Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen (https://www.trojaner-board.de/160517-win7-spammails-adressen-nur-meinen-adressbuechern-zusammenkommen.html)

zapf 07.11.2014 23:41
Win7 - SPAMmails von und an Adressen die NUR in meinen Adressbuechern zusammenkommen
 
Liste der Anhänge anzeigen (Anzahl: 2)
:)
Zur Erklärung der Rechnername "KING OF VIENNA" stammt nicht von mir!!


Verdachtserregendes Symptom:
-----------------------------
(warum ich glaube, daß malware aktiv ist)
-----------------------------------------
Ich verwende für email "thebat" in der letzten 4er Version (ja ist etwas alt geb ich zu) unter win7.
Gestern Abend kamen auf 3 voneinander unabhängigen email-konten (aon.at, yahoo.de, mein webhoster) bei der POP-Abfrage emails herein, die einen Absender (3x derselbe) aus meinem Adressbuch hatten + offensichtlicher Spam waren mit einem vermutlich schädlichen link + und eines der mails war sogar als gesendet über eine email-liste gekennzeichnet [im Betreff] (hab inzwischen beim webhoster im webmail die Nachricht auch gefunden - die ging tatsächlich übers netz - war nicht nur lokal auf meinem Rechner in die POP-Abfrage eingeschleust), einer Liste die ziemlich exotisch ist und mit der vorgegebenen Absenderin garnix zu tun hat. Die angebliche Absenderin hat noch nie von dieser email-liste gehört und kennt auch meine 2 anderen email-Adressen nicht (ist eine kleine Liste ehemaliger Studenten einer Studienrichtung an einer Uni in Wien - die angeblich sendende Freundin hat von der erwartungsemäss nochnie gehört und auch von meinen anderen beiden email-adressen nicht - also die Informationen kommen nur auf meinem Rechner zusammen und daher bin ich mir recht sicher, dass auf meinem Rechner malware aktiv ist.
Wenn irgendwer/was in den Rechner/Account der angeblichen Absenderin eingedrungen wär - dann wärs so gut wie ausgeschlossen dass damit über diese sehr spezifische email-liste was verschickt wird. Geschweige dem dass noch dazu an 2 weitere meiner accounts (auf die sie glaub ich garnicht kennt) ein gleichartiges mail gleichzeitig auch von Ihrer Adresse geht.

Da die Verbindung der 3 mails also (abgesehen vom gleichzeitigen auftreten) an meine Konten gingen die wohl nur in meinem lokalen "the bat" zusammenkommen (glaub kaum dassirgendwer mir schon auf alle 3 dieser Adressen gemailt hat) - fürchte ich, dass das nur erklärbar ist mit einer Malware die Zugang zu meinem lokalen email-Programm, "the bat" hat. Die 3 emailadressen verwende ich ganz unabhängig voneinander und eines davon wurde auch schon etwas länger (Tage/wochen?) nciht abgefragt, oder genutzt. Oder könnte irgendwas in die Kommunikation zwischen dem Programm "the bat" und dem Internet eingedrungen sein? Inzwischen halt ich es für unwahrscheinlich, dass die malware, nur in die Kommunikation (POP) von "the bat" eingreift, da ich grad eine der mails auch per webinterface direkt auf dem mailserver gelesen habe (die beiden anderen Konten kann ich derzeit nicht pruefen weil mir grad die passwoerter fehlen).

Wundern tut mich, dass "the bat" angegriffen wird, da das ja ein sehr wenig verbreitetes Programm ist.
Allerdings liessen sich die verwendeten email-Adressen wohl auch auf 2 weniger spezifische Wege auf meinem Rechner abgreifen:
1) Speichert "the bat" diese Daten wohl im Klartext auf der Platte
2) hab ich wohl die Adress-listen auch gelegentlich als Klartext auf der Platte gesichert.


Weiteres erwähnenswertes Verhalten:
-----------------------------------
(GMER scannt irgendwas schon beim Start bevor es überhaupt möglich ist Hakerln zu setzen oder wegzunehmen, oder einen Button zu klicken - fuer ca. 1 Minute. Ichnehm an das gehört so?)

BLUESCREEN:
Nachdem der erste Versuch mit GMER schon mehr als 10 min gedauert hatte, bin ich weggegangen - ca. 3 Stunden kam ich zu einem Bluescreen zurück.
Nach neuem Hochfahren lief GMER (ca. eine halbe Stunde) und meldete auch erfolgreichen Abschluss.
Gespeichertes LOG häng ich hier an.
Ich lass den Rechner jetzt laufen und schau ob der nach ein paar Stunden wieder einen Bluescreen zeigt (könnt ja auch beim Versuch führen in den Energiesparmodus zu gehen oder ähnliches...)
JA Bluescreen kam nochmal - mit unterschiedlichem STOP-Code - siehe JPG attachments.
Jetzt veruch ich nochmal die Zeit bis Energiesparen kürzer anzusetzen und zuzuschauen.
edit: Hat jetzt 2x funktioniert, dass der Rechner in Energiesparmodus geht und ich ihn wieder aufwecke.
Jetzt lass ich ihn einfach untätig laufen und schaue ob dabei ein Bluescreen kommt.
--- in den 2 Fällen siehe JPG Attachments:
BCCode: 109 0x00000109
Bug Check 0x109: CRITICAL_STRUCTURE_CORRUPTION
The CRITICAL_STRUCTURE_CORRUPTION bug check has a value of 0x00000109. This indicates that the kernel has detected critical kernel code or data corruption.
---
"0x0000009F" Stop-Fehler in Windows 7 oder Windows Server 2008 R2, wenn der Computer ein oder aus dem Energiestatus (S5) schaltet.


Erster Versuch mit desinfect lieferte nix:
------------------------------------------
desinfect:
hab das 2014-12 jetzt mit standardeinstellungen und avira + bitdefender drüberlaufen lassen - findet nix.
Ich werds jetzt mit ca. 16 Stunden Verzögerung und somit aktuelleren Virendateien nochmal starten.
War aber auch nix.

Möglichkeiten was zu tun:
-------------------------
Ich könnt in Win7 noch den MRT (Malicious Software Removal Tool) von Microsoft selbst innerhalb Windows laufen lassen (sucht das eigentlich auch nach Spuren von Malware in den Austostarts / Registry / etc ?). Allerdigns ist die aktuelle Version schon alt (jeweils am 2. Dienstag im Monat kommt das neue raus).

Hat hier irgendwer noch Ideen wie ich den Rechner überprüfen kann? Oder was die Ursache sein könnte. Vielleicht irre ich mich ja in meinen Annahmen.


DANKE

War leider zu lang - ich musste das GMER-Log als Attachment anhängen:


defogger:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:41 on 07/11/2014 (KING OF VIENNA)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-

FRST:
[CODE]

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by KING OF VIENNA (administrator) on KINGOFVIENNA-PC on 07-11-2014 17:44:48
Running from C:\Users\KING OF VIENNA\Downloads\Desktop\malware check 2014-11-07
Loaded Profile: KING OF VIENNA (Available profiles: KING OF VIENNA & WDTV)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Dropbox, Inc.) C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Scooter Software) C:\Program Files (x86)\Beyond Compare 3\BCompare.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Users\KING OF VIENNA\Downloads\Desktop\malware check 2011-11-07\FRST64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103576 2012-06-09] (VMware, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\MobileWiFi\MobileWiFi
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e37e-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e389-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e3aa-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1331e435-70ab-11e3-ac84-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {1e2fad77-a28f-11e2-a05b-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29cdf6-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29cdf8-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29cdfe-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce02-67d3-11e3-9b63-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce08-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce26-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {8a29ce40-67d3-11e3-9b63-005056c00008} - I:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {bfe79ea3-9ff4-11e2-bfb7-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {d8032bda-a247-11e2-bddd-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac7a-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac91-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac94-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {dd10ac99-a240-11e2-9974-005056c00008} - G:\AutoRun.exe
HKU\S-1-5-21-2587909452-1153870455-2939713168-1000\...\MountPoints2: {e1801c9e-2cf0-11e4-8fce-005056c00008} - G:\AutoRun.exe
Startup: C:\Users\KING OF VIENNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
URLSearchHook: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {98CF2D9A-B59C-4D04-89D1-F2BC8C414A80} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {98CF2D9A-B59C-4D04-89D1-F2BC8C414A80} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-11-13] (EasyBits Software Corp.)
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.4 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\amazon-oesterreich.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\ebayat-durchsuchen.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Session Manager - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-12-11]
FF Extension: NoScript - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-11]
FF Extension: Adblock Plus - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-11]
FF Extension: DownThemAll! - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\vka82qzr.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-11]
FF Extension: Save Complete - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\savecomplete@perlprogrammer.com [2010-07-20]
FF Extension: WOT - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-15]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-09]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-06-17]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\ux0fh64l.working 2010-07\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-15]
FF Extension: Firebug - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\l4augfjv.dwnld 2010-07\Extensions\firebug@software.joehewitt.com [2010-08-12]
FF Extension: FlashGot - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\l4augfjv.dwnld 2010-07\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-09-15]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\l4augfjv.dwnld 2010-07\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-09-23]
FF Extension: Session Manager - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\mc4zw8ji.small\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2011-02-21]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\mc4zw8ji.small\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-02-21]
FF Extension: Adblock Plus - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\mc4zw8ji.small\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-01-18]
FF Extension: DownloadHelper - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-02]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\imageblock@hemantvats.com.xpi [2013-04-11]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-04-10]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2011-09-12]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-11-03]
FF Extension: StumbleUpon - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-08-01]
FF Extension: Adblock Plus - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-27]
FF Extension: DownThemAll! - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\3lfftrm4.klein 2011-02\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-11]
FF Extension: Show Picture - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\LDshowpicture_plashcor@gmail.com [2014-08-26]
FF Extension: Flashblock - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\imageblock@hemantvats.com.xpi [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\jid0-W5zY771zDsu5o7dTJ8KHm38w1xs@jetpack.xpi [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-11-03]
FF Extension: NoScript - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-29]
FF Extension: No Name - C:\Users\KING OF VIENNA\AppData\Roaming\Mozilla\Firefox\Profiles\9ywbkdoj.MOBILE - CR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010-07-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-09]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2011-02-22] (PC Tools)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-06-08] (VMware, Inc.) [File not signed]
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-06-09] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-17] (DT Soft Ltd)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [26200 2010-12-23] (JMicron Technology Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
R3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
R1 truecrypt; C:\Windows\SysWow64\drivers\truecrypt.sys [222160 2010-07-18] (TrueCrypt Foundation)
S3 ALSysIO; \??\C:\Users\KINGOF~1\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 17:43 - 2014-11-07 17:45 - 00000000 ____D () C:\FRST
2014-11-07 17:41 - 2014-11-07 17:41 - 00000168 _____ () C:\Users\KING OF VIENNA\defogger_reenable
2014-11-02 16:08 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-11-02 16:08 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-11-02 16:08 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-02 16:08 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-02 16:04 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-02 16:04 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 13:11 - 2014-10-17 13:11 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\JAM Software
2014-10-15 10:56 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:55 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:55 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:54 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:54 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:54 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:54 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:54 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:54 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:54 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:54 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:54 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:54 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:54 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:54 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:54 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:54 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:54 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:54 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:54 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:54 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:54 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:54 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:54 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:54 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:54 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:54 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:54 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:54 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:54 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:54 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:54 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:54 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:54 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:54 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:54 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:54 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:54 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:54 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:54 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:54 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:54 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:54 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:54 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:54 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:54 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:54 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:54 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:54 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:54 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:54 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:54 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:54 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:54 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:54 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:54 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:54 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:54 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:54 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:53 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:53 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:53 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 10:52 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:52 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:52 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:52 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:52 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:52 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:52 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:52 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:52 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 17:41 - 2010-04-16 00:17 - 00000000 ____D () C:\Users\KING OF VIENNA
2014-11-07 17:40 - 2009-07-14 05:51 - 00782346 _____ () C:\Windows\setupact.log
2014-11-07 17:24 - 2010-01-24 01:18 - 01185861 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 14:02 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 14:02 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 13:55 - 2010-07-18 15:18 - 00000000 ____D () C:\ProgramData\VMware
2014-11-07 13:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 13:51 - 2009-07-14 05:45 - 04998328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-06 02:54 - 2010-11-04 16:20 - 00000000 ___RD () C:\Users\KING OF VIENNA\Documents\My Dropbox
2014-11-06 02:52 - 2010-07-26 16:53 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\vlc
2014-11-06 02:40 - 2010-07-22 00:34 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\Skype
2014-11-05 13:52 - 2011-03-29 03:03 - 00000000 ____D () C:\Program Files (x86)\ThreatFire
2014-11-04 17:56 - 2010-07-19 14:13 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\VoipBuster
2014-11-03 12:06 - 2009-11-13 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-03 11:58 - 2013-08-08 23:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-03 11:51 - 2010-07-19 08:54 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-02 12:30 - 2012-04-27 13:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-02 12:30 - 2011-05-18 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-02 12:30 - 2010-07-18 20:24 - 00000000 ____D () C:\tbat
2014-11-02 12:28 - 2014-06-12 12:54 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Local\Adobe
2014-11-02 12:26 - 2010-11-04 16:19 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox
2014-11-01 20:59 - 2012-01-21 03:18 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Roaming\BOM
2014-10-30 12:25 - 2010-04-16 14:13 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 17:23 - 2010-07-29 12:06 - 00001456 _____ () C:\Users\KING OF VIENNA\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-10-24 19:08 - 2010-08-03 11:08 - 00000000 ____D () C:\Users\KING OF VIENNA\AppData\Local\CrashDumps

Files to move or delete:
====================
C:\Users\Public\installer.exe
C:\Users\Public\Lightroom_3_LS11_win_3_2.exe


Some content of TEMP:
====================
C:\Users\KING OF VIENNA\AppData\Local\Temp\bitool.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcop66g.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\Extract.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\f0sdhpwm.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\HPQSi.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\InstallAX.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\InstallPlugin.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\ose00000.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\ResetDevice.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\Resource.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\setupa2.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\SetupAC.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\sfamcc00001.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\sfextra.dll
C:\Users\KING OF VIENNA\AppData\Local\Temp\SkypeSetup.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\SP47470.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\SP48392.exe
C:\Users\KING OF VIENNA\AppData\Local\Temp\UninstallHPTCA.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-02-01 19:56

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---




Addition:
[CODE]
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by KING OF VIENNA at 2014-11-07 17:46:18
Running from C:\Users\KING OF VIENNA\Downloads\Desktop\malware check 2014-11-07
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe CS5 German Speech Analysis Models (HKLM-x32\...\{4355EE3F-2FDD-4EF4-83EA-2465FBF95B16}) (Version: 1 - Adobe Systems Incorporated)
Adobe Encore CS5 Third Party Royalty Content (HKLM-x32\...\{0E3C6C75-872D-4B0D-B0B2-31C717250691}) (Version: 5.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Media Encoder CS5 Dolby X64 (HKLM-x32\...\{5DDABB74-A879-4BE7-A4C6-FD41793942DB}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS5 PCI X64 (HKLM-x32\...\{F9C71630-0EE3-475C-9E2B-ED95AE197DBD}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe OnLocation CS5 Royalty Content (HKLM-x32\...\{5AF84E15-9A23-4295-8508-F2901A923E83}) (Version: 5.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe)
Adobe Premiere Pro CS5 Third Party Royalty Content (HKLM-x32\...\{235B2E58-96B8-475E-B7C2-0FA89135E964}) (Version: 5.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.7.609 - Adobe Systems, Inc.)
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Beyond Compare Version 3.2.3 (HKLM-x32\...\BeyondCompare3_is1) (Version:  - Scooter Software)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.9 (HKLM-x32\...\DPP) (Version: 3.9.2.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.21 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HD Tune Pro 4.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HOFER Bestellclient 4.6 (HKLM-x32\...\HOFER Bestellclient) (Version: 4.6 - ORWO Net)
HP 3D DriveGuard (HKLM\...\{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3402 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.1.2125 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.1.2206 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3405 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HWiNFO32 Version 3.55 (HKLM-x32\...\HWiNFO32_is1) (Version: 3.55 - Martin Malík - REALiX)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
inSSIDer (HKLM-x32\...\{C7DEE429-4C9B-4126-894F-50B4F54FF196}) (Version: 1.2.8 - MetaGeek, LLC)
InterVoip (HKLM-x32\...\InterVoip_is1) (Version: 4.05 build 579 - Finarea S.A. Switzerland)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.09.02.00 - Huawei Technologies Co.,Ltd)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
NTFS Undelete v0.94 (HKLM-x32\...\NTFS Undelete_is1) (Version: 0.94 - Atola Technology)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
smartmontools (HKLM-x32\...\smartmontools) (Version: 6.1 2013-03-16 r3800 (sf-6.1-1) - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Bat! Professional v4.2.44 (HKLM-x32\...\{8DFCF805-87AE-4969-9D85-9A0F9EDDC17F}) (Version: 4.2.4 - Ritlabs)
ThreatFire (HKLM-x32\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version:  - PC Tools)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.3a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.4.30409 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.4.30409 - VMware, Inc.) Hidden
VoipBuster (HKLM-x32\...\VoipBuster_is1) (Version: 4.05 build 579 - Finarea S.A. Switzerland)
Vuze_Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version:  - )
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.2.0w5 - Wacom Technology Corp.)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.4 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WinDFT (HKLM-x32\...\{065F384A-5C64-4532-814A-A24BA5374503}) (Version: 1.0.0 - HGST)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2587909452-1153870455-2939713168-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-02-01 17:53 - 2014-02-01 17:53 - 00001492 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns-5.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 hl2rcv.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D34A2FE-4AC0-4922-A142-9B7ECA15A389} - System32\Tasks\{A6A8B3A4-C77D-4FE6-B95B-81C1DDC33C27} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {1293D6B9-DB26-4CA9-9E42-B835EAB8BD98} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-10-06] (CL)
Task: {2B2DDC00-A63C-4AE6-A4E5-330D42B3D22E} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {4381926F-3BCF-4247-BC20-8ADDCF246635} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-10-06] (CyberLink Corp.)
Task: {4B46F04F-8EFF-47FE-9DDA-B0116DA632E2} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-10-06] (CL)
Task: {81BDB8BD-8983-4908-93AD-3540A51A82ED} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {8245CCD3-7EE8-4CBB-941D-92AC8CC09393} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-05] (CyberLink)
Task: {B1C2C6D7-F92A-4B44-8B9D-B59F6BB07887} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {C54C702F-44B8-41B5-A99F-E53D15786958} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-10-06] (CL)
Task: {FC1B3CBA-214F-40F0-86B9-5B897C052AB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)

==================== Loaded Modules (whitelisted) =============

2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2009-11-13 17:47 - 2009-07-06 20:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-03-05 03:56 - 2012-01-23 08:38 - 01184632 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-20 00:46 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-08-25 09:48 - 2009-08-25 09:48 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-07-01 15:44 - 2009-07-01 15:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 15:46 - 2009-10-02 15:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-01-24 01:16 - 2010-01-24 01:16 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-06-09 00:21 - 2012-06-09 00:21 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-09-29 15:25 - 2009-09-29 15:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-11-07 14:08 - 2014-11-07 14:08 - 00043008 _____ () c:\Users\KING OF VIENNA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcop66g.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\KING OF VIENNA\AppData\Roaming\Dropbox\bin\libcef.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00120232 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00279976 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
2009-10-06 22:57 - 2009-10-06 22:57 - 00464168 ____N () c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
2009-10-05 23:08 - 2009-10-05 23:08 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2011-01-04 20:47 - 2009-07-06 13:33 - 00178176 _____ () C:\Program Files (x86)\Beyond Compare 3\unrar.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\KING OF VIENNA\Cookies:MCteOn6DcpAHMAFwWq6xgJ

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2587909452-1153870455-2939713168-500 - Administrator - Disabled)
BackUpAdmin (S-1-5-21-2587909452-1153870455-2939713168-1005 - Administrator - Enabled)
Gast (S-1-5-21-2587909452-1153870455-2939713168-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2587909452-1153870455-2939713168-1016 - Limited - Enabled)
KING OF VIENNA (S-1-5-21-2587909452-1153870455-2939713168-1000 - Administrator - Enabled) => C:\Users\KING OF VIENNA
WDTV (S-1-5-21-2587909452-1153870455-2939713168-1017 - Limited - Enabled) => C:\Users\WDTV

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/07/2014 02:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (11/07/2014 01:55:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (11/07/2014 01:55:41 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2014-11-07T13:55:41.260+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (11/03/2014 07:37:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (11/03/2014 04:47:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (11/03/2014 00:02:59 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (11/03/2014 11:58:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (11/02/2014 04:03:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TFService.exe, Version: 4.11.2.22, Zeitstempel: 0x4d63252f
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000094
Fehleroffset: 0x000485fe
ID des fehlerhaften Prozesses: 0xa80
Startzeit der fehlerhaften Anwendung: 0xTFService.exe0
Pfad der fehlerhaften Anwendung: TFService.exe1
Pfad des fehlerhaften Moduls: TFService.exe2
Berichtskennung: TFService.exe3

Error: (11/02/2014 00:27:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (11/02/2014 00:23:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.


