Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail (https://www.trojaner-board.de/161788-bluescreen-langsamer-pc-anklicken-1-1-phishing-mail.html)

mrfraenk 12.12.2014 22:20
Bluescreen und langsamer PC nach anklicken von 1&1 phishing Mail
 
Hallo,

ich habe vor ein paar Tagen eine 1&1 Email bekommen, die sich als Phishing Mail herausgestellt hat. Blöderweise habe ich den link in der mail angeklickt. Dann hat nur etwas geflasht, nichts ist aber sichtbar passiert. Ich habe aber bemerkt, daß der Rechner die Tage danach langsamer geworden ist, manchmal eingefroren und als ich dann noch einen bluescreen bekam habe ich den Netzstecker gezogen.

Ich habe mir hier nach Eurer Anleitung die log files erstellt (defogger, frst, gmer), die ich im Folgenden poste. Ich bin mir nicht sicher, was ich mir hier eingefangen habe, daher hoffe ich auf Eure Hilfe.
Ich bin mit meinem Laptop bis jetzt nicht mehr online gegangen, weil ich den Schaden erst beheben möchte.

Ich hoffe ihr könnt mir helfen. Außer den Logfiles habe ich bisher noch nichts unternommen.

Defogger:

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:30 on 28/11/2014 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by **** at 2014-11-29 20:15:12
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDB_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.37268 - Ask.com) <==== ATTENTION
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon RAW Codec (HKLM\...\Canon RAW Codec) (Version: 1.11.0.75 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
EOS USB WIA Driver (HKLM\...\EOS USB WIA Driver) (Version: 6.0.0.4 - )
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Fotosizer 2.08 (HKLM\...\Fotosizer) (Version: 2.08.0.545 - Fotosizer.com)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Home Media Center (HKLM\...\{9E3F5348-136A-4FBC-A8D4-D0B6DB871AD4}) (Version: 2.7.0 - Tomáš Pšenák)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.6 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SopCast 3.8.2 (HKLM\...\SopCast) (Version: 3.8.2 - www.sopcast.com)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VU5x86 (Version: 1.1.0 - Sony Corporation ) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-26 14:53 - 2014-11-26 14:53 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Admin (S-1-5-21-1638528110-3385496625-2341026817-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1638528110-3385496625-2341026817-500 - Administrator - Disabled)
Gast (S-1-5-21-1638528110-3385496625-2341026817-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1638528110-3385496625-2341026817-1002 - Limited - Enabled)
**** (S-1-5-21-1638528110-3385496625-2341026817-1000 - Limited - Enabled) => C:\Users\****

==================== Faulty Device Manager Devices =============

Name: Officejet 6300 series
Description: Officejet 6300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2014 07:50:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2014 09:13:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2014 11:39:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2231

Error: (11/28/2014 11:39:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2231

Error: (11/28/2014 11:39:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/28/2014 11:39:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1186

Error: (11/28/2014 11:39:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1186

Error: (11/28/2014 11:39:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2014 07:50:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2014 07:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5382


System errors:
=============
Error: (11/28/2014 09:12:30 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001a (0x00041287, 0x00000024, 0x00000000, 0x00000000)C:\Windows\MEMORY.DMP112814-24117-01

Error: (11/28/2014 09:12:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎11.‎2014 um 21:10:44 unerwartet heruntergefahren.

Error: (11/28/2014 03:15:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (11/28/2014 03:15:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (11/28/2014 03:15:58 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (11/28/2014 03:15:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (11/28/2014 03:15:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (11/28/2014 03:15:57 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (11/28/2014 03:15:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (11/28/2014 02:48:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) Duo CPU T2250 @ 1.73GHz
Percentage of memory in use: 41%
Total physical RAM: 2038.18 MB
Available physical RAM: 1186.52 MB
Total Pagefile: 4076.36 MB
Available Pagefile: 2896.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:326.21 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
FRST:

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by **** (ATTENTION: The logged in user is not administrator) on ****-PC on 29-11-2014 20:14:17
Running from C:\Users\****\Desktop
Loaded Profile: **** (Available profiles: **** & Admin)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2013-03-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2013-03-06] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA2B9320C9819CE01
HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKU\S-1-5-21-1638528110-3385496625-2341026817-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKU\S-1-5-21-1638528110-3385496625-2341026817-1000 -> {0D5D3AA0-47A0-4354-A6A3-3837F344D6FB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=6173485f-7a53-48e0-a13e-41ffa4f7d4e2&apn_sauid=B089D1FC-6801-4992-A972-C62442CB47E6
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\25ccy1o0.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\25ccy1o0.default\Extensions\abs@avira.com [2014-11-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-04]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [957056 2012-10-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-02] (Avira Operations GmbH & Co. KG)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-17] (Avira GmbH)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [227328 2013-03-06] (Texas Instruments)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-29 20:14 - 2014-11-29 20:14 - 00009545 _____ () C:\Users\****\Desktop\FRST.txt
2014-11-29 20:13 - 2014-11-29 20:14 - 00000000 ____D () C:\FRST
2014-11-29 20:13 - 2014-11-29 20:12 - 01109504 _____ (Farbar) C:\Users\****\Desktop\FRST.exe
2014-11-29 20:11 - 2014-11-29 20:09 - 02117632 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-11-28 22:30 - 2014-11-28 22:31 - 00000472 _____ () C:\Users\****\Desktop\defogger_disable.log
2014-11-28 22:30 - 2014-11-28 22:30 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-11-28 22:29 - 2014-11-28 22:23 - 00380416 _____ () C:\Users\****\Desktop\Gmer-19357.exe
2014-11-28 22:29 - 2014-11-28 22:21 - 00050477 _____ () C:\Users\****\Desktop\Defogger.exe
2014-11-28 21:12 - 2014-11-28 21:12 - 186265379 _____ () C:\Windows\MEMORY.DMP
2014-11-28 21:12 - 2014-11-28 21:12 - 00000000 ____D () C:\Windows\Minidump
2014-11-26 14:53 - 2014-11-26 14:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-22 19:52 - 2014-11-22 19:52 - 00000000 ____D () C:\Users\****\.dvdcss
2014-11-21 22:35 - 2014-11-22 21:37 - 00000000 ____D () C:\ProgramData\PMS
2014-11-21 22:35 - 2014-11-21 22:35 - 00000964 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
2014-11-21 22:35 - 2014-11-21 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-11-21 22:35 - 2014-11-21 22:35 - 00000000 ____D () C:\Program Files\PS3 Media Server
2014-11-21 22:33 - 2014-11-21 22:34 - 00000000 ____D () C:\Users\Admin\Downloads\pms-1.90.1-setup-full
2014-11-21 22:31 - 2014-11-21 22:33 - 107506905 _____ () C:\Users\Admin\Downloads\pms-1.90.1-setup-full.zip
2014-11-21 22:29 - 2014-11-21 22:29 - 01125200 _____ () C:\Users\****\Downloads\PS3 Media Server - CHIP-Installer.exe
2014-11-21 21:53 - 2014-11-21 21:58 - 00000000 ____D () C:\Users\****\AppData\Roaming\Home Media Center
2014-11-21 21:53 - 2014-11-21 21:53 - 00003041 _____ () C:\Users\****\Desktop\Home Media Center.lnk
2014-11-21 21:53 - 2014-11-21 21:53 - 00003001 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Media Center.lnk
2014-11-21 21:53 - 2014-11-21 21:53 - 00000100 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-11-21 21:53 - 2014-11-21 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-11-21 21:53 - 2014-11-21 21:53 - 00000000 ____D () C:\Program Files\Home Media Center
2014-11-21 21:53 - 2014-11-21 21:53 - 00000000 ____D () C:\Program Files\ffdshow
2014-11-21 21:53 - 2014-02-09 20:36 - 00112640 _____ () C:\Windows\system32\ff_vfw.dll
2014-11-21 21:51 - 2014-11-21 21:52 - 27667063 _____ () C:\Users\****\Downloads\HomeMediaCenterSetupX86.exe
2014-11-21 21:44 - 2014-11-21 21:45 - 19282712 _____ (PacketVideo) C:\Users\****\Downloads\42pfl6007k_12_wtm_.exe
2014-11-21 21:24 - 2014-11-21 21:24 - 00000000 ____D () C:\Users\****\AppData\Roaming\TwonkyMedia
2014-11-21 21:05 - 2014-11-21 21:37 - 00000000 ____D () C:\ProgramData\twonkyclient
2014-11-21 21:03 - 2014-11-21 21:03 - 00000011 _____ () C:\ProgramData\.tv7
2014-11-21 21:01 - 2014-11-21 21:01 - 19282712 _____ (PacketVideo) C:\Users\****\Downloads\32pfl5507k_12_wtm_.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-29 20:14 - 2010-11-20 22:01 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-29 20:03 - 2013-02-18 21:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-29 19:57 - 2009-07-14 05:34 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-29 19:57 - 2009-07-14 05:34 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-29 19:53 - 2013-02-16 18:12 - 01729614 _____ () C:\Windows\WindowsUpdate.log
2014-11-29 19:49 - 2013-06-29 11:27 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-29 19:49 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-29 19:49 - 2009-07-14 05:39 - 00051594 _____ () C:\Windows\setupact.log
2014-11-28 22:30 - 2013-02-17 13:02 - 00000000 ____D () C:\Users\Admin
2014-11-28 22:17 - 2013-06-29 11:27 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-28 21:12 - 2013-02-16 21:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-27 19:48 - 2010-11-20 22:48 - 00074072 _____ () C:\Windows\PFRO.log
2014-11-26 19:56 - 2013-02-18 21:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 19:56 - 2013-02-18 21:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-22 19:52 - 2013-02-16 18:46 - 00000000 ____D () C:\Users\****
2014-11-21 22:23 - 2013-03-12 23:23 - 00000000 ____D () C:\Users\****\AppData\Roaming\vlc
2014-11-21 22:10 - 2010-11-21 01:46 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-18 21:03 - 2013-02-18 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-16 10:43 - 2014-09-26 20:40 - 00241120 _____ () C:\Users\****\Documents\offcejet
2014-11-07 11:01 - 2014-08-18 08:05 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-07 11:00 - 2014-09-12 20:07 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 11:00 - 2013-02-17 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 11:00 - 2013-02-17 16:48 - 00000000 ____D () C:\Program Files\Avira
2014-11-03 15:34 - 2009-07-14 05:53 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-30 10:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe
C:\Users\****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpygjeer.dll
C:\Users\****\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\****\AppData\Local\Temp\jna2742885216751578482.dll
C:\Users\****\AppData\Local\Temp\jna7240504456644862758.dll
C:\Users\****\AppData\Local\Temp\jna7372095625293796002.dll
C:\Users\****\AppData\Local\Temp\mpegc.dll
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
GMER Log:

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-12-12 21:28:08
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD5000LPVT-22G33T0 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\axdiifow.sys


---- System - GMER 2.1 ----

SSDT            8DDAA94E                                  ZwCreateSection
SSDT            8DDAA958                                  ZwRequestWaitReplyPort
SSDT            8DDAA953                                  ZwSetContextThread
SSDT            8DDAA95D                                  ZwSetSecurityObject
SSDT            8DDAA962                                  ZwSystemDebugControl
SSDT            8DDAA8EF                                  ZwTerminateProcess

---- Kernel code sections - GMER 2.1 ----

.text          ntkrnlpa.exe!ZwRollbackEnlistment + 142D  82C4CA15 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2    82C86212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          ntkrnlpa.exe!KeRemoveQueueEx + 11F7      82C8D58C 4 Bytes  [4E, A9, DA, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1553      82C8D8E8 4 Bytes  [58, A9, DA, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1597      82C8D92C 4 Bytes  [53, A9, DA, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1613      82C8D9A8 4 Bytes  [5D, A9, DA, 8D]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1667      82C8D9FC 4 Bytes  JMP DAA96282
.text          ...                                     

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\fastfat \Fat                  fltmgr.sys

---- EOF - GMER 2.1 ----

Ich bedanke mich schon jetzt für Eure Hilfe uns warte auf eine Antwort, damit ich weiß wie ich weiter vorgehen soll.

Herzlichen Dank

Viele Grüße
Frank

schrauber 12.12.2014 22:43
hi,

unsere Tools brauchen immer Adminrechte!!

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1638528110-3385496625-2341026817-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.37268 - Ask.com) <==== ATTENTION


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

mrfraenk 14.12.2014 00:04
Hallo,

vielen Dank für die schnelle Antwort.

Ich habe den Rechner als Admin gestartet und die Punkte unten durchgeführt.

Revo Uninstaller hat kein Avira SearchFree Toolbar angezeigt?!?
Ich bin dann zu TDSS übergegangen.

Log File ist folgendes:

Code:
23:18:05.0373 0x165c  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
23:18:44.0186 0x165c  ============================================================
23:18:44.0186 0x165c  Current date / time: 2014/12/13 23:18:44.0186
23:18:44.0186 0x165c  SystemInfo:
23:18:44.0186 0x165c 
23:18:44.0186 0x165c  OS Version: 6.1.7601 ServicePack: 1.0
23:18:44.0186 0x165c  Product type: Workstation
23:18:44.0186 0x165c  ComputerName: ****-PC
23:18:44.0202 0x165c  UserName: Admin
23:18:44.0202 0x165c  Windows directory: C:\Windows
23:18:44.0202 0x165c  System windows directory: C:\Windows
23:18:44.0202 0x165c  Processor architecture: Intel x86
23:18:44.0202 0x165c  Number of processors: 2
23:18:44.0202 0x165c  Page size: 0x1000
23:18:44.0202 0x165c  Boot type: Normal boot
23:18:44.0202 0x165c  ============================================================
23:18:45.0746 0x165c  KLMD registered as C:\Windows\system32\drivers\81636463.sys
23:18:46.0011 0x165c  System UUID: {4C1BB72A-8816-BBC1-CC71-63C5861EFA37}
23:18:46.0542 0x165c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:18:46.0542 0x165c  Drive \Device\Harddisk3\DR6 - Size: 0x1DEC00000 ( 7.48 Gb ), SectorSize: 0x200, Cylinders: 0x3D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:18:46.0542 0x165c  ============================================================
23:18:46.0542 0x165c  \Device\Harddisk0\DR0:
23:18:46.0542 0x165c  MBR partitions:
23:18:46.0542 0x165c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:18:46.0542 0x165c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
23:18:46.0542 0x165c  \Device\Harddisk3\DR6:
23:18:46.0542 0x165c  MBR partitions:
23:18:46.0542 0x165c  \Device\Harddisk3\DR6\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xEF4000
23:18:46.0542 0x165c  ============================================================
23:18:46.0573 0x165c  C: <-> \Device\Harddisk0\DR0\Partition2
23:18:46.0573 0x165c  ============================================================
23:18:46.0573 0x165c  Initialize success
23:18:46.0573 0x165c  ============================================================
23:19:39.0004 0x054c  ============================================================
23:19:39.0004 0x054c  Scan started
23:19:39.0004 0x054c  Mode: Manual; SigCheck; TDLFS;
23:19:39.0004 0x054c  ============================================================
23:19:39.0004 0x054c  KSN ping started
23:19:39.0114 0x054c  KSN ping finished: false
23:19:39.0878 0x054c  ================ Scan system memory ========================
23:19:39.0878 0x054c  System memory - ok
23:19:39.0878 0x054c  ================ Scan services =============================
23:19:40.0050 0x054c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:19:40.0159 0x054c  1394ohci - ok
23:19:40.0190 0x054c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:19:40.0221 0x054c  ACPI - ok
23:19:40.0252 0x054c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
23:19:40.0284 0x054c  AcpiPmi - ok
23:19:40.0393 0x054c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:19:40.0424 0x054c  AdobeARMservice - ok
23:19:40.0502 0x054c  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:19:40.0533 0x054c  AdobeFlashPlayerUpdateSvc - ok
23:19:40.0580 0x054c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
23:19:40.0627 0x054c  adp94xx - ok
23:19:40.0642 0x054c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci        C:\Windows\system32\drivers\adpahci.sys
23:19:40.0674 0x054c  adpahci - ok
23:19:40.0689 0x054c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320        C:\Windows\system32\drivers\adpu320.sys
23:19:40.0720 0x054c  adpu320 - ok
23:19:40.0752 0x054c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
23:19:40.0845 0x054c  AeLookupSvc - ok
23:19:40.0908 0x054c  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD            C:\Windows\system32\drivers\afd.sys
23:19:40.0954 0x054c  AFD - ok
23:19:40.0986 0x054c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
23:19:41.0017 0x054c  agp440 - ok
23:19:41.0048 0x054c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
23:19:41.0064 0x054c  aic78xx - ok
23:19:41.0110 0x054c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG            C:\Windows\System32\alg.exe
23:19:41.0142 0x054c  ALG - ok
23:19:41.0173 0x054c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:19:41.0188 0x054c  aliide - ok
23:19:41.0220 0x054c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:19:41.0251 0x054c  amdagp - ok
23:19:41.0266 0x054c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:19:41.0282 0x054c  amdide - ok
23:19:41.0298 0x054c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
23:19:41.0329 0x054c  AmdK8 - ok
23:19:41.0329 0x054c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:19:41.0360 0x054c  AmdPPM - ok
23:19:41.0376 0x054c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
23:19:41.0391 0x054c  amdsata - ok
23:19:41.0423 0x054c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:19:41.0438 0x054c  amdsbs - ok
23:19:41.0454 0x054c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
23:19:41.0469 0x054c  amdxata - ok
23:19:41.0563 0x054c  [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:19:41.0594 0x054c  AntiVirSchedulerService - ok
23:19:41.0641 0x054c  [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:19:41.0688 0x054c  AntiVirService - ok
23:19:41.0735 0x054c  [ 7C2F57BCE81FA74933F0E1C84A97C9DB, FC84A1B09379B74CEA8AFED4F1AF5F8609DE46AB89B42E4EE70D286FB256F4D7 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
23:19:41.0766 0x054c  ApfiltrService - ok
23:19:41.0813 0x054c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID          C:\Windows\system32\drivers\appid.sys
23:19:41.0844 0x054c  AppID - ok
23:19:41.0891 0x054c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:19:41.0937 0x054c  AppIDSvc - ok
23:19:41.0984 0x054c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo        C:\Windows\System32\appinfo.dll
23:19:42.0031 0x054c  Appinfo - ok
23:19:42.0078 0x054c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:19:42.0093 0x054c  Apple Mobile Device - ok
23:19:42.0125 0x054c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc            C:\Windows\system32\drivers\arc.sys
23:19:42.0171 0x054c  arc - ok
23:19:42.0171 0x054c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:19:42.0203 0x054c  arcsas - ok
23:19:42.0312 0x054c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:19:42.0327 0x054c  aspnet_state - ok
23:19:42.0359 0x054c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:19:42.0405 0x054c  AsyncMac - ok
23:19:42.0421 0x054c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi          C:\Windows\system32\drivers\atapi.sys
23:19:42.0437 0x054c  atapi - ok
23:19:42.0515 0x054c  [ 614A60AEE03A6151FDCBAC295854A9CB, 0453BD59AEF21F2EFD6E1E39F1CF691E694BC778073843111AE5FA2BB1DEF31B ] athr            C:\Windows\system32\DRIVERS\athr.sys
23:19:42.0624 0x054c  athr - ok
23:19:42.0686 0x054c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:19:42.0749 0x054c  AudioEndpointBuilder - ok
23:19:42.0780 0x054c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:19:42.0842 0x054c  Audiosrv - ok
23:19:42.0889 0x054c  [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:19:42.0920 0x054c  avgntflt - ok
23:19:42.0951 0x054c  [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:19:42.0967 0x054c  avipbb - ok
23:19:43.0061 0x054c  [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
23:19:43.0092 0x054c  Avira.OE.ServiceHost - ok
23:19:43.0107 0x054c  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:19:43.0123 0x054c  avkmgr - ok
23:19:43.0170 0x054c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:19:43.0232 0x054c  AxInstSV - ok
23:19:43.0279 0x054c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv        C:\Windows\system32\drivers\bxvbdx.sys
23:19:43.0341 0x054c  b06bdrv - ok
23:19:43.0373 0x054c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
23:19:43.0404 0x054c  b57nd60x - ok
23:19:43.0435 0x054c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
23:19:43.0466 0x054c  BDESVC - ok
23:19:43.0482 0x054c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:19:43.0529 0x054c  Beep - ok
23:19:43.0575 0x054c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE            C:\Windows\System32\bfe.dll
23:19:43.0638 0x054c  BFE - ok
23:19:43.0685 0x054c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
23:19:43.0778 0x054c  BITS - ok
23:19:43.0794 0x054c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:19:43.0825 0x054c  blbdrive - ok
23:19:43.0919 0x054c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:19:43.0965 0x054c  Bonjour Service - ok
23:19:43.0997 0x054c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:19:44.0043 0x054c  bowser - ok
23:19:44.0059 0x054c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:19:44.0090 0x054c  BrFiltLo - ok
23:19:44.0106 0x054c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:19:44.0137 0x054c  BrFiltUp - ok
23:19:44.0168 0x054c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser        C:\Windows\System32\browser.dll
23:19:44.0199 0x054c  Browser - ok
23:19:44.0231 0x054c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
23:19:44.0293 0x054c  Brserid - ok
23:19:44.0309 0x054c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:19:44.0340 0x054c  BrSerWdm - ok
23:19:44.0355 0x054c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:19:44.0371 0x054c  BrUsbMdm - ok
23:19:44.0387 0x054c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:19:44.0402 0x054c  BrUsbSer - ok
23:19:44.0418 0x054c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:19:44.0465 0x054c  BTHMODEM - ok
23:19:44.0496 0x054c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv        C:\Windows\system32\bthserv.dll
23:19:44.0543 0x054c  bthserv - ok
23:19:44.0558 0x054c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:19:44.0605 0x054c  cdfs - ok
23:19:44.0652 0x054c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
23:19:44.0683 0x054c  cdrom - ok
23:19:44.0714 0x054c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc    C:\Windows\System32\certprop.dll
23:19:44.0761 0x054c  CertPropSvc - ok
23:19:44.0792 0x054c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:19:44.0808 0x054c  circlass - ok
23:19:44.0839 0x054c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
23:19:44.0870 0x054c  CLFS - ok
23:19:44.0933 0x054c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:19:44.0964 0x054c  clr_optimization_v2.0.50727_32 - ok
23:19:45.0026 0x054c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:19:45.0057 0x054c  clr_optimization_v4.0.30319_32 - ok
23:19:45.0073 0x054c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:19:45.0089 0x054c  CmBatt - ok
23:19:45.0120 0x054c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:19:45.0135 0x054c  cmdide - ok
23:19:45.0182 0x054c  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG            C:\Windows\system32\Drivers\cng.sys
23:19:45.0245 0x054c  CNG - ok
23:19:45.0291 0x054c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:19:45.0307 0x054c  Compbatt - ok
23:19:45.0323 0x054c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:19:45.0354 0x054c  CompositeBus - ok
23:19:45.0369 0x054c  COMSysApp - ok
23:19:45.0385 0x054c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
23:19:45.0401 0x054c  crcdisk - ok
23:19:45.0447 0x054c  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:19:46.0134 0x054c  CryptSvc - ok
23:19:46.0181 0x054c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:19:46.0243 0x054c  DcomLaunch - ok
