88 sfloppy - ok
15:06:50.0922 0x8e88 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
15:06:50.0952 0x8e88 Sftfs - ok
15:06:51.0022 0x8e88 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:06:51.0052 0x8e88 sftlist - ok
15:06:51.0072 0x8e88 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
15:06:51.0102 0x8e88 Sftplay - ok
15:06:51.0132 0x8e88 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
15:06:51.0162 0x8e88 Sftredir - ok
15:06:51.0182 0x8e88 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
15:06:51.0192 0x8e88 Sftvol - ok
15:06:51.0212 0x8e88 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:06:51.0232 0x8e88 sftvsa - ok
15:06:51.0282 0x8e88 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:06:51.0342 0x8e88 SharedAccess - ok
15:06:51.0392 0x8e88 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:06:51.0452 0x8e88 ShellHWDetection - ok
15:06:51.0472 0x8e88 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
15:06:51.0492 0x8e88 SiSRaid2 - ok
15:06:51.0522 0x8e88 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
15:06:51.0532 0x8e88 SiSRaid4 - ok
15:06:51.0622 0x8e88 [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:06:51.0662 0x8e88 SkypeUpdate - ok
15:06:51.0698 0x8e88 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
15:06:51.0748 0x8e88 Smb - ok
15:06:51.0798 0x8e88 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:06:51.0818 0x8e88 SNMPTRAP - ok
15:06:51.0838 0x8e88 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
15:06:51.0848 0x8e88 spldr - ok
15:06:51.0888 0x8e88 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
15:06:51.0938 0x8e88 Spooler - ok
15:06:52.0088 0x8e88 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
15:06:52.0258 0x8e88 sppsvc - ok
15:06:52.0288 0x8e88 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:06:52.0338 0x8e88 sppuinotify - ok
15:06:52.0388 0x8e88 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\windows\system32\DRIVERS\srv.sys
15:06:52.0440 0x8e88 srv - ok
15:06:52.0470 0x8e88 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:06:52.0500 0x8e88 srv2 - ok
15:06:52.0520 0x8e88 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:06:52.0540 0x8e88 srvnet - ok
15:06:52.0570 0x8e88 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:06:52.0620 0x8e88 SSDPSRV - ok
15:06:52.0630 0x8e88 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
15:06:52.0680 0x8e88 SstpSvc - ok
15:06:52.0740 0x8e88 [ F38232291F05CE25BA1C47FB51EB64CB, 7F72E87D02F3072E0D61D528BEBB8F4BFB6AD67FC94A93745493C9A0907FF435 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
15:06:52.0760 0x8e88 ssudmdm - ok
15:06:52.0780 0x8e88 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
15:06:52.0790 0x8e88 stexstor - ok
15:06:52.0860 0x8e88 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
15:06:52.0910 0x8e88 stisvc - ok
15:06:52.0923 0x8e88 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
15:06:52.0943 0x8e88 swenum - ok
15:06:52.0993 0x8e88 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
15:06:53.0053 0x8e88 swprv - ok
15:06:53.0153 0x8e88 [ 8DF6C536ECE3B538978B53C223AB905D, B8889EF319A4CE2875CDCB28782384F97DD00CC61ACE46BBFCD53E23F386DE32 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:06:53.0203 0x8e88 SynTP - ok
15:06:53.0323 0x8e88 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
15:06:53.0413 0x8e88 SysMain - ok
15:06:53.0443 0x8e88 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
15:06:53.0473 0x8e88 TabletInputService - ok
15:06:53.0503 0x8e88 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
15:06:53.0553 0x8e88 TapiSrv - ok
15:06:53.0663 0x8e88 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:06:53.0745 0x8e88 Tcpip - ok
15:06:53.0805 0x8e88 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:06:53.0875 0x8e88 TCPIP6 - ok
15:06:53.0895 0x8e88 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:06:53.0915 0x8e88 tcpipreg - ok