System errors:
=============
Error: (11/07/2014 05:24:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.187.1285.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.6.0305.00

        Quellpfad: 4.6.0305.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/07/2014 05:14:01 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (11/07/2014 04:53:05 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.187.1285.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.6.0305.00

        Quellpfad: 4.6.0305.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/07/2014 04:42:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (11/07/2014 02:08:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.187.1285.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.6.0305.00

        Quellpfad: 4.6.0305.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/07/2014 01:55:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259

Error: (11/07/2014 01:55:18 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/07/2014 01:51:08 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/07/2014 01:49:34 PM) (Source: volsnap) (EventID: 27) (User: )
Description: Die Schattenkopien von Volume "C:" wurden während der Ermittlung abgebrochen, weil eine kritische Steuerungsdatei nicht geöffnet werden konnte.

Error: (11/07/2014 01:49:32 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.


Microsoft Office Sessions:
=========================
Error: (12/23/2013 08:20:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 454842 seconds with 9120 seconds of active time.  This session ended with a crash.

Error: (10/01/2013 11:11:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1026049 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (08/13/2013 03:40:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/10/2013 03:15:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 403 seconds with 60 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: AMD Turion(tm) II Dual-Core Mobile M520
Percentage of memory in use: 28%
Total physical RAM: 8188.2 MB
Available physical RAM: 5861.18 MB
Total Pagefile: 9483.66 MB
Available Pagefile: 6906.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.79 GB) (Free:2.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.68 GB) (Free:1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Removable) (Total:0.95 GB) (Free:0.8 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 726396AC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 980 MB) (Disk ID: 92CE1A87)
Partition 1: (Active) - (Size=979 MB) - (Type=0B)

==================== End Of Log ============================
--- --- ---

schrauber 08.11.2014 07:17
hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

zapf 08.11.2014 21:01
TDSSKiller Log
 
DANKE!!!!

