Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Delta Search und Babylon search - Malware durch Freeware, Windows Vista

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.07.2013, 15:07   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



reboot tut gut
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.07.2013, 15:41   #17
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



So okay geschafft !

nach dem letzten Neustart hat sich wieder delta-search geöffnet !

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-03 15:45:26
Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\0000004f Hitachi_ rev.JPGO 596,17GB
Running: gmer_2.1.19163 (2).exe; Driver: C:\Users\HP\AppData\Local\Temp\pgldipoc.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                                                                                   suspicious modification
.text     C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                                                    fffff960001af600 3 bytes [00, 83, 02]
.text     C:\Windows\System32\win32k.sys!W32pServiceTable + 4                                                                                                                fffff960001af604 3 bytes [81, C3, FA]
.text     ...                                                                                                                                                                * 126
.text     C:\Windows\System32\win32k.sys!EngGetProcessHandle + 400                                                                                                           fffff9600025879c 6 bytes {JMP QWORD [RIP+0x4fe16]}

---- User code sections - GMER 2.1 ----

.text     C:\Windows\system32\wininit.exe[620] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                         0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\winlogon.exe[788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\System32\svchost.exe[208] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                         0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\Ati2evxx.exe[520] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\System32\svchost.exe[576] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                         0000000076c22c52 1 byte [62]
.text     C:\Windows\System32\svchost.exe[736] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                         0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\svchost.exe[636] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                         0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1316] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                        00000000771817d7 5 bytes JMP 00000001000601f8
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                      0000000077183221 5 bytes JMP 00000001000603fc
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                           0000000077199578 5 bytes JMP 0000000100060600
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                               0000000077199608 5 bytes JMP 0000000100060804
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                0000000077199758 5 bytes JMP 0000000100060c0c
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                   0000000077199a28 5 bytes JMP 0000000100060e10
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                            0000000077199ab8 5 bytes JMP 0000000100060a08
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                           0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                 00000000751f9eb4 5 bytes JMP 00000001000803fc
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                  00000000751fa07e 5 bytes JMP 0000000100080600
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                       0000000075236cd9 5 bytes JMP 0000000100081014
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                           0000000075236dd9 5 bytes JMP 0000000100080804
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                           0000000075236f81 5 bytes JMP 0000000100080a08
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                          0000000075237099 5 bytes JMP 0000000100080c0c
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                          00000000752371e1 5 bytes JMP 0000000100080e10
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2260] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                 00000000752372a1 5 bytes JMP 00000001000801f8
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                        00000000771817d7 5 bytes JMP 00000001000601f8
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                      0000000077183221 5 bytes JMP 00000001000603fc
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory           0000000077199578 5 bytes JMP 0000000100060600
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory               0000000077199608 5 bytes JMP 0000000100060804
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                0000000077199758 5 bytes JMP 0000000100060c0c
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                   0000000077199a28 5 bytes JMP 0000000100060e10
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory            0000000077199ab8 5 bytes JMP 0000000100060a08
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130           0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                 00000000751f9eb4 5 bytes JMP 00000001000703fc
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                  00000000751fa07e 5 bytes JMP 0000000100070600
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity       0000000075236cd9 5 bytes JMP 0000000100071014
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA           0000000075236dd9 5 bytes JMP 0000000100070804
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW           0000000075236f81 5 bytes JMP 0000000100070a08
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A          0000000075237099 5 bytes JMP 0000000100070c0c
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W          00000000752371e1 5 bytes JMP 0000000100070e10
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                 00000000752372a1 5 bytes JMP 00000001000701f8
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx              0000000075c7010d 5 bytes JMP 0000000100080a08
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                0000000075c703d2 5 bytes JMP 0000000100080804
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                0000000075c71b58 5 bytes JMP 0000000100080600
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                   0000000075c76530 5 bytes JMP 00000001000803fc
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2308] C:\Windows\syswow64\USER32.dll!SetWinEventHook                  0000000075c8653e 5 bytes JMP 00000001000801f8
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                        0000000076fa6d20 5 bytes JMP 000000010019075c
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                          0000000076fc3bd0 5 bytes JMP 00000001001903a4
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                             0000000076fd6ff0 5 bytes JMP 0000000100190b14
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                 0000000076fd7050 5 bytes JMP 0000000100190ecc
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                  0000000076fd7130 5 bytes JMP 000000010019163c
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                     0000000076fd7310 5 bytes JMP 00000001001919f4
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                              0000000076fd7370 5 bytes JMP 0000000100191284
.text     C:\Program Files\Bonjour\mDNSResponder.exe[2324] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                             0000000076c22c52 1 byte [62]
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                   0000000076fa6d20 5 bytes JMP 000000010018075c
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!LdrLoadDll                                     0000000076fc3bd0 5 bytes JMP 00000001001803a4
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                        0000000076fd6ff0 5 bytes JMP 0000000100180b14
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                            0000000076fd7050 5 bytes JMP 0000000100180ecc
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtTerminateProcess                             0000000076fd7130 5 bytes JMP 000000010018163c
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtCreateSection                                0000000076fd7310 5 bytes JMP 00000001001819f4
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                         0000000076fd7370 5 bytes JMP 0000000100181284
.text     C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe[2480] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                        0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                   0000000076fa6d20 5 bytes JMP 000000010025075c
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                     0000000076fc3bd0 5 bytes JMP 00000001002503a4
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                        0000000076fd6ff0 5 bytes JMP 0000000100250b14
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                            0000000076fd7050 5 bytes JMP 0000000100250ecc
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                             0000000076fd7130 5 bytes JMP 000000010025163c
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                0000000076fd7310 5 bytes JMP 00000001002519f4
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                         0000000076fd7370 5 bytes JMP 0000000100251284
.text     C:\Windows\system32\svchost.exe[2568] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                   0000000076fa6d20 5 bytes JMP 0000000100b4075c
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                     0000000076fc3bd0 5 bytes JMP 0000000100b403a4
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                        0000000076fd6ff0 5 bytes JMP 0000000100b40b14
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                            0000000076fd7050 5 bytes JMP 0000000100b40ecc
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                             0000000076fd7130 5 bytes JMP 0000000100b4163c
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                0000000076fd7310 5 bytes JMP 0000000100b419f4
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                         0000000076fd7370 5 bytes JMP 0000000100b41284
.text     C:\Windows\system32\svchost.exe[2788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                   0000000076fa6d20 5 bytes JMP 000000010019075c
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                     0000000076fc3bd0 5 bytes JMP 00000001001903a4
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                        0000000076fd6ff0 5 bytes JMP 0000000100190b14
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                            0000000076fd7050 5 bytes JMP 0000000100190ecc
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                             0000000076fd7130 5 bytes JMP 000000010019163c
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                0000000076fd7310 5 bytes JMP 00000001001919f4
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                         0000000076fd7370 5 bytes JMP 0000000100191284
.text     C:\Windows\System32\svchost.exe[2832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                             0000000076fa6d20 5 bytes JMP 000000010011075c
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                               0000000076fc3bd0 5 bytes JMP 00000001001103a4
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                  0000000076fd6ff0 5 bytes JMP 0000000100110b14
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                      0000000076fd7050 5 bytes JMP 0000000100110ecc
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                       0000000076fd7130 5 bytes JMP 000000010011163c
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                          0000000076fd7310 5 bytes JMP 00000001001119f4
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                   0000000076fd7370 5 bytes JMP 0000000100111284
.text     C:\Windows\system32\SearchIndexer.exe[2872] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                  0000000076c22c52 1 byte [62]
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                  0000000076fa6d20 5 bytes JMP 00000001002d075c
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                    0000000076fc3bd0 5 bytes JMP 00000001002d03a4
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                       0000000076fd6ff0 5 bytes JMP 00000001002d0b14
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                           0000000076fd7050 5 bytes JMP 00000001002d0ecc
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                            0000000076fd7130 5 bytes JMP 00000001002d163c
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                               0000000076fd7310 5 bytes JMP 00000001002d19f4
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                        0000000076fd7370 5 bytes JMP 00000001002d1284
.text     C:\Windows\System32\WUDFHost.exe[3044] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                       0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                   0000000076fa6d20 5 bytes JMP 00000001000d075c
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                     0000000076fc3bd0 5 bytes JMP 00000001000d03a4
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                        0000000076fd6ff0 5 bytes JMP 00000001000d0b14
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                            0000000076fd7050 5 bytes JMP 00000001000d0ecc
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                             0000000076fd7130 5 bytes JMP 00000001000d163c
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                0000000076fd7310 5 bytes JMP 00000001000d19f4
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                         0000000076fd7370 5 bytes JMP 00000001000d1284
.text     C:\Windows\system32\taskeng.exe[2084] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                     0000000076fa6d20 5 bytes JMP 00000001001e075c
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                       0000000076fc3bd0 5 bytes JMP 00000001001e03a4
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                          0000000076fd6ff0 5 bytes JMP 00000001001e0b14
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                              0000000076fd7050 5 bytes JMP 00000001001e0ecc
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                               0000000076fd7130 5 bytes JMP 00000001001e163c
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                  0000000076fd7310 5 bytes JMP 00000001001e19f4
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                           0000000076fd7370 5 bytes JMP 00000001001e1284
.text     C:\Program Files\Windows Defender\MSASCui.exe[1112] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                          0000000076c22c52 1 byte [62]
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                      0000000076fa6d20 5 bytes JMP 00000001001e075c
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                        0000000076fc3bd0 5 bytes JMP 00000001001e03a4
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                           0000000076fd6ff0 5 bytes JMP 00000001001e0b14
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                               0000000076fd7050 5 bytes JMP 00000001001e0ecc
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                0000000076fd7130 5 bytes JMP 00000001001e163c
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                   0000000076fd7310 5 bytes JMP 00000001001e19f4
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                            0000000076fd7370 5 bytes JMP 00000001001e1284
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2352] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                           0000000076c22c52 1 byte [62]
.text     C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe[2592] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 130                                        0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                           00000000771817d7 5 bytes JMP 00000001004301f8
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                         0000000077183221 5 bytes JMP 00000001004303fc
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                              0000000077199578 5 bytes JMP 0000000100430600
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                  0000000077199608 5 bytes JMP 0000000100430804
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                   0000000077199758 5 bytes JMP 0000000100430c0c
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                      0000000077199a28 5 bytes JMP 0000000100430e10
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                               0000000077199ab8 5 bytes JMP 0000000100430a08
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                              0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                 0000000075c7010d 5 bytes JMP 0000000100590a08
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                   0000000075c703d2 5 bytes JMP 0000000100590804
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                   0000000075c71b58 5 bytes JMP 0000000100590600
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                      0000000075c76530 5 bytes JMP 00000001005903fc
.text     C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[1048] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                     0000000075c8653e 5 bytes JMP 00000001005901f8
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                                        00000000771817d7 5 bytes JMP 00000001000601f8
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                                      0000000077183221 5 bytes JMP 00000001000603fc
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                           0000000077199578 5 bytes JMP 0000000100060600
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                               0000000077199608 5 bytes JMP 0000000100060804
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                0000000077199758 5 bytes JMP 0000000100060c0c
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                                   0000000077199a28 5 bytes JMP 0000000100060e10
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                            0000000077199ab8 5 bytes JMP 0000000100060a08
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                           0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                              0000000075c7010d 5 bytes JMP 0000000100120a08
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                                0000000075c703d2 5 bytes JMP 0000000100120804
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                                0000000075c71b58 5 bytes JMP 0000000100120600
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                                   0000000075c76530 5 bytes JMP 00000001001203fc
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                                  0000000075c8653e 5 bytes JMP 00000001001201f8
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                                 00000000751f9eb4 5 bytes JMP 00000001000f03fc
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                                  00000000751fa07e 5 bytes JMP 00000001000f0600
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                                       0000000075236cd9 5 bytes JMP 00000001000f1014
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                                           0000000075236dd9 5 bytes JMP 00000001000f0804
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                                           0000000075236f81 5 bytes JMP 00000001000f0a08
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                                          0000000075237099 5 bytes JMP 00000001000f0c0c
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                                          00000000752371e1 5 bytes JMP 00000001000f0e10
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[3096] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                                 00000000752372a1 5 bytes JMP 00000001000f01f8
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                    0000000076fa6d20 5 bytes JMP 000000010027075c
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                      0000000076fc3bd0 5 bytes JMP 00000001002703a4
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                         0000000076fd6ff0 5 bytes JMP 0000000100270b14
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                             0000000076fd7050 5 bytes JMP 0000000100270ecc
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                              0000000076fd7130 5 bytes JMP 000000010027163c
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                 0000000076fd7310 5 bytes JMP 00000001002719f4
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                          0000000076fd7370 5 bytes JMP 0000000100271284
.text     C:\Windows\system32\conime.exe[3144] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                         0000000076c22c52 1 byte [62]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                                                          00000000771817d7 5 bytes JMP 00000001001a01f8
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                                                        0000000077183221 5 bytes JMP 00000001001a03fc
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                                             0000000077199578 3 bytes JMP 00000001001a0600
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4                                                                         000000007719957c 1 byte [89]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                                                 0000000077199608 3 bytes JMP 00000001001a0804
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4                                                                             000000007719960c 1 byte [89]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                                  0000000077199758 3 bytes JMP 00000001001a0c0c
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4                                                                              000000007719975c 1 byte [89]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                                                     0000000077199a28 3 bytes JMP 00000001001a0e10
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4                                                                                 0000000077199a2c 1 byte [89]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                              0000000077199ab8 3 bytes JMP 00000001001a0a08
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4                                                                          0000000077199abc 1 byte [89]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                                             0000000075b44228 1 byte [62]
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                                                0000000075c7010d 5 bytes JMP 00000001001b0a08
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                                                  0000000075c703d2 5 bytes JMP 00000001001b0804
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                                                  0000000075c71b58 5 bytes JMP 00000001001b0600
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                                                     0000000075c76530 5 bytes JMP 00000001001b03fc
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                                                    0000000075c8653e 5 bytes JMP 00000001001b01f8
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                                                   00000000751f9eb4 5 bytes JMP 00000001002503fc
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                                                    00000000751fa07e 5 bytes JMP 0000000100250600
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                                                         0000000075236cd9 5 bytes JMP 0000000100251014
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                                                             0000000075236dd9 5 bytes JMP 0000000100250804
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                                                             0000000075236f81 5 bytes JMP 0000000100250a08
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                                                            0000000075237099 5 bytes JMP 0000000100250c0c
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                                                            00000000752371e1 5 bytes JMP 0000000100250e10
.text     C:\hp\support\hpsysdrv.exe[3184] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                                                   00000000752372a1 5 bytes JMP 00000001002501f8
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                    00000000771817d7 5 bytes JMP 00000001001a01f8
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                  0000000077183221 5 bytes JMP 00000001001a03fc
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                       0000000077199578 3 bytes JMP 00000001001a0600
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4                                   000000007719957c 1 byte [89]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                           0000000077199608 3 bytes JMP 00000001001a0804
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4                                       000000007719960c 1 byte [89]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                            0000000077199758 3 bytes JMP 00000001001a0c0c
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4                                        000000007719975c 1 byte [89]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                               0000000077199a28 3 bytes JMP 00000001001a0e10
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4                                           0000000077199a2c 1 byte [89]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                        0000000077199ab8 3 bytes JMP 00000001001a0a08
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4                                    0000000077199abc 1 byte [89]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                       0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                             00000000751f9eb4 5 bytes JMP 00000001001b03fc
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                              00000000751fa07e 5 bytes JMP 00000001001b0600
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                   0000000075236cd9 5 bytes JMP 00000001001b1014
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                       0000000075236dd9 5 bytes JMP 00000001001b0804
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                       0000000075236f81 5 bytes JMP 00000001001b0a08
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                      0000000075237099 5 bytes JMP 00000001001b0c0c
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                      00000000752371e1 5 bytes JMP 00000001001b0e10
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                             00000000752372a1 5 bytes JMP 00000001001b01f8
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                          0000000075c7010d 5 bytes JMP 00000001002c0a08
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                            0000000075c703d2 5 bytes JMP 00000001002c0804
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                            0000000075c71b58 5 bytes JMP 00000001002c0600
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                               0000000075c76530 5 bytes JMP 00000001002c03fc
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3288] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                              0000000075c8653e 5 bytes JMP 00000001002c01f8
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                          00000000771817d7 5 bytes JMP 00000001001a01f8
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                        0000000077183221 5 bytes JMP 00000001001a03fc
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                             0000000077199578 3 bytes JMP 00000001001a0600
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4                                         000000007719957c 1 byte [89]
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                 0000000077199608 3 bytes JMP 00000001001a0804
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4                                             000000007719960c 1 byte [89]
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                  0000000077199758 3 bytes JMP 00000001001a0c0c
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4                                              000000007719975c 1 byte [89]
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                     0000000077199a28 3 bytes JMP 00000001001a0e10
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4                                                 0000000077199a2c 1 byte [89]
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                              0000000077199ab8 3 bytes JMP 00000001001a0a08
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4                                          0000000077199abc 1 byte [89]
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                             0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                0000000075c7010d 5 bytes JMP 00000001001b0a08
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                  0000000075c703d2 5 bytes JMP 00000001001b0804
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                  0000000075c71b58 5 bytes JMP 00000001001b0600
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                     0000000075c76530 5 bytes JMP 00000001001b03fc
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                    0000000075c8653e 5 bytes JMP 00000001001b01f8
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                   00000000751f9eb4 5 bytes JMP 00000001001c03fc
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                    00000000751fa07e 5 bytes JMP 00000001001c0600
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                         0000000075236cd9 5 bytes JMP 00000001001c1014
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                             0000000075236dd9 5 bytes JMP 00000001001c0804
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                             0000000075236f81 5 bytes JMP 00000001001c0a08
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                            0000000075237099 5 bytes JMP 00000001001c0c0c
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                            00000000752371e1 5 bytes JMP 00000001001c0e10
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe[3296] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                   00000000752372a1 5 bytes JMP 00000001001c01f8
.text     C:\Program Files\AVAST Software\Avast\AvastUI.exe[3304] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                      0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                                      00000000771817d7 5 bytes JMP 00000001000601f8
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                                    0000000077183221 5 bytes JMP 00000001000603fc
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                         0000000077199578 5 bytes JMP 0000000100060600
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                             0000000077199608 5 bytes JMP 0000000100060804
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                              0000000077199758 5 bytes JMP 0000000100060c0c
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                                 0000000077199a28 5 bytes JMP 0000000100060e10
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                          0000000077199ab8 5 bytes JMP 0000000100060a08
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                         0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                               00000000751f9eb4 5 bytes JMP 00000001000703fc
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                                00000000751fa07e 5 bytes JMP 0000000100070600
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                                     0000000075236cd9 5 bytes JMP 0000000100071014
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                                         0000000075236dd9 5 bytes JMP 0000000100070804
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                                         0000000075236f81 5 bytes JMP 0000000100070a08
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                                        0000000075237099 5 bytes JMP 0000000100070c0c
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                                        00000000752371e1 5 bytes JMP 0000000100070e10
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                               00000000752372a1 5 bytes JMP 00000001000701f8
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                            0000000075c7010d 5 bytes JMP 0000000100080a08
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                              0000000075c703d2 5 bytes JMP 0000000100080804
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                              0000000075c71b58 5 bytes JMP 0000000100080600
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                                 0000000075c76530 5 bytes JMP 00000001000803fc
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[3448] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                                0000000075c8653e 5 bytes JMP 00000001000801f8
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                              00000000771817d7 5 bytes JMP 00000001001a01f8
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                            0000000077183221 5 bytes JMP 00000001001a03fc
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                 0000000077199578 3 bytes JMP 00000001001a0600
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4                                             000000007719957c 1 byte [89]
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                     0000000077199608 3 bytes JMP 00000001001a0804
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4                                                 000000007719960c 1 byte [89]
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                      0000000077199758 3 bytes JMP 00000001001a0c0c
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4                                                  000000007719975c 1 byte [89]
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                         0000000077199a28 3 bytes JMP 00000001001a0e10
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4                                                     0000000077199a2c 1 byte [89]
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                  0000000077199ab8 3 bytes JMP 00000001001a0a08
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4                                              0000000077199abc 1 byte [89]
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                 0000000075b44228 1 byte [62]
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                    0000000075c7010d 5 bytes JMP 00000001001b0a08
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                      0000000075c703d2 5 bytes JMP 00000001001b0804
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                      0000000075c71b58 5 bytes JMP 00000001001b0600
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                         0000000075c76530 5 bytes JMP 00000001001b03fc
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                        0000000075c8653e 5 bytes JMP 00000001001b01f8
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                       00000000751f9eb4 5 bytes JMP 00000001001c03fc
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                        00000000751fa07e 5 bytes JMP 00000001001c0600
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                             0000000075236cd9 5 bytes JMP 00000001001c1014
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                                 0000000075236dd9 5 bytes JMP 00000001001c0804
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                                 0000000075236f81 5 bytes JMP 00000001001c0a08
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                                0000000075237099 5 bytes JMP 00000001001c0c0c
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                                00000000752371e1 5 bytes JMP 00000001001c0e10
.text     C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3496] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                       00000000752372a1 5 bytes JMP 00000001001c01f8
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                         0000000076fa6d20 5 bytes JMP 00000001000c075c
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                           0000000076fc3bd0 5 bytes JMP 00000001000c03a4
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                              0000000076fd6ff0 5 bytes JMP 00000001000c0b14
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                  0000000076fd7050 5 bytes JMP 00000001000c0ecc
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                   0000000076fd7130 5 bytes JMP 00000001000c163c
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                      0000000076fd7310 5 bytes JMP 00000001000c19f4
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                               0000000076fd7370 5 bytes JMP 00000001000c1284
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                              0000000076c22c52 1 byte [62]
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!SetServiceObjectSecurity                                                          000007fefe008250 5 bytes JMP 000007ff7e091dac
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfigA                                                              000007fefe0089a0 5 bytes JMP 000007ff7e090ecc
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfigW                                                              000007fefe008cc0 5 bytes JMP 000007ff7e091284
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfig2A                                                             000007fefe008e58 5 bytes JMP 000007ff7e09163c
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!ChangeServiceConfig2W                                                             000007fefe009010 5 bytes JMP 000007ff7e0919f4
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!CreateServiceA                                                                    000007fefe0090d8 5 bytes JMP 000007ff7e0903a4
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!CreateServiceW                                                                    000007fefe009420 5 bytes JMP 000007ff7e09075c
.text     C:\Program Files\iPod\bin\iPodService.exe[3656] C:\Windows\system32\ADVAPI32.dll!DeleteService                                                                     000007fefe0095e8 5 bytes JMP 000007ff7e090b14
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194                                    0000000076c22c52 1 byte [62]
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsThemeBackgroundPartiallyTransparent                    000007fefc502090 5 bytes JMP 000007ff43019ddc
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeColor                                            000007fefc502d50 5 bytes JMP 000007ff4303462c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemePartSize                                         000007fefc502df0 5 bytes JMP 000007ff43019e68
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeText                                            000007fefc504ec0 5 bytes JMP 000007ff4304c5d0
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeTextExtent                                       000007fefc505828 5 bytes JMP 000007ff430261ac
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeParentBackground                                000007fefc5061a4 5 bytes JMP 000007ff43047e70
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBackgroundContentRect                            000007fefc506518 5 bytes JMP 000007ff43019cc8
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBackgroundExtent                                 000007fefc506810 5 bytes JMP 000007ff43025fe4
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeTextMetrics                                      000007fefc506a08 5 bytes JMP 000007ff4300daa4
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!CloseThemeData                                           000007fefc506ff0 5 bytes JMP 000007ff4300dde8
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeMargins                                          000007fefc508ef8 5 bytes JMP 000007ff4301a3fc
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!OpenThemeData                                            000007fefc5090e0 5 bytes JMP 000007ff43041298
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBool                                             000007fefc5091e4 5 bytes JMP 000007ff4300e2a8
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsThemePartDefined                                       000007fefc50c7d0 5 bytes JMP 000007ff4300dd7c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeFont                                             000007fefc50ea30 5 bytes JMP 000007ff4300d7c4
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeBackgroundEx                                    000007fefc50ef30 5 bytes JMP 000007ff43046b60
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeBackgroundRegion                                 000007fefc50ff4c 5 bytes JMP 000007ff43046ef0
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetCurrentThemeName                                      000007fefc5106b0 5 bytes JMP 000007ff4300e128
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsThemeActive                                            000007fefc5107e8 5 bytes JMP 000007ff4301848c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!IsAppThemed                                              000007fefc5108c4 5 bytes JMP 000007ff4301848c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeAppProperties                                    000007fefc510920 5 bytes JMP 000007ff4300ddf8
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeMetric                                           000007fefc51d330 5 bytes JMP 000007ff4300d8c4
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeRect                                             000007fefc51d510 5 bytes JMP 000007ff4300d794
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!HitTestThemeBackground                                   000007fefc51d890 5 bytes JMP 000007ff4300d8e4
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemePropertyOrigin                                   000007fefc51f320 5 bytes JMP 000007ff4300d61c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetWindowTheme                                           000007fefc51f420 5 bytes JMP 000007ff4300dce8
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeEdge                                            000007fefc521eec 5 bytes JMP 000007ff4300d710
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!OpenThemeDataEx                                          000007fefc522170 5 bytes JMP 000007ff430414d4
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeString                                           000007fefc534a68 5 bytes JMP 000007ff4300d63c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeIntList                                          000007fefc534be0 5 bytes JMP 000007ff4300d63c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeFilename                                         000007fefc534c80 5 bytes JMP 000007ff4300d63c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!DrawThemeIcon                                            000007fefc53582c 5 bytes JMP 000007ff4300d650
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeDocumentationProperty                            000007fefc535cd8 5 bytes JMP 000007ff4300d63c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysFont                                          000007fefc535d94 5 bytes JMP 000007ff4300d5f0
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysString                                        000007fefc535f60 5 bytes JMP 000007ff4300d63c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysInt                                           000007fefc536034 5 bytes JMP 000007ff4300d5b0
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysColorBrush                                    000007fefc5366a4 5 bytes JMP 000007ff430183dc
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysBool                                          000007fefc536858 5 bytes JMP 000007ff430183c0
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysColor                                         000007fefc536964 5 bytes JMP 000007ff4304115c
.text     C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3896] C:\Windows\system32\uxtheme.dll!GetThemeSysSize                                          000007fefc536a18 5 bytes JMP 000007ff4300d774
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                      0000000076fa6d20 5 bytes JMP 000000010015075c
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                        0000000076fc3bd0 5 bytes JMP 00000001001503a4
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                           0000000076fd6ff0 5 bytes JMP 0000000100150b14
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                               0000000076fd7050 5 bytes JMP 0000000100150ecc
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                0000000076fd7130 5 bytes JMP 000000010015163c
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                   0000000076fd7310 5 bytes JMP 00000001001519f4
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                            0000000076fd7370 5 bytes JMP 0000000100151284
.text     C:\Program Files\Windows Sidebar\sidebar.exe[3936] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                           0000000076c22c52 1 byte [62]
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                   0000000076fa6d20 5 bytes JMP 000000010027075c
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                     0000000076fc3bd0 5 bytes JMP 00000001002703a4
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                        0000000076fd6ff0 5 bytes JMP 0000000100270b14
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                            0000000076fd7050 5 bytes JMP 0000000100270ecc
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                             0000000076fd7130 5 bytes JMP 000000010027163c
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                0000000076fd7310 5 bytes JMP 00000001002719f4
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                         0000000076fd7370 5 bytes JMP 0000000100271284
.text     C:\Windows\system32\svchost.exe[4612] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[4840] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194                                0000000076c22c52 1 byte [62]
.text     c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe[3008] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 194                                0000000076c22c52 1 byte [62]
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                                                                   00000000771817d7 3 bytes JMP 00000001001901f8
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll + 4                                                                                               00000000771817db 1 byte [89]
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                                                                 0000000077183221 5 bytes JMP 00000001001903fc
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                                                      0000000077199578 5 bytes JMP 0000000100190600
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                                                          0000000077199608 5 bytes JMP 0000000100190804
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                                           0000000077199758 5 bytes JMP 0000000100190c0c
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                                                              0000000077199a28 5 bytes JMP 0000000100190e10
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                                       0000000077199ab8 5 bytes JMP 0000000100190a08
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                                                      0000000075b44228 1 byte [62]
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                                                         0000000075c7010d 5 bytes JMP 00000001001a0a08
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                                                           0000000075c703d2 5 bytes JMP 00000001001a0804
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                                                           0000000075c71b58 5 bytes JMP 00000001001a0600
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                                                              0000000075c76530 5 bytes JMP 00000001001a03fc
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                                                             0000000075c8653e 5 bytes JMP 00000001001a01f8
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                                                            00000000751f9eb4 5 bytes JMP 00000001001b03fc
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                                                             00000000751fa07e 5 bytes JMP 00000001001b0600
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                                                                  0000000075236cd9 5 bytes JMP 00000001001b1014
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                                                                      0000000075236dd9 5 bytes JMP 00000001001b0804
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                                                                      0000000075236f81 5 bytes JMP 00000001001b0a08
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                                                                     0000000075237099 5 bytes JMP 00000001001b0c0c
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                                                                     00000000752371e1 5 bytes JMP 00000001001b0e10
.text     C:\hp\kbd\kbd.exe[3952] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                                                            00000000752372a1 5 bytes JMP 00000001001b01f8
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                   0000000076fa6d20 5 bytes JMP 0000000100cd075c
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                     0000000076fc3bd0 5 bytes JMP 0000000100cd03a4
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                        0000000076fd6ff0 5 bytes JMP 0000000100cd0b14
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                            0000000076fd7050 5 bytes JMP 0000000100cd0ecc
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                             0000000076fd7130 5 bytes JMP 0000000100cd163c
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                0000000076fd7310 5 bytes JMP 0000000100cd19f4
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                         0000000076fd7370 5 bytes JMP 0000000100cd1284
.text     C:\Windows\system32\wuauclt.exe[3880] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                        0000000076c22c52 1 byte [62]
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!LdrUnloadDll                                                                                           0000000076fa6d20 5 bytes JMP 00000001001d075c
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!LdrLoadDll                                                                                             0000000076fc3bd0 5 bytes JMP 00000001001d03a4
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtAllocateVirtualMemory                                                                                0000000076fd6ff0 5 bytes JMP 00000001001d0b14
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtFreeVirtualMemory                                                                                    0000000076fd7050 5 bytes JMP 00000001001d0ecc
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtTerminateProcess                                                                                     0000000076fd7130 5 bytes JMP 00000001001d163c
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtCreateSection                                                                                        0000000076fd7310 5 bytes JMP 00000001001d19f4
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\ntdll.dll!NtProtectVirtualMemory                                                                                 0000000076fd7370 5 bytes JMP 00000001001d1284
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 194                                                                                0000000076c22c52 1 byte [62]
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!SetWindowsHookExA                                                                                     0000000076ae20f4 5 bytes JMP 0000000100b60b14
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!SetWindowsHookExW                                                                                     0000000076ae86b0 5 bytes JMP 0000000100b60ecc
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!SetWinEventHook                                                                                       0000000076aea308 5 bytes JMP 0000000100b603a4
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!UnhookWinEvent                                                                                        0000000076aef4c0 5 bytes JMP 0000000100b6075c
.text     C:\Windows\explorer.exe[1108] C:\Windows\system32\USER32.dll!UnhookWindowsHookEx                                                                                   0000000076b04700 5 bytes JMP 0000000100b61284
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                                                   00000000771817d7 5 bytes JMP 00000001001a01f8
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                                                 0000000077183221 5 bytes JMP 00000001001a03fc
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                                      0000000077199578 3 bytes JMP 00000001001a0600
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4                                                                  000000007719957c 1 byte [89]
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                                          0000000077199608 3 bytes JMP 00000001001a0804
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4                                                                      000000007719960c 1 byte [89]
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                           0000000077199758 3 bytes JMP 00000001001a0c0c
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4                                                                       000000007719975c 1 byte [89]
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                                              0000000077199a28 3 bytes JMP 00000001001a0e10
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4                                                                          0000000077199a2c 1 byte [89]
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                       0000000077199ab8 3 bytes JMP 00000001001a0a08
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4                                                                   0000000077199abc 1 byte [89]
.text     C:\Users\HP\Downloads\OTL (1).exe[1204] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                                      0000000075b44228 1 byte [62]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                                        00000000771817d7 5 bytes JMP 00000001001a01f8
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                                                      0000000077183221 5 bytes JMP 00000001001a03fc
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                                                           0000000077199578 3 bytes JMP 00000001001a0600
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory + 4                                                       000000007719957c 1 byte [89]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                                               0000000077199608 3 bytes JMP 00000001001a0804
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory + 4                                                           000000007719960c 1 byte [89]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                0000000077199758 3 bytes JMP 00000001001a0c0c
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4                                                            000000007719975c 1 byte [89]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection                                                                   0000000077199a28 3 bytes JMP 00000001001a0e10
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4                                                               0000000077199a2c 1 byte [89]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                            0000000077199ab8 3 bytes JMP 00000001001a0a08
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 4                                                        0000000077199abc 1 byte [89]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 130                                                           0000000075b44228 1 byte [62]
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW                                                                 00000000751f9eb4 5 bytes JMP 00000001002d03fc
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!DeleteService                                                                  00000000751fa07e 5 bytes JMP 00000001002d0600
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity                                                       0000000075236cd9 5 bytes JMP 00000001002d1014
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA                                                           0000000075236dd9 5 bytes JMP 00000001002d0804
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigW                                                           0000000075236f81 5 bytes JMP 00000001002d0a08
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2A                                                          0000000075237099 5 bytes JMP 00000001002d0c0c
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W                                                          00000000752371e1 5 bytes JMP 00000001002d0e10
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceA                                                                 00000000752372a1 5 bytes JMP 00000001002d01f8
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx                                                              0000000075c7010d 5 bytes JMP 00000001002e0a08
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW                                                                0000000075c703d2 5 bytes JMP 00000001002e0804
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA                                                                0000000075c71b58 5 bytes JMP 00000001002e0600
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!UnhookWinEvent                                                                   0000000075c76530 5 bytes JMP 00000001002e03fc
.text     C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe[4092] C:\Windows\syswow64\USER32.dll!SetWinEventHook                                                                  0000000075c8653e 5 bytes JMP 00000001002e01f8