15:06:53.0945 0x8e88 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:06:53.0965 0x8e88 TDPIPE - ok
15:06:53.0995 0x8e88 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:06:54.0005 0x8e88 TDTCP - ok
15:06:54.0055 0x8e88 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:06:54.0081 0x8e88 tdx - ok
15:06:54.0107 0x8e88 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
15:06:54.0117 0x8e88 TermDD - ok
15:06:54.0177 0x8e88 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
15:06:54.0217 0x8e88 TermService - ok
15:06:54.0247 0x8e88 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
15:06:54.0267 0x8e88 Themes - ok
15:06:54.0297 0x8e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
15:06:54.0347 0x8e88 THREADORDER - ok
15:06:54.0377 0x8e88 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
15:06:54.0427 0x8e88 TrkWks - ok
15:06:54.0487 0x8e88 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:06:54.0537 0x8e88 TrustedInstaller - ok
15:06:54.0567 0x8e88 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:06:54.0577 0x8e88 tssecsrv - ok
15:06:54.0637 0x8e88 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:06:54.0667 0x8e88 TsUsbFlt - ok
15:06:54.0717 0x8e88 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:06:54.0767 0x8e88 tunnel - ok
15:06:54.0797 0x8e88 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
15:06:54.0817 0x8e88 uagp35 - ok
15:06:54.0857 0x8e88 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:06:54.0907 0x8e88 udfs - ok
15:06:54.0941 0x8e88 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
15:06:54.0961 0x8e88 UI0Detect - ok
15:06:54.0981 0x8e88 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:06:55.0001 0x8e88 uliagpkx - ok
15:06:55.0041 0x8e88 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys
15:06:55.0061 0x8e88 umbus - ok
15:06:55.0081 0x8e88 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
15:06:55.0091 0x8e88 UmPass - ok
15:06:55.0121 0x8e88 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
15:06:55.0181 0x8e88 upnphost - ok
15:06:55.0231 0x8e88 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
15:06:55.0241 0x8e88 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:06:55.0341 0x8e88 Detect skipped due to KSN trusted
15:06:55.0341 0x8e88 USBAAPL64 - ok
15:06:55.0401 0x8e88 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
15:06:55.0441 0x8e88 usbaudio - ok
15:06:55.0481 0x8e88 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\windows\system32\drivers\usbccgp.sys
15:06:55.0521 0x8e88 usbccgp - ok
15:06:55.0541 0x8e88 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
15:06:55.0571 0x8e88 usbcir - ok
15:06:55.0611 0x8e88 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\windows\system32\drivers\usbehci.sys
15:06:55.0651 0x8e88 usbehci - ok
15:06:55.0676 0x8e88 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\windows\system32\drivers\usbhub.sys
15:06:55.0706 0x8e88 usbhub - ok
15:06:55.0726 0x8e88 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\windows\system32\drivers\usbohci.sys
15:06:55.0746 0x8e88 usbohci - ok
15:06:55.0786 0x8e88 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:06:55.0806 0x8e88 usbprint - ok
15:06:55.0866 0x8e88 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\windows\system32\DRIVERS\usb80236.sys
15:06:55.0886 0x8e88 usbrndis6 - ok
15:06:55.0916 0x8e88 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\drivers\usbscan.sys
15:06:55.0946 0x8e88 usbscan - ok
15:06:55.0976 0x8e88 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:06:56.0016 0x8e88 USBSTOR - ok
15:06:56.0066 0x8e88 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:06:56.0096 0x8e88 usbuhci - ok
15:06:56.0146 0x8e88 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
15:06:56.0166 0x8e88 usbvideo - ok
15:06:56.0216 0x8e88 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\windows\system32\drivers\usb8023x.sys
15:06:56.0236 0x8e88 usb_rndisx - ok