Hier ist das Log:
Code:
20:37:12.0084 0x0380  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:37:19.0665 0x0380  ============================================================
20:37:19.0665 0x0380  Current date / time: 2014/11/08 20:37:19.0665
20:37:19.0665 0x0380  SystemInfo:
20:37:19.0665 0x0380 
20:37:19.0665 0x0380  OS Version: 6.1.7601 ServicePack: 1.0
20:37:19.0665 0x0380  Product type: Workstation
20:37:19.0665 0x0380  ComputerName: KINGOFVIENNA-PC
20:37:19.0665 0x0380  UserName: KING OF VIENNA
20:37:19.0665 0x0380  Windows directory: C:\Windows
20:37:19.0665 0x0380  System windows directory: C:\Windows
20:37:19.0665 0x0380  Running under WOW64
20:37:19.0665 0x0380  Processor architecture: Intel x64
20:37:19.0665 0x0380  Number of processors: 2
20:37:19.0665 0x0380  Page size: 0x1000
20:37:19.0665 0x0380  Boot type: Normal boot
20:37:19.0665 0x0380  ============================================================
20:37:22.0395 0x0380  KLMD registered as C:\Windows\system32\drivers\19689376.sys
20:37:22.0583 0x0380  System UUID: {DD8CEF35-F649-37C7-E6F9-B13D823C2BCB}
20:37:22.0988 0x0380  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:37:22.0988 0x0380  Drive \Device\Harddisk1\DR1 - Size: 0x3D3FFE00 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:37:23.0004 0x0380  ============================================================
20:37:23.0004 0x0380  \Device\Harddisk0\DR0:
20:37:23.0004 0x0380  MBR partitions:
20:37:23.0004 0x0380  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:37:23.0004 0x0380  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38793800
20:37:23.0004 0x0380  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x387F7800, BlocksNum 0x1B5A800
20:37:23.0004 0x0380  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
20:37:23.0004 0x0380  \Device\Harddisk1\DR1:
20:37:23.0004 0x0380  MBR partitions:
20:37:23.0004 0x0380  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3E, BlocksNum 0x1E9B02
20:37:23.0004 0x0380  ============================================================
20:37:23.0019 0x0380  C: <-> \Device\Harddisk0\DR0\Partition2
20:37:23.0051 0x0380  D: <-> \Device\Harddisk0\DR0\Partition3
20:37:23.0066 0x0380  E: <-> \Device\Harddisk0\DR0\Partition4
20:37:23.0066 0x0380  ============================================================
20:37:23.0066 0x0380  Initialize success
20:37:23.0066 0x0380  ============================================================
20:38:17.0105 0x0ca0  ============================================================
20:38:17.0105 0x0ca0  Scan started
20:38:17.0105 0x0ca0  Mode: Manual; SigCheck; TDLFS;
20:38:17.0105 0x0ca0  ============================================================
20:38:17.0105 0x0ca0  KSN ping started
20:38:19.0772 0x0ca0  KSN ping finished: false
20:38:20.0849 0x0ca0  ================ Scan system memory ========================
20:38:20.0849 0x0ca0  System memory - ok
20:38:20.0849 0x0ca0  ================ Scan services =============================
20:38:21.0114 0x0ca0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:38:21.0223 0x0ca0  1394ohci - ok
20:38:21.0285 0x0ca0  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883          C:\Windows\system32\DRIVERS\61883.sys
20:38:21.0332 0x0ca0  61883 - ok
20:38:21.0379 0x0ca0  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer  C:\Windows\system32\DRIVERS\Accelerometer.sys
20:38:21.0395 0x0ca0  Accelerometer - ok
20:38:21.0473 0x0ca0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:38:21.0504 0x0ca0  ACPI - ok
20:38:21.0551 0x0ca0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
20:38:21.0629 0x0ca0  AcpiPmi - ok
20:38:21.0769 0x0ca0  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:38:21.0816 0x0ca0  AdobeARMservice - ok
20:38:21.0909 0x0ca0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
20:38:21.0925 0x0ca0  adp94xx - ok
20:38:22.0003 0x0ca0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
20:38:22.0034 0x0ca0  adpahci - ok
20:38:22.0050 0x0ca0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
20:38:22.0065 0x0ca0  adpu320 - ok
20:38:22.0097 0x0ca0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
20:38:22.0221 0x0ca0  AeLookupSvc - ok
20:38:22.0331 0x0ca0  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
20:38:22.0440 0x0ca0  AESTFilters - ok
20:38:22.0533 0x0ca0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
20:38:22.0580 0x0ca0  AFD - ok
20:38:22.0689 0x0ca0  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
20:38:22.0814 0x0ca0  AgereSoftModem - ok
20:38:22.0877 0x0ca0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:38:22.0908 0x0ca0  agp440 - ok
20:38:22.0970 0x0ca0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
20:38:23.0048 0x0ca0  ALG - ok
20:38:23.0111 0x0ca0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:38:23.0142 0x0ca0  aliide - ok
20:38:23.0610 0x0ca0  ALSysIO - ok
20:38:23.0813 0x0ca0  [ BCC32BF5EBB5DFD4380FA053D3651949, 72799B17EFB11836FEA241AD844C8D5EEF62656084CE89077DAF8FC30706A019 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:38:23.0875 0x0ca0  AMD External Events Utility - ok
20:38:23.0953 0x0ca0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:38:23.0984 0x0ca0  amdide - ok
20:38:24.0047 0x0ca0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
20:38:24.0125 0x0ca0  AmdK8 - ok
20:38:24.0171 0x0ca0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:38:24.0234 0x0ca0  AmdPPM - ok
20:38:24.0281 0x0ca0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
20:38:24.0312 0x0ca0  amdsata - ok
20:38:24.0343 0x0ca0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:38:24.0359 0x0ca0  amdsbs - ok
20:38:24.0405 0x0ca0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
20:38:24.0421 0x0ca0  amdxata - ok
20:38:24.0499 0x0ca0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID          C:\Windows\system32\drivers\appid.sys
20:38:24.0593 0x0ca0  AppID - ok
20:38:24.0624 0x0ca0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:38:24.0671 0x0ca0  AppIDSvc - ok
20:38:24.0717 0x0ca0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
20:38:24.0811 0x0ca0  Appinfo - ok
20:38:24.0889 0x0ca0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\DRIVERS\arc.sys
20:38:24.0920 0x0ca0  arc - ok
20:38:24.0936 0x0ca0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:38:24.0951 0x0ca0  arcsas - ok
20:38:25.0092 0x0ca0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:38:25.0170 0x0ca0  aspnet_state - ok
20:38:25.0201 0x0ca0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:38:25.0263 0x0ca0  AsyncMac - ok
20:38:25.0310 0x0ca0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
20:38:25.0326 0x0ca0  atapi - ok
20:38:25.0497 0x0ca0  [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:38:25.0700 0x0ca0  athr - ok
20:38:25.0778 0x0ca0  [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
20:38:25.0794 0x0ca0  AtiHdmiService - ok
20:38:26.0043 0x0ca0  [ A29087680A1C3B049E3C05438E8FF2B8, 8895C480DE55078A0B0BDF105A745940E02A8A7545EA5EE84FB675634620AD89 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:38:26.0293 0x0ca0  atikmdag - ok
20:38:26.0371 0x0ca0  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie        C:\Windows\system32\DRIVERS\AtiPcie.sys
20:38:26.0387 0x0ca0  AtiPcie - ok
20:38:26.0465 0x0ca0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:38:26.0543 0x0ca0  AudioEndpointBuilder - ok
20:38:26.0558 0x0ca0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:38:26.0621 0x0ca0  AudioSrv - ok
20:38:26.0683 0x0ca0  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc            C:\Windows\system32\DRIVERS\avc.sys
20:38:26.0714 0x0ca0  Avc - ok
20:38:26.0745 0x0ca0  [ 155F536D6181508929F4FE177F4167CE, 479B100DA05EDFADEDC6853B561FF3AC6A00403AB8A54F83887B8D0BB4D76886 ] AVCSTRM        C:\Windows\system32\DRIVERS\avcstrm.sys
20:38:26.0777 0x0ca0  AVCSTRM - ok
20:38:26.0839 0x0ca0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:38:26.0917 0x0ca0  AxInstSV - ok
20:38:26.0995 0x0ca0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
20:38:27.0073 0x0ca0  b06bdrv - ok
20:38:27.0151 0x0ca0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:38:27.0167 0x0ca0  b57nd60a - ok
20:38:27.0291 0x0ca0  [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc          C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:38:27.0307 0x0ca0  BBSvc - ok
20:38:27.0385 0x0ca0  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:38:27.0401 0x0ca0  BBUpdate - ok
20:38:27.0447 0x0ca0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:38:27.0510 0x0ca0  BDESVC - ok
20:38:27.0541 0x0ca0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:38:27.0603 0x0ca0  Beep - ok
20:38:27.0697 0x0ca0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
20:38:27.0744 0x0ca0  BFE - ok
20:38:27.0837 0x0ca0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:38:27.0931 0x0ca0  BITS - ok
20:38:27.0978 0x0ca0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:38:28.0025 0x0ca0  blbdrive - ok
20:38:28.0087 0x0ca0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:38:28.0118 0x0ca0  bowser - ok
20:38:28.0181 0x0ca0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:38:28.0227 0x0ca0  BrFiltLo - ok
20:38:28.0259 0x0ca0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:38:28.0290 0x0ca0  BrFiltUp - ok
20:38:28.0321 0x0ca0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
20:38:28.0399 0x0ca0  Browser - ok
20:38:28.0446 0x0ca0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
20:38:28.0508 0x0ca0  Brserid - ok
20:38:28.0524 0x0ca0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:38:28.0571 0x0ca0  BrSerWdm - ok
20:38:28.0586 0x0ca0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:38:28.0633 0x0ca0  BrUsbMdm - ok
20:38:28.0664 0x0ca0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:38:28.0680 0x0ca0  BrUsbSer - ok
20:38:28.0758 0x0ca0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum        C:\Windows\system32\DRIVERS\BthEnum.sys
20:38:28.0836 0x0ca0  BthEnum - ok
20:38:28.0898 0x0ca0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:38:28.0945 0x0ca0  BTHMODEM - ok
20:38:28.0992 0x0ca0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:38:29.0039 0x0ca0  BthPan - ok
20:38:29.0101 0x0ca0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT        C:\Windows\system32\Drivers\BTHport.sys
20:38:29.0179 0x0ca0  BTHPORT - ok
20:38:29.0226 0x0ca0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
20:38:29.0319 0x0ca0  bthserv - ok
20:38:29.0351 0x0ca0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:38:29.0382 0x0ca0  BTHUSB - ok
20:38:29.0429 0x0ca0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:38:29.0522 0x0ca0  cdfs - ok
20:38:29.0616 0x0ca0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
20:38:29.0678 0x0ca0  cdrom - ok
20:38:29.0725 0x0ca0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
20:38:29.0787 0x0ca0  CertPropSvc - ok
20:38:29.0850 0x0ca0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:38:29.0912 0x0ca0  circlass - ok
20:38:29.0959 0x0ca0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:38:29.0990 0x0ca0  CLFS - ok
20:38:30.0068 0x0ca0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:38:30.0099 0x0ca0  clr_optimization_v2.0.50727_32 - ok
20:38:30.0162 0x0ca0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:38:30.0209 0x0ca0  clr_optimization_v2.0.50727_64 - ok
20:38:30.0318 0x0ca0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:38:30.0396 0x0ca0  clr_optimization_v4.0.30319_32 - ok
20:38:30.0427 0x0ca0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:38:30.0443 0x0ca0  clr_optimization_v4.0.30319_64 - ok
20:38:30.0505 0x0ca0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:38:30.0552 0x0ca0  CmBatt - ok
20:38:30.0614 0x0ca0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:38:30.0661 0x0ca0  cmdide - ok
20:38:30.0801 0x0ca0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG            C:\Windows\system32\Drivers\cng.sys
20:38:30.0864 0x0ca0  CNG - ok
20:38:30.0973 0x0ca0  [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx      C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
20:38:30.0989 0x0ca0  Com4QLBEx - ok
20:38:31.0035 0x0ca0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:38:31.0067 0x0ca0  Compbatt - ok
20:38:31.0129 0x0ca0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:38:31.0207 0x0ca0  CompositeBus - ok
20:38:31.0223 0x0ca0  COMSysApp - ok
20:38:31.0269 0x0ca0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
20:38:31.0285 0x0ca0  crcdisk - ok
20:38:31.0363 0x0ca0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:38:31.0441 0x0ca0  CryptSvc - ok
20:38:31.0535 0x0ca0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:38:31.0613 0x0ca0  DcomLaunch - ok
20:38:31.0628 0x0ca0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
20:38:31.0706 0x0ca0  defragsvc - ok
20:38:31.0753 0x0ca0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:38:31.0831 0x0ca0  DfsC - ok
20:38:31.0878 0x0ca0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:38:31.0940 0x0ca0  Dhcp - ok
20:38:31.0956 0x0ca0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:38:32.0003 0x0ca0  discache - ok
20:38:32.0081 0x0ca0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:38:32.0112 0x0ca0  Disk - ok
20:38:32.0159 0x0ca0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:38:32.0252 0x0ca0  Dnscache - ok
20:38:32.0330 0x0ca0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
20:38:32.0424 0x0ca0  dot3svc - ok
20:38:32.0486 0x0ca0  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
20:38:32.0533 0x0ca0  Dot4 - ok
20:38:32.0564 0x0ca0  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print      C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:38:32.0595 0x0ca0  Dot4Print - ok
20:38:32.0611 0x0ca0  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb        C:\Windows\system32\DRIVERS\dot4usb.sys
20:38:32.0658 0x0ca0  dot4usb - ok
20:38:32.0689 0x0ca0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
20:38:32.0751 0x0ca0  DPS - ok
20:38:32.0814 0x0ca0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
20:38:32.0829 0x0ca0  drmkaud - ok
20:38:32.0892 0x0ca0  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01    C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:38:32.0923 0x0ca0  dtsoftbus01 - ok
20:38:32.0985 0x0ca0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
20:38:33.0048 0x0ca0  DXGKrnl - ok
20:38:33.0110 0x0ca0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
20:38:33.0173 0x0ca0  EapHost - ok
20:38:33.0297 0x0ca0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
20:38:33.0469 0x0ca0  ebdrv - ok
20:38:33.0500 0x0ca0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS            C:\Windows\System32\lsass.exe
20:38:33.0563 0x0ca0  EFS - ok
20:38:33.0703 0x0ca0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
20:38:33.0797 0x0ca0  ehRecvr - ok
20:38:33.0828 0x0ca0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
20:38:33.0890 0x0ca0  ehSched - ok
20:38:33.0953 0x0ca0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
20:38:33.0984 0x0ca0  elxstor - ok
20:38:34.0062 0x0ca0  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
20:38:34.0093 0x0ca0  enecir - ok
20:38:34.0124 0x0ca0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:38:34.0171 0x0ca0  ErrDev - ok
20:38:34.0249 0x0ca0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
20:38:34.0296 0x0ca0  EventSystem - ok
20:38:34.0374 0x0ca0  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev    C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
20:38:34.0421 0x0ca0  ew_hwusbdev - ok
20:38:34.0483 0x0ca0  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
20:38:34.0530 0x0ca0  ew_usbenumfilter - ok
20:38:34.0561 0x0ca0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
20:38:34.0639 0x0ca0  exfat - ok
20:38:34.0670 0x0ca0  ezSharedSvc - ok
20:38:34.0717 0x0ca0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
20:38:34.0779 0x0ca0  fastfat - ok
20:38:34.0842 0x0ca0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
20:38:34.0935 0x0ca0  Fax - ok
20:38:34.0951 0x0ca0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
20:38:34.0967 0x0ca0  fdc - ok
20:38:35.0029 0x0ca0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
20:38:35.0138 0x0ca0  fdPHost - ok
20:38:35.0169 0x0ca0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:38:35.0247 0x0ca0  FDResPub - ok
20:38:35.0279 0x0ca0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:38:35.0294 0x0ca0  FileInfo - ok
20:38:35.0310 0x0ca0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
20:38:35.0388 0x0ca0  Filetrace - ok
20:38:35.0419 0x0ca0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:38:35.0466 0x0ca0  flpydisk - ok
20:38:35.0528 0x0ca0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:38:35.0559 0x0ca0  FltMgr - ok
20:38:35.0684 0x0ca0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
20:38:35.0747 0x0ca0  FontCache - ok
20:38:35.0856 0x0ca0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:38:35.0887 0x0ca0  FontCache3.0.0.0 - ok
20:38:35.0918 0x0ca0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
20:38:35.0934 0x0ca0  FsDepends - ok
20:38:35.0981 0x0ca0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:38:36.0012 0x0ca0  Fs_Rec - ok
20:38:36.0074 0x0ca0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:38:36.0105 0x0ca0  fvevol - ok
20:38:36.0152 0x0ca0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:38:36.0183 0x0ca0  gagp30kx - ok
20:38:36.0261 0x0ca0  [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
20:38:36.0308 0x0ca0  GameConsoleService - ok
20:38:36.0402 0x0ca0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
20:38:36.0480 0x0ca0  gpsvc - ok
20:38:36.0558 0x0ca0  [ ADB4348DA1345877B04E22203AFC8993, D85FC268D1994944CED570A84B0B2E4F3EBFBE59823BE57285CB6CDDDF607358 ] hcmon          C:\Windows\system32\drivers\hcmon.sys
20:38:36.0605 0x0ca0  hcmon - ok
20:38:36.0620 0x0ca0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:38:36.0636 0x0ca0  hcw85cir - ok
20:38:36.0714 0x0ca0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:38:36.0761 0x0ca0  HdAudAddService - ok
20:38:36.0807 0x0ca0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:38:36.0854 0x0ca0  HDAudBus - ok
20:38:36.0885 0x0ca0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
20:38:36.0901 0x0ca0  HidBatt - ok
20:38:36.0917 0x0ca0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:38:36.0948 0x0ca0  HidBth - ok
20:38:36.0995 0x0ca0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
20:38:37.0041 0x0ca0  HidIr - ok
20:38:37.0073 0x0ca0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
20:38:37.0135 0x0ca0  hidserv - ok
20:38:37.0182 0x0ca0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:38:37.0213 0x0ca0  HidUsb - ok
20:38:37.0275 0x0ca0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:38:37.0338 0x0ca0  hkmsvc - ok
20:38:37.0385 0x0ca0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:38:37.0431 0x0ca0  HomeGroupListener - ok
20:38:37.0494 0x0ca0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:38:37.0541 0x0ca0  HomeGroupProvider - ok
20:38:37.0681 0x0ca0  [ 45A12CACB97B4F15858FCFD59355A1E9, E4D671F1E413D1C45CC797C93FC042FEC9B0AE9F7039C82E516A410AD49100AA ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
20:38:37.0712 0x0ca0  HP Health Check Service - ok
20:38:37.0790 0x0ca0  [ F55442690A70A0278A7EED4FAAEBF576, 9BE7A30A08DB05D38994B14F53C9178552DE5898DB016B171E20E3046046B296 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:38:37.0837 0x0ca0  HPDrvMntSvc.exe - ok
20:38:37.0884 0x0ca0  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
20:38:37.0899 0x0ca0  hpdskflt - ok
20:38:37.0962 0x0ca0  [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:38:38.0009 0x0ca0  HpqKbFiltr - ok
20:38:38.0102 0x0ca0  [ 640E51DB253265C3EAC075866B3D2B33, 3408C908AADCA784BA7C0C044CC50B3759E2B142013D4B12B05E97A141036E15 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:38:38.0133 0x0ca0  hpqwmiex - ok
20:38:38.0211 0x0ca0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:38:38.0243 0x0ca0  HpSAMD - ok
20:38:38.0258 0x0ca0  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv          C:\Windows\system32\Hpservice.exe
20:38:38.0274 0x0ca0  hpsrv - ok
20:38:38.0367 0x0ca0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:38:38.0461 0x0ca0  HTTP - ok
20:38:38.0508 0x0ca0  [ 4DBBFCE863FE1B64C770EB53A3BA5860, DA77FB5D865779834CDCEE74200B9346FA3A4D0465F7A49C877ED6F786232CEF ] huawei_cdcacm  C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
20:38:38.0570 0x0ca0  huawei_cdcacm - ok
20:38:38.0633 0x0ca0  [ F80E301136A4101814385A3B934AB4CD, 20A6B74CF9E93C3F1A9E3273C41C04582C34F7C40250AB4B69C25CAD36A00775 ] huawei_cdcecm  C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
20:38:38.0695 0x0ca0  huawei_cdcecm - ok
20:38:38.0742 0x0ca0  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
20:38:38.0804 0x0ca0  huawei_enumerator - ok
20:38:38.0867 0x0ca0  [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
20:38:38.0913 0x0ca0  huawei_ext_ctrl - ok
20:38:39.0194 0x0ca0  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
20:38:39.0225 0x0ca0  HWDeviceService64.exe - ok
20:38:39.0272 0x0ca0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:38:39.0319 0x0ca0  hwpolicy - ok
20:38:39.0381 0x0ca0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:38:39.0413 0x0ca0  i8042prt - ok
20:38:39.0491 0x0ca0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
20:38:39.0537 0x0ca0  iaStorV - ok
20:38:39.0631 0x0ca0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:38:39.0678 0x0ca0  idsvc - ok
20:38:39.0693 0x0ca0  IEEtwCollectorService - ok
20:38:39.0943 0x0ca0  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:38:40.0224 0x0ca0  igfx - ok