23:19:46.0290 0x054c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc      C:\Windows\System32\defragsvc.dll
23:19:46.0368 0x054c  defragsvc - ok
23:19:46.0399 0x054c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:19:46.0430 0x054c  DfsC - ok
23:19:46.0477 0x054c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:19:46.0524 0x054c  Dhcp - ok
23:19:46.0539 0x054c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
23:19:46.0586 0x054c  discache - ok
23:19:46.0633 0x054c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
23:19:46.0649 0x054c  Disk - ok
23:19:46.0680 0x054c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:19:47.0538 0x054c  Dnscache - ok
23:19:47.0569 0x054c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc        C:\Windows\System32\dot3svc.dll
23:19:47.0616 0x054c  dot3svc - ok
23:19:47.0647 0x054c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS            C:\Windows\system32\dps.dll
23:19:47.0694 0x054c  DPS - ok
23:19:47.0725 0x054c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
23:19:47.0756 0x054c  drmkaud - ok
23:19:47.0834 0x054c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
23:19:47.0897 0x054c  DXGKrnl - ok
23:19:47.0928 0x054c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost        C:\Windows\System32\eapsvc.dll
23:19:47.0975 0x054c  EapHost - ok
23:19:48.0162 0x054c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv          C:\Windows\system32\drivers\evbdx.sys
23:19:48.0380 0x054c  ebdrv - ok
23:19:48.0443 0x054c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS            C:\Windows\System32\lsass.exe
23:19:48.0505 0x054c  EFS - ok
23:19:48.0583 0x054c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
23:19:48.0692 0x054c  ehRecvr - ok
23:19:48.0723 0x054c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched        C:\Windows\ehome\ehsched.exe
23:19:48.0739 0x054c  ehSched - ok
23:19:48.0801 0x054c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
23:19:48.0848 0x054c  elxstor - ok
23:19:48.0864 0x054c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:19:48.0895 0x054c  ErrDev - ok
23:19:48.0942 0x054c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem    C:\Windows\system32\es.dll
23:19:48.0989 0x054c  EventSystem - ok
23:19:49.0004 0x054c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat          C:\Windows\system32\drivers\exfat.sys
23:19:49.0067 0x054c  exfat - ok
23:19:49.0098 0x054c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
23:19:49.0145 0x054c  fastfat - ok
23:19:49.0207 0x054c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax            C:\Windows\system32\fxssvc.exe
23:19:49.0285 0x054c  Fax - ok
23:19:49.0301 0x054c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc            C:\Windows\system32\drivers\fdc.sys
23:19:49.0316 0x054c  fdc - ok
23:19:49.0332 0x054c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost        C:\Windows\system32\fdPHost.dll
23:19:49.0363 0x054c  fdPHost - ok
23:19:49.0379 0x054c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:19:49.0425 0x054c  FDResPub - ok
23:19:49.0457 0x054c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:19:49.0488 0x054c  FileInfo - ok
23:19:49.0503 0x054c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
23:19:49.0535 0x054c  Filetrace - ok
23:19:49.0566 0x054c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:19:49.0581 0x054c  flpydisk - ok
23:19:49.0613 0x054c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:19:49.0644 0x054c  FltMgr - ok
23:19:49.0722 0x054c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache      C:\Windows\system32\FntCache.dll
23:19:49.0831 0x054c  FontCache - ok
23:19:49.0893 0x054c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:19:49.0940 0x054c  FontCache3.0.0.0 - ok
23:19:49.0956 0x054c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
23:19:49.0971 0x054c  FsDepends - ok
23:19:49.0987 0x054c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:19:50.0018 0x054c  Fs_Rec - ok
23:19:50.0065 0x054c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:19:50.0096 0x054c  fvevol - ok
23:19:50.0127 0x054c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:19:50.0159 0x054c  gagp30kx - ok
23:19:50.0190 0x054c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:19:50.0205 0x054c  GEARAspiWDM - ok
23:19:50.0252 0x054c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc          C:\Windows\System32\gpsvc.dll
23:19:50.0330 0x054c  gpsvc - ok
23:19:50.0408 0x054c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
23:19:50.0424 0x054c  gupdate - ok
23:19:50.0439 0x054c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:19:50.0471 0x054c  gupdatem - ok
23:19:50.0486 0x054c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:19:50.0517 0x054c  hcw85cir - ok
23:19:50.0595 0x054c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:19:50.0642 0x054c  HdAudAddService - ok
23:19:50.0673 0x054c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:19:50.0705 0x054c  HDAudBus - ok
23:19:50.0720 0x054c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
23:19:50.0751 0x054c  HidBatt - ok
23:19:50.0767 0x054c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:19:50.0798 0x054c  HidBth - ok
23:19:50.0814 0x054c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr          C:\Windows\system32\drivers\hidir.sys
23:19:50.0829 0x054c  HidIr - ok
23:19:50.0861 0x054c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv        C:\Windows\system32\hidserv.dll
23:19:50.0907 0x054c  hidserv - ok
23:19:50.0939 0x054c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
23:19:50.0970 0x054c  HidUsb - ok
23:19:51.0001 0x054c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:19:51.0032 0x054c  hkmsvc - ok
23:19:51.0063 0x054c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:19:51.0110 0x054c  HomeGroupListener - ok
23:19:51.0141 0x054c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:19:51.0157 0x054c  HomeGroupProvider - ok
23:19:51.0282 0x054c  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:19:51.0313 0x054c  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0422 0x054c  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:19:51.0438 0x054c  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:19:51.0453 0x054c  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0453 0x054c  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:19:51.0500 0x054c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:19:51.0516 0x054c  HpSAMD - ok
23:19:51.0594 0x054c  [ 79737E0F7D25DE8405CB34D4C9882253, 798E44BAE6CD4ECBC801ACE4089E18388ABD18744B901F53452D8103081DE967 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:19:51.0656 0x054c  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
23:19:51.0656 0x054c  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
23:19:51.0703 0x054c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:19:51.0797 0x054c  HTTP - ok
23:19:51.0828 0x054c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:19:51.0843 0x054c  hwpolicy - ok
23:19:51.0859 0x054c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:19:51.0890 0x054c  i8042prt - ok
23:19:51.0953 0x054c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
23:19:51.0984 0x054c  iaStorV - ok
23:19:52.0077 0x054c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:19:52.0155 0x054c  idsvc - ok
23:19:52.0187 0x054c  IEEtwCollectorService - ok
23:19:52.0436 0x054c  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
23:19:52.0748 0x054c  igfx - ok
23:19:52.0811 0x054c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp          C:\Windows\system32\drivers\iirsp.sys
23:19:52.0826 0x054c  iirsp - ok
23:19:52.0889 0x054c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:19:52.0951 0x054c  IKEEXT - ok
23:19:53.0076 0x054c  [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:19:53.0185 0x054c  IntcAzAudAddService - ok
23:19:53.0232 0x054c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:19:53.0247 0x054c  intelide - ok
23:19:53.0263 0x054c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:19:53.0279 0x054c  intelppm - ok
23:19:53.0310 0x054c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
23:19:53.0372 0x054c  IPBusEnum - ok
23:19:53.0388 0x054c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:19:53.0435 0x054c  IpFilterDriver - ok
23:19:53.0513 0x054c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:19:53.0575 0x054c  iphlpsvc - ok
23:19:53.0606 0x054c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
23:19:53.0622 0x054c  IPMIDRV - ok
23:19:53.0653 0x054c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
23:19:53.0700 0x054c  IPNAT - ok
23:19:53.0825 0x054c  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:19:53.0871 0x054c  iPod Service - ok
23:19:53.0903 0x054c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:19:53.0918 0x054c  IRENUM - ok
23:19:53.0949 0x054c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:19:53.0965 0x054c  isapnp - ok
23:19:54.0012 0x054c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:19:54.0043 0x054c  iScsiPrt - ok
23:19:54.0059 0x054c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:19:54.0090 0x054c  kbdclass - ok
23:19:54.0090 0x054c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:19:54.0121 0x054c  kbdhid - ok
23:19:54.0137 0x054c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
23:19:54.0152 0x054c  KeyIso - ok
23:19:54.0183 0x054c  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:19:54.0199 0x054c  KSecDD - ok
23:19:54.0230 0x054c  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
23:19:54.0246 0x054c  KSecPkg - ok
23:19:54.0293 0x054c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm          C:\Windows\system32\msdtckrm.dll
23:19:54.0371 0x054c  KtmRm - ok
23:19:54.0417 0x054c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:19:54.0464 0x054c  LanmanServer - ok
23:19:54.0495 0x054c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:19:54.0542 0x054c  LanmanWorkstation - ok
23:19:54.0589 0x054c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:19:54.0620 0x054c  lltdio - ok
23:19:54.0651 0x054c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
23:19:54.0714 0x054c  lltdsvc - ok
23:19:54.0729 0x054c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts        C:\Windows\System32\lmhsvc.dll
23:19:54.0776 0x054c  lmhosts - ok
23:19:54.0807 0x054c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:19:54.0823 0x054c  LSI_FC - ok
23:19:54.0839 0x054c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
23:19:54.0870 0x054c  LSI_SAS - ok
23:19:54.0870 0x054c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:19:54.0885 0x054c  LSI_SAS2 - ok
23:19:54.0901 0x054c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:19:54.0932 0x054c  LSI_SCSI - ok
23:19:54.0963 0x054c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv          C:\Windows\system32\drivers\luafv.sys
23:19:55.0010 0x054c  luafv - ok
23:19:55.0026 0x054c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
23:19:55.0057 0x054c  Mcx2Svc - ok
23:19:55.0073 0x054c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas        C:\Windows\system32\drivers\megasas.sys
23:19:55.0088 0x054c  megasas - ok
23:19:55.0104 0x054c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:19:55.0135 0x054c  MegaSR - ok
23:19:55.0166 0x054c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS          C:\Windows\system32\mmcss.dll
23:19:55.0213 0x054c  MMCSS - ok
23:19:55.0229 0x054c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem          C:\Windows\system32\drivers\modem.sys
23:19:55.0275 0x054c  Modem - ok
23:19:55.0291 0x054c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