15:06:56.0266 0x8e88 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
15:06:56.0316 0x8e88 UxSms - ok
15:06:56.0326 0x8e88 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc C:\windows\system32\lsass.exe
15:06:56.0346 0x8e88 VaultSvc - ok
15:06:56.0366 0x8e88 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:06:56.0386 0x8e88 vdrvroot - ok
15:06:56.0434 0x8e88 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
15:06:56.0524 0x8e88 vds - ok
15:06:56.0554 0x8e88 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:06:56.0594 0x8e88 vga - ok
15:06:56.0604 0x8e88 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
15:06:56.0654 0x8e88 VgaSave - ok
15:06:56.0694 0x8e88 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:06:56.0714 0x8e88 vhdmp - ok
15:06:56.0744 0x8e88 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
15:06:56.0754 0x8e88 viaide - ok
15:06:56.0794 0x8e88 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:06:56.0804 0x8e88 volmgr - ok
15:06:56.0834 0x8e88 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:06:56.0864 0x8e88 volmgrx - ok
15:06:56.0884 0x8e88 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
15:06:56.0914 0x8e88 volsnap - ok
15:06:56.0955 0x8e88 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
15:06:56.0976 0x8e88 vsmraid - ok
15:06:57.0066 0x8e88 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
15:06:57.0166 0x8e88 VSS - ok
15:06:57.0176 0x8e88 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:06:57.0196 0x8e88 vwifibus - ok
15:06:57.0236 0x8e88 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:06:57.0256 0x8e88 vwififlt - ok
15:06:57.0296 0x8e88 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
15:06:57.0316 0x8e88 vwifimp - ok
15:06:57.0356 0x8e88 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
15:06:57.0416 0x8e88 W32Time - ok
15:06:57.0436 0x8e88 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
15:06:57.0456 0x8e88 WacomPen - ok
15:06:57.0496 0x8e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:06:57.0546 0x8e88 WANARP - ok
15:06:57.0556 0x8e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:06:57.0606 0x8e88 Wanarpv6 - ok
15:06:57.0737 0x8e88 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
15:06:57.0797 0x8e88 WatAdminSvc - ok
15:06:57.0887 0x8e88 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
15:06:57.0967 0x8e88 wbengine - ok
15:06:58.0007 0x8e88 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:06:58.0047 0x8e88 WbioSrvc - ok
15:06:58.0077 0x8e88 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
15:06:58.0117 0x8e88 wcncsvc - ok
15:06:58.0127 0x8e88 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:06:58.0157 0x8e88 WcsPlugInService - ok
15:06:58.0197 0x8e88 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
15:06:58.0207 0x8e88 Wd - ok
15:06:58.0277 0x8e88 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:06:58.0317 0x8e88 Wdf01000 - ok
15:06:58.0359 0x8e88 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
15:06:58.0389 0x8e88 WdiServiceHost - ok
15:06:58.0389 0x8e88 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
15:06:58.0409 0x8e88 WdiSystemHost - ok
15:06:58.0459 0x8e88 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\windows\System32\webclnt.dll
15:06:58.0489 0x8e88 WebClient - ok
15:06:58.0519 0x8e88 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
15:06:58.0569 0x8e88 Wecsvc - ok
15:06:58.0589 0x8e88 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
15:06:58.0639 0x8e88 wercplsupport - ok
15:06:58.0669 0x8e88 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
15:06:58.0719 0x8e88 WerSvc - ok
15:06:58.0759 0x8e88 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:06:58.0809 0x8e88 WfpLwf - ok
15:06:58.0819 0x8e88 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:06:58.0829 0x8e88 WIMMount - ok
15:06:58.0859 0x8e88 WinDefend - ok
15:06:58.0879 0x8e88 WinHttpAutoProxySvc - ok
15:06:58.0959 0x8e88 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:06:59.0019 0x8e88 Winmgmt - ok