20:38:40.0286 0x0ca0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
20:38:40.0302 0x0ca0  iirsp - ok
20:38:40.0380 0x0ca0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:38:40.0442 0x0ca0  IKEEXT - ok
20:38:40.0489 0x0ca0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:38:40.0505 0x0ca0  intelide - ok
20:38:40.0551 0x0ca0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:38:40.0598 0x0ca0  intelppm - ok
20:38:40.0645 0x0ca0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
20:38:40.0707 0x0ca0  IPBusEnum - ok
20:38:40.0754 0x0ca0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:38:40.0801 0x0ca0  IpFilterDriver - ok
20:38:40.0863 0x0ca0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:38:40.0910 0x0ca0  iphlpsvc - ok
20:38:41.0019 0x0ca0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
20:38:41.0097 0x0ca0  IPMIDRV - ok
20:38:41.0191 0x0ca0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
20:38:41.0285 0x0ca0  IPNAT - ok
20:38:41.0331 0x0ca0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:38:41.0363 0x0ca0  IRENUM - ok
20:38:41.0409 0x0ca0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:38:41.0425 0x0ca0  isapnp - ok
20:38:41.0487 0x0ca0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:38:41.0503 0x0ca0  iScsiPrt - ok
20:38:41.0565 0x0ca0  [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
20:38:41.0628 0x0ca0  JMCR - ok
20:38:41.0706 0x0ca0  [ 38BD6037FD2A6243A7606C0E87B847E5, 59EA889596F306FD0D67D94D97E2470006D1404F62A771415F10529A39F655D9 ] johci          C:\Windows\system32\DRIVERS\johci.sys
20:38:41.0737 0x0ca0  johci - ok
20:38:41.0784 0x0ca0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:38:41.0799 0x0ca0  kbdclass - ok
20:38:41.0846 0x0ca0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:38:41.0893 0x0ca0  kbdhid - ok
20:38:41.0909 0x0ca0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
20:38:41.0924 0x0ca0  KeyIso - ok
20:38:41.0987 0x0ca0  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:38:42.0002 0x0ca0  KSecDD - ok
20:38:42.0018 0x0ca0  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
20:38:42.0033 0x0ca0  KSecPkg - ok
20:38:42.0065 0x0ca0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
20:38:42.0111 0x0ca0  ksthunk - ok
20:38:42.0158 0x0ca0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
20:38:42.0221 0x0ca0  KtmRm - ok
20:38:42.0299 0x0ca0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:38:42.0361 0x0ca0  LanmanServer - ok
20:38:42.0423 0x0ca0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:38:42.0501 0x0ca0  LanmanWorkstation - ok
20:38:42.0611 0x0ca0  [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:38:42.0657 0x0ca0  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:38:42.0751 0x0ca0  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:38:42.0751 0x0ca0  Force sending object to P2P due to detect: LightScribeService
20:38:42.0751 0x0ca0  Object send P2P result: false
20:38:42.0782 0x0ca0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:38:42.0845 0x0ca0  lltdio - ok
20:38:42.0891 0x0ca0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
20:38:42.0954 0x0ca0  lltdsvc - ok
20:38:42.0985 0x0ca0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
20:38:43.0032 0x0ca0  lmhosts - ok
20:38:43.0094 0x0ca0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:38:43.0110 0x0ca0  LSI_FC - ok
20:38:43.0141 0x0ca0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
20:38:43.0157 0x0ca0  LSI_SAS - ok
20:38:43.0172 0x0ca0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:38:43.0188 0x0ca0  LSI_SAS2 - ok
20:38:43.0203 0x0ca0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:38:43.0219 0x0ca0  LSI_SCSI - ok
20:38:43.0235 0x0ca0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
20:38:43.0313 0x0ca0  luafv - ok
20:38:43.0359 0x0ca0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
20:38:43.0406 0x0ca0  Mcx2Svc - ok
20:38:43.0453 0x0ca0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
20:38:43.0469 0x0ca0  megasas - ok
20:38:43.0500 0x0ca0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:38:43.0531 0x0ca0  MegaSR - ok
20:38:43.0640 0x0ca0  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:38:43.0671 0x0ca0  Microsoft Office Groove Audit Service - ok
20:38:43.0718 0x0ca0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
20:38:43.0781 0x0ca0  MMCSS - ok
20:38:43.0812 0x0ca0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
20:38:43.0859 0x0ca0  Modem - ok
20:38:43.0905 0x0ca0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
20:38:43.0968 0x0ca0  monitor - ok
20:38:44.0015 0x0ca0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:38:44.0030 0x0ca0  mouclass - ok
20:38:44.0077 0x0ca0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:38:44.0108 0x0ca0  mouhid - ok
20:38:44.0155 0x0ca0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:38:44.0186 0x0ca0  mountmgr - ok
20:38:44.0280 0x0ca0  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:38:44.0311 0x0ca0  MozillaMaintenance - ok
20:38:44.0358 0x0ca0  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:38:44.0389 0x0ca0  MpFilter - ok
20:38:44.0420 0x0ca0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:38:44.0436 0x0ca0  mpio - ok
20:38:44.0483 0x0ca0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:38:44.0529 0x0ca0  mpsdrv - ok
20:38:44.0607 0x0ca0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:38:44.0670 0x0ca0  MpsSvc - ok
20:38:44.0717 0x0ca0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:38:44.0795 0x0ca0  MRxDAV - ok
20:38:44.0857 0x0ca0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:38:44.0919 0x0ca0  mrxsmb - ok
20:38:44.0982 0x0ca0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:38:45.0029 0x0ca0  mrxsmb10 - ok
20:38:45.0060 0x0ca0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:38:45.0075 0x0ca0  mrxsmb20 - ok
20:38:45.0122 0x0ca0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:38:45.0153 0x0ca0  msahci - ok
20:38:45.0200 0x0ca0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
20:38:45.0216 0x0ca0  msdsm - ok
20:38:45.0247 0x0ca0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
20:38:45.0278 0x0ca0  MSDTC - ok
20:38:45.0325 0x0ca0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:38:45.0387 0x0ca0  Msfs - ok
20:38:45.0419 0x0ca0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
20:38:45.0512 0x0ca0  mshidkmdf - ok
20:38:45.0543 0x0ca0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:38:45.0559 0x0ca0  msisadrv - ok
20:38:45.0575 0x0ca0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
20:38:45.0637 0x0ca0  MSiSCSI - ok
20:38:45.0637 0x0ca0  msiserver - ok
20:38:45.0684 0x0ca0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
20:38:45.0731 0x0ca0  MSKSSRV - ok
20:38:45.0871 0x0ca0  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:38:45.0902 0x0ca0  MsMpSvc - ok
20:38:45.0933 0x0ca0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:38:45.0996 0x0ca0  MSPCLOCK - ok
20:38:46.0043 0x0ca0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
20:38:46.0089 0x0ca0  MSPQM - ok
20:38:46.0152 0x0ca0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
20:38:46.0167 0x0ca0  MsRPC - ok
20:38:46.0230 0x0ca0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:38:46.0261 0x0ca0  mssmbios - ok
20:38:46.0308 0x0ca0  [ 966EC55988D580B9823C453781309450, 52942A68A3DE6C6A9730D27667A0AAA35B65889C37B243B83CC9B54DFAFE4A2D ] MSTAPE          C:\Windows\system32\DRIVERS\mstape.sys
20:38:46.0339 0x0ca0  MSTAPE - ok
20:38:46.0355 0x0ca0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
20:38:46.0401 0x0ca0  MSTEE - ok
20:38:46.0417 0x0ca0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:38:46.0464 0x0ca0  MTConfig - ok
20:38:46.0511 0x0ca0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
20:38:46.0542 0x0ca0  Mup - ok
20:38:46.0620 0x0ca0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:38:46.0698 0x0ca0  napagent - ok
20:38:46.0760 0x0ca0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
20:38:46.0823 0x0ca0  NativeWifiP - ok
20:38:46.0932 0x0ca0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:38:46.0979 0x0ca0  NDIS - ok
20:38:46.0994 0x0ca0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
20:38:47.0057 0x0ca0  NdisCap - ok
20:38:47.0103 0x0ca0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:38:47.0150 0x0ca0  NdisTapi - ok
20:38:47.0197 0x0ca0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
20:38:47.0259 0x0ca0  Ndisuio - ok
20:38:47.0306 0x0ca0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
20:38:47.0353 0x0ca0  NdisWan - ok
20:38:47.0400 0x0ca0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
20:38:47.0462 0x0ca0  NDProxy - ok
20:38:47.0509 0x0ca0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
20:38:47.0571 0x0ca0  NetBIOS - ok
20:38:47.0618 0x0ca0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
20:38:47.0696 0x0ca0  NetBT - ok
20:38:47.0727 0x0ca0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
20:38:47.0743 0x0ca0  Netlogon - ok
20:38:47.0774 0x0ca0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:38:47.0852 0x0ca0  Netman - ok
20:38:47.0899 0x0ca0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:47.0993 0x0ca0  NetMsmqActivator - ok
20:38:48.0024 0x0ca0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:48.0055 0x0ca0  NetPipeActivator - ok
20:38:48.0102 0x0ca0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:38:48.0164 0x0ca0  netprofm - ok
20:38:48.0211 0x0ca0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:48.0227 0x0ca0  NetTcpActivator - ok
20:38:48.0242 0x0ca0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:38:48.0258 0x0ca0  NetTcpPortSharing - ok
20:38:48.0492 0x0ca0  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
20:38:48.0726 0x0ca0  netw5v64 - ok
20:38:48.0773 0x0ca0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
20:38:48.0788 0x0ca0  nfrd960 - ok
20:38:48.0835 0x0ca0  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:38:48.0851 0x0ca0  NisDrv - ok
20:38:48.0913 0x0ca0  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
20:38:48.0944 0x0ca0  NisSrv - ok
20:38:48.0975 0x0ca0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:38:49.0022 0x0ca0  NlaSvc - ok
20:38:49.0053 0x0ca0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:38:49.0116 0x0ca0  Npfs - ok
20:38:49.0147 0x0ca0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
20:38:49.0209 0x0ca0  nsi - ok
20:38:49.0241 0x0ca0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:38:49.0319 0x0ca0  nsiproxy - ok
20:38:49.0428 0x0ca0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:38:49.0490 0x0ca0  Ntfs - ok
20:38:49.0521 0x0ca0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:38:49.0553 0x0ca0  Null - ok
20:38:49.0615 0x0ca0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:38:49.0631 0x0ca0  nvraid - ok
20:38:49.0646 0x0ca0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:38:49.0662 0x0ca0  nvstor - ok
20:38:49.0709 0x0ca0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:38:49.0740 0x0ca0  nv_agp - ok
20:38:49.0865 0x0ca0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:38:49.0896 0x0ca0  odserv - ok
20:38:49.0911 0x0ca0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:38:49.0927 0x0ca0  ohci1394 - ok
20:38:49.0989 0x0ca0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:38:50.0021 0x0ca0  ose - ok
20:38:50.0067 0x0ca0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:38:50.0130 0x0ca0  p2pimsvc - ok
20:38:50.0177 0x0ca0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:38:50.0208 0x0ca0  p2psvc - ok
20:38:50.0223 0x0ca0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
20:38:50.0239 0x0ca0  Parport - ok
20:38:50.0286 0x0ca0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
20:38:50.0301 0x0ca0  partmgr - ok
20:38:50.0317 0x0ca0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:38:50.0364 0x0ca0  PcaSvc - ok
20:38:50.0411 0x0ca0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
20:38:50.0442 0x0ca0  pci - ok
20:38:50.0489 0x0ca0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:38:50.0520 0x0ca0  pciide - ok
20:38:50.0551 0x0ca0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:38:50.0582 0x0ca0  pcmcia - ok
20:38:50.0598 0x0ca0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
20:38:50.0613 0x0ca0  pcw - ok
20:38:50.0785 0x0ca0  [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
20:38:50.0832 0x0ca0  PDF Architect Helper Service - ok
20:38:50.0879 0x0ca0  [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
20:38:50.0910 0x0ca0  PDF Architect Service - ok
20:38:50.0941 0x0ca0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:38:51.0019 0x0ca0  PEAUTH - ok
20:38:51.0113 0x0ca0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:38:51.0159 0x0ca0  PerfHost - ok
20:38:51.0253 0x0ca0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
20:38:51.0362 0x0ca0  pla - ok
20:38:51.0550 0x0ca0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:38:51.0674 0x0ca0  PlugPlay - ok
20:38:51.0706 0x0ca0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
20:38:51.0737 0x0ca0  PNRPAutoReg - ok
20:38:51.0768 0x0ca0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
20:38:51.0799 0x0ca0  PNRPsvc - ok
20:38:51.0877 0x0ca0  [ 33328FA8A580885AB0065BE6DB266E9F, 645A1B1702ADB0D3F784B998CDF17524CC6C4891594AA075D538A0656BAE69B8 ] Point64        C:\Windows\system32\DRIVERS\point64.sys
20:38:51.0908 0x0ca0  Point64 - ok
20:38:52.0002 0x0ca0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
20:38:52.0080 0x0ca0  PolicyAgent - ok
20:38:52.0111 0x0ca0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
20:38:52.0174 0x0ca0  Power - ok
20:38:52.0236 0x0ca0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:38:52.0298 0x0ca0  PptpMiniport - ok
20:38:52.0330 0x0ca0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
20:38:52.0361 0x0ca0  Processor - ok
20:38:52.0423 0x0ca0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc        C:\Windows\system32\profsvc.dll
20:38:52.0486 0x0ca0  ProfSvc - ok
20:38:52.0517 0x0ca0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:38:52.0532 0x0ca0  ProtectedStorage - ok
20:38:52.0595 0x0ca0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:38:52.0657 0x0ca0  Psched - ok
20:38:52.0720 0x0ca0  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
20:38:52.0751 0x0ca0  PxHlpa64 - ok
20:38:52.0813 0x0ca0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:38:52.0876 0x0ca0  ql2300 - ok
20:38:52.0891 0x0ca0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:38:52.0907 0x0ca0  ql40xx - ok
20:38:52.0938 0x0ca0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
20:38:52.0985 0x0ca0  QWAVE - ok
20:38:53.0032 0x0ca0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:38:53.0063 0x0ca0  QWAVEdrv - ok
20:38:53.0094 0x0ca0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:38:53.0156 0x0ca0  RasAcd - ok
20:38:53.0203 0x0ca0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
20:38:53.0234 0x0ca0  RasAgileVpn - ok
20:38:53.0250 0x0ca0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
20:38:53.0297 0x0ca0  RasAuto - ok
20:38:53.0359 0x0ca0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
20:38:53.0437 0x0ca0  Rasl2tp - ok
20:38:53.0468 0x0ca0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:38:53.0515 0x0ca0  RasMan - ok
20:38:53.0531 0x0ca0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:38:53.0578 0x0ca0  RasPppoe - ok
20:38:53.0609 0x0ca0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
20:38:53.0671 0x0ca0  RasSstp - ok
20:38:53.0718 0x0ca0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
20:38:53.0765 0x0ca0  rdbss - ok
20:38:53.0796 0x0ca0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:38:53.0827 0x0ca0  rdpbus - ok
20:38:53.0858 0x0ca0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:38:53.0890 0x0ca0  RDPCDD - ok
20:38:53.0952 0x0ca0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:38:54.0014 0x0ca0  RDPENCDD - ok
20:38:54.0046 0x0ca0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:38:54.0077 0x0ca0  RDPREFMP - ok
20:38:54.0186 0x0ca0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:38:54.0248 0x0ca0  RdpVideoMiniport - ok
20:38:54.0280 0x0ca0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
20:38:54.0326 0x0ca0  RDPWD - ok
20:38:54.0389 0x0ca0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:38:54.0420 0x0ca0  rdyboost - ok
20:38:54.0436 0x0ca0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:38:54.0498 0x0ca0  RemoteAccess - ok
20:38:54.0529 0x0ca0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:38:54.0592 0x0ca0  RemoteRegistry - ok
20:38:54.0654 0x0ca0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:38:54.0701 0x0ca0  RFCOMM - ok
20:38:54.0779 0x0ca0  [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo      C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:38:54.0794 0x0ca0  RichVideo - ok
20:38:54.0810 0x0ca0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:38:54.0841 0x0ca0  RpcEptMapper - ok
20:38:54.0857 0x0ca0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:38:54.0872 0x0ca0  RpcLocator - ok
20:38:54.0935 0x0ca0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
20:38:54.0982 0x0ca0  RpcSs - ok
20:38:55.0060 0x0ca0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:38:55.0122 0x0ca0  rspndr - ok
20:38:55.0200 0x0ca0  [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
20:38:55.0247 0x0ca0  RTL8167 - ok
20:38:55.0325 0x0ca0  [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187        C:\Windows\system32\DRIVERS\rtl8187.sys
20:38:55.0372 0x0ca0  RTL8187 - ok
20:38:55.0387 0x0ca0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs          C:\Windows\system32\lsass.exe
20:38:55.0403 0x0ca0  SamSs - ok
20:38:55.0450 0x0ca0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:38:55.0465 0x0ca0  sbp2port - ok
20:38:55.0496 0x0ca0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:38:55.0559 0x0ca0  SCardSvr - ok
20:38:55.0606 0x0ca0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:38:55.0684 0x0ca0  scfilter - ok
20:38:55.0762 0x0ca0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:38:55.0840 0x0ca0  Schedule - ok
20:38:55.0886 0x0ca0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
20:38:55.0918 0x0ca0  SCPolicySvc - ok
20:38:55.0980 0x0ca0  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus          C:\Windows\system32\drivers\sdbus.sys
20:38:56.0027 0x0ca0  sdbus - ok
20:38:56.0058 0x0ca0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:38:56.0136 0x0ca0  SDRSVC - ok
20:38:56.0198 0x0ca0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:38:56.0230 0x0ca0  secdrv - ok
20:38:56.0245 0x0ca0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:38:56.0292 0x0ca0  seclogon - ok
20:38:56.0323 0x0ca0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:38:56.0386 0x0ca0  SENS - ok
20:38:56.0432 0x0ca0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:38:56.0464 0x0ca0  SensrSvc - ok
20:38:56.0479 0x0ca0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
20:38:56.0495 0x0ca0  Serenum - ok
20:38:56.0510 0x0ca0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:38:56.0557 0x0ca0  Serial - ok
20:38:56.0588 0x0ca0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:38:56.0651 0x0ca0  sermouse - ok
20:38:56.0729 0x0ca0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:38:56.0807 0x0ca0  SessionEnv - ok
20:38:56.0838 0x0ca0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
20:38:56.0916 0x0ca0  sffdisk - ok
20:38:56.0932 0x0ca0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:38:56.0978 0x0ca0  sffp_mmc - ok
20:38:56.0994 0x0ca0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
20:38:57.0025 0x0ca0  sffp_sd - ok
20:38:57.0056 0x0ca0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
20:38:57.0088 0x0ca0  sfloppy - ok
20:38:57.0150 0x0ca0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:38:57.0244 0x0ca0  SharedAccess - ok
20:38:57.0290 0x0ca0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:38:57.0337 0x0ca0  ShellHWDetection - ok
20:38:57.0384 0x0ca0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:38:57.0431 0x0ca0  SiSRaid2 - ok
20:38:57.0431 0x0ca0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:38:57.0446 0x0ca0  SiSRaid4 - ok
20:38:57.0524 0x0ca0  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
20:38:57.0556 0x0ca0  SkypeUpdate - ok
20:38:57.0618 0x0ca0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
20:38:57.0680 0x0ca0  Smb - ok
20:38:57.0727 0x0ca0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:38:57.0790 0x0ca0  SNMPTRAP - ok
20:38:57.0852 0x0ca0  [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan        C:\Windows\syswow64\speedfan.sys
20:38:57.0868 0x0ca0  speedfan - ok
20:38:57.0883 0x0ca0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
20:38:57.0899 0x0ca0  spldr - ok
20:38:57.0992 0x0ca0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
20:38:58.0070 0x0ca0  Spooler - ok
20:38:58.0258 0x0ca0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:38:58.0445 0x0ca0  sppsvc - ok
20:38:58.0476 0x0ca0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
20:38:58.0538 0x0ca0  sppuinotify - ok
20:38:58.0616 0x0ca0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
20:38:58.0679 0x0ca0  srv - ok
20:38:58.0726 0x0ca0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:38:58.0772 0x0ca0  srv2 - ok
20:38:58.0819 0x0ca0  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA      C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:38:58.0835 0x0ca0  SrvHsfHDA - ok
20:38:58.0897 0x0ca0  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92      C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:38:58.0960 0x0ca0  SrvHsfV92 - ok
20:38:59.0006 0x0ca0  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac    C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:38:59.0038 0x0ca0  SrvHsfWinac - ok