23:19:55.0307 0x054c  monitor - ok
23:19:55.0322 0x054c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:19:55.0353 0x054c  mouclass - ok
23:19:55.0369 0x054c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:19:55.0385 0x054c  mouhid - ok
23:19:55.0416 0x054c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:19:55.0431 0x054c  mountmgr - ok
23:19:55.0494 0x054c  [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:19:55.0509 0x054c  MozillaMaintenance - ok
23:19:55.0525 0x054c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:19:55.0556 0x054c  mpio - ok
23:19:55.0572 0x054c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:19:55.0619 0x054c  mpsdrv - ok
23:19:55.0650 0x054c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:19:55.0743 0x054c  MpsSvc - ok
23:19:55.0790 0x054c  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:19:55.0853 0x054c  MRxDAV - ok
23:19:55.0884 0x054c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:19:55.0931 0x054c  mrxsmb - ok
23:19:55.0962 0x054c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:19:55.0993 0x054c  mrxsmb10 - ok
23:19:56.0040 0x054c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:19:56.0071 0x054c  mrxsmb20 - ok
23:19:56.0102 0x054c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:19:56.0118 0x054c  msahci - ok
23:19:56.0149 0x054c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
23:19:56.0180 0x054c  msdsm - ok
23:19:56.0211 0x054c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC          C:\Windows\System32\msdtc.exe
23:19:56.0243 0x054c  MSDTC - ok
23:19:56.0274 0x054c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:19:56.0321 0x054c  Msfs - ok
23:19:56.0321 0x054c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
23:19:56.0367 0x054c  mshidkmdf - ok
23:19:56.0383 0x054c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:19:56.0399 0x054c  msisadrv - ok
23:19:56.0430 0x054c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
23:19:56.0477 0x054c  MSiSCSI - ok
23:19:56.0492 0x054c  msiserver - ok
23:19:56.0523 0x054c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
23:19:56.0555 0x054c  MSKSSRV - ok
23:19:56.0586 0x054c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:19:56.0633 0x054c  MSPCLOCK - ok
23:19:56.0648 0x054c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
23:19:56.0695 0x054c  MSPQM - ok
23:19:56.0711 0x054c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
23:19:56.0742 0x054c  MsRPC - ok
23:19:56.0757 0x054c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:19:56.0789 0x054c  mssmbios - ok
23:19:56.0789 0x054c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
23:19:56.0835 0x054c  MSTEE - ok
23:19:56.0851 0x054c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:19:56.0882 0x054c  MTConfig - ok
23:19:56.0898 0x054c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup            C:\Windows\system32\Drivers\mup.sys
23:19:56.0913 0x054c  Mup - ok
23:19:56.0976 0x054c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
23:19:57.0038 0x054c  napagent - ok
23:19:57.0101 0x054c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
23:19:57.0132 0x054c  NativeWifiP - ok
23:19:57.0194 0x054c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:19:57.0257 0x054c  NDIS - ok
23:19:57.0288 0x054c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
23:19:57.0350 0x054c  NdisCap - ok
23:19:57.0366 0x054c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:19:57.0397 0x054c  NdisTapi - ok
23:19:57.0428 0x054c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
23:19:57.0459 0x054c  Ndisuio - ok
23:19:57.0491 0x054c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
23:19:57.0537 0x054c  NdisWan - ok
23:19:57.0553 0x054c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
23:19:57.0584 0x054c  NDProxy - ok
23:19:57.0647 0x054c  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:19:57.0678 0x054c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:19:57.0678 0x054c  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:19:57.0725 0x054c  [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl        C:\Windows\system32\DRIVERS\netaapl.sys
23:19:57.0771 0x054c  Netaapl - ok
23:19:57.0818 0x054c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
23:19:57.0865 0x054c  NetBIOS - ok
23:19:57.0881 0x054c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
23:19:57.0927 0x054c  NetBT - ok
23:19:57.0959 0x054c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
23:19:57.0974 0x054c  Netlogon - ok
23:19:58.0005 0x054c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
23:19:58.0068 0x054c  Netman - ok
23:19:58.0115 0x054c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0146 0x054c  NetMsmqActivator - ok
23:19:58.0161 0x054c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0177 0x054c  NetPipeActivator - ok
23:19:58.0224 0x054c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
23:19:58.0286 0x054c  netprofm - ok
23:19:58.0302 0x054c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0317 0x054c  NetTcpActivator - ok
23:19:58.0333 0x054c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:19:58.0364 0x054c  NetTcpPortSharing - ok
23:19:58.0411 0x054c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
23:19:58.0427 0x054c  nfrd960 - ok
23:19:58.0473 0x054c  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:19:58.0505 0x054c  NlaSvc - ok
23:19:58.0520 0x054c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:19:58.0567 0x054c  Npfs - ok
23:19:58.0583 0x054c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi            C:\Windows\system32\nsisvc.dll
23:19:58.0629 0x054c  nsi - ok
23:19:58.0645 0x054c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:19:58.0676 0x054c  nsiproxy - ok
23:19:58.0785 0x054c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:19:58.0863 0x054c  Ntfs - ok
23:19:58.0895 0x054c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
23:19:58.0941 0x054c  Null - ok
23:19:58.0988 0x054c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:19:59.0004 0x054c  nvraid - ok
23:19:59.0035 0x054c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:19:59.0066 0x054c  nvstor - ok
23:19:59.0082 0x054c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:19:59.0097 0x054c  nv_agp - ok
23:19:59.0191 0x054c  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:19:59.0238 0x054c  odserv - ok
23:19:59.0253 0x054c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:19:59.0300 0x054c  ohci1394 - ok
23:19:59.0331 0x054c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:19:59.0347 0x054c  ose - ok
23:19:59.0394 0x054c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:19:59.0441 0x054c  p2pimsvc - ok
23:19:59.0487 0x054c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:19:59.0534 0x054c  p2psvc - ok
23:19:59.0597 0x054c  [ DCA942C0A19A0AD2ABCD9ACF94EB4B10, AB0C6D4DC5B1F393291C8739A1DE799A288E94F01C00E4B7C70D129CADA63E3F ] PAC207          C:\Windows\system32\DRIVERS\PFC027.SYS
23:19:59.0675 0x054c  PAC207 - ok
23:19:59.0721 0x054c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport        C:\Windows\system32\drivers\parport.sys
23:19:59.0753 0x054c  Parport - ok
23:19:59.0784 0x054c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr        C:\Windows\system32\drivers\partmgr.sys
23:19:59.0799 0x054c  partmgr - ok
23:19:59.0815 0x054c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
23:19:59.0831 0x054c  Parvdm - ok
23:19:59.0877 0x054c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:19:59.0909 0x054c  PcaSvc - ok
23:19:59.0924 0x054c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci            C:\Windows\system32\drivers\pci.sys
23:19:59.0955 0x054c  pci - ok
23:19:59.0971 0x054c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:19:59.0987 0x054c  pciide - ok
23:20:00.0018 0x054c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:20:00.0049 0x054c  pcmcia - ok
23:20:00.0065 0x054c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw            C:\Windows\system32\drivers\pcw.sys
23:20:00.0096 0x054c  pcw - ok
23:20:00.0143 0x054c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:20:00.0252 0x054c  PEAUTH - ok
23:20:00.0345 0x054c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla            C:\Windows\system32\pla.dll
23:20:00.0486 0x054c  pla - ok
23:20:00.0548 0x054c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:20:00.0611 0x054c  PlugPlay - ok
23:20:00.0689 0x054c  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:20:00.0720 0x054c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:20:00.0720 0x054c  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:20:00.0767 0x054c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
23:20:00.0798 0x054c  PNRPAutoReg - ok
23:20:00.0829 0x054c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
23:20:00.0860 0x054c  PNRPsvc - ok
23:20:00.0923 0x054c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
23:20:00.0985 0x054c  PolicyAgent - ok
23:20:01.0016 0x054c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power          C:\Windows\system32\umpo.dll
23:20:01.0063 0x054c  Power - ok
23:20:01.0094 0x054c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:20:01.0141 0x054c  PptpMiniport - ok
23:20:01.0157 0x054c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor      C:\Windows\system32\drivers\processr.sys
23:20:01.0188 0x054c  Processor - ok
23:20:01.0235 0x054c  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc        C:\Windows\system32\profsvc.dll
23:20:01.0266 0x054c  ProfSvc - ok
23:20:01.0281 0x054c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:20:01.0313 0x054c  ProtectedStorage - ok
23:20:01.0344 0x054c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:20:01.0391 0x054c  Psched - ok
23:20:01.0469 0x054c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:20:01.0562 0x054c  ql2300 - ok
23:20:01.0593 0x054c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:20:01.0625 0x054c  ql40xx - ok
23:20:01.0671 0x054c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE          C:\Windows\system32\qwave.dll
23:20:01.0703 0x054c  QWAVE - ok
23:20:01.0718 0x054c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:20:01.0749 0x054c  QWAVEdrv - ok
23:20:01.0765 0x054c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:20:01.0827 0x054c  RasAcd - ok
23:20:01.0859 0x054c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
23:20:01.0905 0x054c  RasAgileVpn - ok
23:20:01.0937 0x054c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto        C:\Windows\System32\rasauto.dll
23:20:01.0983 0x054c  RasAuto - ok
23:20:01.0999 0x054c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
23:20:02.0046 0x054c  Rasl2tp - ok
23:20:02.0077 0x054c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
23:20:02.0139 0x054c  RasMan - ok
23:20:02.0171 0x054c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:20:02.0202 0x054c  RasPppoe - ok
23:20:02.0233 0x054c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
23:20:02.0280 0x054c  RasSstp - ok
23:20:02.0295 0x054c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
23:20:02.0342 0x054c  rdbss - ok
23:20:02.0358 0x054c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:20:02.0389 0x054c  rdpbus - ok
23:20:02.0405 0x054c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:20:02.0451 0x054c  RDPCDD - ok
23:20:02.0467 0x054c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:20:02.0514 0x054c  RDPENCDD - ok
23:20:02.0529 0x054c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:20:02.0561 0x054c  RDPREFMP - ok
23:20:02.0607 0x054c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:20:02.0639 0x054c  RdpVideoMiniport - ok