15:06:59.0159 0x8e88 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\windows\system32\WsmSvc.dll
15:06:59.0249 0x8e88 WinRM - ok
15:06:59.0299 0x8e88 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
15:06:59.0319 0x8e88 WinUsb - ok
15:06:59.0369 0x8e88 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
15:06:59.0429 0x8e88 Wlansvc - ok
15:06:59.0589 0x8e88 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:06:59.0679 0x8e88 wlidsvc - ok
15:06:59.0711 0x8e88 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
15:06:59.0721 0x8e88 WmiAcpi - ok
15:06:59.0761 0x8e88 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:06:59.0781 0x8e88 wmiApSrv - ok
15:06:59.0811 0x8e88 WMPNetworkSvc - ok
15:06:59.0841 0x8e88 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
15:06:59.0861 0x8e88 WPCSvc - ok
15:06:59.0891 0x8e88 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:06:59.0911 0x8e88 WPDBusEnum - ok
15:06:59.0951 0x8e88 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:07:00.0001 0x8e88 ws2ifsl - ok
15:07:00.0021 0x8e88 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
15:07:00.0051 0x8e88 wscsvc - ok
15:07:00.0051 0x8e88 WSearch - ok
15:07:00.0191 0x8e88 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\windows\system32\wuaueng.dll
15:07:00.0311 0x8e88 wuauserv - ok
15:07:00.0351 0x8e88 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:07:00.0381 0x8e88 WudfPf - ok
15:07:00.0423 0x8e88 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:07:00.0443 0x8e88 WUDFRd - ok
15:07:00.0473 0x8e88 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:07:00.0493 0x8e88 wudfsvc - ok
15:07:00.0533 0x8e88 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
15:07:00.0563 0x8e88 WwanSvc - ok
15:07:00.0623 0x8e88 [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
15:07:00.0674 0x8e88 yukonw7 - ok
15:07:00.0724 0x8e88 ================ Scan global ===============================
15:07:00.0764 0x8e88 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
15:07:00.0814 0x8e88 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\windows\system32\winsrv.dll
15:07:00.0834 0x8e88 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\windows\system32\winsrv.dll
15:07:00.0864 0x8e88 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
15:07:00.0904 0x8e88 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
15:07:00.0914 0x8e88 [ Global ] - ok
15:07:00.0924 0x8e88 ================ Scan MBR ==================================
15:07:00.0944 0x8e88 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
15:07:01.0491 0x8e88 \Device\Harddisk0\DR0 - ok
15:07:01.0491 0x8e88 ================ Scan VBR ==================================
15:07:01.0511 0x8e88 [ 1903235E4F91EA67559C52D72A84AE6C ] \Device\Harddisk0\DR0\Partition1
15:07:01.0511 0x8e88 \Device\Harddisk0\DR0\Partition1 - ok
15:07:01.0521 0x8e88 [ 0D462FEC3148E551C149BB81F907623E ] \Device\Harddisk0\DR0\Partition2
15:07:01.0521 0x8e88 \Device\Harddisk0\DR0\Partition2 - ok
15:07:01.0551 0x8e88 [ 6202FAD8FF7BB13FDAA20B690D8F2A68 ] \Device\Harddisk0\DR0\Partition3
15:07:01.0551 0x8e88 \Device\Harddisk0\DR0\Partition3 - ok
15:07:01.0551 0x8e88 ================ Scan generic autorun ======================
15:07:01.0551 0x8e88 SynTPEnh - ok
15:07:01.0591 0x8e88 [ 358918CCA96AC65CFEA2C271C7B0D4ED, C6A844A2E8DB7A903C7F6B9E7B2A9B60C2B00E4D47A93BCD6EA8A6D2EE10885F ] C:\windows\system32\igfxtray.exe
15:07:01.0611 0x8e88 IgfxTray - ok
15:07:01.0631 0x8e88 [ 77645F69474E1892FEE1612E9D013E09, 6B5D2D3E16BFFE7F260382DC5A182545FB1BFBA81FB3D2FD0433B66BBE159BA7 ] C:\windows\system32\igfxpers.exe
15:07:01.0661 0x8e88 Persistence - ok
15:07:02.0141 0x8e88 [ 8667556E9A094E935212693AD05098E3, 86732B42130EA18D3CA2B38A7120A2EFE7D52689ABD50AE59A6968316450111F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:07:02.0672 0x8e88 RtHDVCpl - ok
15:07:02.0742 0x8e88 [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