20:38:59.0069 0x0ca0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:38:59.0100 0x0ca0  srvnet - ok
20:38:59.0131 0x0ca0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
20:38:59.0209 0x0ca0  SSDPSRV - ok
20:38:59.0225 0x0ca0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
20:38:59.0272 0x0ca0  SstpSvc - ok
20:38:59.0334 0x0ca0  [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
20:38:59.0381 0x0ca0  ss_bus - ok
20:38:59.0412 0x0ca0  [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl        C:\Windows\system32\DRIVERS\ss_mdfl.sys
20:38:59.0428 0x0ca0  ss_mdfl - ok
20:38:59.0459 0x0ca0  [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
20:38:59.0474 0x0ca0  ss_mdm - ok
20:38:59.0615 0x0ca0  [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
20:38:59.0677 0x0ca0  STacSV - ok
20:38:59.0708 0x0ca0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:38:59.0724 0x0ca0  stexstor - ok
20:38:59.0802 0x0ca0  [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
20:38:59.0864 0x0ca0  STHDA - ok
20:38:59.0958 0x0ca0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:39:00.0020 0x0ca0  stisvc - ok
20:39:00.0067 0x0ca0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:39:00.0098 0x0ca0  swenum - ok
20:39:00.0286 0x0ca0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:39:00.0317 0x0ca0  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:39:00.0317 0x0ca0  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:39:00.0348 0x0ca0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
20:39:00.0426 0x0ca0  swprv - ok
20:39:00.0535 0x0ca0  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
20:39:00.0566 0x0ca0  SynTP - ok
20:39:00.0707 0x0ca0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
20:39:00.0800 0x0ca0  SysMain - ok
20:39:00.0863 0x0ca0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:39:00.0910 0x0ca0  TabletInputService - ok
20:39:01.0284 0x0ca0  [ B9E475AB1AABB21F278EA74965F918B9, 7563C990E44954190BCD796174D1E4636319F6D799B2EE1362D27604C3C0F89F ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
20:39:01.0565 0x0ca0  TabletServiceWacom - ok
20:39:01.0627 0x0ca0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
20:39:01.0705 0x0ca0  TapiSrv - ok
20:39:01.0783 0x0ca0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
20:39:01.0861 0x0ca0  TBS - ok
20:39:02.0111 0x0ca0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
20:39:02.0189 0x0ca0  Tcpip - ok
20:39:02.0267 0x0ca0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:39:02.0345 0x0ca0  TCPIP6 - ok
20:39:02.0392 0x0ca0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:39:02.0438 0x0ca0  tcpipreg - ok
20:39:02.0485 0x0ca0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:39:02.0501 0x0ca0  TDPIPE - ok
20:39:02.0563 0x0ca0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
20:39:02.0594 0x0ca0  TDTCP - ok
20:39:02.0641 0x0ca0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
20:39:02.0688 0x0ca0  tdx - ok
20:39:02.0735 0x0ca0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:39:02.0750 0x0ca0  TermDD - ok
20:39:02.0813 0x0ca0  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService    C:\Windows\System32\termsrv.dll
20:39:02.0860 0x0ca0  TermService - ok
20:39:02.0922 0x0ca0  [ FA5BFB71E561D279EDAE7E118435C1C9, 8010CEB7A06B9EEED425BD7048411A1BCB70975CF53974E0E0914B9D34AA98A3 ] TfFsMon        C:\Windows\system32\drivers\TfFsMon.sys
20:39:02.0938 0x0ca0  TfFsMon - ok
20:39:02.0953 0x0ca0  [ FA8400D74345EC4BF10E476CA0AAA2DF, 1F600075736083491ADDBBF75ED7A95757B8A3FF123B36190F0DA154B121C9D7 ] TfNetMon        C:\Windows\system32\drivers\TfNetMon.sys
20:39:02.0953 0x0ca0  TfNetMon - ok
20:39:03.0016 0x0ca0  [ F11AA1A704A4C027E5E8E0F355523834, 235150D847D07BC6B11282C01243EBD01570FA079A2798CACC34F8DFE6BEBC00 ] TfSysMon        C:\Windows\system32\drivers\TfSysMon.sys
20:39:03.0031 0x0ca0  TfSysMon - ok
20:39:03.0062 0x0ca0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:39:03.0094 0x0ca0  Themes - ok
20:39:03.0140 0x0ca0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
20:39:03.0172 0x0ca0  THREADORDER - ok
20:39:03.0187 0x0ca0  ThreatFire - ok
20:39:03.0250 0x0ca0  [ B8F4A8AFFAAE521A20E8D2AF3F487124, F5B03312337AA0BE75F8EE26FEFDE25C0013A5E5BD33EC1AF85C33C6E75829EA ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
20:39:03.0281 0x0ca0  TouchServiceWacom - ok
20:39:03.0296 0x0ca0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:39:03.0343 0x0ca0  TrkWks - ok
20:39:03.0406 0x0ca0  [ C6A1A2B4E8A7B92C11CA038369BD7DBE, DD8176FECD8034734995CCA62EF392804FCF9E7F1286D2FFDAFDBF2403161C0C ] truecrypt      C:\Windows\syswow64\drivers\truecrypt.sys
20:39:03.0437 0x0ca0  truecrypt - ok
20:39:03.0499 0x0ca0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:39:03.0577 0x0ca0  TrustedInstaller - ok
20:39:03.0608 0x0ca0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:39:03.0640 0x0ca0  tssecsrv - ok
20:39:03.0686 0x0ca0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:39:03.0749 0x0ca0  TsUsbFlt - ok
20:39:03.0796 0x0ca0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:39:03.0889 0x0ca0  tunnel - ok
20:39:03.0920 0x0ca0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:39:03.0920 0x0ca0  uagp35 - ok
20:39:03.0983 0x0ca0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:39:04.0045 0x0ca0  udfs - ok
20:39:04.0092 0x0ca0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
20:39:04.0123 0x0ca0  UI0Detect - ok
20:39:04.0170 0x0ca0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:39:04.0201 0x0ca0  uliagpkx - ok
20:39:04.0264 0x0ca0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
20:39:04.0295 0x0ca0  umbus - ok
20:39:04.0357 0x0ca0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:39:04.0404 0x0ca0  UmPass - ok
20:39:04.0451 0x0ca0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:39:04.0513 0x0ca0  upnphost - ok
20:39:04.0576 0x0ca0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:39:04.0638 0x0ca0  usbaudio - ok
20:39:04.0669 0x0ca0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
20:39:04.0747 0x0ca0  usbccgp - ok
20:39:04.0778 0x0ca0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:39:04.0825 0x0ca0  usbcir - ok
20:39:04.0872 0x0ca0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
20:39:04.0919 0x0ca0  usbehci - ok
20:39:04.0966 0x0ca0  [ 44D9C773FEBFF10593B50DDFC2D6BC27, 17D76961C77476FAFC4487C03A9748C378FA7C3858F764DD87B4B127504E7E1F ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
20:39:04.0997 0x0ca0  usbfilter - ok
20:39:05.0075 0x0ca0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:39:05.0137 0x0ca0  usbhub - ok
20:39:05.0153 0x0ca0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
20:39:05.0200 0x0ca0  usbohci - ok
20:39:05.0231 0x0ca0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:39:05.0278 0x0ca0  usbprint - ok
20:39:05.0340 0x0ca0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan        C:\Windows\system32\drivers\usbscan.sys
20:39:05.0418 0x0ca0  usbscan - ok
20:39:05.0449 0x0ca0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:39:05.0496 0x0ca0  USBSTOR - ok
20:39:05.0558 0x0ca0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
20:39:05.0590 0x0ca0  usbuhci - ok
20:39:05.0621 0x0ca0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:39:05.0683 0x0ca0  usbvideo - ok
20:39:05.0714 0x0ca0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
20:39:05.0792 0x0ca0  UxSms - ok
20:39:05.0839 0x0ca0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
20:39:05.0839 0x0ca0  VaultSvc - ok
20:39:05.0886 0x0ca0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:39:05.0902 0x0ca0  vdrvroot - ok
20:39:05.0980 0x0ca0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
20:39:06.0073 0x0ca0  vds - ok
20:39:06.0120 0x0ca0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
20:39:06.0151 0x0ca0  vga - ok
20:39:06.0167 0x0ca0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
20:39:06.0229 0x0ca0  VgaSave - ok
20:39:06.0292 0x0ca0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
20:39:06.0307 0x0ca0  vhdmp - ok
20:39:06.0370 0x0ca0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:39:06.0401 0x0ca0  viaide - ok
20:39:06.0463 0x0ca0  [ 1562A089B46C821487AFF8D01EE5547E, D033AF4C8EAFFB1860DDB71A15FE300BB387385F35B95364763A0821CD769988 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
20:39:06.0510 0x0ca0  VMAuthdService - detected UnsignedFile.Multi.Generic ( 1 )
20:39:06.0510 0x0ca0  VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
20:39:06.0510 0x0ca0  Force sending object to P2P due to detect: VMAuthdService
20:39:06.0510 0x0ca0  Object send P2P result: false
20:39:06.0572 0x0ca0  [ 87FC1DD880E8CAC4FAEBB84AF61A87C4, ED1B1B1DDEAA776E3CBFFDE4B8FC7FDD44A6DECEE8DEFC96EAFBFAB1ADF68A29 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
20:39:06.0604 0x0ca0  vmci - ok
20:39:06.0666 0x0ca0  [ DE41918B7ABAE9056EB1E62540D229D3, 4F17B24F1B8AA60DB141ABCBCEBE7F9D60CF9A7A8DB03269920062931758D96F ] vmkbd          C:\Windows\system32\drivers\VMkbd.sys
20:39:06.0697 0x0ca0  vmkbd - ok
20:39:06.0744 0x0ca0  [ B259C31378BC855AFD1B53F59311C251, 5FEDEC6EBA72652B89F57E275B25CC6333BE78FB2B74DEADDD588CE1089DCE89 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
20:39:06.0760 0x0ca0  VMnetAdapter - ok
20:39:06.0806 0x0ca0  [ DEC4CE720FFEDA939CF1BA315CFBD993, B06BB836B824FC682F5FD84E1D6B313A4E99089A5CED2C14CC721D172C1E3C51 ] VMnetBridge    C:\Windows\system32\DRIVERS\vmnetbridge.sys
20:39:06.0838 0x0ca0  VMnetBridge - ok
20:39:06.0869 0x0ca0  VMnetDHCP - ok
20:39:06.0884 0x0ca0  [ 41F8BFC7A658FF4FA27AC10E9C5D14A7, EB84709E4BC614812DEC9DBE3A98220B6BB38DC3E44FD8B0DA5C27445554F1AE ] VMnetuserif    C:\Windows\system32\drivers\vmnetuserif.sys
20:39:06.0900 0x0ca0  VMnetuserif - ok
20:39:06.0962 0x0ca0  [ 415B167695C4B5960A13098622EF3D80, E68AE845A6967E68FB22EB0F4D95631D041DA906801202F7662B22EAD34B2371 ] vmusb          C:\Windows\system32\Drivers\vmusb.sys
20:39:06.0994 0x0ca0  vmusb - ok
20:39:07.0150 0x0ca0  [ 18903CA7936912C337C9D28858880CF2, 6A3CF68E62AAF7DC22A299ADF7037D408CEB554BC36CD72C4C37AFEA16B84915 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
20:39:07.0196 0x0ca0  VMUSBArbService - ok
20:39:07.0228 0x0ca0  VMware NAT Service - ok
20:39:07.0664 0x0ca0  [ 09895634295862AE7087C08BBF17B346, C5759AA26E47559C81E11C6D869339C538086A6C4538EEB43974A9DD7B54B483 ] VMwareHostd    C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
20:39:08.0210 0x0ca0  VMwareHostd - detected UnsignedFile.Multi.Generic ( 1 )
20:39:08.0210 0x0ca0  VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
20:39:08.0304 0x0ca0  [ 61B270C2437EE87455864E4EEDD8867D, 9E0E18A78E839F2722BFC821CFA25D9E4D6FD48BE1A5EAEB3FB644A0D14E0B51 ] vmx86          C:\Windows\system32\drivers\vmx86.sys
20:39:08.0351 0x0ca0  vmx86 - ok
20:39:08.0398 0x0ca0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:39:08.0429 0x0ca0  volmgr - ok
20:39:08.0476 0x0ca0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
20:39:08.0507 0x0ca0  volmgrx - ok
20:39:08.0538 0x0ca0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
20:39:08.0569 0x0ca0  volsnap - ok
20:39:08.0616 0x0ca0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
20:39:08.0647 0x0ca0  vsmraid - ok
20:39:08.0756 0x0ca0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
20:39:08.0881 0x0ca0  VSS - ok
20:39:08.0944 0x0ca0  [ 6107E33A30C0B923F31C872E1980D2D1, 5094C193997CDD50EEB15CB7AF96F2106BDE0BC675FDF83D7C3CE3F7299EE286 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
20:39:08.0959 0x0ca0  vstor2-mntapi10-shared - ok
20:39:08.0990 0x0ca0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:39:09.0022 0x0ca0  vwifibus - ok
20:39:09.0022 0x0ca0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:39:09.0053 0x0ca0  vwififlt - ok
20:39:09.0100 0x0ca0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
20:39:09.0115 0x0ca0  vwifimp - ok
20:39:09.0146 0x0ca0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
20:39:09.0224 0x0ca0  W32Time - ok
20:39:09.0287 0x0ca0  [ FE75777289278A4941FE6139E82B3BD9, 4B0F3117C7D905240DB54EEE376404757258051CC5F8F312CAF748E1811368C6 ] wacmoumonitor  C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:39:09.0318 0x0ca0  wacmoumonitor - ok
20:39:09.0380 0x0ca0  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:39:09.0380 0x0ca0  wacommousefilter - ok
20:39:09.0412 0x0ca0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:39:09.0427 0x0ca0  WacomPen - ok
20:39:09.0427 0x0ca0  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid      C:\Windows\system32\DRIVERS\wacomvhid.sys
20:39:09.0443 0x0ca0  wacomvhid - ok
20:39:09.0521 0x0ca0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:39:09.0568 0x0ca0  WANARP - ok
20:39:09.0583 0x0ca0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:39:09.0614 0x0ca0  Wanarpv6 - ok
20:39:09.0724 0x0ca0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
20:39:09.0770 0x0ca0  WatAdminSvc - ok
20:39:09.0880 0x0ca0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:39:09.0958 0x0ca0  wbengine - ok
20:39:09.0989 0x0ca0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:39:10.0020 0x0ca0  WbioSrvc - ok
20:39:10.0082 0x0ca0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
20:39:10.0129 0x0ca0  wcncsvc - ok
20:39:10.0160 0x0ca0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:39:10.0176 0x0ca0  WcsPlugInService - ok
20:39:10.0192 0x0ca0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:39:10.0207 0x0ca0  Wd - ok
20:39:10.0285 0x0ca0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:39:10.0332 0x0ca0  Wdf01000 - ok
20:39:10.0379 0x0ca0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:39:10.0472 0x0ca0  WdiServiceHost - ok
20:39:10.0472 0x0ca0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost  C:\Windows\system32\wdi.dll
20:39:10.0504 0x0ca0  WdiSystemHost - ok
20:39:10.0550 0x0ca0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
20:39:10.0582 0x0ca0  WebClient - ok
20:39:10.0613 0x0ca0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:39:10.0675 0x0ca0  Wecsvc - ok
20:39:10.0706 0x0ca0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
20:39:10.0769 0x0ca0  wercplsupport - ok
20:39:10.0816 0x0ca0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:39:10.0878 0x0ca0  WerSvc - ok
20:39:10.0925 0x0ca0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:39:10.0972 0x0ca0  WfpLwf - ok
20:39:10.0987 0x0ca0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:39:11.0003 0x0ca0  WIMMount - ok
20:39:11.0034 0x0ca0  WinDefend - ok
20:39:11.0065 0x0ca0  WinHttpAutoProxySvc - ok
20:39:11.0128 0x0ca0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
20:39:11.0190 0x0ca0  Winmgmt - ok
20:39:11.0330 0x0ca0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM          C:\Windows\system32\WsmSvc.dll
20:39:11.0471 0x0ca0  WinRM - ok
20:39:11.0549 0x0ca0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:39:11.0596 0x0ca0  WinUsb - ok
20:39:11.0689 0x0ca0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
20:39:11.0752 0x0ca0  Wlansvc - ok
20:39:11.0798 0x0ca0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
20:39:11.0845 0x0ca0  WmiAcpi - ok
20:39:11.0876 0x0ca0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:39:11.0923 0x0ca0  wmiApSrv - ok
20:39:11.0970 0x0ca0  WMPNetworkSvc - ok
20:39:11.0986 0x0ca0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:39:12.0048 0x0ca0  WPCSvc - ok
20:39:12.0110 0x0ca0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:39:12.0142 0x0ca0  WPDBusEnum - ok
20:39:12.0188 0x0ca0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
20:39:12.0344 0x0ca0  ws2ifsl - ok
20:39:12.0360 0x0ca0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:39:12.0391 0x0ca0  wscsvc - ok
20:39:12.0407 0x0ca0  WSearch - ok
20:39:12.0547 0x0ca0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:39:12.0641 0x0ca0  wuauserv - ok
20:39:12.0688 0x0ca0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:39:12.0766 0x0ca0  WudfPf - ok
20:39:12.0844 0x0ca0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:39:12.0890 0x0ca0  WUDFRd - ok
20:39:12.0922 0x0ca0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
20:39:12.0953 0x0ca0  wudfsvc - ok
20:39:13.0000 0x0ca0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
20:39:13.0046 0x0ca0  WwanSvc - ok
20:39:13.0124 0x0ca0  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7        C:\Windows\system32\DRIVERS\yk62x64.sys
20:39:13.0171 0x0ca0  yukonw7 - ok
20:39:13.0234 0x0ca0  ================ Scan global ===============================
20:39:13.0265 0x0ca0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:39:13.0327 0x0ca0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:39:13.0358 0x0ca0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:39:13.0374 0x0ca0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:39:13.0421 0x0ca0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:39:13.0421 0x0ca0  [ Global ] - ok
20:39:13.0421 0x0ca0  ================ Scan MBR ==================================
20:39:13.0436 0x0ca0  [ BC7BF3BD0ABC8DCFC8F335FCAEC7E15E ] \Device\Harddisk0\DR0
20:39:13.0780 0x0ca0  \Device\Harddisk0\DR0 - ok
20:39:13.0795 0x0ca0  [ 0958E97B3AB14A63B915EFE6013A9D24 ] \Device\Harddisk1\DR1
20:39:13.0951 0x0ca0  \Device\Harddisk1\DR1 - ok
20:39:13.0951 0x0ca0  ================ Scan VBR ==================================
20:39:13.0951 0x0ca0  [ 96915FB0A803DAF81897552E957CA8BD ] \Device\Harddisk0\DR0\Partition1
20:39:13.0951 0x0ca0  \Device\Harddisk0\DR0\Partition1 - ok
20:39:13.0951 0x0ca0  [ 071EF073644F02EAEE0501641588CA11 ] \Device\Harddisk0\DR0\Partition2
20:39:13.0951 0x0ca0  \Device\Harddisk0\DR0\Partition2 - ok
20:39:13.0967 0x0ca0  [ 8229F4BBEEBAB2F3265478B28DF7D0CF ] \Device\Harddisk0\DR0\Partition3
20:39:13.0967 0x0ca0  \Device\Harddisk0\DR0\Partition3 - ok
20:39:13.0967 0x0ca0  [ C25E8DBA3C450EE68047002D200055CC ] \Device\Harddisk0\DR0\Partition4
20:39:13.0967 0x0ca0  \Device\Harddisk0\DR0\Partition4 - ok
20:39:13.0967 0x0ca0  [ 088CA80E21C0689A91E66D530BA26557 ] \Device\Harddisk1\DR1\Partition1
20:39:13.0982 0x0ca0  \Device\Harddisk1\DR1\Partition1 - ok
20:39:13.0982 0x0ca0  ================ Scan generic autorun ======================
20:39:13.0982 0x0ca0  SynTPEnh - ok
20:39:14.0060 0x0ca0  [ 59E58A7A5388E00BB4347AEBBDCC84FE, 9B06344F13C8F8831549410B78E084BFEA9EC2E181ECA49FF9586424999CE758 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
20:39:14.0092 0x0ca0  SmartMenu - ok
20:39:14.0263 0x0ca0  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:39:14.0294 0x0ca0  AdobeAAMUpdater-1.0 - ok
20:39:14.0372 0x0ca0  [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
20:39:14.0419 0x0ca0  SysTrayApp - ok
20:39:14.0622 0x0ca0  [ 0080231EC57D26B380F630CC790DAB85, CA59ED2E67D03C70A77AB0D605C6172B72B8238A42425D0F75C1C891DB89FF9A ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
20:39:14.0700 0x0ca0  IntelliPoint - ok
20:39:14.0872 0x0ca0  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
20:39:14.0934 0x0ca0  MSC - ok
20:39:14.0981 0x0ca0  [ E29DD25C9AAC2C5D626F0DF8A6A9468B, A39471F13A39FF0E82778CAFD01D51C35FE10F12FC21BDAD837C93F9FD72D46C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:39:15.0012 0x0ca0  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
20:39:15.0012 0x0ca0  StartCCC ( UnsignedFile.Multi.Generic ) - warning
20:39:15.0074 0x0ca0  [ 019D774B725DCFD9A188F07764A32214, D9926C2664754AB2FED379AE203A8D290C65FA78518B37385642F8D654EC011E ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
20:39:15.0106 0x0ca0  QlbCtrl.exe - ok
20:39:15.0121 0x0ca0  [ 15657931FB7CA61FA1B72B955E1799E7, 1B25DFE965CC6BB59817097A37ABE77A3B27269915FFA64B16F9ABF65F511FF9 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
20:39:15.0152 0x0ca0  Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
20:39:15.0152 0x0ca0  Easybits Recovery ( UnsignedFile.Multi.Generic ) - warning
20:39:15.0199 0x0ca0  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
20:39:15.0230 0x0ca0  HP Software Update - ok
20:39:15.0355 0x0ca0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:39:15.0464 0x0ca0  Sidebar - ok
20:39:15.0496 0x0ca0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:39:15.0527 0x0ca0  mctadmin - ok
20:39:15.0574 0x0ca0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:39:15.0620 0x0ca0  Sidebar - ok
20:39:15.0620 0x0ca0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:39:15.0652 0x0ca0  mctadmin - ok
20:39:15.0761 0x0ca0  [ A5F78606A9BA8F0C4C8FF9DED6ED5107, 57583EFF4FBC0B31A47ED6C7BC58E575470F9BF4F12D8E05648507ACA6741965 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
20:39:15.0808 0x0ca0  HPADVISOR - ok
20:39:15.0917 0x0ca0  Mobile Partner - ok
20:39:16.0026 0x0ca0  [ E02E715FA2BC8D88FF9362374E309D76, A10E4D4B02F147A38364A2DEBF9691771BD381B8FC1E672EF96C0509DD919EDE ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
20:39:16.0135 0x0ca0  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
20:39:16.0135 0x0ca0  LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - warning
20:39:16.0135 0x0ca0  Force sending object to P2P due to detect: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
20:39:16.0151 0x0ca0  Object send P2P result: false
20:39:16.0166 0x0ca0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
20:39:16.0182 0x0ca0  Win FW state via NFP2: enabled
20:39:16.0182 0x0ca0  ============================================================
20:39:16.0182 0x0ca0  Scan finished
20:39:16.0182 0x0ca0  ============================================================
20:39:16.0182 0x0cd4  Detected object count: 7
20:39:16.0198 0x0cd4  Actual detected object count: 7
Ist das vollständig ? - ich glaub mein Rechner hat das gespeichert ohne auf Continiue zu klicken. Es war schon im C: Laufwerk...