---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                                                                                   suspicious modification
INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                                                                                   suspicious modification
---- Processes - GMER 2.1 ----

Library   C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064]      0000000140000000
Library   C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064]  0000000180000000
Library   C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064]       000007fef87e0000
Library   C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064]          000007fef8d30000
Library   C:\Program Files\Enigma Software Group\SpyHunter\Common.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1064]          00000000009d0000

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                                                                              unknown MBR code

---- EOF - GMER 2.1 ----
         
__________________


Alt 03.07.2013, 15:45   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Was ist mit MBAR?
__________________
__________________

Alt 03.07.2013, 16:08   #19
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Mbar hat kein Logfile erstellt und da steht jetzt nur :

''congratulations, no clean up is required"

und '' Scan finished ! No malware found !"

Alt 03.07.2013, 16:33   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Bitte das Log trotzdem immer posten

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.07.2013, 16:37   #21
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



In dem Ordner ist leider weit und breit kein Log zu sehen ..

Alt 03.07.2013, 16:37   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



=> Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.


Da muss ein Log sien
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.07.2013, 16:42   #23
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_29

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, K:\ DRIVE_FIXED
CPU speed: 2.310000 GHz
Memory total: 4292427776, free: 2371284992

Downloaded database version: v2013.07.03.06
Initializing...
------------ Kernel report ------------
     07/03/2013 16:51:31
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor64.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\processr.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\PS2.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmfdx64.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8007ad8060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000060\
Lower Device Object: 0xfffffa8007aa44a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8007aae060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005f\
Lower Device Object: 0xfffffa8007a9f060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8007aac060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005e\
Lower Device Object: 0xfffffa8007aa0b70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007aaf790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005d\
Lower Device Object: 0xfffffa8007aa0060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80079cd060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005b\
Lower Device Object: 0xfffffa80079cdb70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80049ac790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000004e\
Lower Device Object: 0xfffffa80045ef060
Lower Device Driver Name: \Driver\nvstor64\
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80049ac790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80049ac2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80049ac790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8004693c90, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80045ef060, DeviceName: \Device\0000004e\, DriverName: \Driver\nvstor64\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C834D28F

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 1221952032
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1221952095  Numsec = 28306530

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1250243728-1250263728)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80079cd060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007a367e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80079cd060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80079cdb70, DeviceName: \Device\0000005b\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E064DE9B

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aab960, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0060, DeviceName: \Device\0000005d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aacb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0b70, DeviceName: \Device\0000005e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xfffffa8007aae060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aaab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aae060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007a9f060, DeviceName: \Device\0000005f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0

Partition information:

    Partition 0 type is Other (0x6)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 253  Numsec = 3934979

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 2015363072 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aaeb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa44a0, DeviceName: \Device\00000060\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8007ad8060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000060\
Lower Device Object: 0xfffffa8007aa44a0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8007aae060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005f\
Lower Device Object: 0xfffffa8007a9f060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8007aac060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005e\
Lower Device Object: 0xfffffa8007aa0b70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007aaf790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005d\
Lower Device Object: 0xfffffa8007aa0060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80079cd060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005b\
Lower Device Object: 0xfffffa80079cdb70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80049ac790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000004e\
Lower Device Object: 0xfffffa80045ef060
Lower Device Driver Name: \Driver\nvstor64\
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C834D28F

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 1221952032
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1221952095  Numsec = 28306530

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1250243728-1250263728)...
Done!
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E064DE9B

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aab960, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aaf790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0060, DeviceName: \Device\0000005d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aacb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007aac060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa0b70, DeviceName: \Device\0000005e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0

Partition information:

    Partition 0 type is Other (0x6)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 253  Numsec = 3934979

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 2015363072 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007aaeb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ad8060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007aa44a0, DeviceName: \Device\00000060\, DriverName: \Driver\USBSTOR\
------------ End ----------
=======================================


Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_r.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_4_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_4_r.mbam...
Removal finished
         

Alt 03.07.2013, 22:43   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Ist das falsche Log
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.07.2013, 10:02   #25
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



dann muss es dieses sein ...?!