15:07:02.0762 0x8e88 iTunesHelper - ok
15:07:02.0842 0x8e88 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
15:07:02.0862 0x8e88 UpdateLBPShortCut - ok
15:07:02.0912 0x8e88 [ 54FA8528EDA1B6B34615F4EA3FCB35E6, B078821475D6FDED19579A487484D0752DC6E1AA0D1ACA71353C743B00291C61 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
15:07:02.0922 0x8e88 CLMLServer - ok
15:07:02.0962 0x8e88 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
15:07:02.0972 0x8e88 UpdateP2GoShortCut - ok
15:07:03.0042 0x8e88 [ AAD52179D4A526AD4A705B87C6E4F72A, 0015F316DD2E73D5D2434DAC7CAB47050B21BF8CAE23482302A0E1982EF8A3BD ] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
15:07:03.0062 0x8e88 UpdatePDRShortCut - ok
15:07:03.0102 0x8e88 [ 28FD28A29C637C9AFEFE0A26E27C6DFE, A490ADCD7BC9863B6E8773CADFDE6CA58A0743CD64C39D14AF380B18ABDEC003 ] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
15:07:03.0122 0x8e88 RemoteControl8 - ok
15:07:03.0142 0x8e88 [ F8270CFD51F9D6BF42140FA4071C83FE, B7AAF6B13C01CB6B94DEABBDD40249A6D298DD4BCBE2921D8E332F88ED3B754A ] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe
15:07:03.0152 0x8e88 PDVD8LanguageShortcut - ok
15:07:03.0233 0x8e88 [ 9ACFD9D5E12D849B28C78FED6D620EB3, 203D1EECFB44BA7D3936AAA2280B1D88207BA7655AB735C17BF9F3AAF3D8A803 ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
15:07:03.0243 0x8e88 UpdatePPShortCut - ok
15:07:03.0313 0x8e88 [ 82A3031F7FAA61CB5E040B0D98A104AF, 5EB990BACE18112658208F517EE2E635DBD00A06380DD9DAB253556C980DEA99 ] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
15:07:03.0343 0x8e88 UpdatePSTShortCut - ok
15:07:03.0393 0x8e88 [ 96E1AFDEBDE3D1672302D03D00F483BE, 6148234F1E5D6A4F6E33F29B28C1D6D6BCD5B0253EC7671D098E85FF944412DC ] C:\Program Files (x86)\Winamp\winampa.exe
15:07:03.0413 0x8e88 WinampAgent - ok
15:07:03.0493 0x8e88 [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:07:03.0503 0x8e88 APSDaemon - ok
15:07:03.0643 0x8e88 [ D713106D059C67888CD5F5A862059D7B, 5F9344DA3AE43EEAFAC9E662DF380D77730DEE0AFE8DA31ED7C654E86BE196E5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:07:03.0693 0x8e88 avgnt - ok
15:07:03.0783 0x8e88 [ 356BD2D8FF8AA1283D3BBF875A696605, 0D9295B0E109808E28EEB58B72C5BCA64EF8F7C95F3D5D0D5FEB46BB8FA2BE92 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
15:07:03.0803 0x8e88 KiesTrayAgent - ok
15:07:03.0893 0x8e88 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:07:03.0923 0x8e88 SunJavaUpdateSched - ok
15:07:03.0973 0x8e88 [ B69B3F28C5DB496202C88F5A181640AC, 6ECD6DCFE27A043457BA910289849534ED9D173856DAF694687366E1A2C7A135 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:07:03.0993 0x8e88 Avira SystrayStartTrigger - ok
15:07:04.0183 0x8e88 [ E00A312D1E7E8BD5ED90EFAFC4A2A691, A8756BB2AF15D8EDBA00D608B58C100BBA7E51390937AA61FCA92D662383BB80 ] C:\Program Files\Rainlendar2\Rainlendar2.exe
15:07:04.0393 0x8e88 Rainlendar2 - detected UnsignedFile.Multi.Generic ( 1 )
15:07:04.0503 0x8e88 Detect skipped due to KSN trusted
15:07:04.0503 0x8e88 Rainlendar2 - ok
15:07:04.0503 0x8e88 Waiting for KSN requests completion. In queue: 105
15:07:05.0521 0x8e88 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.23.58 ), 0x41000 ( enabled : updated )
15:07:05.0531 0x8e88 Win FW state via NFP2: enabled ( trusted )
15:07:05.0601 0x8e88 ============================================================
15:07:05.0601 0x8e88 Scan finished
15:07:05.0601 0x8e88 ============================================================
15:07:05.0611 0x8e94 Detected object count: 0
15:07:05.0611 0x8e94 Actual detected object count: 0
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
28.11.2016, 16:01
| #10 |
| /// TB-Ausbilder | Vorgang written im Speicher konnte nicht.. Servus, Java bitte vorerst über die Systemsteuerung deinstallieren. Scan mit Combofix
|
|
28.11.2016, 16:06
| #11 |
| | Vorgang written im Speicher konnte nicht.. Java hat sich heut mittag upgedade trotzdem weg und combofix?