Servus aus Wien

schrauber 09.11.2014 08:29
Nein das Log ist nicht vollständig. Nochmal posten, zur Not bitte nochmal scannen.

zapf 09.11.2014 15:11
Hab nochmal gescannt - zur sicherheit...
 
...hier hoffe das ist vollständig:

Code:
14:41:41.0766 0x0e50  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
14:41:46.0087 0x0e50  ============================================================
14:41:46.0087 0x0e50  Current date / time: 2014/11/09 14:41:46.0087
14:41:46.0087 0x0e50  SystemInfo:
14:41:46.0087 0x0e50 
14:41:46.0087 0x0e50  OS Version: 6.1.7601 ServicePack: 1.0
14:41:46.0087 0x0e50  Product type: Workstation
14:41:46.0087 0x0e50  ComputerName: KINGOFVIENNA-PC
14:41:46.0087 0x0e50  UserName: KING OF VIENNA
14:41:46.0087 0x0e50  Windows directory: C:\Windows
14:41:46.0087 0x0e50  System windows directory: C:\Windows
14:41:46.0087 0x0e50  Running under WOW64
14:41:46.0087 0x0e50  Processor architecture: Intel x64
14:41:46.0087 0x0e50  Number of processors: 2
14:41:46.0087 0x0e50  Page size: 0x1000
14:41:46.0087 0x0e50  Boot type: Normal boot
14:41:46.0087 0x0e50  ============================================================
14:41:48.0645 0x0e50  KLMD registered as C:\Windows\system32\drivers\93093372.sys
14:41:48.0848 0x0e50  System UUID: {DD8CEF35-F649-37C7-E6F9-B13D823C2BCB}
14:41:49.0254 0x0e50  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:41:49.0269 0x0e50  Drive \Device\Harddisk1\DR2 - Size: 0x3D3FFE00 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:41:49.0269 0x0e50  ============================================================
14:41:49.0269 0x0e50  \Device\Harddisk0\DR0:
14:41:49.0269 0x0e50  MBR partitions:
14:41:49.0269 0x0e50  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:41:49.0269 0x0e50  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38793800
14:41:49.0269 0x0e50  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x387F7800, BlocksNum 0x1B5A800
14:41:49.0269 0x0e50  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:41:49.0269 0x0e50  \Device\Harddisk1\DR2:
14:41:49.0269 0x0e50  MBR partitions:
14:41:49.0269 0x0e50  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3E, BlocksNum 0x1E9B02
14:41:49.0269 0x0e50  ============================================================
14:41:49.0285 0x0e50  C: <-> \Device\Harddisk0\DR0\Partition2
14:41:49.0332 0x0e50  D: <-> \Device\Harddisk0\DR0\Partition3
14:41:49.0347 0x0e50  E: <-> \Device\Harddisk0\DR0\Partition4
14:41:49.0347 0x0e50  ============================================================
14:41:49.0347 0x0e50  Initialize success
14:41:49.0347 0x0e50  ============================================================
14:42:23.0854 0x0b48  ============================================================
14:42:23.0854 0x0b48  Scan started
14:42:23.0854 0x0b48  Mode: Manual; SigCheck; TDLFS;
14:42:23.0854 0x0b48  ============================================================
14:42:23.0854 0x0b48  KSN ping started
14:42:26.0522 0x0b48  KSN ping finished: false
14:42:27.0552 0x0b48  ================ Scan system memory ========================
14:42:27.0552 0x0b48  System memory - ok
14:42:27.0552 0x0b48  ================ Scan services =============================
14:42:27.0817 0x0b48  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:42:27.0879 0x0b48  1394ohci - ok
14:42:27.0942 0x0b48  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883          C:\Windows\system32\DRIVERS\61883.sys
14:42:27.0973 0x0b48  61883 - ok
14:42:28.0035 0x0b48  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer  C:\Windows\system32\DRIVERS\Accelerometer.sys
14:42:28.0051 0x0b48  Accelerometer - ok
14:42:28.0113 0x0b48  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:42:28.0129 0x0b48  ACPI - ok
14:42:28.0176 0x0b48  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
14:42:28.0191 0x0b48  AcpiPmi - ok
14:42:28.0363 0x0b48  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:28.0378 0x0b48  AdobeARMservice - ok
14:42:28.0441 0x0b48  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
14:42:28.0472 0x0b48  adp94xx - ok
14:42:28.0534 0x0b48  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
14:42:28.0550 0x0b48  adpahci - ok
14:42:28.0581 0x0b48  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
14:42:28.0597 0x0b48  adpu320 - ok
14:42:28.0644 0x0b48  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
14:42:28.0675 0x0b48  AeLookupSvc - ok
14:42:28.0815 0x0b48  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
14:42:28.0831 0x0b48  AESTFilters - ok
14:42:28.0909 0x0b48  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
14:42:28.0940 0x0b48  AFD - ok
14:42:29.0034 0x0b48  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
14:42:29.0080 0x0b48  AgereSoftModem - ok
14:42:29.0143 0x0b48  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:42:29.0158 0x0b48  agp440 - ok
14:42:29.0205 0x0b48  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
14:42:29.0236 0x0b48  ALG - ok
14:42:29.0299 0x0b48  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:42:29.0314 0x0b48  aliide - ok
14:42:29.0767 0x0b48  ALSysIO - ok
14:42:29.0954 0x0b48  [ BCC32BF5EBB5DFD4380FA053D3651949, 72799B17EFB11836FEA241AD844C8D5EEF62656084CE89077DAF8FC30706A019 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:42:29.0970 0x0b48  AMD External Events Utility - ok
14:42:30.0032 0x0b48  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:42:30.0048 0x0b48  amdide - ok
14:42:30.0110 0x0b48  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
14:42:30.0141 0x0b48  AmdK8 - ok
14:42:30.0188 0x0b48  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:42:30.0219 0x0b48  AmdPPM - ok
14:42:30.0266 0x0b48  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
14:42:30.0282 0x0b48  amdsata - ok
14:42:30.0313 0x0b48  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:42:30.0328 0x0b48  amdsbs - ok
14:42:30.0375 0x0b48  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
14:42:30.0406 0x0b48  amdxata - ok
14:42:30.0469 0x0b48  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID          C:\Windows\system32\drivers\appid.sys
14:42:30.0531 0x0b48  AppID - ok
14:42:30.0562 0x0b48  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:42:30.0594 0x0b48  AppIDSvc - ok
14:42:30.0656 0x0b48  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
14:42:30.0687 0x0b48  Appinfo - ok
14:42:30.0734 0x0b48  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\DRIVERS\arc.sys
14:42:30.0750 0x0b48  arc - ok
14:42:30.0765 0x0b48  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:42:30.0781 0x0b48  arcsas - ok
14:42:30.0921 0x0b48  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:42:30.0968 0x0b48  aspnet_state - ok
14:42:31.0015 0x0b48  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:31.0062 0x0b48  AsyncMac - ok
14:42:31.0124 0x0b48  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
14:42:31.0155 0x0b48  atapi - ok
14:42:31.0358 0x0b48  [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:42:31.0483 0x0b48  athr - ok
14:42:31.0623 0x0b48  [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
14:42:31.0654 0x0b48  AtiHdmiService - ok
14:42:31.0920 0x0b48  [ A29087680A1C3B049E3C05438E8FF2B8, 8895C480DE55078A0B0BDF105A745940E02A8A7545EA5EE84FB675634620AD89 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:32.0122 0x0b48  atikmdag - ok
14:42:32.0185 0x0b48  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie        C:\Windows\system32\DRIVERS\AtiPcie.sys
14:42:32.0185 0x0b48  AtiPcie - ok
14:42:32.0278 0x0b48  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:42:32.0341 0x0b48  AudioEndpointBuilder - ok
14:42:32.0372 0x0b48  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:42:32.0419 0x0b48  AudioSrv - ok
14:42:32.0497 0x0b48  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc            C:\Windows\system32\DRIVERS\avc.sys
14:42:32.0528 0x0b48  Avc - ok
14:42:32.0559 0x0b48  [ 155F536D6181508929F4FE177F4167CE, 479B100DA05EDFADEDC6853B561FF3AC6A00403AB8A54F83887B8D0BB4D76886 ] AVCSTRM        C:\Windows\system32\DRIVERS\avcstrm.sys
14:42:32.0575 0x0b48  AVCSTRM - ok
14:42:32.0653 0x0b48  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:42:32.0700 0x0b48  AxInstSV - ok
14:42:32.0793 0x0b48  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
14:42:32.0824 0x0b48  b06bdrv - ok
14:42:32.0887 0x0b48  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:42:32.0918 0x0b48  b57nd60a - ok
14:42:33.0027 0x0b48  [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc          C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:42:33.0058 0x0b48  BBSvc - ok
14:42:33.0136 0x0b48  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:42:33.0168 0x0b48  BBUpdate - ok
14:42:33.0183 0x0b48  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:42:33.0214 0x0b48  BDESVC - ok
14:42:33.0246 0x0b48  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:42:33.0292 0x0b48  Beep - ok
14:42:33.0402 0x0b48  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
14:42:33.0433 0x0b48  BFE - ok
14:42:33.0542 0x0b48  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:42:33.0604 0x0b48  BITS - ok
14:42:33.0698 0x0b48  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:33.0729 0x0b48  blbdrive - ok
14:42:33.0792 0x0b48  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:42:33.0807 0x0b48  bowser - ok
14:42:33.0870 0x0b48  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:42:33.0901 0x0b48  BrFiltLo - ok
14:42:33.0932 0x0b48  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:42:33.0948 0x0b48  BrFiltUp - ok
14:42:34.0010 0x0b48  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
14:42:34.0041 0x0b48  Browser - ok
14:42:34.0057 0x0b48  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
14:42:34.0088 0x0b48  Brserid - ok
14:42:34.0104 0x0b48  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:34.0119 0x0b48  BrSerWdm - ok
14:42:34.0135 0x0b48  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:34.0150 0x0b48  BrUsbMdm - ok
14:42:34.0166 0x0b48  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:34.0182 0x0b48  BrUsbSer - ok
14:42:34.0244 0x0b48  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum        C:\Windows\system32\DRIVERS\BthEnum.sys
14:42:34.0291 0x0b48  BthEnum - ok
14:42:34.0338 0x0b48  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:42:34.0353 0x0b48  BTHMODEM - ok
14:42:34.0384 0x0b48  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:42:34.0416 0x0b48  BthPan - ok
14:42:34.0478 0x0b48  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT        C:\Windows\system32\Drivers\BTHport.sys
14:42:34.0509 0x0b48  BTHPORT - ok
14:42:34.0540 0x0b48  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
14:42:34.0572 0x0b48  bthserv - ok
14:42:34.0618 0x0b48  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
14:42:34.0650 0x0b48  BTHUSB - ok
14:42:34.0696 0x0b48  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:42:34.0759 0x0b48  cdfs - ok
14:42:34.0837 0x0b48  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
14:42:34.0868 0x0b48  cdrom - ok
14:42:34.0930 0x0b48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
14:42:34.0977 0x0b48  CertPropSvc - ok
14:42:35.0040 0x0b48  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:42:35.0071 0x0b48  circlass - ok
14:42:35.0102 0x0b48  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:42:35.0133 0x0b48  CLFS - ok
14:42:35.0196 0x0b48  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:35.0211 0x0b48  clr_optimization_v2.0.50727_32 - ok
14:42:35.0274 0x0b48  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:42:35.0289 0x0b48  clr_optimization_v2.0.50727_64 - ok
14:42:35.0414 0x0b48  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:35.0430 0x0b48  clr_optimization_v4.0.30319_32 - ok
14:42:35.0445 0x0b48  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:42:35.0461 0x0b48  clr_optimization_v4.0.30319_64 - ok
14:42:35.0508 0x0b48  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:35.0523 0x0b48  CmBatt - ok
14:42:35.0570 0x0b48  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:42:35.0586 0x0b48  cmdide - ok
14:42:35.0648 0x0b48  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG            C:\Windows\system32\Drivers\cng.sys
14:42:35.0679 0x0b48  CNG - ok
14:42:35.0804 0x0b48  [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx      C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
14:42:35.0820 0x0b48  Com4QLBEx - ok
14:42:35.0835 0x0b48  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:42:35.0851 0x0b48  Compbatt - ok
14:42:35.0913 0x0b48  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:42:35.0944 0x0b48  CompositeBus - ok
14:42:35.0960 0x0b48  COMSysApp - ok
14:42:36.0007 0x0b48  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
14:42:36.0022 0x0b48  crcdisk - ok
14:42:36.0085 0x0b48  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:42:36.0100 0x0b48  CryptSvc - ok
14:42:36.0178 0x0b48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:42:36.0225 0x0b48  DcomLaunch - ok
14:42:36.0256 0x0b48  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
14:42:36.0303 0x0b48  defragsvc - ok
14:42:36.0366 0x0b48  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:42:36.0397 0x0b48  DfsC - ok
14:42:36.0459 0x0b48  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:42:36.0475 0x0b48  Dhcp - ok
14:42:36.0506 0x0b48  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:42:36.0537 0x0b48  discache - ok
14:42:36.0615 0x0b48  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:42:36.0709 0x0b48  Disk - ok
14:42:36.0756 0x0b48  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:42:36.0771 0x0b48  Dnscache - ok
14:42:36.0834 0x0b48  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
14:42:36.0880 0x0b48  dot3svc - ok
14:42:36.0943 0x0b48  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
14:42:36.0974 0x0b48  Dot4 - ok
14:42:36.0990 0x0b48  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print      C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:42:37.0005 0x0b48  Dot4Print - ok
14:42:37.0021 0x0b48  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb        C:\Windows\system32\DRIVERS\dot4usb.sys
14:42:37.0036 0x0b48  dot4usb - ok
14:42:37.0099 0x0b48  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
14:42:37.0146 0x0b48  DPS - ok
14:42:37.0208 0x0b48  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
14:42:37.0224 0x0b48  drmkaud - ok
14:42:37.0302 0x0b48  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01    C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:42:37.0333 0x0b48  dtsoftbus01 - ok
14:42:37.0395 0x0b48  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
14:42:37.0442 0x0b48  DXGKrnl - ok
14:42:37.0504 0x0b48  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
14:42:37.0567 0x0b48  EapHost - ok
14:42:37.0692 0x0b48  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
14:42:37.0801 0x0b48  ebdrv - ok
14:42:37.0894 0x0b48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS            C:\Windows\System32\lsass.exe
14:42:37.0926 0x0b48  EFS - ok
14:42:38.0082 0x0b48  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
14:42:38.0113 0x0b48  ehRecvr - ok
14:42:38.0144 0x0b48  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
14:42:38.0160 0x0b48  ehSched - ok
14:42:38.0253 0x0b48  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
14:42:38.0284 0x0b48  elxstor - ok
14:42:38.0331 0x0b48  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
14:42:38.0362 0x0b48  enecir - ok
14:42:38.0425 0x0b48  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:42:38.0440 0x0b48  ErrDev - ok
14:42:38.0534 0x0b48  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
14:42:38.0596 0x0b48  EventSystem - ok
14:42:38.0674 0x0b48  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev    C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:42:38.0706 0x0b48  ew_hwusbdev - ok
14:42:38.0752 0x0b48  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:42:38.0784 0x0b48  ew_usbenumfilter - ok
14:42:38.0830 0x0b48  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
14:42:38.0893 0x0b48  exfat - ok
14:42:38.0924 0x0b48  ezSharedSvc - ok
14:42:38.0955 0x0b48  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
14:42:38.0986 0x0b48  fastfat - ok
14:42:39.0080 0x0b48  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
14:42:39.0111 0x0b48  Fax - ok
14:42:39.0127 0x0b48  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
14:42:39.0142 0x0b48  fdc - ok
14:42:39.0205 0x0b48  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
14:42:39.0267 0x0b48  fdPHost - ok
14:42:39.0283 0x0b48  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:42:39.0314 0x0b48  FDResPub - ok
14:42:39.0330 0x0b48  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:42:39.0345 0x0b48  FileInfo - ok
14:42:39.0361 0x0b48  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
14:42:39.0408 0x0b48  Filetrace - ok
14:42:39.0423 0x0b48  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:42:39.0439 0x0b48  flpydisk - ok
14:42:39.0501 0x0b48  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:42:39.0532 0x0b48  FltMgr - ok
14:42:39.0626 0x0b48  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
14:42:39.0673 0x0b48  FontCache - ok
14:42:39.0751 0x0b48  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:42:39.0782 0x0b48  FontCache3.0.0.0 - ok
14:42:39.0813 0x0b48  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
14:42:39.0829 0x0b48  FsDepends - ok
14:42:39.0876 0x0b48  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:42:39.0907 0x0b48  Fs_Rec - ok
14:42:39.0985 0x0b48  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:42:40.0016 0x0b48  fvevol - ok
14:42:40.0078 0x0b48  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:42:40.0110 0x0b48  gagp30kx - ok
14:42:40.0203 0x0b48  [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:42:40.0234 0x0b48  GameConsoleService - ok
14:42:40.0328 0x0b48  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
14:42:40.0390 0x0b48  gpsvc - ok
14:42:40.0484 0x0b48  [ ADB4348DA1345877B04E22203AFC8993, D85FC268D1994944CED570A84B0B2E4F3EBFBE59823BE57285CB6CDDDF607358 ] hcmon          C:\Windows\system32\drivers\hcmon.sys
14:42:40.0515 0x0b48  hcmon - ok
14:42:40.0546 0x0b48  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:42:40.0562 0x0b48  hcw85cir - ok
14:42:40.0640 0x0b48  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:42:40.0671 0x0b48  HdAudAddService - ok
14:42:40.0734 0x0b48  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:42:40.0765 0x0b48  HDAudBus - ok
14:42:40.0780 0x0b48  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
14:42:40.0796 0x0b48  HidBatt - ok
14:42:40.0812 0x0b48  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:42:40.0827 0x0b48  HidBth - ok
14:42:40.0858 0x0b48  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
14:42:40.0874 0x0b48  HidIr - ok
14:42:40.0890 0x0b48  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
14:42:40.0921 0x0b48  hidserv - ok
14:42:40.0983 0x0b48  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:42:41.0030 0x0b48  HidUsb - ok
14:42:41.0092 0x0b48  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:42:41.0139 0x0b48  hkmsvc - ok
14:42:41.0186 0x0b48  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:42:41.0217 0x0b48  HomeGroupListener - ok
14:42:41.0264 0x0b48  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:42:41.0280 0x0b48  HomeGroupProvider - ok
14:42:41.0436 0x0b48  [ 45A12CACB97B4F15858FCFD59355A1E9, E4D671F1E413D1C45CC797C93FC042FEC9B0AE9F7039C82E516A410AD49100AA ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
14:42:41.0467 0x0b48  HP Health Check Service - ok
14:42:41.0560 0x0b48  [ F55442690A70A0278A7EED4FAAEBF576, 9BE7A30A08DB05D38994B14F53C9178552DE5898DB016B171E20E3046046B296 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:42:41.0592 0x0b48  HPDrvMntSvc.exe - ok
14:42:41.0654 0x0b48  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
14:42:41.0685 0x0b48  hpdskflt - ok
14:42:41.0841 0x0b48  [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:42:41.0872 0x0b48  HpqKbFiltr - ok
14:42:41.0966 0x0b48  [ 640E51DB253265C3EAC075866B3D2B33, 3408C908AADCA784BA7C0C044CC50B3759E2B142013D4B12B05E97A141036E15 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:42:42.0013 0x0b48  hpqwmiex - ok
14:42:42.0091 0x0b48  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:42:42.0122 0x0b48  HpSAMD - ok
14:42:42.0138 0x0b48  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv          C:\Windows\system32\Hpservice.exe
14:42:42.0153 0x0b48  hpsrv - ok
14:42:42.0216 0x0b48  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:42:42.0278 0x0b48  HTTP - ok
14:42:42.0340 0x0b48  [ 4DBBFCE863FE1B64C770EB53A3BA5860, DA77FB5D865779834CDCEE74200B9346FA3A4D0465F7A49C877ED6F786232CEF ] huawei_cdcacm  C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:42:42.0372 0x0b48  huawei_cdcacm - ok
14:42:42.0450 0x0b48  [ F80E301136A4101814385A3B934AB4CD, 20A6B74CF9E93C3F1A9E3273C41C04582C34F7C40250AB4B69C25CAD36A00775 ] huawei_cdcecm  C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
14:42:42.0465 0x0b48  huawei_cdcecm - ok
14:42:42.0496 0x0b48  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:42:42.0512 0x0b48  huawei_enumerator - ok
14:42:42.0559 0x0b48  [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:42:42.0574 0x0b48  huawei_ext_ctrl - ok
14:42:42.0855 0x0b48  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
14:42:42.0871 0x0b48  HWDeviceService64.exe - ok
14:42:42.0918 0x0b48  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:42:42.0933 0x0b48  hwpolicy - ok
14:42:42.0996 0x0b48  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:42:43.0027 0x0b48  i8042prt - ok
14:42:43.0089 0x0b48  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
14:42:43.0120 0x0b48  iaStorV - ok
14:42:43.0198 0x0b48  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:42:43.0230 0x0b48  idsvc - ok
14:42:43.0261 0x0b48  IEEtwCollectorService - ok
14:42:43.0510 0x0b48  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:42:43.0729 0x0b48  igfx - ok
14:42:43.0791 0x0b48  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
14:42:43.0807 0x0b48  iirsp - ok
14:42:43.0869 0x0b48  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:42:43.0916 0x0b48  IKEEXT - ok
14:42:43.0963 0x0b48  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:42:43.0978 0x0b48  intelide - ok
14:42:43.0994 0x0b48  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:42:44.0010 0x0b48  intelppm - ok
14:42:44.0072 0x0b48  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
14:42:44.0103 0x0b48  IPBusEnum - ok
14:42:44.0150 0x0b48  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:44.0197 0x0b48  IpFilterDriver - ok
14:42:44.0259 0x0b48  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:42:44.0290 0x0b48  iphlpsvc - ok
14:42:44.0337 0x0b48  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
14:42:44.0353 0x0b48  IPMIDRV - ok
14:42:44.0384 0x0b48  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
14:42:44.0431 0x0b48  IPNAT - ok
14:42:44.0478 0x0b48  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:42:44.0493 0x0b48  IRENUM - ok
14:42:44.0540 0x0b48  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:42:44.0556 0x0b48  isapnp - ok
14:42:44.0634 0x0b48  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:42:44.0649 0x0b48  iScsiPrt - ok
14:42:44.0696 0x0b48  [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
14:42:44.0743 0x0b48  JMCR - ok
14:42:44.0805 0x0b48  [ 38BD6037FD2A6243A7606C0E87B847E5, 59EA889596F306FD0D67D94D97E2470006D1404F62A771415F10529A39F655D9 ] johci          C:\Windows\system32\DRIVERS\johci.sys
14:42:44.0836 0x0b48  johci - ok
14:42:44.0852 0x0b48  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:42:44.0852 0x0b48  kbdclass - ok
14:42:44.0914 0x0b48  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:42:44.0946 0x0b48  kbdhid - ok
14:42:44.0961 0x0b48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
14:42:44.0977 0x0b48  KeyIso - ok
14:42:45.0039 0x0b48  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:42:45.0070 0x0b48  KSecDD - ok
14:42:45.0086 0x0b48  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
14:42:45.0102 0x0b48  KSecPkg - ok
14:42:45.0133 0x0b48  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
14:42:45.0164 0x0b48  ksthunk - ok
14:42:45.0195 0x0b48  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
14:42:45.0242 0x0b48  KtmRm - ok
14:42:45.0320 0x0b48  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:42:45.0398 0x0b48  LanmanServer - ok
14:42:45.0445 0x0b48  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:42:45.0476 0x0b48  LanmanWorkstation - ok
14:42:45.0601 0x0b48  [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:42:45.0617 0x0b48  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
14:42:45.0695 0x0b48  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
14:42:45.0695 0x0b48  Force sending object to P2P due to detect: LightScribeService
14:42:45.0710 0x0b48  Object send P2P result: false
14:42:45.0757 0x0b48  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:42:45.0804 0x0b48  lltdio - ok
14:42:45.0851 0x0b48  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
14:42:45.0897 0x0b48  lltdsvc - ok
14:42:45.0913 0x0b48  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
14:42:45.0960 0x0b48  lmhosts - ok
14:42:46.0022 0x0b48  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:42:46.0053 0x0b48  LSI_FC - ok
14:42:46.0085 0x0b48  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
14:42:46.0100 0x0b48  LSI_SAS - ok
14:42:46.0100 0x0b48  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:42:46.0116 0x0b48  LSI_SAS2 - ok
14:42:46.0147 0x0b48  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:42:46.0163 0x0b48  LSI_SCSI - ok
14:42:46.0178 0x0b48  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
14:42:46.0225 0x0b48  luafv - ok
14:42:46.0272 0x0b48  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
14:42:46.0303 0x0b48  Mcx2Svc - ok
14:42:46.0334 0x0b48  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
14:42:46.0350 0x0b48  megasas - ok
14:42:46.0365 0x0b48  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:42:46.0381 0x0b48  MegaSR - ok
14:42:46.0506 0x0b48  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:42:46.0537 0x0b48  Microsoft Office Groove Audit Service - ok
14:42:46.0568 0x0b48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
14:42:46.0599 0x0b48  MMCSS - ok
14:42:46.0615 0x0b48  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
14:42:46.0646 0x0b48  Modem - ok
14:42:46.0709 0x0b48  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
14:42:46.0740 0x0b48  monitor - ok
14:42:46.0802 0x0b48  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:42:46.0833 0x0b48  mouclass - ok
14:42:46.0896 0x0b48  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:42:46.0927 0x0b48  mouhid - ok
14:42:46.0974 0x0b48  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:42:46.0989 0x0b48  mountmgr - ok
14:42:47.0099 0x0b48  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:42:47.0130 0x0b48  MozillaMaintenance - ok
14:42:47.0192 0x0b48  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:42:47.0208 0x0b48  MpFilter - ok
14:42:47.0239 0x0b48  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:42:47.0255 0x0b48  mpio - ok
14:42:47.0301 0x0b48  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:42:47.0364 0x0b48  mpsdrv - ok
14:42:47.0457 0x0b48  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:42:47.0535 0x0b48  MpsSvc - ok
14:42:47.0582 0x0b48  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:42:47.0613 0x0b48  MRxDAV - ok
14:42:47.0660 0x0b48  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:47.0676 0x0b48  mrxsmb - ok
14:42:47.0738 0x0b48  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:47.0769 0x0b48  mrxsmb10 - ok
14:42:47.0816 0x0b48  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:47.0832 0x0b48  mrxsmb20 - ok
14:42:47.0879 0x0b48  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:42:47.0910 0x0b48  msahci - ok
14:42:47.0972 0x0b48  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
14:42:47.0988 0x0b48  msdsm - ok
14:42:48.0019 0x0b48  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
14:42:48.0035 0x0b48  MSDTC - ok
14:42:48.0097 0x0b48  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:42:48.0144 0x0b48  Msfs - ok
14:42:48.0159 0x0b48  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
14:42:48.0206 0x0b48  mshidkmdf - ok
14:42:48.0253 0x0b48  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:42:48.0284 0x0b48  msisadrv - ok
14:42:48.0347 0x0b48  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
14:42:48.0393 0x0b48  MSiSCSI - ok
14:42:48.0409 0x0b48  msiserver - ok
14:42:48.0456 0x0b48  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
14:42:48.0503 0x0b48  MSKSSRV - ok
14:42:48.0643 0x0b48  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:42:48.0690 0x0b48  MsMpSvc - ok
14:42:48.0705 0x0b48  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:48.0752 0x0b48  MSPCLOCK - ok
14:42:48.0752 0x0b48  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
14:42:48.0799 0x0b48  MSPQM - ok
14:42:48.0877 0x0b48  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
14:42:48.0908 0x0b48  MsRPC - ok
14:42:48.0908 0x0b48  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:42:48.0924 0x0b48  mssmbios - ok
14:42:48.0986 0x0b48  [ 966EC55988D580B9823C453781309450, 52942A68A3DE6C6A9730D27667A0AAA35B65889C37B243B83CC9B54DFAFE4A2D ] MSTAPE          C:\Windows\system32\DRIVERS\mstape.sys
14:42:49.0017 0x0b48  MSTAPE - ok
14:42:49.0033 0x0b48  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
14:42:49.0080 0x0b48  MSTEE - ok
14:42:49.0095 0x0b48  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:42:49.0111 0x0b48  MTConfig - ok
14:42:49.0127 0x0b48  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
14:42:49.0142 0x0b48  Mup - ok
14:42:49.0205 0x0b48  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:42:49.0251 0x0b48  napagent - ok
14:42:49.0314 0x0b48  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
14:42:49.0345 0x0b48  NativeWifiP - ok
14:42:49.0439 0x0b48  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:42:49.0485 0x0b48  NDIS - ok
14:42:49.0501 0x0b48  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
14:42:49.0548 0x0b48  NdisCap - ok
14:42:49.0595 0x0b48  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:42:49.0626 0x0b48  NdisTapi - ok
14:42:49.0673 0x0b48  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
14:42:49.0704 0x0b48  Ndisuio - ok
14:42:49.0766 0x0b48  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
14:42:49.0813 0x0b48  NdisWan - ok
14:42:49.0860 0x0b48  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
14:42:49.0891 0x0b48  NDProxy - ok
14:42:49.0938 0x0b48  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
14:42:49.0985 0x0b48  NetBIOS - ok
14:42:50.0047 0x0b48  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
14:42:50.0094 0x0b48  NetBT - ok
14:42:50.0109 0x0b48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
14:42:50.0125 0x0b48  Netlogon - ok
14:42:50.0156 0x0b48  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:42:50.0203 0x0b48  Netman - ok
14:42:50.0265 0x0b48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0281 0x0b48  NetMsmqActivator - ok
14:42:50.0328 0x0b48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0343 0x0b48  NetPipeActivator - ok
14:42:50.0390 0x0b48  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:42:50.0437 0x0b48  netprofm - ok
14:42:50.0484 0x0b48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0499 0x0b48  NetTcpActivator - ok
14:42:50.0515 0x0b48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:50.0531 0x0b48  NetTcpPortSharing - ok
14:42:50.0749 0x0b48  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:42:50.0952 0x0b48  netw5v64 - ok
14:42:50.0999 0x0b48  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
14:42:51.0014 0x0b48  nfrd960 - ok
14:42:51.0077 0x0b48  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:42:51.0092 0x0b48  NisDrv - ok
14:42:51.0139 0x0b48  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:42:51.0170 0x0b48  NisSrv - ok
14:42:51.0217 0x0b48  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:42:51.0233 0x0b48  NlaSvc - ok
14:42:51.0264 0x0b48  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:42:51.0311 0x0b48  Npfs - ok
14:42:51.0326 0x0b48  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
14:42:51.0373 0x0b48  nsi - ok
14:42:51.0389 0x0b48  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:42:51.0420 0x0b48  nsiproxy - ok
14:42:51.0529 0x0b48  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:42:51.0591 0x0b48  Ntfs - ok
14:42:51.0607 0x0b48  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:42:51.0638 0x0b48  Null - ok
14:42:51.0701 0x0b48  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:42:51.0716 0x0b48  nvraid - ok
14:42:51.0747 0x0b48  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:42:51.0763 0x0b48  nvstor - ok
14:42:51.0794 0x0b48  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:42:51.0810 0x0b48  nv_agp - ok
14:42:51.0981 0x0b48  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:42:51.0997 0x0b48  odserv - ok