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.03.06

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
HP :: HP-PC [administrator]

03.07.2013 16:51:37
mbar-log-2013-07-03 (16-51-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 246273
Time elapsed: 11 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 04.07.2013, 11:30   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.07.2013, 12:17   #27
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



aswMBR:

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 20:11:22
-----------------------------
20:11:22.685    OS Version: Windows x64 6.0.6002 Service Pack 2
20:11:22.685    Number of processors: 4 586 0x203
20:11:22.687    ComputerName: HP-PC  UserName: HP
20:11:24.362    Initialize success
20:11:24.687    AVAST engine defs: 13070200
20:11:27.179    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004e
20:11:27.179    Disk 0 Vendor: Hitachi_ JPGO Size: 610480MB BusType: 8
20:11:27.279    Disk 0 MBR read successfully
20:11:27.283    Disk 0 MBR scan
20:11:27.288    Disk 0 unknown MBR code
20:11:27.293    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       596656 MB offset 63
20:11:27.325    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        13821 MB offset 1221952095
20:11:27.366    Disk 0 scanning C:\Windows\system32\drivers
20:11:39.226    Service scanning
20:11:59.109    Modules scanning
20:11:59.120    Disk 0 trace - called modules:
20:11:59.161    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys 
20:11:59.168    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004aca790]
20:11:59.523    3 CLASSPNP.SYS[fffffa600098dc33] -> nt!IofCallDriver -> [0xfffffa80046adb10]
20:11:59.531    5 acpi.sys[fffffa6000821fde] -> nt!IofCallDriver -> \Device\0000004e[0xfffffa8004613060]
20:12:00.686    AVAST engine scan C:\Windows
20:12:10.127    AVAST engine scan C:\Windows\system32
20:15:01.484    AVAST engine scan C:\Windows\system32\drivers
20:15:14.518    AVAST engine scan C:\Users\HP
20:16:26.142    Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
20:16:26.143    The log file has been saved successfully to "C:\Users\HP\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-04 12:36:53
-----------------------------
12:36:53.090    OS Version: Windows x64 6.0.6002 Service Pack 2
12:36:53.090    Number of processors: 4 586 0x203
12:36:53.091    ComputerName: HP-PC  UserName: HP
12:36:55.964    Initialize success
12:36:56.222    AVAST engine defs: 13070301
12:38:47.560    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004f
12:38:47.575    Disk 0 Vendor: Hitachi_ JPGO Size: 610480MB BusType: 8
12:38:47.748    Disk 0 MBR read successfully
12:38:47.764    Disk 0 MBR scan
12:38:47.764    Disk 0 unknown MBR code
12:38:47.764    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       596656 MB offset 63
12:38:47.795    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        13821 MB offset 1221952095
12:38:47.873    Disk 0 scanning C:\Windows\system32\drivers
12:39:00.667    Service scanning
12:39:17.423    Modules scanning
12:39:17.423    Disk 0 trace - called modules:
12:39:17.454    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys 
12:39:17.454    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004acd260]
12:39:17.470    3 CLASSPNP.SYS[fffffa600098dc33] -> nt!IofCallDriver -> [0xfffffa80046b1e40]
12:39:17.470    5 acpi.sys[fffffa6000821fde] -> nt!IofCallDriver -> \Device\0000004f[0xfffffa8004611060]
12:39:19.031    AVAST engine scan C:\Windows
12:39:25.740    AVAST engine scan C:\Windows\system32
12:45:05.531    AVAST engine scan C:\Windows\system32\drivers
12:45:43.509    AVAST engine scan C:\Users\HP
12:56:58.752    AVAST engine scan C:\ProgramData
13:03:20.892    Scan finished successfully
13:10:00.410    Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
13:10:00.441    The log file has been saved successfully to "C:\Users\HP\Desktop\aswMBR.txt"
         