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
28.11.2016, 16:09
| #12 | |
| /// TB-Ausbilder | Vorgang written im Speicher konnte nicht..Zitat:
Wir versuchen nur ComboFix.  |
|
28.11.2016, 16:11
| #13 |
| | Vorgang written im Speicher konnte nicht.. Oi bin gegen 19.30 zuhause dann combofix Ich bekam heut auch die Meldung das irgendwas error bei java ist
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
28.11.2016, 21:14
| #14 |
| | Vorgang written im Speicher konnte nicht.. Das wurde gefunden log kommt gleich arbeitet noch
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
28.11.2016, 21:20
| #15 |
| | Vorgang written im Speicher konnte nicht.. hier log combofix Code:
ATTFilter ComboFix 16-11-13.01 - oliver 28.11.2016 21:01:17.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3893.2466 [GMT 1:00]
ausgeführt von:: c:\users\oliver\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\oliver\107.nzb
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\ntsvc.oca
.
c:\windows\SysWow64\drivers\ntfs.sys . . . ist infiziert!!
.
.
((((((((((((((((((((((( Dateien erstellt von 2016-10-28 bis 2016-11-28 ))))))))))))))))))))))))))))))
.
.
2016-11-28 20:14 . 2016-11-28 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-28 12:15 . 2016-11-28 12:13 110144 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2016-11-27 10:06 . 2016-11-27 10:13 -------- d-----w- C:\FRST
2016-11-09 22:20 . 2016-11-09 22:21 -------- d-----w- c:\users\oliver\AppData\Local\Facebook
2016-11-09 11:03 . 2016-10-27 18:28 25763328 ----a-w- c:\windows\system32\mshtml.dll
2016-11-09 11:03 . 2016-10-27 17:17 15257088 ----a-w- c:\windows\system32\ieframe.dll
2016-11-09 11:03 . 2016-10-27 18:19 6047744 ----a-w- c:\windows\system32\jscript9.dll
2016-11-09 11:03 . 2016-10-22 16:44 4608000 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-11-09 11:03 . 2016-10-27 17:16 2920448 ----a-w- c:\windows\system32\wininet.dll
2016-11-09 11:01 . 2016-08-22 16:19 1386496 ----a-w- c:\windows\system32\diagtrack.dll
2016-11-02 22:23 . 2016-11-12 06:12 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-11-02 22:23 . 2016-11-12 06:12 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-10-30 06:28 . 2016-10-30 06:28 29432 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2016-10-30 06:25 . 2016-10-30 06:25 380192 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2016-10-30 06:18 . 2016-10-30 06:18 209104 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-28 12:13 . 2015-02-10 10:36 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-11-28 12:11 . 2016-02-10 11:45 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-11-09 20:05 . 2011-07-10 18:07 141011376 -c--a-w- c:\windows\system32\MRT.exe
2016-11-02 12:18 . 2013-03-30 09:29 177432 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2016-10-30 19:48 . 2013-09-25 09:49 2946752 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-10-07 20:52 . 2016-10-07 20:52 89328 ----a-w- c:\windows\system32\vcruntime140.dll
2016-10-07 20:52 . 2016-10-07 20:52 85744 ----a-w- c:\windows\SysWow64\vcruntime140.dll
2016-10-07 20:52 . 2016-10-07 20:52 443632 ----a-w- c:\windows\SysWow64\msvcp140.dll
2016-10-07 20:52 . 2016-10-07 20:52 394496 ----a-w- c:\windows\system32\vccorlib140.dll
2016-10-07 20:52 . 2016-10-07 20:52 334608 ----a-w- c:\windows\system32\concrt140.dll
2016-10-07 20:49 . 2016-10-07 20:49 639728 ----a-w- c:\windows\system32\msvcp140.dll
2016-10-07 20:49 . 2016-10-07 20:49 244504 ----a-w- c:\windows\SysWow64\concrt140.dll
2016-10-07 20:45 . 2016-10-07 20:45 271112 ----a-w- c:\windows\SysWow64\vccorlib140.dll
2016-10-07 16:58 . 2016-10-07 17:00 31720 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2016-10-07 16:58 . 2013-03-30 09:29 145536 ----a-w- c:\windows\system32\drivers\avipbb.sys
2016-10-07 15:12 . 2016-11-09 11:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-09-12 21:17 . 2016-10-11 18:00 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-09-12 21:08 . 2016-10-11 18:02 107520 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 21:08 . 2016-10-11 18:00 1226752 ----a-w- c:\windows\system32\aeinv.dll