14:42:52.0075 0x0b48  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:42:52.0106 0x0b48  ohci1394 - ok
14:42:52.0215 0x0b48  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:42:52.0262 0x0b48  ose - ok
14:42:52.0293 0x0b48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:42:52.0325 0x0b48  p2pimsvc - ok
14:42:52.0356 0x0b48  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:42:52.0387 0x0b48  p2psvc - ok
14:42:52.0403 0x0b48  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
14:42:52.0418 0x0b48  Parport - ok
14:42:52.0465 0x0b48  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
14:42:52.0512 0x0b48  partmgr - ok
14:42:52.0543 0x0b48  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:42:52.0559 0x0b48  PcaSvc - ok
14:42:52.0621 0x0b48  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
14:42:52.0652 0x0b48  pci - ok
14:42:52.0699 0x0b48  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:42:52.0715 0x0b48  pciide - ok
14:42:52.0746 0x0b48  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:42:52.0761 0x0b48  pcmcia - ok
14:42:52.0777 0x0b48  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
14:42:52.0793 0x0b48  pcw - ok
14:42:52.0964 0x0b48  [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
14:42:53.0011 0x0b48  PDF Architect Helper Service - ok
14:42:53.0042 0x0b48  [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
14:42:53.0073 0x0b48  PDF Architect Service - ok
14:42:53.0120 0x0b48  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:42:53.0167 0x0b48  PEAUTH - ok
14:42:53.0245 0x0b48  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:42:53.0261 0x0b48  PerfHost - ok
14:42:53.0385 0x0b48  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
14:42:53.0463 0x0b48  pla - ok
14:42:53.0526 0x0b48  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:42:53.0541 0x0b48  PlugPlay - ok
14:42:53.0573 0x0b48  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
14:42:53.0588 0x0b48  PNRPAutoReg - ok
14:42:53.0604 0x0b48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
14:42:53.0635 0x0b48  PNRPsvc - ok
14:42:53.0713 0x0b48  [ 33328FA8A580885AB0065BE6DB266E9F, 645A1B1702ADB0D3F784B998CDF17524CC6C4891594AA075D538A0656BAE69B8 ] Point64        C:\Windows\system32\DRIVERS\point64.sys
14:42:53.0729 0x0b48  Point64 - ok
14:42:53.0791 0x0b48  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
14:42:53.0838 0x0b48  PolicyAgent - ok
14:42:53.0869 0x0b48  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
14:42:53.0916 0x0b48  Power - ok
14:42:53.0978 0x0b48  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:42:54.0041 0x0b48  PptpMiniport - ok
14:42:54.0056 0x0b48  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
14:42:54.0072 0x0b48  Processor - ok
14:42:54.0134 0x0b48  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc        C:\Windows\system32\profsvc.dll
14:42:54.0165 0x0b48  ProfSvc - ok
14:42:54.0165 0x0b48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:42:54.0181 0x0b48  ProtectedStorage - ok
14:42:54.0243 0x0b48  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:42:54.0275 0x0b48  Psched - ok
14:42:54.0353 0x0b48  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:42:54.0368 0x0b48  PxHlpa64 - ok
14:42:54.0446 0x0b48  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:42:54.0493 0x0b48  ql2300 - ok
14:42:54.0524 0x0b48  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:42:54.0540 0x0b48  ql40xx - ok
14:42:54.0571 0x0b48  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
14:42:54.0587 0x0b48  QWAVE - ok
14:42:54.0618 0x0b48  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:42:54.0633 0x0b48  QWAVEdrv - ok
14:42:54.0649 0x0b48  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:42:54.0680 0x0b48  RasAcd - ok
14:42:54.0743 0x0b48  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
14:42:54.0789 0x0b48  RasAgileVpn - ok
14:42:54.0805 0x0b48  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
14:42:54.0852 0x0b48  RasAuto - ok
14:42:54.0899 0x0b48  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
14:42:54.0930 0x0b48  Rasl2tp - ok
14:42:55.0008 0x0b48  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:42:55.0055 0x0b48  RasMan - ok
14:42:55.0070 0x0b48  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:42:55.0117 0x0b48  RasPppoe - ok
14:42:55.0133 0x0b48  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
14:42:55.0164 0x0b48  RasSstp - ok
14:42:55.0242 0x0b48  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
14:42:55.0289 0x0b48  rdbss - ok
14:42:55.0320 0x0b48  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:42:55.0335 0x0b48  rdpbus - ok
14:42:55.0351 0x0b48  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:42:55.0398 0x0b48  RDPCDD - ok
14:42:55.0445 0x0b48  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:42:55.0491 0x0b48  RDPENCDD - ok
14:42:55.0507 0x0b48  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:42:55.0554 0x0b48  RDPREFMP - ok
14:42:55.0663 0x0b48  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:42:55.0694 0x0b48  RdpVideoMiniport - ok
14:42:55.0741 0x0b48  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
14:42:55.0772 0x0b48  RDPWD - ok
14:42:55.0850 0x0b48  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:42:55.0881 0x0b48  rdyboost - ok
14:42:55.0913 0x0b48  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:42:55.0944 0x0b48  RemoteAccess - ok
14:42:55.0975 0x0b48  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:42:56.0006 0x0b48  RemoteRegistry - ok
14:42:56.0084 0x0b48  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:42:56.0115 0x0b48  RFCOMM - ok
14:42:56.0193 0x0b48  [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo      C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:42:56.0225 0x0b48  RichVideo - ok
14:42:56.0240 0x0b48  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:42:56.0287 0x0b48  RpcEptMapper - ok
14:42:56.0287 0x0b48  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:42:56.0303 0x0b48  RpcLocator - ok
14:42:56.0396 0x0b48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
14:42:56.0459 0x0b48  RpcSs - ok
14:42:56.0505 0x0b48  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:42:56.0568 0x0b48  rspndr - ok
14:42:56.0661 0x0b48  [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
14:42:56.0693 0x0b48  RTL8167 - ok
14:42:56.0786 0x0b48  [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187        C:\Windows\system32\DRIVERS\rtl8187.sys
14:42:56.0833 0x0b48  RTL8187 - ok
14:42:56.0849 0x0b48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs          C:\Windows\system32\lsass.exe
14:42:56.0864 0x0b48  SamSs - ok
14:42:56.0927 0x0b48  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:42:56.0942 0x0b48  sbp2port - ok
14:42:56.0989 0x0b48  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:42:57.0036 0x0b48  SCardSvr - ok
14:42:57.0083 0x0b48  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:42:57.0129 0x0b48  scfilter - ok
14:42:57.0239 0x0b48  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:42:57.0317 0x0b48  Schedule - ok
14:42:57.0363 0x0b48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
14:42:57.0410 0x0b48  SCPolicySvc - ok
14:42:57.0473 0x0b48  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus          C:\Windows\system32\drivers\sdbus.sys
14:42:57.0488 0x0b48  sdbus - ok
14:42:57.0535 0x0b48  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:42:57.0566 0x0b48  SDRSVC - ok
14:42:57.0613 0x0b48  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:42:57.0644 0x0b48  secdrv - ok
14:42:57.0660 0x0b48  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:42:57.0691 0x0b48  seclogon - ok
14:42:57.0722 0x0b48  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:42:57.0753 0x0b48  SENS - ok
14:42:57.0800 0x0b48  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:42:57.0816 0x0b48  SensrSvc - ok
14:42:57.0847 0x0b48  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
14:42:57.0894 0x0b48  Serenum - ok
14:42:57.0909 0x0b48  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:42:57.0925 0x0b48  Serial - ok
14:42:57.0972 0x0b48  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:42:57.0987 0x0b48  sermouse - ok
14:42:58.0050 0x0b48  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:42:58.0097 0x0b48  SessionEnv - ok
14:42:58.0112 0x0b48  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
14:42:58.0128 0x0b48  sffdisk - ok
14:42:58.0143 0x0b48  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:42:58.0159 0x0b48  sffp_mmc - ok
14:42:58.0175 0x0b48  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
14:42:58.0190 0x0b48  sffp_sd - ok
14:42:58.0206 0x0b48  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
14:42:58.0221 0x0b48  sfloppy - ok
14:42:58.0284 0x0b48  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:42:58.0331 0x0b48  SharedAccess - ok
14:42:58.0362 0x0b48  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:42:58.0409 0x0b48  ShellHWDetection - ok
14:42:58.0471 0x0b48  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:42:58.0471 0x0b48  SiSRaid2 - ok
14:42:58.0487 0x0b48  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:42:58.0502 0x0b48  SiSRaid4 - ok
14:42:58.0580 0x0b48  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
14:42:58.0596 0x0b48  SkypeUpdate - ok
14:42:58.0658 0x0b48  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
14:42:58.0705 0x0b48  Smb - ok
14:42:58.0767 0x0b48  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:42:58.0783 0x0b48  SNMPTRAP - ok
14:42:58.0845 0x0b48  [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan        C:\Windows\syswow64\speedfan.sys
14:42:58.0861 0x0b48  speedfan - ok
14:42:58.0861 0x0b48  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
14:42:58.0877 0x0b48  spldr - ok
14:42:58.0939 0x0b48  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
14:42:58.0986 0x0b48  Spooler - ok
14:42:59.0142 0x0b48  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:42:59.0282 0x0b48  sppsvc - ok
14:42:59.0329 0x0b48  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
14:42:59.0376 0x0b48  sppuinotify - ok
14:42:59.0438 0x0b48  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
14:42:59.0454 0x0b48  srv - ok
14:42:59.0516 0x0b48  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:42:59.0547 0x0b48  srv2 - ok
14:42:59.0594 0x0b48  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA      C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:42:59.0625 0x0b48  SrvHsfHDA - ok
14:42:59.0688 0x0b48  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92      C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:42:59.0735 0x0b48  SrvHsfV92 - ok
14:42:59.0781 0x0b48  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac    C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:42:59.0813 0x0b48  SrvHsfWinac - ok
14:42:59.0844 0x0b48  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:42:59.0859 0x0b48  srvnet - ok
14:42:59.0891 0x0b48  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
14:42:59.0937 0x0b48  SSDPSRV - ok
14:42:59.0953 0x0b48  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
14:42:59.0984 0x0b48  SstpSvc - ok
14:43:00.0047 0x0b48  [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
14:43:00.0062 0x0b48  ss_bus - ok
14:43:00.0109 0x0b48  [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl        C:\Windows\system32\DRIVERS\ss_mdfl.sys
14:43:00.0125 0x0b48  ss_mdfl - ok
14:43:00.0140 0x0b48  [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
14:43:00.0156 0x0b48  ss_mdm - ok
14:43:00.0312 0x0b48  [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
14:43:00.0343 0x0b48  STacSV - ok
14:43:00.0359 0x0b48  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:43:00.0374 0x0b48  stexstor - ok
14:43:00.0452 0x0b48  [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
14:43:00.0499 0x0b48  STHDA - ok
14:43:00.0608 0x0b48  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:43:00.0639 0x0b48  stisvc - ok
14:43:00.0702 0x0b48  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:43:00.0717 0x0b48  swenum - ok
14:43:00.0905 0x0b48  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:43:00.0936 0x0b48  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:43:00.0936 0x0b48  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:43:00.0983 0x0b48  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
14:43:01.0045 0x0b48  swprv - ok
14:43:01.0139 0x0b48  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
14:43:01.0185 0x0b48  SynTP - ok
14:43:01.0310 0x0b48  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
14:43:01.0388 0x0b48  SysMain - ok
14:43:01.0435 0x0b48  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:43:01.0466 0x0b48  TabletInputService - ok
14:43:01.0887 0x0b48  [ B9E475AB1AABB21F278EA74965F918B9, 7563C990E44954190BCD796174D1E4636319F6D799B2EE1362D27604C3C0F89F ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
14:43:02.0106 0x0b48  TabletServiceWacom - ok
14:43:02.0184 0x0b48  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
14:43:02.0231 0x0b48  TapiSrv - ok
14:43:02.0277 0x0b48  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
14:43:02.0340 0x0b48  TBS - ok
14:43:02.0558 0x0b48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
14:43:02.0621 0x0b48  Tcpip - ok
14:43:02.0745 0x0b48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:43:02.0808 0x0b48  TCPIP6 - ok
14:43:02.0901 0x0b48  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:43:02.0933 0x0b48  tcpipreg - ok
14:43:02.0995 0x0b48  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:43:03.0011 0x0b48  TDPIPE - ok
14:43:03.0057 0x0b48  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
14:43:03.0089 0x0b48  TDTCP - ok
14:43:03.0135 0x0b48  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
14:43:03.0198 0x0b48  tdx - ok
14:43:03.0245 0x0b48  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:43:03.0276 0x0b48  TermDD - ok
14:43:03.0338 0x0b48  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService    C:\Windows\System32\termsrv.dll
14:43:03.0385 0x0b48  TermService - ok
14:43:03.0447 0x0b48  [ FA5BFB71E561D279EDAE7E118435C1C9, 8010CEB7A06B9EEED425BD7048411A1BCB70975CF53974E0E0914B9D34AA98A3 ] TfFsMon        C:\Windows\system32\drivers\TfFsMon.sys
14:43:03.0479 0x0b48  TfFsMon - ok
14:43:03.0510 0x0b48  [ FA8400D74345EC4BF10E476CA0AAA2DF, 1F600075736083491ADDBBF75ED7A95757B8A3FF123B36190F0DA154B121C9D7 ] TfNetMon        C:\Windows\system32\drivers\TfNetMon.sys
14:43:03.0525 0x0b48  TfNetMon - ok
14:43:03.0572 0x0b48  [ F11AA1A704A4C027E5E8E0F355523834, 235150D847D07BC6B11282C01243EBD01570FA079A2798CACC34F8DFE6BEBC00 ] TfSysMon        C:\Windows\system32\drivers\TfSysMon.sys
14:43:03.0603 0x0b48  TfSysMon - ok
14:43:03.0635 0x0b48  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:43:03.0666 0x0b48  Themes - ok
14:43:03.0697 0x0b48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
14:43:03.0728 0x0b48  THREADORDER - ok
14:43:03.0744 0x0b48  ThreatFire - ok
14:43:03.0837 0x0b48  [ B8F4A8AFFAAE521A20E8D2AF3F487124, F5B03312337AA0BE75F8EE26FEFDE25C0013A5E5BD33EC1AF85C33C6E75829EA ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
14:43:03.0853 0x0b48  TouchServiceWacom - ok
14:43:03.0869 0x0b48  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:43:03.0915 0x0b48  TrkWks - ok
14:43:03.0978 0x0b48  [ C6A1A2B4E8A7B92C11CA038369BD7DBE, DD8176FECD8034734995CCA62EF392804FCF9E7F1286D2FFDAFDBF2403161C0C ] truecrypt      C:\Windows\syswow64\drivers\truecrypt.sys
14:43:04.0009 0x0b48  truecrypt - ok
14:43:04.0087 0x0b48  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:43:04.0149 0x0b48  TrustedInstaller - ok
14:43:04.0196 0x0b48  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:43:04.0212 0x0b48  tssecsrv - ok
14:43:04.0243 0x0b48  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:43:04.0259 0x0b48  TsUsbFlt - ok
14:43:04.0305 0x0b48  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:43:04.0352 0x0b48  tunnel - ok
14:43:04.0383 0x0b48  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:43:04.0399 0x0b48  uagp35 - ok
14:43:04.0477 0x0b48  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:43:04.0508 0x0b48  udfs - ok
14:43:04.0555 0x0b48  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
14:43:04.0571 0x0b48  UI0Detect - ok
14:43:04.0617 0x0b48  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:43:04.0633 0x0b48  uliagpkx - ok
14:43:04.0695 0x0b48  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
14:43:04.0711 0x0b48  umbus - ok
14:43:04.0773 0x0b48  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:43:04.0789 0x0b48  UmPass - ok
14:43:04.0820 0x0b48  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:43:04.0867 0x0b48  upnphost - ok
14:43:04.0929 0x0b48  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:43:04.0945 0x0b48  usbaudio - ok
14:43:04.0992 0x0b48  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
14:43:05.0007 0x0b48  usbccgp - ok
14:43:05.0054 0x0b48  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:43:05.0070 0x0b48  usbcir - ok
14:43:05.0117 0x0b48  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
14:43:05.0132 0x0b48  usbehci - ok
14:43:05.0179 0x0b48  [ 44D9C773FEBFF10593B50DDFC2D6BC27, 17D76961C77476FAFC4487C03A9748C378FA7C3858F764DD87B4B127504E7E1F ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
14:43:05.0195 0x0b48  usbfilter - ok
14:43:05.0241 0x0b48  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:43:05.0273 0x0b48  usbhub - ok
14:43:05.0288 0x0b48  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
14:43:05.0304 0x0b48  usbohci - ok
14:43:05.0366 0x0b48  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:43:05.0382 0x0b48  usbprint - ok
14:43:05.0444 0x0b48  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan        C:\Windows\system32\drivers\usbscan.sys
14:43:05.0460 0x0b48  usbscan - ok
14:43:05.0460 0x0b48  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:43:05.0475 0x0b48  USBSTOR - ok
14:43:05.0507 0x0b48  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
14:43:05.0522 0x0b48  usbuhci - ok
14:43:05.0553 0x0b48  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:43:05.0569 0x0b48  usbvideo - ok
14:43:05.0600 0x0b48  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
14:43:05.0647 0x0b48  UxSms - ok
14:43:05.0694 0x0b48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
14:43:05.0709 0x0b48  VaultSvc - ok
14:43:05.0756 0x0b48  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:43:05.0772 0x0b48  vdrvroot - ok
14:43:05.0834 0x0b48  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
14:43:05.0881 0x0b48  vds - ok
14:43:05.0912 0x0b48  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
14:43:05.0928 0x0b48  vga - ok
14:43:05.0943 0x0b48  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
14:43:05.0990 0x0b48  VgaSave - ok
14:43:06.0037 0x0b48  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
14:43:06.0053 0x0b48  vhdmp - ok
14:43:06.0115 0x0b48  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:43:06.0131 0x0b48  viaide - ok
14:43:06.0193 0x0b48  [ 1562A089B46C821487AFF8D01EE5547E, D033AF4C8EAFFB1860DDB71A15FE300BB387385F35B95364763A0821CD769988 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
14:43:06.0209 0x0b48  VMAuthdService - detected UnsignedFile.Multi.Generic ( 1 )
14:43:06.0209 0x0b48  VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
14:43:06.0209 0x0b48  Force sending object to P2P due to detect: VMAuthdService
14:43:06.0209 0x0b48  Object send P2P result: false
14:43:06.0255 0x0b48  [ 87FC1DD880E8CAC4FAEBB84AF61A87C4, ED1B1B1DDEAA776E3CBFFDE4B8FC7FDD44A6DECEE8DEFC96EAFBFAB1ADF68A29 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
14:43:06.0287 0x0b48  vmci - ok
14:43:06.0349 0x0b48  [ DE41918B7ABAE9056EB1E62540D229D3, 4F17B24F1B8AA60DB141ABCBCEBE7F9D60CF9A7A8DB03269920062931758D96F ] vmkbd          C:\Windows\system32\drivers\VMkbd.sys
14:43:06.0349 0x0b48  vmkbd - ok
14:43:06.0411 0x0b48  [ B259C31378BC855AFD1B53F59311C251, 5FEDEC6EBA72652B89F57E275B25CC6333BE78FB2B74DEADDD588CE1089DCE89 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:43:06.0427 0x0b48  VMnetAdapter - ok
14:43:06.0474 0x0b48  [ DEC4CE720FFEDA939CF1BA315CFBD993, B06BB836B824FC682F5FD84E1D6B313A4E99089A5CED2C14CC721D172C1E3C51 ] VMnetBridge    C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:43:06.0489 0x0b48  VMnetBridge - ok
14:43:06.0521 0x0b48  VMnetDHCP - ok
14:43:06.0552 0x0b48  [ 41F8BFC7A658FF4FA27AC10E9C5D14A7, EB84709E4BC614812DEC9DBE3A98220B6BB38DC3E44FD8B0DA5C27445554F1AE ] VMnetuserif    C:\Windows\system32\drivers\vmnetuserif.sys
14:43:06.0567 0x0b48  VMnetuserif - ok
14:43:06.0630 0x0b48  [ 415B167695C4B5960A13098622EF3D80, E68AE845A6967E68FB22EB0F4D95631D041DA906801202F7662B22EAD34B2371 ] vmusb          C:\Windows\system32\Drivers\vmusb.sys
14:43:06.0661 0x0b48  vmusb - ok
14:43:06.0786 0x0b48  [ 18903CA7936912C337C9D28858880CF2, 6A3CF68E62AAF7DC22A299ADF7037D408CEB554BC36CD72C4C37AFEA16B84915 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
14:43:06.0817 0x0b48  VMUSBArbService - ok
14:43:06.0848 0x0b48  VMware NAT Service - ok
14:43:07.0285 0x0b48  [ 09895634295862AE7087C08BBF17B346, C5759AA26E47559C81E11C6D869339C538086A6C4538EEB43974A9DD7B54B483 ] VMwareHostd    C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
14:43:07.0675 0x0b48  VMwareHostd - detected UnsignedFile.Multi.Generic ( 1 )
14:43:07.0675 0x0b48  VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
14:43:07.0769 0x0b48  [ 61B270C2437EE87455864E4EEDD8867D, 9E0E18A78E839F2722BFC821CFA25D9E4D6FD48BE1A5EAEB3FB644A0D14E0B51 ] vmx86          C:\Windows\system32\drivers\vmx86.sys
14:43:07.0815 0x0b48  vmx86 - ok
14:43:07.0878 0x0b48  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:43:07.0893 0x0b48  volmgr - ok
14:43:07.0971 0x0b48  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
14:43:08.0003 0x0b48  volmgrx - ok
14:43:08.0034 0x0b48  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
14:43:08.0049 0x0b48  volsnap - ok
14:43:08.0112 0x0b48  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
14:43:08.0127 0x0b48  vsmraid - ok
14:43:08.0268 0x0b48  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
14:43:08.0361 0x0b48  VSS - ok
14:43:08.0424 0x0b48  [ 6107E33A30C0B923F31C872E1980D2D1, 5094C193997CDD50EEB15CB7AF96F2106BDE0BC675FDF83D7C3CE3F7299EE286 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
14:43:08.0439 0x0b48  vstor2-mntapi10-shared - ok
14:43:08.0455 0x0b48  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:43:08.0471 0x0b48  vwifibus - ok
14:43:08.0486 0x0b48  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:43:08.0502 0x0b48  vwififlt - ok
14:43:08.0549 0x0b48  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
14:43:08.0564 0x0b48  vwifimp - ok
14:43:08.0642 0x0b48  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
14:43:08.0705 0x0b48  W32Time - ok
14:43:08.0783 0x0b48  [ FE75777289278A4941FE6139E82B3BD9, 4B0F3117C7D905240DB54EEE376404757258051CC5F8F312CAF748E1811368C6 ] wacmoumonitor  C:\Windows\system32\DRIVERS\wacmoumonitor.sys
14:43:08.0798 0x0b48  wacmoumonitor - ok
14:43:08.0861 0x0b48  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
14:43:08.0876 0x0b48  wacommousefilter - ok
14:43:08.0907 0x0b48  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:43:08.0923 0x0b48  WacomPen - ok
14:43:08.0939 0x0b48  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid      C:\Windows\system32\DRIVERS\wacomvhid.sys
14:43:08.0954 0x0b48  wacomvhid - ok
14:43:09.0017 0x0b48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:43:09.0079 0x0b48  WANARP - ok
14:43:09.0079 0x0b48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:43:09.0126 0x0b48  Wanarpv6 - ok
14:43:09.0251 0x0b48  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
14:43:09.0313 0x0b48  WatAdminSvc - ok
14:43:09.0469 0x0b48  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:43:09.0531 0x0b48  wbengine - ok
14:43:09.0594 0x0b48  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:43:09.0609 0x0b48  WbioSrvc - ok
14:43:09.0687 0x0b48  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
14:43:09.0719 0x0b48  wcncsvc - ok
14:43:09.0734 0x0b48  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:43:09.0750 0x0b48  WcsPlugInService - ok
14:43:09.0765 0x0b48  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:43:09.0781 0x0b48  Wd - ok
14:43:09.0875 0x0b48  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:43:09.0921 0x0b48  Wdf01000 - ok
14:43:09.0968 0x0b48  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:43:10.0015 0x0b48  WdiServiceHost - ok
14:43:10.0015 0x0b48  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost  C:\Windows\system32\wdi.dll
14:43:10.0031 0x0b48  WdiSystemHost - ok
14:43:10.0109 0x0b48  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
14:43:10.0140 0x0b48  WebClient - ok
14:43:10.0171 0x0b48  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:43:10.0218 0x0b48  Wecsvc - ok
14:43:10.0233 0x0b48  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
14:43:10.0280 0x0b48  wercplsupport - ok
14:43:10.0296 0x0b48  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:43:10.0343 0x0b48  WerSvc - ok
14:43:10.0374 0x0b48  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:43:10.0405 0x0b48  WfpLwf - ok
14:43:10.0421 0x0b48  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:43:10.0436 0x0b48  WIMMount - ok
14:43:10.0467 0x0b48  WinDefend - ok
14:43:10.0499 0x0b48  WinHttpAutoProxySvc - ok
14:43:10.0577 0x0b48  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
14:43:10.0639 0x0b48  Winmgmt - ok
14:43:10.0779 0x0b48  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM          C:\Windows\system32\WsmSvc.dll
14:43:10.0873 0x0b48  WinRM - ok
14:43:10.0967 0x0b48  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:43:11.0013 0x0b48  WinUsb - ok
14:43:11.0091 0x0b48  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
14:43:11.0138 0x0b48  Wlansvc - ok
14:43:11.0185 0x0b48  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
14:43:11.0201 0x0b48  WmiAcpi - ok
14:43:11.0232 0x0b48  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:43:11.0247 0x0b48  wmiApSrv - ok
14:43:11.0310 0x0b48  WMPNetworkSvc - ok
14:43:11.0325 0x0b48  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:43:11.0357 0x0b48  WPCSvc - ok
14:43:11.0403 0x0b48  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:43:11.0435 0x0b48  WPDBusEnum - ok
14:43:11.0466 0x0b48  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
14:43:11.0497 0x0b48  ws2ifsl - ok
14:43:11.0513 0x0b48  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:43:11.0544 0x0b48  wscsvc - ok
14:43:11.0544 0x0b48  WSearch - ok
14:43:11.0684 0x0b48  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:43:11.0762 0x0b48  wuauserv - ok
14:43:11.0809 0x0b48  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:43:11.0825 0x0b48  WudfPf - ok
14:43:11.0903 0x0b48  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:43:11.0918 0x0b48  WUDFRd - ok
14:43:11.0934 0x0b48  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
14:43:11.0949 0x0b48  wudfsvc - ok
14:43:12.0012 0x0b48  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
14:43:12.0027 0x0b48  WwanSvc - ok
14:43:12.0105 0x0b48  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7        C:\Windows\system32\DRIVERS\yk62x64.sys
14:43:12.0137 0x0b48  yukonw7 - ok
14:43:12.0293 0x0b48  ================ Scan global ===============================
14:43:12.0324 0x0b48  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:43:12.0386 0x0b48  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:43:12.0417 0x0b48  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:43:12.0433 0x0b48  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:43:12.0480 0x0b48  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:43:12.0495 0x0b48  [ Global ] - ok
14:43:12.0495 0x0b48  ================ Scan MBR ==================================
14:43:12.0511 0x0b48  [ BC7BF3BD0ABC8DCFC8F335FCAEC7E15E ] \Device\Harddisk0\DR0
14:43:12.0839 0x0b48  \Device\Harddisk0\DR0 - ok
14:43:12.0839 0x0b48  [ 0958E97B3AB14A63B915EFE6013A9D24 ] \Device\Harddisk1\DR2
14:43:12.0995 0x0b48  \Device\Harddisk1\DR2 - ok
14:43:12.0995 0x0b48  ================ Scan VBR ==================================
14:43:12.0995 0x0b48  [ 96915FB0A803DAF81897552E957CA8BD ] \Device\Harddisk0\DR0\Partition1
14:43:12.0995 0x0b48  \Device\Harddisk0\DR0\Partition1 - ok
14:43:12.0995 0x0b48  [ 071EF073644F02EAEE0501641588CA11 ] \Device\Harddisk0\DR0\Partition2
14:43:13.0010 0x0b48  \Device\Harddisk0\DR0\Partition2 - ok
14:43:13.0010 0x0b48  [ 8229F4BBEEBAB2F3265478B28DF7D0CF ] \Device\Harddisk0\DR0\Partition3
14:43:13.0010 0x0b48  \Device\Harddisk0\DR0\Partition3 - ok
14:43:13.0010 0x0b48  [ C25E8DBA3C450EE68047002D200055CC ] \Device\Harddisk0\DR0\Partition4
14:43:13.0010 0x0b48  \Device\Harddisk0\DR0\Partition4 - ok
14:43:13.0026 0x0b48  [ 27253B394F8C2A1EB464170554D08B83 ] \Device\Harddisk1\DR2\Partition1
14:43:13.0026 0x0b48  \Device\Harddisk1\DR2\Partition1 - ok
14:43:13.0026 0x0b48  ================ Scan generic autorun ======================
14:43:13.0026 0x0b48  SynTPEnh - ok
14:43:13.0104 0x0b48  [ 59E58A7A5388E00BB4347AEBBDCC84FE, 9B06344F13C8F8831549410B78E084BFEA9EC2E181ECA49FF9586424999CE758 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
14:43:13.0135 0x0b48  SmartMenu - ok
14:43:13.0291 0x0b48  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:43:13.0322 0x0b48  AdobeAAMUpdater-1.0 - ok
14:43:13.0385 0x0b48  [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
14:43:13.0416 0x0b48  SysTrayApp - ok
14:43:13.0587 0x0b48  [ 0080231EC57D26B380F630CC790DAB85, CA59ED2E67D03C70A77AB0D605C6172B72B8238A42425D0F75C1C891DB89FF9A ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
14:43:13.0650 0x0b48  IntelliPoint - ok
14:43:13.0790 0x0b48  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
14:43:13.0853 0x0b48  MSC - ok
14:43:13.0915 0x0b48  [ E29DD25C9AAC2C5D626F0DF8A6A9468B, A39471F13A39FF0E82778CAFD01D51C35FE10F12FC21BDAD837C93F9FD72D46C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:43:13.0931 0x0b48  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
14:43:13.0931 0x0b48  StartCCC ( UnsignedFile.Multi.Generic ) - warning
14:43:13.0931 0x0b48  Force sending object to P2P due to detect: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:43:13.0931 0x0b48  Object send P2P result: false
14:43:13.0993 0x0b48  [ 019D774B725DCFD9A188F07764A32214, D9926C2664754AB2FED379AE203A8D290C65FA78518B37385642F8D654EC011E ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
14:43:14.0009 0x0b48  QlbCtrl.exe - ok
14:43:14.0040 0x0b48  [ 15657931FB7CA61FA1B72B955E1799E7, 1B25DFE965CC6BB59817097A37ABE77A3B27269915FFA64B16F9ABF65F511FF9 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
14:43:14.0055 0x0b48  Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
14:43:14.0055 0x0b48  Easybits Recovery ( UnsignedFile.Multi.Generic ) - warning
14:43:14.0087 0x0b48  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
14:43:14.0087 0x0b48  HP Software Update - ok
14:43:14.0227 0x0b48  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:43:14.0274 0x0b48  Sidebar - ok
14:43:14.0321 0x0b48  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:43:14.0336 0x0b48  mctadmin - ok
14:43:14.0383 0x0b48  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:43:14.0430 0x0b48  Sidebar - ok
14:43:14.0430 0x0b48  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:43:14.0461 0x0b48  mctadmin - ok
14:43:14.0539 0x0b48  [ A5F78606A9BA8F0C4C8FF9DED6ED5107, 57583EFF4FBC0B31A47ED6C7BC58E575470F9BF4F12D8E05648507ACA6741965 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
14:43:14.0601 0x0b48  HPADVISOR - ok
14:43:14.0648 0x0b48  Mobile Partner - ok
14:43:14.0773 0x0b48  [ E02E715FA2BC8D88FF9362374E309D76, A10E4D4B02F147A38364A2DEBF9691771BD381B8FC1E672EF96C0509DD919EDE ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
14:43:14.0851 0x0b48  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
14:43:14.0851 0x0b48  LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - warning
14:43:14.0867 0x0b48  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
14:43:14.0882 0x0b48  Win FW state via NFP2: enabled
14:43:14.0882 0x0b48  ============================================================
14:43:14.0882 0x0b48  Scan finished
14:43:14.0882 0x0b48  ============================================================
14:43:14.0898 0x1680  Detected object count: 7
14:43:14.0898 0x1680  Actual detected object count: 7
14:50:07.0529 0x1680  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0529 0x1680  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0529 0x1680  VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680  VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0529 0x1680  VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0529 0x1680  VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0544 0x1680  StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0544 0x1680  StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0544 0x1680  Easybits Recovery ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0544 0x1680  Easybits Recovery ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:07.0544 0x1680  LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:07.0544 0x1680  LightScribe Control Panel ( UnsignedFile.Multi.Generic ) - User select action: Skip