TDSS:
Code:
ATTFilter
13:13:03.0221 5064  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:13:03.0439 5064  ============================================================
13:13:03.0439 5064  Current date / time: 2013/07/04 13:13:03.0439
13:13:03.0439 5064  SystemInfo:
13:13:03.0439 5064  
13:13:03.0439 5064  OS Version: 6.0.6002 ServicePack: 2.0
13:13:03.0439 5064  Product type: Workstation
13:13:03.0439 5064  ComputerName: HP-PC
13:13:03.0439 5064  UserName: HP
13:13:03.0439 5064  Windows directory: C:\Windows
13:13:03.0439 5064  System windows directory: C:\Windows
13:13:03.0439 5064  Running under WOW64
13:13:03.0439 5064  Processor architecture: Intel x64
13:13:03.0439 5064  Number of processors: 4
13:13:03.0439 5064  Page size: 0x1000
13:13:03.0439 5064  Boot type: Normal boot
13:13:03.0439 5064  ============================================================
13:13:04.0094 5064  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:13:04.0094 5064  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:04.0094 5064  Drive \Device\Harddisk4\DR4 - Size: 0x78200000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:04.0110 5064  ============================================================
13:13:04.0110 5064  \Device\Harddisk0\DR0:
13:13:04.0110 5064  MBR partitions:
13:13:04.0110 5064  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48D58220
13:13:04.0110 5064  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48D5825F, BlocksNum 0x1AFEC62
13:13:04.0110 5064  \Device\Harddisk1\DR1:
13:13:04.0110 5064  MBR partitions:
13:13:04.0110 5064  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
13:13:04.0110 5064  \Device\Harddisk4\DR4:
13:13:04.0110 5064  MBR partitions:
13:13:04.0110 5064  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0xFD, BlocksNum 0x3C0B03
13:13:04.0110 5064  ============================================================
13:13:04.0126 5064  C: <-> \Device\Harddisk0\DR0\Partition1
13:13:04.0172 5064  D: <-> \Device\Harddisk0\DR0\Partition2
13:13:04.0204 5064  K: <-> \Device\Harddisk1\DR1\Partition1
13:13:04.0204 5064  ============================================================
13:13:04.0204 5064  Initialize success
13:13:04.0204 5064  ============================================================
13:13:07.0403 4820  ============================================================
13:13:07.0403 4820  Scan started
13:13:07.0403 4820  Mode: Manual; 
13:13:07.0403 4820  ============================================================
13:13:07.0980 4820  ================ Scan system memory ========================
13:13:07.0980 4820  System memory - ok
13:13:07.0980 4820  ================ Scan services =============================
13:13:08.0463 4820  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:13:08.0479 4820  ACPI - ok
13:13:08.0682 4820  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:13:08.0682 4820  AdobeARMservice - ok
13:13:09.0212 4820  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:13:09.0212 4820  AdobeFlashPlayerUpdateSvc - ok
13:13:09.0368 4820  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:13:09.0368 4820  adp94xx - ok
13:13:09.0399 4820  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:13:09.0399 4820  adpahci - ok
13:13:09.0415 4820  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:13:09.0415 4820  adpu160m - ok
13:13:09.0415 4820  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:13:09.0431 4820  adpu320 - ok
13:13:09.0462 4820  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:13:09.0477 4820  AeLookupSvc - ok
13:13:09.0493 4820  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
13:13:09.0509 4820  AFD - ok
13:13:09.0540 4820  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:13:09.0540 4820  agp440 - ok
13:13:09.0555 4820  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:13:09.0555 4820  aic78xx - ok
13:13:09.0571 4820  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
13:13:09.0571 4820  ALG - ok
13:13:09.0602 4820  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:13:09.0602 4820  aliide - ok
13:13:09.0618 4820  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
13:13:09.0618 4820  amdide - ok
13:13:09.0633 4820  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:13:09.0633 4820  AmdK8 - ok
13:13:09.0665 4820  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
13:13:09.0680 4820  Appinfo - ok
13:13:09.0774 4820  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:13:09.0789 4820  Apple Mobile Device - ok
13:13:09.0805 4820  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
13:13:09.0805 4820  arc - ok
13:13:09.0836 4820  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:13:09.0836 4820  arcsas - ok
13:13:09.0883 4820  [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
13:13:09.0883 4820  aswFsBlk - ok
13:13:09.0914 4820  [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:13:09.0914 4820  aswMonFlt - ok
13:13:09.0930 4820  [ 2CF56F9848BF7841FF420E9DD95029EE ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
13:13:09.0930 4820  aswRdr - ok
13:13:09.0961 4820  [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:13:09.0977 4820  aswSnx - ok
13:13:10.0008 4820  [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:13:10.0008 4820  aswSP - ok
13:13:10.0039 4820  [ C3EC420451AC5300A22190AE38418FBA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
13:13:10.0039 4820  aswTdi - ok
13:13:10.0086 4820  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:13:10.0086 4820  AsyncMac - ok
13:13:10.0101 4820  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:13:10.0101 4820  atapi - ok
13:13:10.0164 4820  [ 0EB0A49C55D0C9102499353B80BDB021 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:13:10.0179 4820  Ati External Event Utility - ok
13:13:10.0351 4820  [ 6F677A4B26E88AC10F72F1614FDA470A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:13:10.0429 4820  atikmdag - ok
13:13:10.0507 4820  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:13:10.0507 4820  AudioEndpointBuilder - ok
13:13:10.0523 4820  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:13:10.0523 4820  AudioSrv - ok
13:13:10.0585 4820  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:13:10.0585 4820  avast! Antivirus - ok
13:13:10.0647 4820  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
13:13:10.0647 4820  BFE - ok
13:13:10.0710 4820  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
13:13:10.0741 4820  BITS - ok
13:13:10.0772 4820  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:13:10.0772 4820  blbdrive - ok
13:13:10.0803 4820  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:13:10.0819 4820  Bonjour Service - ok
13:13:10.0850 4820  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:13:10.0850 4820  bowser - ok
13:13:10.0881 4820  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:13:10.0881 4820  BrFiltLo - ok
13:13:10.0897 4820  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:13:10.0897 4820  BrFiltUp - ok
13:13:10.0928 4820  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
13:13:10.0944 4820  Browser - ok
13:13:10.0959 4820  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:13:10.0959 4820  Brserid - ok
13:13:10.0975 4820  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:13:10.0975 4820  BrSerWdm - ok
13:13:10.0975 4820  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:13:10.0975 4820  BrUsbMdm - ok
13:13:10.0991 4820  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:13:10.0991 4820  BrUsbSer - ok
13:13:11.0006 4820  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:13:11.0006 4820  BTHMODEM - ok
13:13:11.0053 4820  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:13:11.0069 4820  cdfs - ok
13:13:11.0084 4820  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:13:11.0084 4820  cdrom - ok
13:13:11.0162 4820  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:13:11.0162 4820  CertPropSvc - ok
13:13:11.0178 4820  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:13:11.0178 4820  circlass - ok
13:13:11.0240 4820  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
13:13:11.0256 4820  CLFS - ok
13:13:11.0287 4820  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:13:11.0287 4820  clr_optimization_v2.0.50727_32 - ok
13:13:11.0349 4820  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:13:11.0349 4820  clr_optimization_v2.0.50727_64 - ok
13:13:11.0412 4820  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:13:11.0412 4820  clr_optimization_v4.0.30319_32 - ok
13:13:11.0460 4820  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:13:11.0460 4820  clr_optimization_v4.0.30319_64 - ok
13:13:11.0491 4820  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:13:11.0491 4820  cmdide - ok
13:13:11.0491 4820  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:13:11.0506 4820  Compbatt - ok
13:13:11.0506 4820  COMSysApp - ok
13:13:11.0522 4820  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:13:11.0522 4820  crcdisk - ok
13:13:11.0569 4820  [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:13:11.0569 4820  CryptSvc - ok
13:13:11.0647 4820  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:13:11.0662 4820  DcomLaunch - ok
13:13:11.0709 4820  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:13:11.0709 4820  DfsC - ok
13:13:12.0006 4820  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
13:13:12.0084 4820  DFSR - ok
13:13:12.0177 4820  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:13:12.0193 4820  Dhcp - ok
13:13:12.0224 4820  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
13:13:12.0224 4820  disk - ok
13:13:12.0271 4820  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:13:12.0271 4820  Dnscache - ok
13:13:12.0333 4820  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:13:12.0349 4820  dot3svc - ok
13:13:12.0380 4820  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
13:13:12.0380 4820  DPS - ok
13:13:12.0411 4820  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:13:12.0411 4820  drmkaud - ok
13:13:12.0458 4820  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:13:12.0474 4820  DXGKrnl - ok
13:13:12.0505 4820  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
13:13:12.0505 4820  E1G60 - ok
13:13:12.0536 4820  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
13:13:12.0552 4820  EapHost - ok
13:13:12.0552 4820  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:13:12.0567 4820  Ecache - ok
13:13:12.0598 4820  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:13:12.0598 4820  ehRecvr - ok
13:13:12.0614 4820  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
13:13:12.0614 4820  ehSched - ok
13:13:12.0645 4820  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
13:13:12.0645 4820  ehstart - ok
13:13:12.0661 4820  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:13:12.0676 4820  elxstor - ok
13:13:12.0801 4820  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:13:12.0832 4820  EMDMgmt - ok
13:13:12.0832 4820  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:13:12.0848 4820  ErrDev - ok
13:13:12.0910 4820  esgiguard - ok
13:13:12.0957 4820  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
13:13:12.0973 4820  EventSystem - ok
13:13:13.0020 4820  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:13:13.0020 4820  exfat - ok
13:13:13.0035 4820  ezSharedSvc - ok
13:13:13.0113 4820  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:13:13.0144 4820  fastfat - ok
13:13:13.0176 4820  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:13:13.0176 4820  fdc - ok
13:13:13.0191 4820  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
13:13:13.0191 4820  fdPHost - ok
13:13:13.0238 4820  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
13:13:13.0254 4820  FDResPub - ok
13:13:13.0285 4820  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:13:13.0285 4820  FileInfo - ok
13:13:13.0300 4820  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:13:13.0300 4820  Filetrace - ok
13:13:13.0316 4820  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:13:13.0332 4820  flpydisk - ok
13:13:13.0394 4820  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:13:13.0394 4820  FltMgr - ok
13:13:13.0659 4820  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
13:13:13.0675 4820  FontCache - ok
13:13:13.0784 4820  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:13:13.0784 4820  FontCache3.0.0.0 - ok
13:13:13.0831 4820  [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:13:13.0831 4820  fssfltr - ok
13:13:13.0893 4820  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:13:13.0893 4820  fsssvc - ok
13:13:13.0940 4820  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:13:13.0940 4820  Fs_Rec - ok
13:13:13.0971 4820  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:13:13.0971 4820  gagp30kx - ok
13:13:14.0002 4820  [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
13:13:14.0034 4820  GameConsoleService - ok
13:13:14.0065 4820  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:13:14.0065 4820  GEARAspiWDM - ok
13:13:14.0143 4820  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:13:14.0174 4820  gpsvc - ok
13:13:14.0221 4820  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:13:14.0236 4820  HdAudAddService - ok
13:13:14.0268 4820  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:13:14.0283 4820  HDAudBus - ok
13:13:14.0299 4820  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:13:14.0299 4820  HidBth - ok
13:13:14.0314 4820  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:13:14.0314 4820  HidIr - ok
13:13:14.0361 4820  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
13:13:14.0377 4820  hidserv - ok
13:13:14.0392 4820  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:13:14.0392 4820  HidUsb - ok
13:13:14.0408 4820  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:13:14.0424 4820  hkmsvc - ok
13:13:14.0470 4820  [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:13:14.0470 4820  HP Health Check Service - ok
13:13:14.0517 4820  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:13:14.0517 4820  HpCISSs - ok
13:13:14.0580 4820  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:13:14.0595 4820  HTTP - ok
13:13:14.0642 4820  [ 4B7423FCC37664954460AC3E71752B62 ] hxctlflt        C:\Windows\system32\DRIVERS\hxctlflt.sys
13:13:14.0642 4820  hxctlflt - ok
13:13:14.0658 4820  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:13:14.0658 4820  i2omp - ok
13:13:14.0673 4820  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:13:14.0673 4820  i8042prt - ok
13:13:14.0704 4820  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:13:14.0704 4820  iaStorV - ok
13:13:14.0798 4820  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:13:14.0798 4820  IDriverT - ok
13:13:14.0860 4820  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:13:14.0876 4820  idsvc - ok
13:13:14.0923 4820  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:13:14.0923 4820  iirsp - ok
13:13:14.0970 4820  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
13:13:14.0985 4820  IKEEXT - ok
13:13:15.0063 4820  [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:13:15.0110 4820  IntcAzAudAddService - ok
13:13:15.0157 4820  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
13:13:15.0157 4820  intelide - ok
13:13:15.0172 4820  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:13:15.0172 4820  intelppm - ok
13:13:15.0204 4820  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:13:15.0204 4820  IPBusEnum - ok
13:13:15.0219 4820  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:13:15.0219 4820  IpFilterDriver - ok
13:13:15.0250 4820  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:13:15.0250 4820  iphlpsvc - ok
13:13:15.0266 4820  IpInIp - ok
13:13:15.0297 4820  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:13:15.0297 4820  IPMIDRV - ok
13:13:15.0297 4820  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:13:15.0313 4820  IPNAT - ok
13:13:15.0360 4820  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:13:15.0375 4820  iPod Service - ok
13:13:15.0375 4820  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:13:15.0375 4820  IRENUM - ok
13:13:15.0422 4820  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:13:15.0422 4820  isapnp - ok
13:13:15.0469 4820  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:13:15.0469 4820  iScsiPrt - ok
13:13:15.0484 4820  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:13:15.0484 4820  iteatapi - ok
13:13:15.0500 4820  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:13:15.0500 4820  iteraid - ok
13:13:15.0516 4820  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:13:15.0516 4820  kbdclass - ok
13:13:15.0531 4820  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:13:15.0531 4820  kbdhid - ok
13:13:15.0594 4820  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
13:13:15.0609 4820  KeyIso - ok
13:13:15.0656 4820  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:13:15.0656 4820  KSecDD - ok
13:13:15.0687 4820  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:13:15.0687 4820  ksthunk - ok
13:13:15.0734 4820  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:13:15.0734 4820  KtmRm - ok
13:13:15.0765 4820  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:13:15.0781 4820  LanmanServer - ok
13:13:15.0796 4820  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:13:15.0796 4820  LanmanWorkstation - ok
13:13:15.0828 4820  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:13:15.0828 4820  lltdio - ok
13:13:15.0843 4820  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:13:15.0859 4820  lltdsvc - ok
13:13:15.0874 4820  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:13:15.0874 4820  lmhosts - ok
13:13:15.0890 4820  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:13:15.0890 4820  LSI_FC - ok
13:13:15.0906 4820  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:13:15.0906 4820  LSI_SAS - ok
13:13:15.0952 4820  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:13:15.0952 4820  LSI_SCSI - ok
13:13:15.0984 4820  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:13:15.0984 4820  luafv - ok
13:13:16.0015 4820  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:13:16.0015 4820  Mcx2Svc - ok
13:13:16.0046 4820  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
13:13:16.0046 4820  megasas - ok
13:13:16.0093 4820  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:13:16.0093 4820  MegaSR - ok
13:13:16.0108 4820  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
13:13:16.0124 4820  MMCSS - ok
13:13:16.0140 4820  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
13:13:16.0140 4820  Modem - ok
13:13:16.0171 4820  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:13:16.0171 4820  monitor - ok
13:13:16.0186 4820  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:13:16.0186 4820  mouclass - ok
13:13:16.0218 4820  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:13:16.0218 4820  mouhid - ok
13:13:16.0233 4820  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:13:16.0233 4820  MountMgr - ok
13:13:16.0249 4820  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:13:16.0249 4820  mpio - ok
13:13:16.0264 4820  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:13:16.0264 4820  mpsdrv - ok
13:13:16.0327 4820  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:13:16.0342 4820  MpsSvc - ok
13:13:16.0358 4820  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:13:16.0358 4820  Mraid35x - ok
13:13:16.0358 4820  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:13:16.0374 4820  MRxDAV - ok
13:13:16.0389 4820  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:13:16.0405 4820  mrxsmb - ok
13:13:16.0420 4820  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:13:16.0436 4820  mrxsmb10 - ok
13:13:16.0436 4820  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:13:16.0436 4820  mrxsmb20 - ok
13:13:16.0452 4820  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
13:13:16.0467 4820  msahci - ok
13:13:16.0467 4820  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:13:16.0467 4820  msdsm - ok
13:13:16.0498 4820  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
13:13:16.0498 4820  MSDTC - ok
13:13:16.0530 4820  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:13:16.0530 4820  Msfs - ok
13:13:16.0561 4820  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:13:16.0561 4820  msisadrv - ok
13:13:16.0592 4820  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:13:16.0592 4820  MSiSCSI - ok
13:13:16.0592 4820  msiserver - ok
13:13:16.0639 4820  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:13:16.0639 4820  MSKSSRV - ok
13:13:16.0654 4820  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:13:16.0654 4820  MSPCLOCK - ok
13:13:16.0670 4820  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:13:16.0670 4820  MSPQM - ok
13:13:16.0717 4820  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:13:16.0732 4820  MsRPC - ok
13:13:16.0748 4820  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:13:16.0748 4820  mssmbios - ok
13:13:16.0748 4820  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:13:16.0748 4820  MSTEE - ok
13:13:16.0764 4820  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:13:16.0764 4820  Mup - ok
13:13:16.0810 4820  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
13:13:16.0842 4820  napagent - ok
13:13:16.0888 4820  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:13:16.0888 4820  NativeWifiP - ok
13:13:16.0966 4820  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:13:16.0998 4820  NDIS - ok
13:13:17.0029 4820  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:13:17.0029 4820  NdisTapi - ok
13:13:17.0044 4820  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:13:17.0044 4820  Ndisuio - ok
13:13:17.0107 4820  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:13:17.0107 4820  NdisWan - ok
13:13:17.0122 4820  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:13:17.0122 4820  NDProxy - ok
13:13:17.0138 4820  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:13:17.0138 4820  NetBIOS - ok
13:13:17.0200 4820  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:13:17.0200 4820  netbt - ok
13:13:17.0200 4820  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
13:13:17.0216 4820  Netlogon - ok
13:13:17.0247 4820  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
13:13:17.0247 4820  Netman - ok
13:13:17.0263 4820  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
13:13:17.0278 4820  netprofm - ok
13:13:17.0325 4820  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:13:17.0341 4820  NetTcpPortSharing - ok
13:13:17.0372 4820  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:13:17.0372 4820  nfrd960 - ok
13:13:17.0902 4820  [ 29BC5B7C7C981FB8CD7A781A9E067AF7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
13:13:18.0027 4820  NIHardwareService - ok
13:13:18.0058 4820  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:13:18.0058 4820  NlaSvc - ok
13:13:18.0105 4820  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:13:18.0105 4820  Npfs - ok
13:13:18.0136 4820  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
13:13:18.0152 4820  nsi - ok
13:13:18.0168 4820  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:13:18.0168 4820  nsiproxy - ok
13:13:18.0448 4820  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:13:18.0495 4820  Ntfs - ok
13:13:18.0511 4820  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
13:13:18.0511 4820  Null - ok
13:13:18.0573 4820  [ 13EC5B8A4B82B6DEB739FC577B4217A7 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx64.sys
13:13:18.0604 4820  NVENETFD - ok
13:13:18.0604 4820  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:13:18.0604 4820  nvraid - ok
13:13:18.0636 4820  [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64          C:\Windows\system32\drivers\nvrd64.sys
13:13:18.0636 4820  nvrd64 - ok
13:13:18.0667 4820  [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
13:13:18.0667 4820  nvsmu - ok
13:13:18.0682 4820  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:13:18.0682 4820  nvstor - ok
13:13:18.0714 4820  [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64        C:\Windows\system32\drivers\nvstor64.sys
13:13:18.0714 4820  nvstor64 - ok
13:13:18.0760 4820  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:13:18.0760 4820  nv_agp - ok
13:13:18.0760 4820  NwlnkFlt - ok
13:13:18.0776 4820  NwlnkFwd - ok
13:13:18.0854 4820  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:13:18.0870 4820  odserv - ok
13:13:18.0916 4820  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:13:18.0916 4820  ohci1394 - ok
13:13:18.0948 4820  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:13:18.0948 4820  ose - ok
13:13:18.0994 4820  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:13:19.0010 4820  p2pimsvc - ok
13:13:19.0041 4820  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
13:13:19.0057 4820  p2psvc - ok
13:13:19.0057 4820  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
13:13:19.0072 4820  Parport - ok
13:13:19.0088 4820  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:13:19.0104 4820  partmgr - ok
13:13:19.0119 4820  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:13:19.0119 4820  PcaSvc - ok
13:13:19.0150 4820  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
13:13:19.0150 4820  pci - ok
13:13:19.0197 4820  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:13:19.0197 4820  pciide - ok
13:13:19.0275 4820  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:13:19.0306 4820  pcmcia - ok
13:13:19.0322 4820  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:13:19.0338 4820  PEAUTH - ok
13:13:19.0400 4820  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:13:19.0400 4820  PerfHost - ok
13:13:19.0478 4820  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
13:13:19.0509 4820  pla - ok
13:13:19.0572 4820  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:13:19.0587 4820  PlugPlay - ok
13:13:19.0618 4820  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:13:19.0634 4820  PNRPAutoReg - ok
13:13:19.0650 4820  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:13:19.0665 4820  PNRPsvc - ok
13:13:19.0728 4820  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:13:19.0743 4820  PolicyAgent - ok
13:13:19.0806 4820  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:13:19.0806 4820  PptpMiniport - ok
13:13:19.0821 4820  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:13:19.0821 4820  Processor - ok
13:13:19.0884 4820  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:13:19.0899 4820  ProfSvc - ok
13:13:19.0930 4820  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:13:19.0930 4820  ProtectedStorage - ok
13:13:19.0977 4820  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
13:13:19.0977 4820  Ps2 - ok
13:13:20.0024 4820  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:13:20.0024 4820  PSched - ok
13:13:20.0071 4820  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:13:20.0102 4820  ql2300 - ok
13:13:20.0118 4820  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:13:20.0118 4820  ql40xx - ok
13:13:20.0164 4820  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
13:13:20.0164 4820  QWAVE - ok
13:13:20.0180 4820  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:13:20.0180 4820  QWAVEdrv - ok
13:13:20.0180 4820  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:13:20.0196 4820  RasAcd - ok
13:13:20.0196 4820  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
13:13:20.0227 4820  RasAuto - ok
13:13:20.0274 4820  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:13:20.0274 4820  Rasl2tp - ok
13:13:20.0320 4820  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
13:13:20.0336 4820  RasMan - ok
13:13:20.0383 4820  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:13:20.0383 4820  RasPppoe - ok
13:13:20.0414 4820  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:13:20.0414 4820  RasSstp - ok
13:13:20.0461 4820  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:13:20.0461 4820  rdbss - ok
13:13:20.0492 4820  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:13:20.0492 4820  RDPCDD - ok
13:13:20.0523 4820  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:13:20.0539 4820  rdpdr - ok
13:13:20.0539 4820  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:13:20.0554 4820  RDPENCDD - ok
13:13:20.0586 4820  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:13:20.0586 4820  RDPWD - ok