2016-09-12 20:49 . 2016-10-11 18:02 76800 ----a-w- c:\windows\SysWow64\adsmsext.dll
2016-09-12 19:08 . 2016-10-11 18:02 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-09-12 18:43 . 2016-10-11 18:02 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-09-12 18:43 . 2016-10-11 18:02 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-09-09 15:54 . 2016-10-11 18:00 586752 ----a-w- c:\windows\system32\generaltel.dll
2016-09-09 15:54 . 2016-10-11 18:00 314368 ----a-w- c:\windows\system32\invagent.dll
2016-09-09 15:54 . 2016-10-11 18:00 575488 ----a-w- c:\windows\system32\devinv.dll
2016-09-09 15:54 . 2016-10-11 18:00 273408 ----a-w- c:\windows\system32\centel.dll
2016-09-09 15:54 . 2016-10-11 18:00 224256 ----a-w- c:\windows\system32\aepic.dll
2016-09-09 15:54 . 2016-10-11 18:00 1629184 ----a-w- c:\windows\system32\appraiser.dll
2016-09-09 15:54 . 2016-10-11 18:00 129024 ----a-w- c:\windows\system32\acmigration.dll
2016-09-08 20:34 . 2016-10-11 18:02 263680 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-11 18:02 108544 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 20:34 . 2016-10-11 18:02 208896 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-09-08 20:34 . 2016-10-11 18:02 87040 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-09-08 14:55 . 2016-10-11 18:02 142336 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:55 . 2016-10-11 18:02 106496 ----a-w- c:\windows\system32\drivers\dfsc.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2012-12-29 4359680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2013-12-13 85600]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2016-11-02 916072]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-05-28 310064]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2016-11-15 60136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64;c:\program files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys;c:\windows\SYSNATIVE\Drivers\MHIKEY10x64.sys [x]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ScrybeUpdater;Scrybe-Updateprogramm;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-16 01:35 1364072 ----a-w- c:\program files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55 322232 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2016-11-26 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-12 06:12]
.
2016-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-02 06:12]
.
2016-11-28 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2016-06-15 14:51]
.
2016-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-04 20:58]
.
2016-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-04 20:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-10-30 16:12 2850608 ----a-w- c:\program files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-10-30 16:12 2850608 ----a-w- c:\program files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-10-30 16:12 2850608 ----a-w- c:\program files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-28 161304]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-28 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-07 12558440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 169768]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.t-onlin.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-11-28 21:19:36
ComboFix-quarantined-files.txt 2016-11-28 20:19
.
Vor Suchlauf: 10 Verzeichnis(se), 61.589.815.296 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 61.289.115.648 Bytes frei
.
- - End Of File - - 6ADEFC15B7952BCFCE102F3F57DD37E2
__________________ Ich glaube ich habe einen Tinnitus auf den Augen Ich sehe nur Pfeiffen... |
|
| Themen zu Vorgang written im Speicher konnte nicht.. |
| ausgeführt, dauert, erkannt, erschein, erscheint, fehlermeldung, hoffe, konnte, langsam, laptop, minute, minuten, nicht, nicht erkannt, nullen, schnell, sehr langsam, speicher, stunde, stunden, tagen, vorgang, web, zahlen, ändern |
Linear-Darstellung