23:20:02.0670 0x054c  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
23:20:02.0732 0x054c  RDPWD - ok
23:20:02.0779 0x054c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:20:02.0810 0x054c  rdyboost - ok
23:20:02.0841 0x054c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:20:02.0873 0x054c  RemoteAccess - ok
23:20:02.0904 0x054c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:20:02.0951 0x054c  RemoteRegistry - ok
23:20:03.0013 0x054c  [ 0F6756EF8BDA6DFA7BE50465C83132BB, 1AE76B66F04A2AE99CD1A1368D4998C8081E89578A37D7D535D8CBCAA6136AE0 ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
23:20:03.0060 0x054c  RimUsb - ok
23:20:03.0091 0x054c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:20:03.0138 0x054c  RpcEptMapper - ok
23:20:03.0169 0x054c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
23:20:03.0185 0x054c  RpcLocator - ok
23:20:03.0216 0x054c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs          C:\Windows\system32\rpcss.dll
23:20:03.0263 0x054c  RpcSs - ok
23:20:03.0294 0x054c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:20:03.0341 0x054c  rspndr - ok
23:20:03.0341 0x054c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs          C:\Windows\system32\lsass.exe
23:20:03.0372 0x054c  SamSs - ok
23:20:03.0403 0x054c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:20:03.0419 0x054c  sbp2port - ok
23:20:03.0450 0x054c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:20:03.0497 0x054c  SCardSvr - ok
23:20:03.0512 0x054c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:20:03.0559 0x054c  scfilter - ok
23:20:03.0621 0x054c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
23:20:03.0715 0x054c  Schedule - ok
23:20:03.0731 0x054c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc    C:\Windows\System32\certprop.dll
23:20:03.0777 0x054c  SCPolicySvc - ok
23:20:03.0793 0x054c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:20:03.0855 0x054c  SDRSVC - ok
23:20:03.0902 0x054c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:20:03.0949 0x054c  secdrv - ok
23:20:03.0980 0x054c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
23:20:04.0043 0x054c  seclogon - ok
23:20:04.0058 0x054c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
23:20:04.0089 0x054c  SENS - ok
23:20:04.0105 0x054c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:20:04.0136 0x054c  SensrSvc - ok
23:20:04.0167 0x054c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum        C:\Windows\system32\drivers\serenum.sys
23:20:04.0199 0x054c  Serenum - ok
23:20:04.0230 0x054c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
23:20:04.0277 0x054c  Serial - ok
23:20:04.0292 0x054c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:20:04.0308 0x054c  sermouse - ok
23:20:04.0339 0x054c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:20:04.0386 0x054c  SessionEnv - ok
23:20:04.0417 0x054c  [ 8B7C1768D2CDE2E02E09A66563DDFD16, F46278B914A2FD32575CC7F083BEEA039E15D30061D6B39F22E39DAEEA80DB93 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
23:20:04.0448 0x054c  SFEP - ok
23:20:04.0464 0x054c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
23:20:04.0479 0x054c  sffdisk - ok
23:20:04.0526 0x054c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:20:04.0542 0x054c  sffp_mmc - ok
23:20:04.0557 0x054c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
23:20:04.0573 0x054c  sffp_sd - ok
23:20:04.0604 0x054c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
23:20:04.0620 0x054c  sfloppy - ok
23:20:04.0651 0x054c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:20:04.0729 0x054c  SharedAccess - ok
23:20:04.0760 0x054c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:20:04.0838 0x054c  ShellHWDetection - ok
23:20:04.0854 0x054c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:20:04.0885 0x054c  sisagp - ok
23:20:04.0932 0x054c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:20:04.0963 0x054c  SiSRaid2 - ok
23:20:04.0963 0x054c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:20:04.0994 0x054c  SiSRaid4 - ok
23:20:05.0041 0x054c  [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
23:20:05.0057 0x054c  SkypeUpdate - ok
23:20:05.0088 0x054c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
23:20:05.0119 0x054c  Smb - ok
23:20:05.0166 0x054c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:20:05.0181 0x054c  SNMPTRAP - ok
23:20:05.0197 0x054c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr          C:\Windows\system32\drivers\spldr.sys
23:20:05.0213 0x054c  spldr - ok
23:20:05.0259 0x054c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler        C:\Windows\System32\spoolsv.exe
23:20:05.0322 0x054c  Spooler - ok
23:20:05.0493 0x054c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
23:20:05.0727 0x054c  sppsvc - ok
23:20:05.0759 0x054c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify    C:\Windows\system32\sppuinotify.dll
23:20:05.0805 0x054c  sppuinotify - ok
23:20:05.0852 0x054c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv            C:\Windows\system32\DRIVERS\srv.sys
23:20:05.0899 0x054c  srv - ok
23:20:05.0946 0x054c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:20:05.0977 0x054c  srv2 - ok
23:20:06.0008 0x054c  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA      C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:20:06.0071 0x054c  SrvHsfHDA - ok
23:20:06.0149 0x054c  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92      C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:20:06.0227 0x054c  SrvHsfV92 - ok
23:20:06.0273 0x054c  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac    C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
23:20:06.0351 0x054c  SrvHsfWinac - ok
23:20:06.0383 0x054c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:20:06.0414 0x054c  srvnet - ok
23:20:06.0445 0x054c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
23:20:06.0507 0x054c  SSDPSRV - ok
23:20:06.0523 0x054c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
23:20:06.0539 0x054c  ssmdrv - ok
23:20:06.0570 0x054c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
23:20:06.0617 0x054c  SstpSvc - ok
23:20:06.0632 0x054c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:20:06.0648 0x054c  stexstor - ok
23:20:06.0695 0x054c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
23:20:06.0773 0x054c  StiSvc - ok
23:20:06.0788 0x054c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:20:06.0804 0x054c  swenum - ok
23:20:06.0851 0x054c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv          C:\Windows\System32\swprv.dll
23:20:06.0913 0x054c  swprv - ok
23:20:06.0991 0x054c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain        C:\Windows\system32\sysmain.dll
23:20:07.0085 0x054c  SysMain - ok
23:20:07.0100 0x054c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
23:20:07.0131 0x054c  TabletInputService - ok
23:20:07.0163 0x054c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv        C:\Windows\System32\tapisrv.dll
23:20:07.0225 0x054c  TapiSrv - ok
23:20:07.0225 0x054c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS            C:\Windows\System32\tbssvc.dll
23:20:07.0287 0x054c  TBS - ok
23:20:07.0412 0x054c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
23:20:07.0506 0x054c  Tcpip - ok
23:20:07.0584 0x054c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:20:07.0646 0x054c  TCPIP6 - ok
23:20:07.0677 0x054c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:20:07.0709 0x054c  tcpipreg - ok
23:20:07.0740 0x054c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:20:07.0771 0x054c  TDPIPE - ok
23:20:07.0787 0x054c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
23:20:07.0833 0x054c  TDTCP - ok
23:20:07.0880 0x054c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
23:20:07.0911 0x054c  tdx - ok
23:20:07.0943 0x054c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:20:07.0958 0x054c  TermDD - ok
23:20:08.0021 0x054c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService    C:\Windows\System32\termsrv.dll
23:20:08.0099 0x054c  TermService - ok
23:20:08.0114 0x054c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
23:20:08.0145 0x054c  Themes - ok
23:20:08.0161 0x054c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER    C:\Windows\system32\mmcss.dll
23:20:08.0208 0x054c  THREADORDER - ok
23:20:08.0270 0x054c  [ 7C7445B4C2BD46C56ABB3499DA52B75C, E095B4BC1F9AA4544C28962D521361DB1AD15F45CEAEFC8B764FF3A65DD2C5AC ] ti21sony        C:\Windows\system32\drivers\ti21sony.sys
23:20:08.0317 0x054c  ti21sony - ok
23:20:08.0348 0x054c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
23:20:08.0395 0x054c  TrkWks - ok
23:20:08.0442 0x054c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:20:08.0489 0x054c  TrustedInstaller - ok
23:20:08.0520 0x054c  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:20:08.0567 0x054c  tssecsrv - ok
23:20:08.0598 0x054c  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:20:08.0613 0x054c  TsUsbFlt - ok
23:20:08.0645 0x054c  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
23:20:08.0660 0x054c  TsUsbGD - ok
23:20:08.0707 0x054c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:20:08.0738 0x054c  tunnel - ok
23:20:08.0754 0x054c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:20:08.0785 0x054c  uagp35 - ok
23:20:08.0801 0x054c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:20:08.0863 0x054c  udfs - ok
23:20:08.0894 0x054c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect      C:\Windows\system32\UI0Detect.exe
23:20:08.0925 0x054c  UI0Detect - ok
23:20:08.0941 0x054c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:20:08.0957 0x054c  uliagpkx - ok
23:20:08.0972 0x054c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
23:20:09.0003 0x054c  umbus - ok
23:20:09.0019 0x054c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:20:09.0035 0x054c  UmPass - ok
23:20:09.0066 0x054c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
23:20:09.0128 0x054c  upnphost - ok
23:20:09.0175 0x054c  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL        C:\Windows\system32\Drivers\usbaapl.sys
23:20:09.0206 0x054c  USBAAPL - ok
23:20:09.0237 0x054c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
23:20:09.0269 0x054c  usbccgp - ok
23:20:09.0300 0x054c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:20:09.0331 0x054c  usbcir - ok
23:20:09.0378 0x054c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
23:20:09.0409 0x054c  usbehci - ok
23:20:09.0471 0x054c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:20:09.0534 0x054c  usbhub - ok
23:20:09.0565 0x054c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
23:20:09.0581 0x054c  usbohci - ok
23:20:09.0627 0x054c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:20:09.0643 0x054c  usbprint - ok
23:20:09.0674 0x054c  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
23:20:09.0705 0x054c  usbscan - ok
23:20:09.0737 0x054c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:20:09.0768 0x054c  USBSTOR - ok
23:20:09.0815 0x054c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
23:20:09.0830 0x054c  usbuhci - ok
23:20:09.0861 0x054c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms          C:\Windows\System32\uxsms.dll
23:20:09.0908 0x054c  UxSms - ok
23:20:09.0924 0x054c  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
23:20:09.0939 0x054c  VaultSvc - ok
23:20:09.0971 0x054c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:20:10.0002 0x054c  vdrvroot - ok
23:20:10.0033 0x054c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds            C:\Windows\System32\vds.exe
23:20:10.0127 0x054c  vds - ok