13:13:20.0617 4820  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:13:20.0617 4820  RemoteAccess - ok
13:13:20.0632 4820  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:13:20.0648 4820  RemoteRegistry - ok
13:13:20.0648 4820  RimUsb - ok
13:13:20.0710 4820  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:13:20.0710 4820  RimVSerPort - ok
13:13:20.0710 4820  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
13:13:20.0710 4820  ROOTMODEM - ok
13:13:20.0726 4820  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
13:13:20.0742 4820  RpcLocator - ok
13:13:20.0757 4820  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
13:13:20.0773 4820  RpcSs - ok
13:13:20.0773 4820  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:13:20.0788 4820  rspndr - ok
13:13:20.0804 4820  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
13:13:20.0804 4820  SamSs - ok
13:13:20.0820 4820  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:13:20.0820 4820  sbp2port - ok
13:13:20.0866 4820  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:13:20.0882 4820  SCardSvr - ok
13:13:20.0944 4820  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
13:13:20.0976 4820  Schedule - ok
13:13:21.0022 4820  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:13:21.0022 4820  SCPolicySvc - ok
13:13:21.0069 4820  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:13:21.0100 4820  ScreamBAudioSvc - ok
13:13:21.0132 4820  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:13:21.0147 4820  SDRSVC - ok
13:13:21.0194 4820  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:13:21.0194 4820  secdrv - ok
13:13:21.0210 4820  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
13:13:21.0210 4820  seclogon - ok
13:13:21.0225 4820  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
13:13:21.0241 4820  SENS - ok
13:13:21.0241 4820  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:13:21.0241 4820  Serenum - ok
13:13:21.0272 4820  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
13:13:21.0272 4820  Serial - ok
13:13:21.0272 4820  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:13:21.0272 4820  sermouse - ok
13:13:21.0303 4820  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:13:21.0319 4820  SessionEnv - ok
13:13:21.0334 4820  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:13:21.0334 4820  sffdisk - ok
13:13:21.0334 4820  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:13:21.0334 4820  sffp_mmc - ok
13:13:21.0350 4820  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:13:21.0366 4820  sffp_sd - ok
13:13:21.0397 4820  [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:13:21.0397 4820  sfloppy - ok
13:13:21.0428 4820  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:13:21.0428 4820  SharedAccess - ok
13:13:21.0459 4820  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:13:21.0475 4820  ShellHWDetection - ok
13:13:21.0490 4820  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:13:21.0490 4820  SiSRaid2 - ok
13:13:21.0506 4820  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:13:21.0506 4820  SiSRaid4 - ok
13:13:21.0554 4820  [ E0211E7E0D9CF5672174014BC6524E79 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:13:21.0554 4820  SkypeUpdate - ok
13:13:21.0866 4820  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
13:13:21.0944 4820  slsvc - ok
13:13:22.0006 4820  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:13:22.0006 4820  SLUINotify - ok
13:13:22.0084 4820  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:13:22.0084 4820  Smb - ok
13:13:22.0115 4820  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:13:22.0131 4820  SNMPTRAP - ok
13:13:22.0381 4820  [ 56B69DE178E12F4C2A25AC18E1D0BFB0 ] SNPSTD3         C:\Windows\system32\DRIVERS\snpstd3.sys
13:13:22.0568 4820  SNPSTD3 - ok
13:13:22.0615 4820  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
13:13:22.0615 4820  spldr - ok
13:13:22.0646 4820  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
13:13:22.0661 4820  Spooler - ok
13:13:22.0693 4820  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:13:22.0693 4820  srv - ok
13:13:22.0708 4820  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:13:22.0708 4820  srv2 - ok
13:13:22.0724 4820  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:13:22.0739 4820  srvnet - ok
13:13:22.0755 4820  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:13:22.0771 4820  SSDPSRV - ok
13:13:22.0802 4820  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:13:22.0817 4820  SstpSvc - ok
13:13:22.0864 4820  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
13:13:22.0880 4820  stisvc - ok
13:13:22.0895 4820  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:13:22.0895 4820  swenum - ok
13:13:22.0958 4820  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
13:13:22.0973 4820  swprv - ok
13:13:22.0973 4820  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:13:22.0973 4820  Symc8xx - ok
13:13:22.0989 4820  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:13:22.0989 4820  Sym_hi - ok
13:13:23.0005 4820  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:13:23.0005 4820  Sym_u3 - ok
13:13:23.0083 4820  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
13:13:23.0098 4820  SysMain - ok
13:13:23.0129 4820  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:13:23.0129 4820  TabletInputService - ok
13:13:23.0192 4820  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:13:23.0192 4820  TapiSrv - ok
13:13:23.0207 4820  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
13:13:23.0223 4820  TBS - ok
13:13:23.0270 4820  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:13:23.0301 4820  Tcpip - ok
13:13:23.0317 4820  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:13:23.0348 4820  Tcpip6 - ok
13:13:23.0363 4820  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:13:23.0363 4820  tcpipreg - ok
13:13:23.0395 4820  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:13:23.0395 4820  TDPIPE - ok
13:13:23.0410 4820  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:13:23.0410 4820  TDTCP - ok
13:13:23.0410 4820  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:13:23.0426 4820  tdx - ok
13:13:23.0441 4820  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:13:23.0441 4820  TermDD - ok
13:13:23.0519 4820  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
13:13:23.0551 4820  TermService - ok
13:13:23.0566 4820  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
13:13:23.0566 4820  Themes - ok
13:13:23.0582 4820  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:13:23.0597 4820  THREADORDER - ok
13:13:23.0613 4820  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
13:13:23.0613 4820  TrkWks - ok
13:13:23.0660 4820  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:13:23.0675 4820  TrustedInstaller - ok
13:13:23.0707 4820  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:13:23.0707 4820  tssecsrv - ok
13:13:23.0738 4820  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:13:23.0738 4820  tunmp - ok
13:13:23.0785 4820  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:13:23.0785 4820  tunnel - ok
13:13:23.0800 4820  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:13:23.0816 4820  uagp35 - ok
13:13:23.0831 4820  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:13:23.0831 4820  udfs - ok
13:13:23.0863 4820  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:13:23.0863 4820  UI0Detect - ok
13:13:23.0878 4820  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:13:23.0878 4820  uliagpkx - ok
13:13:23.0894 4820  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:13:23.0894 4820  uliahci - ok
13:13:23.0909 4820  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:13:23.0909 4820  UlSata - ok
13:13:23.0925 4820  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:13:23.0925 4820  ulsata2 - ok
13:13:23.0956 4820  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:13:23.0956 4820  umbus - ok
13:13:23.0987 4820  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
13:13:24.0003 4820  upnphost - ok
13:13:24.0019 4820  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:13:24.0034 4820  USBAAPL64 - ok
13:13:24.0065 4820  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:13:24.0065 4820  usbaudio - ok
13:13:24.0128 4820  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:13:24.0128 4820  usbccgp - ok
13:13:24.0143 4820  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:13:24.0143 4820  usbcir - ok
13:13:24.0159 4820  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:13:24.0159 4820  usbehci - ok
13:13:24.0206 4820  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:13:24.0206 4820  usbhub - ok
13:13:24.0221 4820  [ E406B003A354776D317762694956B0FC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:13:24.0221 4820  usbohci - ok
13:13:24.0253 4820  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:13:24.0253 4820  usbprint - ok
13:13:24.0299 4820  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:13:24.0299 4820  usbscan - ok
13:13:24.0315 4820  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:13:24.0315 4820  USBSTOR - ok
13:13:24.0346 4820  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:13:24.0346 4820  usbuhci - ok
13:13:24.0393 4820  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
13:13:24.0393 4820  UxSms - ok
13:13:24.0440 4820  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
13:13:24.0455 4820  vds - ok
13:13:24.0487 4820  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:13:24.0487 4820  vga - ok
13:13:24.0502 4820  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:13:24.0502 4820  VgaSave - ok
13:13:24.0502 4820  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
13:13:24.0502 4820  viaide - ok
13:13:24.0518 4820  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:13:24.0518 4820  volmgr - ok
13:13:24.0565 4820  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:13:24.0565 4820  volmgrx - ok
13:13:24.0611 4820  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:13:24.0611 4820  volsnap - ok
13:13:24.0627 4820  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:13:24.0627 4820  vsmraid - ok
13:13:24.0705 4820  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
13:13:24.0721 4820  VSS - ok
13:13:24.0783 4820  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
13:13:24.0799 4820  W32Time - ok
13:13:24.0830 4820  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:13:24.0830 4820  WacomPen - ok
13:13:24.0861 4820  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:13:24.0861 4820  Wanarp - ok
13:13:24.0861 4820  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:13:24.0877 4820  Wanarpv6 - ok
13:13:24.0908 4820  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:13:24.0908 4820  wcncsvc - ok
13:13:24.0939 4820  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:13:24.0939 4820  WcsPlugInService - ok
13:13:24.0955 4820  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
13:13:24.0955 4820  Wd - ok
13:13:25.0001 4820  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:13:25.0017 4820  Wdf01000 - ok
13:13:25.0033 4820  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:13:25.0033 4820  WdiServiceHost - ok
13:13:25.0033 4820  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:13:25.0048 4820  WdiSystemHost - ok
13:13:25.0064 4820  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
13:13:25.0064 4820  WebClient - ok
13:13:25.0095 4820  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:13:25.0111 4820  Wecsvc - ok
13:13:25.0126 4820  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:13:25.0126 4820  wercplsupport - ok
13:13:25.0142 4820  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
13:13:25.0142 4820  WerSvc - ok
13:13:25.0173 4820  WinDefend - ok
13:13:25.0173 4820  WinHttpAutoProxySvc - ok
13:13:25.0267 4820  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:13:25.0282 4820  Winmgmt - ok
13:13:25.0345 4820  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:13:25.0391 4820  WinRM - ok
13:13:25.0438 4820  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
13:13:25.0454 4820  WinUSB - ok
13:13:25.0485 4820  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:13:25.0501 4820  Wlansvc - ok
13:13:25.0516 4820  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:13:25.0516 4820  WmiAcpi - ok
13:13:25.0579 4820  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:13:25.0579 4820  wmiApSrv - ok
13:13:25.0594 4820  WMPNetworkSvc - ok
13:13:25.0625 4820  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:13:25.0625 4820  WPCSvc - ok
13:13:25.0672 4820  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:13:25.0688 4820  WPDBusEnum - ok
13:13:25.0719 4820  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:13:25.0719 4820  WpdUsb - ok
13:13:25.0797 4820  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:13:25.0828 4820  WPFFontCache_v0400 - ok
13:13:25.0844 4820  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:13:25.0844 4820  ws2ifsl - ok
13:13:25.0891 4820  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
13:13:25.0906 4820  wscsvc - ok
13:13:25.0906 4820  WSearch - ok
13:13:25.0984 4820  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:13:26.0031 4820  wuauserv - ok
13:13:26.0078 4820  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:13:26.0078 4820  WudfPf - ok
13:13:26.0125 4820  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:13:26.0125 4820  WUDFRd - ok
13:13:26.0140 4820  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:13:26.0140 4820  wudfsvc - ok
13:13:26.0156 4820  ================ Scan global ===============================
13:13:26.0171 4820  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:13:26.0218 4820  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:13:26.0234 4820  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:13:26.0343 4820  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
13:13:26.0359 4820  [Global] - ok
13:13:26.0359 4820  ================ Scan MBR ==================================
13:13:26.0390 4820  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
13:13:27.0795 4820  \Device\Harddisk0\DR0 - ok
13:13:27.0795 4820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:13:27.0795 4820  \Device\Harddisk1\DR1 - ok
13:13:27.0810 4820  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
13:13:27.0842 4820  \Device\Harddisk4\DR4 - ok
13:13:27.0842 4820  ================ Scan VBR ==================================
13:13:27.0873 4820  [ B7F665ADAB27EA8A68B47C61FF02D011 ] \Device\Harddisk0\DR0\Partition1
13:13:27.0920 4820  \Device\Harddisk0\DR0\Partition1 - ok
13:13:27.0982 4820  [ 4B79F7981523E0B791605B829695078F ] \Device\Harddisk0\DR0\Partition2
13:13:28.0013 4820  \Device\Harddisk0\DR0\Partition2 - ok
13:13:28.0029 4820  [ 0D38F8AF2BCDCDB9D7E39FE65F4F46A8 ] \Device\Harddisk1\DR1\Partition1
13:13:28.0029 4820  \Device\Harddisk1\DR1\Partition1 - ok
13:13:28.0029 4820  [ 486D6BD2369767511B3A906A244D8E84 ] \Device\Harddisk4\DR4\Partition1
13:13:28.0029 4820  \Device\Harddisk4\DR4\Partition1 - ok
13:13:28.0029 4820  ============================================================
13:13:28.0029 4820  Scan finished
13:13:28.0029 4820  ============================================================
13:13:28.0044 5540  Detected object count: 0
13:13:28.0044 5540  Actual detected object count: 0
13:15:02.0072 4692  ============================================================
13:15:02.0072 4692  Scan started
13:15:02.0072 4692  Mode: Manual; 
13:15:02.0072 4692  ============================================================
13:15:02.0477 4692  ================ Scan system memory ========================
13:15:02.0477 4692  System memory - ok
13:15:02.0477 4692  ================ Scan services =============================
13:15:02.0603 4692  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:15:02.0619 4692  ACPI - ok
13:15:02.0681 4692  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:15:02.0681 4692  AdobeARMservice - ok
13:15:02.0759 4692  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:15:02.0759 4692  AdobeFlashPlayerUpdateSvc - ok
13:15:02.0790 4692  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:15:02.0790 4692  adp94xx - ok
13:15:02.0821 4692  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:15:02.0821 4692  adpahci - ok
13:15:02.0837 4692  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:15:02.0837 4692  adpu160m - ok
13:15:02.0853 4692  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:15:02.0853 4692  adpu320 - ok
13:15:02.0884 4692  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:15:02.0884 4692  AeLookupSvc - ok
13:15:02.0915 4692  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
13:15:02.0915 4692  AFD - ok
13:15:02.0931 4692  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:15:02.0931 4692  agp440 - ok
13:15:02.0946 4692  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:15:02.0946 4692  aic78xx - ok
13:15:02.0962 4692  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
13:15:02.0962 4692  ALG - ok
13:15:02.0977 4692  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:15:02.0977 4692  aliide - ok
13:15:02.0993 4692  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
13:15:02.0993 4692  amdide - ok
13:15:03.0009 4692  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:15:03.0009 4692  AmdK8 - ok
13:15:03.0009 4692  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
13:15:03.0009 4692  Appinfo - ok
13:15:03.0071 4692  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:15:03.0071 4692  Apple Mobile Device - ok
13:15:03.0102 4692  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
13:15:03.0102 4692  arc - ok
13:15:03.0102 4692  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:15:03.0102 4692  arcsas - ok
13:15:03.0133 4692  [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
13:15:03.0133 4692  aswFsBlk - ok
13:15:03.0149 4692  [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:15:03.0149 4692  aswMonFlt - ok
13:15:03.0165 4692  [ 2CF56F9848BF7841FF420E9DD95029EE ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
13:15:03.0165 4692  aswRdr - ok
13:15:03.0196 4692  [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:15:03.0211 4692  aswSnx - ok
13:15:03.0227 4692  [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:15:03.0227 4692  aswSP - ok
13:15:03.0243 4692  [ C3EC420451AC5300A22190AE38418FBA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
13:15:03.0243 4692  aswTdi - ok
13:15:03.0258 4692  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:15:03.0258 4692  AsyncMac - ok
13:15:03.0289 4692  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:15:03.0289 4692  atapi - ok
13:15:03.0321 4692  [ 0EB0A49C55D0C9102499353B80BDB021 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:15:03.0336 4692  Ati External Event Utility - ok
13:15:03.0445 4692  [ 6F677A4B26E88AC10F72F1614FDA470A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:15:03.0492 4692  atikmdag - ok
13:15:03.0555 4692  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:15:03.0555 4692  AudioEndpointBuilder - ok
13:15:03.0555 4692  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:15:03.0570 4692  AudioSrv - ok
13:15:03.0601 4692  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:15:03.0601 4692  avast! Antivirus - ok
13:15:03.0664 4692  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
13:15:03.0664 4692  BFE - ok
13:15:03.0695 4692  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
13:15:03.0695 4692  BITS - ok
13:15:03.0726 4692  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:15:03.0726 4692  blbdrive - ok
13:15:03.0757 4692  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:15:03.0757 4692  Bonjour Service - ok
13:15:03.0789 4692  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:15:03.0804 4692  bowser - ok
13:15:03.0804 4692  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:15:03.0804 4692  BrFiltLo - ok
13:15:03.0820 4692  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:15:03.0820 4692  BrFiltUp - ok
13:15:03.0851 4692  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
13:15:03.0851 4692  Browser - ok
13:15:03.0867 4692  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:15:03.0867 4692  Brserid - ok
13:15:03.0882 4692  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:15:03.0882 4692  BrSerWdm - ok
13:15:03.0882 4692  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:15:03.0882 4692  BrUsbMdm - ok
13:15:03.0898 4692  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:15:03.0898 4692  BrUsbSer - ok
13:15:03.0913 4692  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:15:03.0913 4692  BTHMODEM - ok
13:15:03.0929 4692  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:15:03.0945 4692  cdfs - ok
13:15:03.0960 4692  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:15:03.0960 4692  cdrom - ok
13:15:04.0007 4692  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:15:04.0023 4692  CertPropSvc - ok
13:15:04.0038 4692  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:15:04.0038 4692  circlass - ok
13:15:04.0101 4692  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
13:15:04.0101 4692  CLFS - ok
13:15:04.0179 4692  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:15:04.0179 4692  clr_optimization_v2.0.50727_32 - ok
13:15:04.0241 4692  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:15:04.0241 4692  clr_optimization_v2.0.50727_64 - ok
13:15:04.0272 4692  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:15:04.0272 4692  clr_optimization_v4.0.30319_32 - ok
13:15:04.0319 4692  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:15:04.0319 4692  clr_optimization_v4.0.30319_64 - ok
13:15:04.0335 4692  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:15:04.0335 4692  cmdide - ok
13:15:04.0350 4692  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:15:04.0350 4692  Compbatt - ok
13:15:04.0350 4692  COMSysApp - ok
13:15:04.0366 4692  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:15:04.0366 4692  crcdisk - ok
13:15:04.0397 4692  [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:15:04.0397 4692  CryptSvc - ok
13:15:04.0475 4692  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:15:04.0475 4692  DcomLaunch - ok
13:15:04.0506 4692  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:15:04.0506 4692  DfsC - ok
13:15:04.0631 4692  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
13:15:04.0662 4692  DFSR - ok
13:15:04.0725 4692  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:15:04.0725 4692  Dhcp - ok
13:15:04.0756 4692  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
13:15:04.0756 4692  disk - ok
13:15:04.0787 4692  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:15:04.0787 4692  Dnscache - ok
13:15:04.0834 4692  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:15:04.0849 4692  dot3svc - ok
13:15:04.0865 4692  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
13:15:04.0865 4692  DPS - ok
13:15:04.0896 4692  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:15:04.0896 4692  drmkaud - ok
13:15:04.0943 4692  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:15:04.0943 4692  DXGKrnl - ok
13:15:04.0974 4692  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
13:15:04.0974 4692  E1G60 - ok
13:15:04.0990 4692  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
13:15:04.0990 4692  EapHost - ok
13:15:05.0005 4692  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:15:05.0005 4692  Ecache - ok
13:15:05.0068 4692  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:15:05.0068 4692  ehRecvr - ok
13:15:05.0083 4692  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
13:15:05.0083 4692  ehSched - ok
13:15:05.0099 4692  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
13:15:05.0115 4692  ehstart - ok
13:15:05.0130 4692  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:15:05.0130 4692  elxstor - ok
13:15:05.0193 4692  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:15:05.0208 4692  EMDMgmt - ok
13:15:05.0208 4692  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:15:05.0208 4692  ErrDev - ok
13:15:05.0224 4692  esgiguard - ok
13:15:05.0255 4692  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
13:15:05.0255 4692  EventSystem - ok
13:15:05.0317 4692  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:15:05.0317 4692  exfat - ok
13:15:05.0317 4692  ezSharedSvc - ok
13:15:05.0364 4692  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:15:05.0380 4692  fastfat - ok
13:15:05.0395 4692  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:15:05.0395 4692  fdc - ok
13:15:05.0411 4692  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
13:15:05.0411 4692  fdPHost - ok
13:15:05.0427 4692  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
13:15:05.0442 4692  FDResPub - ok
13:15:05.0458 4692  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:15:05.0458 4692  FileInfo - ok
13:15:05.0473 4692  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:15:05.0473 4692  Filetrace - ok
13:15:05.0473 4692  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:15:05.0473 4692  flpydisk - ok
13:15:05.0520 4692  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:15:05.0536 4692  FltMgr - ok
13:15:05.0583 4692  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
13:15:05.0598 4692  FontCache - ok
13:15:05.0661 4692  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:15:05.0661 4692  FontCache3.0.0.0 - ok
13:15:05.0692 4692  [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:15:05.0692 4692  fssfltr - ok
13:15:05.0770 4692  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:15:05.0770 4692  fsssvc - ok
13:15:05.0785 4692  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:15:05.0785 4692  Fs_Rec - ok
13:15:05.0817 4692  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:15:05.0817 4692  gagp30kx - ok
13:15:05.0848 4692  [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
13:15:05.0848 4692  GameConsoleService - ok
13:15:05.0879 4692  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:15:05.0879 4692  GEARAspiWDM - ok
13:15:05.0926 4692  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:15:05.0941 4692  gpsvc - ok
13:15:05.0973 4692  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:15:05.0973 4692  HdAudAddService - ok
13:15:06.0019 4692  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:15:06.0035 4692  HDAudBus - ok
13:15:06.0035 4692  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:15:06.0051 4692  HidBth - ok
13:15:06.0066 4692  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:15:06.0082 4692  HidIr - ok
13:15:06.0113 4692  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
13:15:06.0129 4692  hidserv - ok
13:15:06.0129 4692  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:15:06.0129 4692  HidUsb - ok
13:15:06.0160 4692  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:15:06.0160 4692  hkmsvc - ok
13:15:06.0207 4692  [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:15:06.0207 4692  HP Health Check Service - ok
13:15:06.0207 4692  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:15:06.0222 4692  HpCISSs - ok
13:15:06.0285 4692  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:15:06.0285 4692  HTTP - ok
13:15:06.0316 4692  [ 4B7423FCC37664954460AC3E71752B62 ] hxctlflt        C:\Windows\system32\DRIVERS\hxctlflt.sys
13:15:06.0316 4692  hxctlflt - ok
13:15:06.0331 4692  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:15:06.0347 4692  i2omp - ok
13:15:06.0363 4692  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:15:06.0363 4692  i8042prt - ok
13:15:06.0378 4692  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:15:06.0394 4692  iaStorV - ok
13:15:06.0456 4692  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:15:06.0456 4692  IDriverT - ok
13:15:06.0519 4692  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:15:06.0534 4692  idsvc - ok
13:15:06.0550 4692  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:15:06.0550 4692  iirsp - ok
13:15:06.0597 4692  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
13:15:06.0612 4692  IKEEXT - ok
13:15:06.0675 4692  [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:15:06.0690 4692  IntcAzAudAddService - ok
13:15:06.0721 4692  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
13:15:06.0721 4692  intelide - ok
13:15:06.0737 4692  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:15:06.0737 4692  intelppm - ok