Die mir angezeigten Funde (die ja auch am Ende vom Log aufgezählt werden) hab ich mir alle angesehen.
Weiss nat. nicht ob die malware sind oder nicht - die waren alle als "unsigned file" gekennzeichnet - und als "medium risk" angegeben.
Dass manche Softwareherstelle manchmal schlampen bei den "Signatures" kommt vor oder?
Jedenfalls sind die alle auf dem System plausibel weil die dazugehörige Software tatsächlich installiert wurde. Aber ob die manipuliert sind - weiss ich nat. nicht.

Zu meinen Symptomen:
Wie gesagt waren es ja die 3 emails die in 3 Konten bei unterschiedlichen Provider eingegangen sind.
Hab ich mir nohcmal angeschaut: Sind alle 3 innerhalb von 15 Minuten verschickt worden.
Es ist nat. nicht ganz auszuschliessen das irgendein emai-harvest-bot (oder wie nennt man sowas) emailverkehr von mir irgendwann abgefangen hat und damit an diese emailadressen gekommen ist.

Ich mache im Jahr ca. 4 Aussendungen an alle - vor Jahren is ein mal passiert, dass ich die Empfänger irrtümlich nicht im BCC hatte sondern im CC - das könnte damals nat. irgendwo gelandet sein.
Ev. waren da alle 5 Adressen dabei (meine 3 email Konten, die gefälschte Absenderin - eine Freundin von mir, die email-liste zu der ich gehöre die aber sonst serh unbekannt ist und nur einem kleinen Kreis gehört).
Oder falls irgendwer/etwas bei meinen letzten Aussendungen schon am Weg zu meinem SMTP-Server die Adressen abgegriffen hat.
DANN WÄRS EV MÖGLICH DASS DIESE EMAIL AUCH OHNE MALWARE DIE AUF MEINEM LAPTOP LÄUFT ERKLÄRBAR WÄRE.

Servus aus Wien und DANKE !!!!

schrauber 10.11.2014 10:22
Rechner ist sauber. Ich tippe auf Spoofing oder einfach Konto gehackt.

zapf 11.11.2014 13:12
Vielen DANK!!
 
Danke für Deine Hilfe.

Falls ich nochmal Fragen habe zu diesem Problem - also wos keinen Sinn macht einen neuen Thread zu beginnen - dürft ich mcih dann an Dich wenden?
Und falls das OK ist - wie am besten - nochmal hier als Antwort?
PN ist ja glaub ich nicht erwünscht.

Ich geh jetzt nochmal genau die involvierten emails und Adressen durch. Kam alles nach Juni 2014.

Servus aus Wien.

schrauber 12.11.2014 10:21
Einfach hier rein schreiben, ich seh das dann :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:40 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19