23:20:10.0142 0x054c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
23:20:10.0173 0x054c  vga - ok
23:20:10.0189 0x054c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave        C:\Windows\System32\drivers\vga.sys
23:20:10.0220 0x054c  VgaSave - ok
23:20:10.0236 0x054c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
23:20:10.0267 0x054c  vhdmp - ok
23:20:10.0283 0x054c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:20:10.0314 0x054c  viaagp - ok
23:20:10.0314 0x054c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7          C:\Windows\system32\drivers\viac7.sys
23:20:10.0345 0x054c  ViaC7 - ok
23:20:10.0376 0x054c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:20:10.0392 0x054c  viaide - ok
23:20:10.0423 0x054c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:20:10.0439 0x054c  volmgr - ok
23:20:10.0470 0x054c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
23:20:10.0501 0x054c  volmgrx - ok
23:20:10.0532 0x054c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
23:20:10.0563 0x054c  volsnap - ok
23:20:10.0610 0x054c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
23:20:10.0626 0x054c  vsmraid - ok
23:20:10.0704 0x054c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS            C:\Windows\system32\vssvc.exe
23:20:10.0813 0x054c  VSS - ok
23:20:10.0938 0x054c  [ 416F115DC1003BB624D03E019C3D563D, 8961034B60CA20BC4C4655547C425D4ABA82D91E6D426338D4B76BB8D8832383 ] VUAgent        C:\Program Files\Sony\VAIO Update\VUAgent.exe
23:20:11.0031 0x054c  VUAgent - ok
23:20:11.0047 0x054c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:20:11.0078 0x054c  vwifibus - ok
23:20:11.0109 0x054c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:20:11.0141 0x054c  vwififlt - ok
23:20:11.0156 0x054c  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
23:20:11.0187 0x054c  vwifimp - ok
23:20:11.0219 0x054c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time        C:\Windows\system32\w32time.dll
23:20:11.0281 0x054c  W32Time - ok
23:20:11.0312 0x054c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:20:11.0328 0x054c  WacomPen - ok
23:20:11.0343 0x054c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:20:11.0390 0x054c  WANARP - ok
23:20:11.0406 0x054c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:20:11.0437 0x054c  Wanarpv6 - ok
23:20:11.0515 0x054c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
23:20:11.0624 0x054c  wbengine - ok
23:20:11.0655 0x054c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:20:11.0687 0x054c  WbioSrvc - ok
23:20:11.0718 0x054c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc        C:\Windows\System32\wcncsvc.dll
23:20:11.0765 0x054c  wcncsvc - ok
23:20:11.0796 0x054c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:20:11.0827 0x054c  WcsPlugInService - ok
23:20:11.0874 0x054c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
23:20:11.0889 0x054c  Wd - ok
23:20:11.0921 0x054c  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM        C:\Windows\system32\DRIVERS\wdcsam.sys
23:20:11.0936 0x054c  WDC_SAM - ok
23:20:11.0999 0x054c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:20:12.0077 0x054c  Wdf01000 - ok
23:20:12.0092 0x054c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:20:12.0155 0x054c  WdiServiceHost - ok
23:20:12.0170 0x054c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost  C:\Windows\system32\wdi.dll
23:20:12.0201 0x054c  WdiSystemHost - ok
23:20:12.0264 0x054c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient      C:\Windows\System32\webclnt.dll
23:20:12.0311 0x054c  WebClient - ok
23:20:12.0342 0x054c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:20:12.0404 0x054c  Wecsvc - ok
23:20:12.0435 0x054c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
23:20:12.0467 0x054c  wercplsupport - ok
23:20:12.0498 0x054c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
23:20:12.0545 0x054c  WerSvc - ok
23:20:12.0576 0x054c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:20:12.0607 0x054c  WfpLwf - ok
23:20:12.0638 0x054c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:20:12.0654 0x054c  WIMMount - ok
23:20:12.0763 0x054c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
23:20:12.0825 0x054c  WinDefend - ok
23:20:12.0857 0x054c  WinHttpAutoProxySvc - ok
23:20:12.0919 0x054c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
23:20:12.0981 0x054c  Winmgmt - ok
23:20:13.0075 0x054c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM          C:\Windows\system32\WsmSvc.dll
23:20:13.0200 0x054c  WinRM - ok
23:20:13.0262 0x054c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:20:13.0278 0x054c  WinUsb - ok
23:20:13.0340 0x054c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc        C:\Windows\System32\wlansvc.dll
23:20:13.0418 0x054c  Wlansvc - ok
23:20:13.0434 0x054c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
23:20:13.0465 0x054c  WmiAcpi - ok
23:20:13.0496 0x054c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:20:13.0512 0x054c  wmiApSrv - ok
23:20:13.0652 0x054c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
23:20:13.0730 0x054c  WMPNetworkSvc - ok
23:20:13.0761 0x054c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:20:13.0793 0x054c  WPCSvc - ok
23:20:13.0808 0x054c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:20:13.0839 0x054c  WPDBusEnum - ok
23:20:13.0871 0x054c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
23:20:13.0902 0x054c  ws2ifsl - ok
23:20:13.0933 0x054c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:20:13.0949 0x054c  wscsvc - ok
23:20:13.0964 0x054c  WSearch - ok
23:20:14.0089 0x054c  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
23:20:14.0214 0x054c  wuauserv - ok
23:20:14.0245 0x054c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:20:14.0276 0x054c  WudfPf - ok
23:20:14.0323 0x054c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:20:14.0354 0x054c  WUDFRd - ok
23:20:14.0385 0x054c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
23:20:14.0401 0x054c  wudfsvc - ok
23:20:14.0448 0x054c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc        C:\Windows\System32\wwansvc.dll
23:20:14.0510 0x054c  WwanSvc - ok
23:20:14.0573 0x054c  [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7        C:\Windows\system32\DRIVERS\yk62x86.sys
23:20:14.0604 0x054c  yukonw7 - ok
23:20:14.0635 0x054c  ================ Scan global ===============================
23:20:14.0666 0x054c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
23:20:14.0697 0x054c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
23:20:14.0744 0x054c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
23:20:14.0775 0x054c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
23:20:14.0807 0x054c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
23:20:14.0822 0x054c  [ Global ] - ok
23:20:14.0822 0x054c  ================ Scan MBR ==================================
23:20:14.0838 0x054c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:20:15.0134 0x054c  \Device\Harddisk0\DR0 - ok
23:20:15.0150 0x054c  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR6
23:20:15.0259 0x054c  \Device\Harddisk3\DR6 - ok
23:20:15.0259 0x054c  ================ Scan VBR ==================================
23:20:15.0275 0x054c  [ F3A43021DB39F1142F0896F23DBBF060 ] \Device\Harddisk0\DR0\Partition1
23:20:15.0275 0x054c  \Device\Harddisk0\DR0\Partition1 - ok
23:20:15.0290 0x054c  [ 38E5B4A81ABAFBCB5D94E799FE9764C1 ] \Device\Harddisk0\DR0\Partition2
23:20:15.0290 0x054c  \Device\Harddisk0\DR0\Partition2 - ok
23:20:15.0290 0x054c  [ 1CEE7AC0676CEF9A334609E1291D50A3 ] \Device\Harddisk3\DR6\Partition1
23:20:15.0290 0x054c  \Device\Harddisk3\DR6\Partition1 - ok
23:20:15.0290 0x054c  ================ Scan generic autorun ======================
23:20:15.0337 0x054c  [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
23:20:15.0353 0x054c  IgfxTray - ok
23:20:15.0384 0x054c  [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
23:20:15.0399 0x054c  HotKeysCmds - ok
23:20:15.0431 0x054c  [ CD1102E5D340216138C7F56FA8D26998, 805BE128B6A52E304A91AD44B6A7322BAD5F72CD400DB5E74D8EF47424894266 ] C:\Windows\system32\igfxpers.exe
23:20:15.0446 0x054c  Persistence - ok
23:20:15.0509 0x054c  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:20:15.0540 0x054c  APSDaemon - ok
23:20:15.0649 0x054c  [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
23:20:15.0696 0x054c  avgnt - ok
23:20:15.0774 0x054c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:20:15.0852 0x054c  Adobe ARM - ok
23:20:15.0883 0x054c  [ A50BB4FFB1498327FACC0E844039BDF2, 155EC714B7FDCFE113328997EC1E72B748BBEFFD00DC2178DF1B100CF43CB628 ] C:\Program Files\Apoint\Apoint.exe
23:20:15.0899 0x054c  Apoint - ok
23:20:16.0086 0x054c  [ A503A47A5E7EA8024379A8CC6059B74A, 8DEEC50E21924D21DD6383FA7FB3714ECA5AD45C576E0FF0431EE0DB25194620 ] C:\Windows\RtHDVCpl.exe
23:20:16.0367 0x054c  RtHDVCpl - ok
23:20:16.0445 0x054c  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files\QuickTime\QTTask.exe
23:20:16.0476 0x054c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
23:20:16.0476 0x054c  QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
23:20:16.0554 0x054c  [ 21293443961A4E2597453EE7A9347F22, FDA88181C975C251E56D5A38E5473F45B9CB4E1258A6E93320D34D656AB1E6ED ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
23:20:16.0569 0x054c  HP Software Update - ok
23:20:16.0647 0x054c  [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
23:20:16.0679 0x054c  hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
23:20:16.0679 0x054c  hpqSRMon ( UnsignedFile.Multi.Generic ) - warning
23:20:16.0741 0x054c  [ 79C28DDF889C26FDD6162F796FD49BC4, C1E2468B4F0F52BD707D16656F33CC438AF8E18A38BB6CFB64D11F23993F72F0 ] C:\Program Files\iTunes\iTunesHelper.exe
23:20:16.0757 0x054c  iTunesHelper - ok
23:20:16.0835 0x054c  [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
23:20:16.0850 0x054c  Avira Systray - ok
23:20:16.0944 0x054c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:20:17.0053 0x054c  Sidebar - ok
23:20:17.0084 0x054c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:20:17.0115 0x054c  mctadmin - ok
23:20:17.0178 0x054c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:20:17.0240 0x054c  Sidebar - ok
23:20:17.0256 0x054c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:20:17.0287 0x054c  mctadmin - ok
23:20:17.0318 0x054c  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x40010 ( disabled : outofdate )
23:20:17.0318 0x054c  Win FW state via NFP2: enabled
23:20:17.0318 0x054c  ============================================================
23:20:17.0318 0x054c  Scan finished
23:20:17.0318 0x054c  ============================================================
23:20:17.0334 0x1584  Detected object count: 7
23:20:17.0334 0x1584  Actual detected object count: 7
23:21:27.0799 0x1584  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0799 0x1584  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0799 0x1584  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0799 0x1584  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0799 0x1584  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0815 0x1584  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0815 0x1584  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0815 0x1584  QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0815 0x1584  QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:21:27.0815 0x1584  hpqSRMon ( UnsignedFile.Multi.Generic ) - skipped by user
23:21:27.0815 0x1584  hpqSRMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
Das MalwareBytes Log ist hier. Das Programm hat am Ende gemeldet, daß es nichtsgefunden hat.