13:15:06.0753 4692  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:15:06.0768 4692  IPBusEnum - ok
13:15:06.0784 4692  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:15:06.0784 4692  IpFilterDriver - ok
13:15:06.0815 4692  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:15:06.0815 4692  iphlpsvc - ok
13:15:06.0815 4692  IpInIp - ok
13:15:06.0846 4692  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:15:06.0846 4692  IPMIDRV - ok
13:15:06.0862 4692  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:15:06.0862 4692  IPNAT - ok
13:15:06.0893 4692  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:15:06.0909 4692  iPod Service - ok
13:15:06.0924 4692  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:15:06.0924 4692  IRENUM - ok
13:15:06.0924 4692  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:15:06.0924 4692  isapnp - ok
13:15:06.0955 4692  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:15:06.0971 4692  iScsiPrt - ok
13:15:06.0987 4692  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:15:06.0987 4692  iteatapi - ok
13:15:07.0002 4692  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:15:07.0002 4692  iteraid - ok
13:15:07.0018 4692  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:15:07.0018 4692  kbdclass - ok
13:15:07.0033 4692  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:15:07.0033 4692  kbdhid - ok
13:15:07.0065 4692  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
13:15:07.0065 4692  KeyIso - ok
13:15:07.0127 4692  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:15:07.0143 4692  KSecDD - ok
13:15:07.0158 4692  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:15:07.0158 4692  ksthunk - ok
13:15:07.0189 4692  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:15:07.0189 4692  KtmRm - ok
13:15:07.0221 4692  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:15:07.0236 4692  LanmanServer - ok
13:15:07.0252 4692  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:15:07.0267 4692  LanmanWorkstation - ok
13:15:07.0283 4692  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:15:07.0283 4692  lltdio - ok
13:15:07.0299 4692  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:15:07.0314 4692  lltdsvc - ok
13:15:07.0330 4692  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:15:07.0330 4692  lmhosts - ok
13:15:07.0377 4692  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:15:07.0377 4692  LSI_FC - ok
13:15:07.0377 4692  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:15:07.0377 4692  LSI_SAS - ok
13:15:07.0392 4692  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:15:07.0392 4692  LSI_SCSI - ok
13:15:07.0408 4692  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:15:07.0408 4692  luafv - ok
13:15:07.0439 4692  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:15:07.0439 4692  Mcx2Svc - ok
13:15:07.0455 4692  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
13:15:07.0455 4692  megasas - ok
13:15:07.0486 4692  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:15:07.0501 4692  MegaSR - ok
13:15:07.0517 4692  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
13:15:07.0517 4692  MMCSS - ok
13:15:07.0533 4692  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
13:15:07.0533 4692  Modem - ok
13:15:07.0548 4692  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:15:07.0548 4692  monitor - ok
13:15:07.0579 4692  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:15:07.0579 4692  mouclass - ok
13:15:07.0595 4692  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:15:07.0595 4692  mouhid - ok
13:15:07.0611 4692  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:15:07.0611 4692  MountMgr - ok
13:15:07.0611 4692  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:15:07.0626 4692  mpio - ok
13:15:07.0642 4692  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:15:07.0642 4692  mpsdrv - ok
13:15:07.0690 4692  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:15:07.0705 4692  MpsSvc - ok
13:15:07.0705 4692  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:15:07.0721 4692  Mraid35x - ok
13:15:07.0736 4692  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:15:07.0736 4692  MRxDAV - ok
13:15:07.0768 4692  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:15:07.0768 4692  mrxsmb - ok
13:15:07.0799 4692  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:15:07.0799 4692  mrxsmb10 - ok
13:15:07.0814 4692  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:15:07.0814 4692  mrxsmb20 - ok
13:15:07.0814 4692  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
13:15:07.0814 4692  msahci - ok
13:15:07.0830 4692  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:15:07.0830 4692  msdsm - ok
13:15:07.0846 4692  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
13:15:07.0846 4692  MSDTC - ok
13:15:07.0877 4692  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:15:07.0877 4692  Msfs - ok
13:15:07.0892 4692  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:15:07.0892 4692  msisadrv - ok
13:15:07.0908 4692  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:15:07.0908 4692  MSiSCSI - ok
13:15:07.0924 4692  msiserver - ok
13:15:07.0924 4692  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:15:07.0939 4692  MSKSSRV - ok
13:15:07.0939 4692  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:15:07.0939 4692  MSPCLOCK - ok
13:15:07.0955 4692  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:15:07.0955 4692  MSPQM - ok
13:15:08.0002 4692  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:15:08.0002 4692  MsRPC - ok
13:15:08.0017 4692  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:15:08.0017 4692  mssmbios - ok
13:15:08.0033 4692  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:15:08.0033 4692  MSTEE - ok
13:15:08.0033 4692  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:15:08.0033 4692  Mup - ok
13:15:08.0095 4692  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
13:15:08.0111 4692  napagent - ok
13:15:08.0158 4692  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:15:08.0158 4692  NativeWifiP - ok
13:15:08.0220 4692  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:15:08.0236 4692  NDIS - ok
13:15:08.0267 4692  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:15:08.0267 4692  NdisTapi - ok
13:15:08.0282 4692  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:15:08.0282 4692  Ndisuio - ok
13:15:08.0329 4692  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:15:08.0345 4692  NdisWan - ok
13:15:08.0345 4692  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:15:08.0360 4692  NDProxy - ok
13:15:08.0360 4692  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:15:08.0376 4692  NetBIOS - ok
13:15:08.0423 4692  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:15:08.0438 4692  netbt - ok
13:15:08.0438 4692  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
13:15:08.0438 4692  Netlogon - ok
13:15:08.0470 4692  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
13:15:08.0485 4692  Netman - ok
13:15:08.0501 4692  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
13:15:08.0516 4692  netprofm - ok
13:15:08.0532 4692  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:15:08.0532 4692  NetTcpPortSharing - ok
13:15:08.0563 4692  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:15:08.0563 4692  nfrd960 - ok
13:15:08.0735 4692  [ 29BC5B7C7C981FB8CD7A781A9E067AF7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
13:15:08.0813 4692  NIHardwareService - ok
13:15:08.0828 4692  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:15:08.0844 4692  NlaSvc - ok
13:15:08.0891 4692  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:15:08.0891 4692  Npfs - ok
13:15:08.0906 4692  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
13:15:08.0906 4692  nsi - ok
13:15:08.0922 4692  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:15:08.0922 4692  nsiproxy - ok
13:15:08.0984 4692  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:15:09.0000 4692  Ntfs - ok
13:15:09.0016 4692  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
13:15:09.0016 4692  Null - ok
13:15:09.0062 4692  [ 13EC5B8A4B82B6DEB739FC577B4217A7 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx64.sys
13:15:09.0078 4692  NVENETFD - ok
13:15:09.0078 4692  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:15:09.0078 4692  nvraid - ok
13:15:09.0125 4692  [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64          C:\Windows\system32\drivers\nvrd64.sys
13:15:09.0125 4692  nvrd64 - ok
13:15:09.0140 4692  [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
13:15:09.0140 4692  nvsmu - ok
13:15:09.0156 4692  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:15:09.0156 4692  nvstor - ok
13:15:09.0187 4692  [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64        C:\Windows\system32\drivers\nvstor64.sys
13:15:09.0187 4692  nvstor64 - ok
13:15:09.0218 4692  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:15:09.0218 4692  nv_agp - ok
13:15:09.0218 4692  NwlnkFlt - ok
13:15:09.0234 4692  NwlnkFwd - ok
13:15:09.0281 4692  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:15:09.0281 4692  odserv - ok
13:15:09.0312 4692  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:15:09.0312 4692  ohci1394 - ok
13:15:09.0343 4692  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:15:09.0343 4692  ose - ok
13:15:09.0390 4692  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:15:09.0406 4692  p2pimsvc - ok
13:15:09.0421 4692  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
13:15:09.0437 4692  p2psvc - ok
13:15:09.0437 4692  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
13:15:09.0437 4692  Parport - ok
13:15:09.0468 4692  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:15:09.0468 4692  partmgr - ok
13:15:09.0484 4692  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:15:09.0484 4692  PcaSvc - ok
13:15:09.0499 4692  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
13:15:09.0515 4692  pci - ok
13:15:09.0515 4692  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:15:09.0515 4692  pciide - ok
13:15:09.0530 4692  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:15:09.0546 4692  pcmcia - ok
13:15:09.0562 4692  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:15:09.0577 4692  PEAUTH - ok
13:15:09.0640 4692  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:15:09.0640 4692  PerfHost - ok
13:15:09.0671 4692  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
13:15:09.0702 4692  pla - ok
13:15:09.0749 4692  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:15:09.0749 4692  PlugPlay - ok
13:15:09.0764 4692  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:15:09.0780 4692  PNRPAutoReg - ok
13:15:09.0796 4692  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:15:09.0796 4692  PNRPsvc - ok
13:15:09.0858 4692  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:15:09.0858 4692  PolicyAgent - ok
13:15:09.0905 4692  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:15:09.0905 4692  PptpMiniport - ok
13:15:09.0920 4692  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:15:09.0920 4692  Processor - ok
13:15:09.0967 4692  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:15:09.0967 4692  ProfSvc - ok
13:15:09.0983 4692  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:15:09.0983 4692  ProtectedStorage - ok
13:15:10.0014 4692  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
13:15:10.0014 4692  Ps2 - ok
13:15:10.0061 4692  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:15:10.0061 4692  PSched - ok
13:15:10.0108 4692  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:15:10.0139 4692  ql2300 - ok
13:15:10.0170 4692  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:15:10.0170 4692  ql40xx - ok
13:15:10.0201 4692  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
13:15:10.0201 4692  QWAVE - ok
13:15:10.0217 4692  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:15:10.0217 4692  QWAVEdrv - ok
13:15:10.0232 4692  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:15:10.0232 4692  RasAcd - ok
13:15:10.0248 4692  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
13:15:10.0248 4692  RasAuto - ok
13:15:10.0310 4692  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:15:10.0310 4692  Rasl2tp - ok
13:15:10.0326 4692  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
13:15:10.0342 4692  RasMan - ok
13:15:10.0388 4692  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:15:10.0388 4692  RasPppoe - ok
13:15:10.0420 4692  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:15:10.0420 4692  RasSstp - ok
13:15:10.0451 4692  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:15:10.0466 4692  rdbss - ok
13:15:10.0498 4692  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:15:10.0498 4692  RDPCDD - ok
13:15:10.0513 4692  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:15:10.0529 4692  rdpdr - ok
13:15:10.0529 4692  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:15:10.0529 4692  RDPENCDD - ok
13:15:10.0560 4692  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:15:10.0560 4692  RDPWD - ok
13:15:10.0576 4692  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:15:10.0591 4692  RemoteAccess - ok
13:15:10.0607 4692  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:15:10.0607 4692  RemoteRegistry - ok
13:15:10.0607 4692  RimUsb - ok
13:15:10.0638 4692  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:15:10.0638 4692  RimVSerPort - ok
13:15:10.0654 4692  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
13:15:10.0654 4692  ROOTMODEM - ok
13:15:10.0685 4692  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
13:15:10.0685 4692  RpcLocator - ok
13:15:10.0716 4692  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
13:15:10.0716 4692  RpcSs - ok
13:15:10.0732 4692  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:15:10.0747 4692  rspndr - ok
13:15:10.0747 4692  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
13:15:10.0747 4692  SamSs - ok
13:15:10.0763 4692  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:15:10.0763 4692  sbp2port - ok
13:15:10.0810 4692  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:15:10.0825 4692  SCardSvr - ok
13:15:10.0888 4692  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
13:15:10.0903 4692  Schedule - ok
13:15:10.0950 4692  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:15:10.0950 4692  SCPolicySvc - ok
13:15:10.0981 4692  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:15:10.0981 4692  ScreamBAudioSvc - ok
13:15:11.0012 4692  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:15:11.0028 4692  SDRSVC - ok
13:15:11.0044 4692  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:15:11.0044 4692  secdrv - ok
13:15:11.0059 4692  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
13:15:11.0059 4692  seclogon - ok
13:15:11.0075 4692  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
13:15:11.0090 4692  SENS - ok
13:15:11.0090 4692  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:15:11.0090 4692  Serenum - ok
13:15:11.0122 4692  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
13:15:11.0122 4692  Serial - ok
13:15:11.0122 4692  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:15:11.0122 4692  sermouse - ok
13:15:11.0168 4692  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:15:11.0168 4692  SessionEnv - ok
13:15:11.0184 4692  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:15:11.0184 4692  sffdisk - ok
13:15:11.0184 4692  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:15:11.0184 4692  sffp_mmc - ok
13:15:11.0184 4692  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:15:11.0184 4692  sffp_sd - ok
13:15:11.0215 4692  [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:15:11.0215 4692  sfloppy - ok
13:15:11.0246 4692  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:15:11.0246 4692  SharedAccess - ok
13:15:11.0278 4692  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:15:11.0293 4692  ShellHWDetection - ok
13:15:11.0309 4692  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:15:11.0309 4692  SiSRaid2 - ok
13:15:11.0324 4692  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:15:11.0324 4692  SiSRaid4 - ok
13:15:11.0371 4692  [ E0211E7E0D9CF5672174014BC6524E79 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:15:11.0371 4692  SkypeUpdate - ok
13:15:11.0465 4692  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
13:15:11.0512 4692  slsvc - ok
13:15:11.0558 4692  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:15:11.0558 4692  SLUINotify - ok
13:15:11.0605 4692  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:15:11.0605 4692  Smb - ok
13:15:11.0636 4692  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:15:11.0652 4692  SNMPTRAP - ok
13:15:11.0886 4692  [ 56B69DE178E12F4C2A25AC18E1D0BFB0 ] SNPSTD3         C:\Windows\system32\DRIVERS\snpstd3.sys
13:15:12.0042 4692  SNPSTD3 - ok
13:15:12.0089 4692  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
13:15:12.0089 4692  spldr - ok
13:15:12.0136 4692  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
13:15:12.0136 4692  Spooler - ok
13:15:12.0167 4692  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:15:12.0182 4692  srv - ok
13:15:12.0198 4692  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:15:12.0198 4692  srv2 - ok
13:15:12.0214 4692  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:15:12.0214 4692  srvnet - ok
13:15:12.0245 4692  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:15:12.0245 4692  SSDPSRV - ok
13:15:12.0260 4692  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:15:12.0260 4692  SstpSvc - ok
13:15:12.0323 4692  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
13:15:12.0323 4692  stisvc - ok
13:15:12.0354 4692  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:15:12.0354 4692  swenum - ok
13:15:12.0416 4692  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
13:15:12.0416 4692  swprv - ok
13:15:12.0432 4692  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:15:12.0432 4692  Symc8xx - ok
13:15:12.0448 4692  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:15:12.0448 4692  Sym_hi - ok
13:15:12.0448 4692  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:15:12.0448 4692  Sym_u3 - ok
13:15:12.0510 4692  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
13:15:12.0526 4692  SysMain - ok
13:15:12.0557 4692  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:15:12.0557 4692  TabletInputService - ok
13:15:12.0619 4692  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:15:12.0619 4692  TapiSrv - ok
13:15:12.0635 4692  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
13:15:12.0650 4692  TBS - ok
13:15:12.0697 4692  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:15:12.0713 4692  Tcpip - ok
13:15:12.0745 4692  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:15:12.0761 4692  Tcpip6 - ok
13:15:12.0776 4692  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:15:12.0776 4692  tcpipreg - ok
13:15:12.0807 4692  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:15:12.0807 4692  TDPIPE - ok
13:15:12.0807 4692  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:15:12.0807 4692  TDTCP - ok
13:15:12.0823 4692  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:15:12.0823 4692  tdx - ok
13:15:12.0854 4692  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:15:12.0854 4692  TermDD - ok
13:15:12.0901 4692  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
13:15:12.0917 4692  TermService - ok
13:15:12.0932 4692  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
13:15:12.0932 4692  Themes - ok
13:15:12.0948 4692  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:15:12.0948 4692  THREADORDER - ok
13:15:12.0963 4692  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
13:15:12.0979 4692  TrkWks - ok
13:15:13.0010 4692  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:15:13.0010 4692  TrustedInstaller - ok
13:15:13.0026 4692  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:15:13.0026 4692  tssecsrv - ok
13:15:13.0057 4692  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:15:13.0057 4692  tunmp - ok
13:15:13.0073 4692  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:15:13.0088 4692  tunnel - ok
13:15:13.0104 4692  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:15:13.0104 4692  uagp35 - ok
13:15:13.0119 4692  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:15:13.0135 4692  udfs - ok
13:15:13.0151 4692  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:15:13.0151 4692  UI0Detect - ok
13:15:13.0166 4692  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:15:13.0166 4692  uliagpkx - ok
13:15:13.0197 4692  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:15:13.0197 4692  uliahci - ok
13:15:13.0213 4692  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:15:13.0213 4692  UlSata - ok
13:15:13.0229 4692  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:15:13.0229 4692  ulsata2 - ok
13:15:13.0244 4692  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:15:13.0244 4692  umbus - ok
13:15:13.0275 4692  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
13:15:13.0275 4692  upnphost - ok
13:15:13.0322 4692  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:15:13.0322 4692  USBAAPL64 - ok
13:15:13.0338 4692  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:15:13.0338 4692  usbaudio - ok
13:15:13.0369 4692  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:15:13.0369 4692  usbccgp - ok
13:15:13.0385 4692  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:15:13.0400 4692  usbcir - ok
13:15:13.0416 4692  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:15:13.0416 4692  usbehci - ok
13:15:13.0447 4692  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:15:13.0447 4692  usbhub - ok
13:15:13.0463 4692  [ E406B003A354776D317762694956B0FC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:15:13.0463 4692  usbohci - ok
13:15:13.0494 4692  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:15:13.0494 4692  usbprint - ok
13:15:13.0509 4692  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:15:13.0509 4692  usbscan - ok
13:15:13.0525 4692  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:15:13.0525 4692  USBSTOR - ok
13:15:13.0541 4692  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:15:13.0541 4692  usbuhci - ok
13:15:13.0603 4692  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
13:15:13.0603 4692  UxSms - ok
13:15:13.0650 4692  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
13:15:13.0665 4692  vds - ok
13:15:13.0697 4692  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:15:13.0697 4692  vga - ok
13:15:13.0697 4692  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:15:13.0697 4692  VgaSave - ok
13:15:13.0712 4692  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
13:15:13.0712 4692  viaide - ok
13:15:13.0712 4692  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:15:13.0728 4692  volmgr - ok
13:15:13.0775 4692  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:15:13.0790 4692  volmgrx - ok
13:15:13.0806 4692  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:15:13.0821 4692  volsnap - ok
13:15:13.0837 4692  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:15:13.0837 4692  vsmraid - ok
13:15:13.0899 4692  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
13:15:13.0931 4692  VSS - ok
13:15:13.0977 4692  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
13:15:13.0993 4692  W32Time - ok
13:15:14.0024 4692  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:15:14.0024 4692  WacomPen - ok
13:15:14.0055 4692  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:15:14.0055 4692  Wanarp - ok
13:15:14.0055 4692  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:15:14.0071 4692  Wanarpv6 - ok
13:15:14.0102 4692  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:15:14.0118 4692  wcncsvc - ok
13:15:14.0133 4692  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:15:14.0149 4692  WcsPlugInService - ok
13:15:14.0165 4692  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
13:15:14.0165 4692  Wd - ok
13:15:14.0211 4692  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:15:14.0227 4692  Wdf01000 - ok
13:15:14.0243 4692  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:15:14.0243 4692  WdiServiceHost - ok
13:15:14.0243 4692  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:15:14.0258 4692  WdiSystemHost - ok
13:15:14.0274 4692  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
13:15:14.0289 4692  WebClient - ok
13:15:14.0321 4692  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:15:14.0321 4692  Wecsvc - ok
13:15:14.0336 4692  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:15:14.0352 4692  wercplsupport - ok
13:15:14.0352 4692  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
13:15:14.0367 4692  WerSvc - ok
13:15:14.0383 4692  WinDefend - ok
13:15:14.0399 4692  WinHttpAutoProxySvc - ok
13:15:14.0477 4692  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:15:14.0477 4692  Winmgmt - ok
13:15:14.0539 4692  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:15:14.0586 4692  WinRM - ok
13:15:14.0617 4692  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
13:15:14.0617 4692  WinUSB - ok
13:15:14.0648 4692  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:15:14.0664 4692  Wlansvc - ok
13:15:14.0679 4692  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:15:14.0679 4692  WmiAcpi - ok
13:15:14.0711 4692  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:15:14.0711 4692  wmiApSrv - ok
13:15:14.0726 4692  WMPNetworkSvc - ok
13:15:14.0757 4692  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:15:14.0757 4692  WPCSvc - ok
13:15:14.0789 4692  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:15:14.0804 4692  WPDBusEnum - ok
13:15:14.0835 4692  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:15:14.0835 4692  WpdUsb - ok
13:15:14.0913 4692  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:15:14.0929 4692  WPFFontCache_v0400 - ok
13:15:14.0945 4692  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:15:14.0945 4692  ws2ifsl - ok
13:15:14.0991 4692  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
13:15:14.0991 4692  wscsvc - ok
13:15:15.0007 4692  WSearch - ok
13:15:15.0085 4692  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:15:15.0132 4692  wuauserv - ok
13:15:15.0147 4692  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:15:15.0147 4692  WudfPf - ok
13:15:15.0163 4692  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:15:15.0163 4692  WUDFRd - ok
13:15:15.0179 4692  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:15:15.0179 4692  wudfsvc - ok
13:15:15.0194 4692  ================ Scan global ===============================
13:15:15.0225 4692  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:15:15.0257 4692  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:15:15.0272 4692  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:15:15.0335 4692  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
13:15:15.0350 4692  [Global] - ok
13:15:15.0350 4692  ================ Scan MBR ==================================
13:15:15.0366 4692  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
13:15:15.0834 4692  \Device\Harddisk0\DR0 - ok
13:15:15.0849 4692  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:15:15.0849 4692  \Device\Harddisk1\DR1 - ok
13:15:15.0865 4692  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
13:15:15.0896 4692  \Device\Harddisk4\DR4 - ok
13:15:15.0896 4692  ================ Scan VBR ==================================
13:15:15.0896 4692  [ B7F665ADAB27EA8A68B47C61FF02D011 ] \Device\Harddisk0\DR0\Partition1
13:15:15.0912 4692  \Device\Harddisk0\DR0\Partition1 - ok
13:15:15.0912 4692  [ 4B79F7981523E0B791605B829695078F ] \Device\Harddisk0\DR0\Partition2
13:15:15.0912 4692  \Device\Harddisk0\DR0\Partition2 - ok
13:15:15.0927 4692  [ 0D38F8AF2BCDCDB9D7E39FE65F4F46A8 ] \Device\Harddisk1\DR1\Partition1
13:15:15.0927 4692  \Device\Harddisk1\DR1\Partition1 - ok
13:15:15.0927 4692  [ 486D6BD2369767511B3A906A244D8E84 ] \Device\Harddisk4\DR4\Partition1
13:15:15.0927 4692  \Device\Harddisk4\DR4\Partition1 - ok
13:15:15.0943 4692  ============================================================
13:15:15.0943 4692  Scan finished
13:15:15.0943 4692  ============================================================
13:15:15.0943 5484  Detected object count: 0
13:15:15.0943 5484  Actual detected object count: 0
         

Alt 04.07.2013, 13:20   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Zitat:
13:13:07.0403 4820 Scan started
13:13:07.0403 4820 Mode: Manual;
Bitte die Anleitungen sorgfältiger lesen, du hast den tdsskiller falsch eingestellt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.07.2013, 14:30   #29
misshell
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



sorry ..jetzt noch mal :

Code:
ATTFilter
15:26:16.0342 4036  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:26:16.0636 4036  ============================================================
15:26:16.0636 4036  Current date / time: 2013/07/06 15:26:16.0636
15:26:16.0636 4036  SystemInfo:
15:26:16.0636 4036  
15:26:16.0636 4036  OS Version: 6.0.6002 ServicePack: 2.0
15:26:16.0636 4036  Product type: Workstation
15:26:16.0636 4036  ComputerName: HP-PC
15:26:16.0637 4036  UserName: HP
15:26:16.0637 4036  Windows directory: C:\Windows
15:26:16.0637 4036  System windows directory: C:\Windows
15:26:16.0637 4036  Running under WOW64
15:26:16.0637 4036  Processor architecture: Intel x64
15:26:16.0637 4036  Number of processors: 4
15:26:16.0637 4036  Page size: 0x1000
15:26:16.0637 4036  Boot type: Normal boot
15:26:16.0637 4036  ============================================================
15:26:17.0441 4036  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:26:17.0474 4036  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:26:17.0486 4036  Drive \Device\Harddisk4\DR4 - Size: 0x78200000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:26:17.0493 4036  ============================================================
15:26:17.0493 4036  \Device\Harddisk0\DR0:
15:26:17.0493 4036  MBR partitions:
15:26:17.0493 4036  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48D58220
15:26:17.0493 4036  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48D5825F, BlocksNum 0x1AFEC62
15:26:17.0493 4036  \Device\Harddisk1\DR1:
15:26:17.0494 4036  MBR partitions:
15:26:17.0494 4036  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:26:17.0494 4036  \Device\Harddisk4\DR4:
15:26:17.0496 4036  MBR partitions:
15:26:17.0496 4036  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0xFD, BlocksNum 0x3C0B03
15:26:17.0496 4036  ============================================================
15:26:17.0591 4036  C: <-> \Device\Harddisk0\DR0\Partition1
15:26:17.0793 4036  D: <-> \Device\Harddisk0\DR0\Partition2
15:26:17.0829 4036  K: <-> \Device\Harddisk1\DR1\Partition1
15:26:17.0829 4036  ============================================================
15:26:17.0829 4036  Initialize success
15:26:17.0829 4036  ============================================================
15:27:30.0577 1784  ============================================================
15:27:30.0577 1784  Scan started
15:27:30.0577 1784  Mode: Manual; SigCheck; TDLFS; 
15:27:30.0577 1784  ============================================================
15:27:31.0206 1784  ================ Scan system memory ========================
15:27:31.0206 1784  System memory - ok
15:27:31.0207 1784  ================ Scan services =============================
15:27:31.0393 1784  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:27:31.0594 1784  ACPI - ok
15:27:31.0887 1784  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:27:31.0917 1784  AdobeARMservice - ok
15:27:32.0092 1784  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:27:32.0157 1784  AdobeFlashPlayerUpdateSvc - ok
15:27:32.0216 1784  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:27:32.0281 1784  adp94xx - ok
15:27:32.0318 1784  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:27:32.0432 1784  adpahci - ok
15:27:32.0457 1784  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:27:32.0485 1784  adpu160m - ok
15:27:32.0546 1784  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:27:32.0608 1784  adpu320 - ok
15:27:32.0689 1784  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:27:32.0974 1784  AeLookupSvc - ok
15:27:33.0055 1784  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
15:27:33.0142 1784  AFD - ok
15:27:33.0215 1784  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:27:33.0252 1784  agp440 - ok
15:27:33.0290 1784  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:27:33.0324 1784  aic78xx - ok
15:27:33.0350 1784  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
15:27:33.0440 1784  ALG - ok
15:27:33.0486 1784  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:27:33.0509 1784  aliide - ok
15:27:33.0516 1784  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
15:27:33.0539 1784  amdide - ok
15:27:33.0623 1784  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:27:33.0757 1784  AmdK8 - ok
15:27:33.0883 1784  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
15:27:33.0973 1784  Appinfo - ok
15:27:34.0055 1784  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:34.0081 1784  Apple Mobile Device - ok
15:27:34.0157 1784  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
15:27:34.0186 1784  arc - ok
15:27:34.0237 1784  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:27:34.0265 1784  arcsas - ok
15:27:34.0331 1784  [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:27:34.0364 1784  aswFsBlk - ok
15:27:34.0588 1784  [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:27:34.0619 1784  aswMonFlt - ok
15:27:34.0697 1784  [ 2CF56F9848BF7841FF420E9DD95029EE ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
15:27:34.0729 1784  aswRdr - ok
15:27:34.0885 1784  [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:27:34.0967 1784  aswSnx - ok
15:27:35.0059 1784  [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:27:35.0080 1784  aswSP - ok
15:27:35.0128 1784  [ C3EC420451AC5300A22190AE38418FBA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:27:35.0142 1784  aswTdi - ok
15:27:35.0181 1784  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:35.0254 1784  AsyncMac - ok
15:27:35.0289 1784  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:27:35.0330 1784  atapi - ok
15:27:35.0389 1784  [ 0EB0A49C55D0C9102499353B80BDB021 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:27:35.0512 1784  Ati External Event Utility - ok
15:27:35.0676 1784  [ 6F677A4B26E88AC10F72F1614FDA470A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:27:35.0907 1784  atikmdag - ok
15:27:35.0978 1784  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:27:36.0103 1784  AudioEndpointBuilder - ok
15:27:36.0147 1784  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:27:36.0237 1784  AudioSrv - ok
15:27:36.0517 1784  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:27:36.0541 1784  avast! Antivirus - ok
15:27:36.0673 1784  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
15:27:36.0780 1784  BFE - ok
15:27:36.0950 1784  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
15:27:37.0098 1784  BITS - ok
15:27:37.0145 1784  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:27:37.0238 1784  blbdrive - ok
15:27:37.0314 1784  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:27:37.0352 1784  Bonjour Service - ok
15:27:37.0400 1784  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:27:37.0503 1784  bowser - ok
15:27:37.0538 1784  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:27:37.0609 1784  BrFiltLo - ok
15:27:37.0688 1784  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:27:37.0755 1784  BrFiltUp - ok
15:27:37.0809 1784  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
15:27:37.0909 1784  Browser - ok
15:27:37.0924 1784  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:27:38.0042 1784  Brserid - ok
15:27:38.0097 1784  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:27:38.0240 1784  BrSerWdm - ok
15:27:38.0312 1784  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:27:38.0410 1784  BrUsbMdm - ok
15:27:38.0416 1784  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:27:38.0473 1784  BrUsbSer - ok
15:27:38.0512 1784  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:27:38.0628 1784  BTHMODEM - ok
15:27:38.0705 1784  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:27:38.0834 1784  cdfs - ok
15:27:38.0858 1784  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:27:38.0905 1784  cdrom - ok
15:27:38.0952 1784  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:27:38.0980 1784  CertPropSvc - ok
15:27:39.0010 1784  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:27:39.0113 1784  circlass - ok
15:27:39.0244 1784  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
15:27:39.0376 1784  CLFS - ok
15:27:39.0472 1784  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:39.0506 1784  clr_optimization_v2.0.50727_32 - ok
15:27:39.0570 1784  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:39.0582 1784  clr_optimization_v2.0.50727_64 - ok
15:27:39.0806 1784  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:27:39.0833 1784  clr_optimization_v4.0.30319_32 - ok
15:27:39.0961 1784  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:27:39.0987 1784  clr_optimization_v4.0.30319_64 - ok
15:27:40.0075 1784  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:27:40.0120 1784  cmdide - ok
15:27:40.0148 1784  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:27:40.0181 1784  Compbatt - ok
15:27:40.0188 1784  COMSysApp - ok
15:27:40.0237 1784  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:27:40.0268 1784  crcdisk - ok
15:27:40.0323 1784  [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:27:40.0420 1784  CryptSvc - ok
15:27:40.0588 1784  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:27:40.0683 1784  DcomLaunch - ok
15:27:40.0756 1784  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:27:40.0823 1784  DfsC - ok
15:27:40.0950 1784  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
15:27:41.0132 1784  DFSR - ok
15:27:41.0260 1784  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:27:41.0377 1784  Dhcp - ok
15:27:41.0420 1784  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
15:27:41.0448 1784  disk - ok
15:27:41.0546 1784  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:27:41.0657 1784  Dnscache - ok
15:27:41.0708 1784  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:27:41.0804 1784  dot3svc - ok
15:27:41.0912 1784  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
15:27:42.0027 1784  DPS - ok
15:27:42.0073 1784  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:27:42.0122 1784  drmkaud - ok
15:27:42.0242 1784  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:27:42.0323 1784  DXGKrnl - ok
15:27:42.0389 1784  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:27:42.0492 1784  E1G60 - ok
15:27:42.0637 1784  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
15:27:42.0742 1784  EapHost - ok
15:27:42.0858 1784  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:27:42.0887 1784  Ecache - ok
15:27:42.0986 1784  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:27:43.0071 1784  ehRecvr - ok
15:27:43.0127 1784  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
15:27:43.0225 1784  ehSched - ok
15:27:43.0269 1784  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
15:27:43.0379 1784  ehstart - ok
15:27:43.0518 1784  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:27:43.0594 1784  elxstor - ok
15:27:43.0758 1784  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:27:43.0909 1784  EMDMgmt - ok
15:27:43.0946 1784  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:27:44.0054 1784  ErrDev - ok
15:27:44.0135 1784  esgiguard - ok
15:27:44.0228 1784  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
15:27:44.0355 1784  EventSystem - ok
15:27:44.0419 1784  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:27:44.0522 1784  exfat - ok
15:27:44.0543 1784  ezSharedSvc - ok
15:27:44.0597 1784  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:27:44.0669 1784  fastfat - ok
15:27:44.0725 1784  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:27:44.0819 1784  fdc - ok
15:27:44.0869 1784  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
15:27:44.0978 1784  fdPHost - ok
15:27:45.0004 1784  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
15:27:45.0091 1784  FDResPub - ok
15:27:45.0131 1784  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:27:45.0190 1784  FileInfo - ok
15:27:45.0219 1784  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:27:45.0281 1784  Filetrace - ok
15:27:45.0309 1784  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:45.0351 1784  flpydisk - ok
15:27:45.0456 1784  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:27:45.0473 1784  FltMgr - ok
15:27:45.0681 1784  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
15:27:45.0828 1784  FontCache - ok
15:27:45.0977 1784  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:45.0999 1784  FontCache3.0.0.0 - ok
15:27:46.0130 1784  [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:27:46.0151 1784  fssfltr - ok
15:27:46.0355 1784  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:27:46.0422 1784  fsssvc - ok
15:27:46.0470 1784  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:27:46.0551 1784  Fs_Rec - ok
15:27:46.0627 1784  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:27:46.0702 1784  gagp30kx - ok
15:27:46.0810 1784  [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
15:27:46.0860 1784  GameConsoleService - ok
15:27:46.0913 1784  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:27:46.0933 1784  GEARAspiWDM - ok
15:27:47.0085 1784  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:27:47.0156 1784  gpsvc - ok
15:27:47.0210 1784  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:27:47.0260 1784  HdAudAddService - ok
15:27:47.0342 1784  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:27:47.0534 1784  HDAudBus - ok
15:27:47.0579 1784  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:27:47.0702 1784  HidBth - ok
15:27:47.0730 1784  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:27:47.0853 1784  HidIr - ok
15:27:47.0931 1784  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
15:27:48.0011 1784  hidserv - ok
15:27:48.0051 1784  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:27:48.0107 1784  HidUsb - ok
15:27:48.0165 1784  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:27:48.0266 1784  hkmsvc - ok
15:27:48.0330 1784  [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:27:48.0363 1784  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
15:27:48.0363 1784  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
15:27:48.0425 1784  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:27:48.0472 1784  HpCISSs - ok
15:27:48.0598 1784  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:27:48.0666 1784  HTTP - ok
15:27:48.0718 1784  [ 4B7423FCC37664954460AC3E71752B62 ] hxctlflt        C:\Windows\system32\DRIVERS\hxctlflt.sys
15:27:48.0747 1784  hxctlflt ( UnsignedFile.Multi.Generic ) - warning
15:27:48.0747 1784  hxctlflt - detected UnsignedFile.Multi.Generic (1)
15:27:48.0776 1784  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:27:48.0802 1784  i2omp - ok
15:27:48.0820 1784  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:27:48.0870 1784  i8042prt - ok
15:27:48.0919 1784  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:27:48.0944 1784  iaStorV - ok
15:27:49.0077 1784  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:27:49.0138 1784  IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:27:49.0138 1784  IDriverT - detected UnsignedFile.Multi.Generic (1)
15:27:49.0330 1784  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:27:49.0406 1784  idsvc - ok
15:27:49.0497 1784  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:27:49.0524 1784  iirsp - ok
15:27:49.0653 1784  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
15:27:49.0774 1784  IKEEXT - ok
15:27:49.0914 1784  [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:27:50.0050 1784  IntcAzAudAddService - ok
15:27:50.0137 1784  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
15:27:50.0184 1784  intelide - ok
15:27:50.0229 1784  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:27:50.0328 1784  intelppm - ok
15:27:50.0462 1784  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:27:50.0565 1784  IPBusEnum - ok
15:27:50.0678 1784  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:27:50.0752 1784  IpFilterDriver - ok
15:27:50.0853 1784  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:27:50.0937 1784  iphlpsvc - ok
15:27:50.0944 1784  IpInIp - ok
15:27:51.0004 1784  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:27:51.0138 1784  IPMIDRV - ok
15:27:51.0165 1784  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:27:51.0317 1784  IPNAT - ok
15:27:51.0473 1784  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:27:51.0542 1784  iPod Service - ok
15:27:51.0581 1784  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:27:51.0683 1784  IRENUM - ok
15:27:51.0760 1784  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:27:51.0793 1784  isapnp - ok
15:27:51.0846 1784  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:27:51.0880 1784  iScsiPrt - ok
15:27:51.0898 1784  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:27:51.0935 1784  iteatapi - ok
15:27:51.0952 1784  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:27:51.0977 1784  iteraid - ok
15:27:51.0990 1784  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:27:52.0016 1784  kbdclass - ok
15:27:52.0065 1784  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:27:52.0169 1784  kbdhid - ok
15:27:52.0254 1784  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
15:27:52.0370 1784  KeyIso - ok
15:27:52.0462 1784  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:27:52.0558 1784  KSecDD - ok
15:27:52.0639 1784  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:27:52.0744 1784  ksthunk - ok
15:27:52.0918 1784  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:27:53.0104 1784  KtmRm - ok
15:27:53.0161 1784  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:27:53.0257 1784  LanmanServer - ok
15:27:53.0367 1784  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:27:53.0467 1784  LanmanWorkstation - ok
15:27:53.0502 1784  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:27:53.0575 1784  lltdio - ok
15:27:53.0607 1784  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:27:53.0678 1784  lltdsvc - ok
15:27:53.0710 1784  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:27:53.0793 1784  lmhosts - ok
15:27:53.0839 1784  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:27:53.0861 1784  LSI_FC - ok
15:27:53.0925 1784  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:27:53.0941 1784  LSI_SAS - ok
15:27:53.0971 1784  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:27:54.0017 1784  LSI_SCSI - ok
15:27:54.0040 1784  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:27:54.0135 1784  luafv - ok
15:27:54.0182 1784  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:27:54.0232 1784  Mcx2Svc - ok
15:27:54.0304 1784  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
15:27:54.0337 1784  megasas - ok
15:27:54.0440 1784  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:27:54.0485 1784  MegaSR - ok
15:27:54.0532 1784  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
15:27:54.0641 1784  MMCSS - ok
15:27:54.0662 1784  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
15:27:54.0735 1784  Modem - ok
15:27:54.0794 1784  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:27:54.0884 1784  monitor - ok
15:27:54.0939 1784  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:27:54.0968 1784  mouclass - ok
15:27:55.0006 1784  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:27:55.0088 1784  mouhid - ok
15:27:55.0124 1784  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:27:55.0159 1784  MountMgr - ok
15:27:55.0178 1784  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:27:55.0209 1784  mpio - ok
15:27:55.0221 1784  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:27:55.0307 1784  mpsdrv - ok
15:27:55.0419 1784  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:27:55.0554 1784  MpsSvc - ok
15:27:55.0624 1784  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:27:55.0658 1784  Mraid35x - ok
15:27:55.0694 1784  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:27:55.0785 1784  MRxDAV - ok
15:27:55.0841 1784  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:55.0930 1784  mrxsmb - ok
15:27:55.0991 1784  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:56.0041 1784  mrxsmb10 - ok
15:27:56.0069 1784  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:56.0102 1784  mrxsmb20 - ok
15:27:56.0137 1784  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
15:27:56.0197 1784  msahci - ok
15:27:56.0229 1784  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:27:56.0264 1784  msdsm - ok
15:27:56.0303 1784  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
15:27:56.0406 1784  MSDTC - ok
15:27:56.0471 1784  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:27:56.0555 1784  Msfs - ok
15:27:56.0614 1784  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:27:56.0640 1784  msisadrv - ok
15:27:56.0671 1784  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:27:56.0792 1784  MSiSCSI - ok
15:27:56.0798 1784  msiserver - ok
15:27:56.0883 1784  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:27:56.0986 1784  MSKSSRV - ok
15:27:57.0025 1784  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:57.0130 1784  MSPCLOCK - ok
15:27:57.0166 1784  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:27:57.0244 1784  MSPQM - ok
15:27:57.0326 1784  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:27:57.0364 1784  MsRPC - ok
15:27:57.0395 1784  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:27:57.0415 1784  mssmbios - ok
15:27:57.0422 1784  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:27:57.0480 1784  MSTEE - ok
15:27:57.0524 1784  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:27:57.0563 1784  Mup - ok
15:27:57.0649 1784  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
15:27:57.0743 1784  napagent - ok
15:27:57.0812 1784  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:27:57.0867 1784  NativeWifiP - ok
15:27:58.0000 1784  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:27:58.0072 1784  NDIS - ok
15:27:58.0113 1784  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:58.0182 1784  NdisTapi - ok
15:27:58.0222 1784  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:58.0331 1784  Ndisuio - ok
15:27:58.0407 1784  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:58.0509 1784  NdisWan - ok
15:27:58.0546 1784  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:27:58.0638 1784  NDProxy - ok
15:27:58.0663 1784  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:27:58.0765 1784  NetBIOS - ok
15:27:58.0848 1784  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:27:58.0902 1784  netbt - ok
15:27:58.0971 1784  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
15:27:58.0998 1784  Netlogon - ok
15:27:59.0086 1784  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
15:27:59.0239 1784  Netman - ok
15:27:59.0306 1784  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
15:27:59.0383 1784  netprofm - ok
15:27:59.0415 1784  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:59.0434 1784  NetTcpPortSharing - ok
15:27:59.0540 1784  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:27:59.0559 1784  nfrd960 - ok
15:27:59.0918 1784  [ 29BC5B7C7C981FB8CD7A781A9E067AF7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
15:28:00.0177 1784  NIHardwareService - ok
15:28:00.0270 1784  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:28:00.0429 1784  NlaSvc - ok
15:28:00.0507 1784  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:28:00.0615 1784  Npfs - ok
15:28:00.0644 1784  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
15:28:00.0689 1784  nsi - ok
15:28:00.0702 1784  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:28:00.0782 1784  nsiproxy - ok
15:28:00.0891 1784  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:28:00.0999 1784  Ntfs - ok
15:28:01.0036 1784  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
15:28:01.0137 1784  Null - ok
15:28:01.0300 1784  [ 13EC5B8A4B82B6DEB739FC577B4217A7 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:28:01.0399 1784  NVENETFD - ok
15:28:01.0524 1784  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:28:01.0553 1784  nvraid - ok
15:28:01.0608 1784  [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64          C:\Windows\system32\drivers\nvrd64.sys
15:28:01.0650 1784  nvrd64 - ok
15:28:01.0673 1784  [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
15:28:01.0710 1784  nvsmu - ok
15:28:01.0736 1784  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:28:01.0768 1784  nvstor - ok
15:28:01.0836 1784  [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64        C:\Windows\system32\drivers\nvstor64.sys
15:28:01.0860 1784  nvstor64 - ok
15:28:01.0957 1784  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:28:02.0008 1784  nv_agp - ok
15:28:02.0014 1784  NwlnkFlt - ok
15:28:02.0024 1784  NwlnkFwd - ok
15:28:02.0202 1784  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:28:02.0240 1784  odserv - ok
15:28:02.0296 1784  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:28:02.0367 1784  ohci1394 - ok
15:28:02.0419 1784  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:28:02.0451 1784  ose - ok
15:28:02.0605 1784  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:28:02.0761 1784  p2pimsvc - ok
15:28:02.0780 1784  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
15:28:02.0831 1784  p2psvc - ok
15:28:02.0857 1784  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
15:28:02.0992 1784  Parport - ok
15:28:03.0031 1784  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:28:03.0059 1784  partmgr - ok
15:28:03.0141 1784  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:28:03.0198 1784  PcaSvc - ok
15:28:03.0219 1784  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
15:28:03.0250 1784  pci - ok
15:28:03.0311 1784  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:28:03.0328 1784  pciide - ok
15:28:03.0406 1784  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:28:03.0423 1784  pcmcia - ok
15:28:03.0584 1784  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:28:03.0721 1784  PEAUTH - ok
15:28:03.0955 1784  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:28:04.0058 1784  PerfHost - ok
15:28:04.0237 1784  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
15:28:04.0347 1784  pla - ok
15:28:04.0417 1784  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:28:04.0507 1784  PlugPlay - ok
15:28:04.0586 1784  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:28:04.0658 1784  PNRPAutoReg - ok
15:28:04.0764 1784  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:28:04.0835 1784  PNRPsvc - ok
15:28:04.0906 1784  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:28:04.0977 1784  PolicyAgent - ok
15:28:05.0044 1784  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:28:05.0087 1784  PptpMiniport - ok
15:28:05.0146 1784  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:28:05.0236 1784  Processor - ok
15:28:05.0325 1784  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:28:05.0419 1784  ProfSvc - ok
15:28:05.0454 1784  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:28:05.0482 1784  ProtectedStorage - ok
15:28:05.0594 1784  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
15:28:05.0648 1784  Ps2 - ok
15:28:05.0720 1784  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:28:05.0770 1784  PSched - ok
15:28:06.0056 1784  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:28:06.0170 1784  ql2300 - ok
15:28:06.0286 1784  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:28:06.0315 1784  ql40xx - ok
15:28:06.0449 1784  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
15:28:06.0531 1784  QWAVE - ok
15:28:06.0565 1784  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:28:06.0629 1784  QWAVEdrv - ok
15:28:06.0670 1784  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:28:06.0778 1784  RasAcd - ok
15:28:06.0855 1784  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
15:28:06.0965 1784  RasAuto - ok
15:28:07.0024 1784  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:28:07.0077 1784  Rasl2tp - ok
15:28:07.0170 1784  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
15:28:07.0260 1784  RasMan - ok
15:28:07.0326 1784  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:28:07.0428 1784  RasPppoe - ok
15:28:07.0527 1784  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:28:07.0555 1784  RasSstp - ok
15:28:07.0687 1784  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:28:07.0788 1784  rdbss - ok
15:28:07.0829 1784  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:28:07.0926 1784  RDPCDD - ok
15:28:08.0015 1784  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:28:08.0151 1784  rdpdr - ok
15:28:08.0430 1784  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:28:08.0528 1784  RDPENCDD - ok
15:28:09.0087 1784  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:28:09.0162 1784  RDPWD - ok
15:28:10.0258 1784  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:28:10.0367 1784  RemoteAccess - ok
15:28:11.0211 1784  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:28:11.0352 1784  RemoteRegistry - ok
15:28:11.0611 1784  RimUsb - ok
15:28:12.0472 1784  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:28:12.0586 1784  RimVSerPort - ok
15:28:13.0279 1784  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
15:28:13.0376 1784  ROOTMODEM - ok
15:28:14.0335 1784  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
15:28:14.0476 1784  RpcLocator - ok
15:28:15.0530 1784  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
15:28:15.0613 1784  RpcSs - ok
15:28:16.0116 1784  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:28:16.0217 1784  rspndr - ok
15:28:16.0237 1784  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
15:28:16.0265 1784  SamSs - ok
15:28:16.0310 1784  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:28:16.0336 1784  sbp2port - ok
15:28:16.0413 1784  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:28:16.0531 1784  SCardSvr - ok
15:28:16.0604 1784  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
15:28:16.0701 1784  Schedule - ok
15:28:16.0759 1784  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:28:16.0808 1784  SCPolicySvc - ok
15:28:16.0914 1784  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
15:28:16.0958 1784  ScreamBAudioSvc - ok
15:28:17.0021 1784  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:28:17.0106 1784  SDRSVC - ok
15:28:17.0168 1784  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:28:17.0273 1784  secdrv - ok
15:28:17.0289 1784  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
15:28:17.0336 1784  seclogon - ok
15:28:17.0358 1784  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
15:28:17.0425 1784  SENS - ok
15:28:17.0458 1784  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:28:17.0569 1784  Serenum - ok
15:28:17.0585 1784  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
15:28:17.0694 1784  Serial - ok
15:28:17.0701 1784  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:28:17.0791 1784  sermouse - ok
15:28:17.0841 1784  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:28:17.0925 1784  SessionEnv - ok
15:28:17.0959 1784  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:28:18.0086 1784  sffdisk - ok
15:28:18.0118 1784  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:28:18.0207 1784  sffp_mmc - ok
15:28:18.0235 1784  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:28:18.0324 1784  sffp_sd - ok
15:28:18.0355 1784  [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:28:18.0446 1784  sfloppy - ok
15:28:18.0530 1784  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:28:18.0582 1784  SharedAccess - ok
15:28:18.0711 1784  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:28:18.0774 1784  ShellHWDetection - ok
15:28:18.0816 1784  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:28:18.0843 1784  SiSRaid2 - ok
15:28:18.0872 1784  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:28:18.0903 1784  SiSRaid4 - ok
15:28:18.0952 1784  [ E0211E7E0D9CF5672174014BC6524E79 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:28:18.0978 1784  SkypeUpdate - ok
15:28:19.0281 1784  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
15:28:19.0432 1784  slsvc - ok
15:28:19.0492 1784  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:28:19.0546 1784  SLUINotify - ok
15:28:19.0604 1784  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:28:19.0705 1784  Smb - ok
15:28:19.0737 1784  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:28:19.0810 1784  SNMPTRAP - ok
15:28:20.0653 1784  [ 56B69DE178E12F4C2A25AC18E1D0BFB0 ] SNPSTD3         C:\Windows\system32\DRIVERS\snpstd3.sys
15:28:20.0939 1784  SNPSTD3 ( UnsignedFile.Multi.Generic ) - warning
15:28:20.0939 1784  SNPSTD3 - detected UnsignedFile.Multi.Generic (1)
15:28:21.0021 1784  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
15:28:21.0077 1784  spldr - ok
15:28:21.0158 1784  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
15:28:21.0247 1784  Spooler - ok
15:28:21.0353 1784  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:28:21.0412 1784  srv - ok
15:28:21.0474 1784  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:28:21.0537 1784  srv2 - ok
15:28:21.0567 1784  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:28:21.0615 1784  srvnet - ok
15:28:21.0655 1784  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:28:21.0748 1784  SSDPSRV - ok
15:28:21.0858 1784  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:28:21.0891 1784  SstpSvc - ok
15:28:22.0030 1784  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
15:28:22.0172 1784  stisvc - ok
15:28:22.0242 1784  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:28:22.0279 1784  swenum - ok
15:28:22.0423 1784  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
15:28:22.0503 1784  swprv - ok
15:28:22.0541 1784  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:28:22.0566 1784  Symc8xx - ok
15:28:22.0596 1784  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:28:22.0630 1784  Sym_hi - ok
15:28:22.0665 1784  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:28:22.0694 1784  Sym_u3 - ok
15:28:22.0848 1784  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
15:28:22.0940 1784  SysMain - ok
15:28:22.0976 1784  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:28:23.0028 1784  TabletInputService - ok
15:28:23.0082 1784  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:28:23.0123 1784  TapiSrv - ok
15:28:23.0156 1784  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
15:28:23.0218 1784  TBS - ok
15:28:23.0419 1784  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:28:23.0499 1784  Tcpip - ok
15:28:23.0527 1784  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:28:23.0620 1784  Tcpip6 - ok
15:28:23.0673 1784  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:28:23.0746 1784  tcpipreg - ok
15:28:23.0782 1784  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:28:23.0876 1784  TDPIPE - ok
15:28:23.0898 1784  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:28:24.0004 1784  TDTCP - ok
15:28:24.0061 1784  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:28:24.0116 1784  tdx - ok
15:28:24.0164 1784  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:28:24.0201 1784  TermDD - ok
15:28:24.0289 1784  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
15:28:24.0377 1784  TermService - ok
15:28:24.0404 1784  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
15:28:24.0424 1784  Themes - ok
15:28:24.0465 1784  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:28:24.0504 1784  THREADORDER - ok
15:28:24.0548 1784  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
15:28:24.0606 1784  TrkWks - ok
15:28:24.0679 1784  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:28:24.0747 1784  TrustedInstaller - ok
15:28:24.0800 1784  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:28:24.0877 1784  tssecsrv - ok
15:28:24.0910 1784  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:28:24.0925 1784  tunmp - ok
15:28:24.0967 1784  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:28:24.0992 1784  tunnel - ok
15:28:25.0044 1784  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:28:25.0074 1784  uagp35 - ok
15:28:25.0156 1784  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:28:25.0211 1784  udfs - ok
15:28:25.0308 1784  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:28:25.0421 1784  UI0Detect - ok
15:28:25.0494 1784  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:28:25.0530 1784  uliagpkx - ok
15:28:25.0614 1784  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:28:25.0661 1784  uliahci - ok
15:28:25.0754 1784  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:28:25.0783 1784  UlSata - ok
15:28:25.0823 1784  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:28:25.0864 1784  ulsata2 - ok
15:28:25.0936 1784  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:28:26.0033 1784  umbus - ok
15:28:26.0155 1784  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
15:28:26.0304 1784  upnphost - ok
15:28:26.0422 1784  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:28:26.0473 1784  USBAAPL64 - ok
15:28:26.0525 1784  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:28:26.0603 1784  usbaudio - ok
15:28:26.0678 1784  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:28:26.0759 1784  usbccgp - ok
15:28:26.0812 1784  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:28:26.0952 1784  usbcir - ok
15:28:26.0990 1784  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:28:27.0022 1784  usbehci - ok
15:28:27.0065 1784  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:28:27.0139 1784  usbhub - ok
15:28:27.0162 1784  [ E406B003A354776D317762694956B0FC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:28:27.0231 1784  usbohci - ok
15:28:27.0261 1784  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:28:27.0326 1784  usbprint - ok
15:28:27.0434 1784  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:28:27.0506 1784  usbscan - ok
15:28:27.0541 1784  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:28:27.0626 1784  USBSTOR - ok
15:28:27.0658 1784  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:28:27.0720 1784  usbuhci - ok
15:28:27.0758 1784  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
15:28:27.0821 1784  UxSms - ok
15:28:27.0899 1784  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
15:28:27.0959 1784  vds - ok
15:28:28.0007 1784  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:28:28.0074 1784  vga - ok
15:28:28.0101 1784  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:28:28.0168 1784  VgaSave - ok
15:28:28.0204 1784  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
15:28:28.0292 1784  viaide - ok
15:28:28.0299 1784  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:28:28.0314 1784  volmgr - ok
15:28:28.0394 1784  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:28:28.0417 1784  volmgrx - ok
15:28:28.0495 1784  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:28:28.0514 1784  volsnap - ok
15:28:28.0606 1784  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:28:28.0636 1784  vsmraid - ok
15:28:28.0801 1784  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
15:28:28.0898 1784  VSS - ok
15:28:28.0962 1784  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
15:28:29.0078 1784  W32Time - ok
15:28:29.0145 1784  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:28:29.0303 1784  WacomPen - ok
15:28:29.0390 1784  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:28:29.0504 1784  Wanarp - ok
15:28:29.0522 1784  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:28:29.0571 1784  Wanarpv6 - ok
15:28:29.0672 1784  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:28:29.0732 1784  wcncsvc - ok
15:28:29.0768 1784  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:28:29.0806 1784  WcsPlugInService - ok
15:28:29.0829 1784  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
15:28:29.0870 1784  Wd - ok
15:28:30.0062 1784  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:28:30.0120 1784  Wdf01000 - ok
15:28:30.0148 1784  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:28:30.0253 1784  WdiServiceHost - ok
15:28:30.0259 1784  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:28:30.0306 1784  WdiSystemHost - ok
15:28:30.0396 1784  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
15:28:30.0471 1784  WebClient - ok
15:28:30.0518 1784  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:28:30.0610 1784  Wecsvc - ok
15:28:30.0639 1784  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:28:30.0708 1784  wercplsupport - ok
15:28:30.0767 1784  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
15:28:30.0869 1784  WerSvc - ok
15:28:30.0920 1784  WinDefend - ok
15:28:30.0929 1784  WinHttpAutoProxySvc - ok
15:28:31.0090 1784  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:28:31.0166 1784  Winmgmt - ok
15:28:31.0239 1784  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:28:31.0369 1784  WinRM - ok
15:28:31.0522 1784  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
15:28:31.0554 1784  WinUSB - ok
15:28:31.0739 1784  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:28:31.0846 1784  Wlansvc - ok
15:28:31.0866 1784  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:28:31.0915 1784  WmiAcpi - ok
15:28:32.0051 1784  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:28:32.0136 1784  wmiApSrv - ok
15:28:32.0169 1784  WMPNetworkSvc - ok
15:28:32.0267 1784  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:28:32.0345 1784  WPCSvc - ok
15:28:32.0375 1784  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:28:32.0416 1784  WPDBusEnum - ok
15:28:32.0445 1784  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:28:32.0520 1784  WpdUsb - ok
15:28:32.0749 1784  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:28:32.0810 1784  WPFFontCache_v0400 - ok
15:28:32.0871 1784  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:28:32.0991 1784  ws2ifsl - ok
15:28:33.0061 1784  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
15:28:33.0120 1784  wscsvc - ok
15:28:33.0126 1784  WSearch - ok
15:28:33.0433 1784  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:28:33.0645 1784  wuauserv - ok
15:28:33.0757 1784  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:28:33.0819 1784  WudfPf - ok
15:28:33.0890 1784  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:28:33.0931 1784  WUDFRd - ok
15:28:33.0973 1784  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:28:34.0021 1784  wudfsvc - ok
15:28:34.0029 1784  ================ Scan global ===============================
15:28:34.0085 1784  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:28:34.0258 1784  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:28:34.0281 1784  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:28:34.0382 1784  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:28:34.0393 1784  [Global] - ok
15:28:34.0394 1784  ================ Scan MBR ==================================
15:28:34.0423 1784  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
15:28:35.0753 1784  \Device\Harddisk0\DR0 - ok
15:28:35.0760 1784  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:28:35.0911 1784  \Device\Harddisk1\DR1 - ok
15:28:35.0919 1784  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
15:28:36.0164 1784  \Device\Harddisk4\DR4 - ok
15:28:36.0165 1784  ================ Scan VBR ==================================
15:28:36.0170 1784  [ B7F665ADAB27EA8A68B47C61FF02D011 ] \Device\Harddisk0\DR0\Partition1
15:28:36.0173 1784  \Device\Harddisk0\DR0\Partition1 - ok
15:28:36.0204 1784  [ 4B79F7981523E0B791605B829695078F ] \Device\Harddisk0\DR0\Partition2
15:28:36.0276 1784  \Device\Harddisk0\DR0\Partition2 - ok
15:28:36.0282 1784  [ 0D38F8AF2BCDCDB9D7E39FE65F4F46A8 ] \Device\Harddisk1\DR1\Partition1
15:28:36.0285 1784  \Device\Harddisk1\DR1\Partition1 - ok
15:28:36.0293 1784  [ 486D6BD2369767511B3A906A244D8E84 ] \Device\Harddisk4\DR4\Partition1
15:28:36.0296 1784  \Device\Harddisk4\DR4\Partition1 - ok
15:28:36.0296 1784  ============================================================
15:28:36.0296 1784  Scan finished
15:28:36.0297 1784  ============================================================
15:28:36.0316 3252  Detected object count: 4
15:28:36.0316 3252  Actual detected object count: 4
15:28:55.0538 3252  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0538 3252  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0541 3252  hxctlflt ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0541 3252  hxctlflt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0543 3252  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0543 3252  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0546 3252  SNPSTD3 ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0546 3252  SNPSTD3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 07.07.2013, 22:17   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search und Babylon search - Malware durch Freeware, Windows Vista - Standard