Code:
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.13.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17280
Admin :: ****-PC [administrator]

13.12.2014 23:27:36
mbar-log-2014-12-13 (23-27-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 355359
Time elapsed: 24 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Gibt es sonst noch etwas was ich machen kann? Heißt das daß mein Rechner sauber ist?


Vielen Dank schon mal

Gruß
Frank

schrauber 14.12.2014 16:38
sieht soweit gut aus.

mrfraenk 16.12.2014 21:13
Vielen Dank für die Hilfe. Dann bin ich erstmal beruhigt.

Gruß
Frank

schrauber 17.12.2014 20:04
Gern Geschehen :)

mrfraenk 17.12.2014 22:43
Hallo Schrauber,

jetzt hats mir doch keine Ruhe gelassen, weil mein Bauchgefühl mir gesagt hat, daß der Rechner irgendwie nicht ganz sauber ist.
Daher habe ich Malwarebytes drüber laufen lassen und 2 Funde gehabt, die ich in Quarantäne geschickt habe (PUP.Optional.FrostfireTB.A.)

Hier das Logfile dazu, auch wenn das logfile keine Funde sagt?!? Habe den Rechner danach neu gestartet:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 16.12.2014
Suchlauf-Zeit: 21:32:43
Logdatei: Malwarebytes log.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.16.05
Rootkit Datenbank: v2014.12.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 355254
Verstrichene Zeit: 33 Min, 27 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Muß ich mir nun doch SOrgen machen und noch weiter säubern?

Danke schon mal

Gruß
F

schrauber 18.12.2014 20:42
Kein Fund im Log aber es wurde was gefunden? Naja, ist auch egal, es war laut deiner Beschreibung nur ein PUP Fund. Google mal PUP :)

mrfraenk 25.12.2014 21:17
bin erst jetzt dazu gekommen, wieder hier reinzuschauen. dann ist ja alles gut.
DANKE!

schrauber 26.12.2014 16:56
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131