Delta Search und Babylon search - Malware durch Freeware, Windows Vista



Ok, ein Kontroll-Log mit FRST bitte

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Delta Search und Babylon search - Malware durch Freeware, Windows Vista
babylon search, delta, delta search, entfernen, erhalte, explorer, forum, freeware, gekauft, gen, gestartet, guter, immernoch, julia, lizenz, malware, malwarebytes, nichts, problem, programm, search, seite, startseite, vista, windows, windows vista, wirklich



Ähnliche Themen: Delta Search und Babylon search - Malware durch Freeware, Windows Vista


  1. Windows Vista incredibar-search ASK-Toolbar vermutlich Malware, Rechner sehr langsam
    Log-Analyse und Auswertung - 28.04.2015 (11)
  2. babylon search und delta search als startseite im browser
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (9)
  3. Search d.p Engine. Ist das Delta-Search? Wenn nein, egal ich werde es nicht mehr los
    Log-Analyse und Auswertung - 27.01.2014 (11)
  4. BitGuard, Babylon, Delta Search und andere Ad-, Spy- und Scareware @ MARCO-VAIO
    Log-Analyse und Auswertung - 05.01.2014 (13)
  5. Windows 7: Delta Search Virus
    Log-Analyse und Auswertung - 29.09.2013 (18)
  6. Windows 7: Delta Search und andere Malware entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (15)
  7. Windows XP: Delta Search + Crome
    Log-Analyse und Auswertung - 29.08.2013 (44)
  8. XP Neuinstallation nach Infektion mit Babylon und Delta Search
    Log-Analyse und Auswertung - 12.08.2013 (3)
  9. Windows Vista 64 bit: IE, Skript dauert zu lange, delta-search
    Log-Analyse und Auswertung - 08.08.2013 (15)
  10. Virenbefall durch Delta Search und Konsorten
    Log-Analyse und Auswertung - 31.05.2013 (13)
  11. Delta Search Babylon
    Log-Analyse und Auswertung - 28.05.2013 (14)
  12. Delta-Search durch J-Downloader eingefangen
    Log-Analyse und Auswertung - 20.05.2013 (8)
  13. Delta Search mit Spybot entfernt; Delta Search taucht jedoch in neuen Tab trotzdem auf
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  14. Trojaner, Malware Löschungs Prüfung nach delta search über DDS+
    Log-Analyse und Auswertung - 01.04.2013 (7)
  15. Delta Search mit AdwCleaner entfernt? (Windows 8)
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (15)
  16. Babylon Search Suchmaschine / PC lahmt / Malware?
    Plagegeister aller Art und deren Bekämpfung - 20.03.2013 (15)
  17. Delta Search und Babylon Search entfernt - Ist nun alles weg?
    Log-Analyse und Auswertung - 16.03.2013 (18)

Zum Thema Delta Search und Babylon search - Malware durch Freeware, Windows Vista - reboot tut gut - Delta Search und Babylon search - Malware durch Freeware, Windows Vista...
Archiv
Du betrachtest: Delta Search und Babylon search - Malware durch Freeware, Windows Vista auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.