| |
| |||||||
Log-Analyse und Auswertung: BOO.cidox Performance sinktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
25.08.2014, 14:41
| #16 |
 |  BOO.cidox Performance sinkt ahh sorry hab ich übersehen Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-08-2014 03
Ran by Kevin at 2014-08-25 15:40:13
Running from C:\Users\Kevin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Belkin F7D1102 Surf Wireless Micro USB Adapter (HKLM\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2180395333-3843965972-1257437488-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
==================== Restore Points =========================
17-08-2014 12:24:17 DirectX wurde installiert
17-08-2014 12:28:16 DirectX wurde installiert
18-08-2014 12:08:34 Wiederherstellungsvorgang
18-08-2014 12:27:36 Windows Modules Installer
18-08-2014 13:14:40 DirectX wurde installiert
18-08-2014 13:50:53 Installed AVG 2014
18-08-2014 13:51:20 Installed AVG 2014
18-08-2014 14:49:07 Removed AVG 2014
18-08-2014 14:50:39 Removed AVG 2014
18-08-2014 15:01:39 Installed SpyHunter
18-08-2014 15:54:14 Removed SpyHunter
24-08-2014 14:37:16 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-08-25 14:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3B8BF70C-117D-46DF-A830-C1A2729CEA32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-15] (Google Inc.)
Task: {D6C76FE3-A511-4247-8BB0-E29FDA9C74A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-15] (Google Inc.)
Task: {FC1CF7C6-CC8B-40E3-9F68-4FD07698683E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-15 22:40 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-08-14 15:17 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 15:17 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 15:17 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 15:17 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 15:17 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (08/25/2014 02:21:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 25.08.2014 um 14:20:45 unerwartet heruntergefahren.
Error: (08/25/2014 02:18:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/25/2014 02:13:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 05:58:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 05:55:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 05:52:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 05:49:48 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 04:47:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 04:43:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/24/2014 04:39:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 03:08:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (08/25/2014 02:25:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 32%
Total physical RAM: 3071.24 MB
Available physical RAM: 2075.17 MB
Total Pagefile: 6140.77 MB
Available Pagefile: 4781.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:285.99 GB) (Free:240.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: AC5CC58C)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
25.08.2014, 14:44
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | BOO.cidox Performance sinkt Okay, dann Kontrollscans mit MBAM und ESET bitte:
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ |
|
25.08.2014, 17:51
| #18 |
| | BOO.cidox Performance sinkt soll ich das mit eset jetzt machen oder erstmal den text von mbam posten wenn der suchlauf fertig ist?
__________________Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 25.08.2014 Suchlauf-Zeit: 16:02:44 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.25.03 Rootkit Datenbank: v2014.08.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Kevin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 271531 Verstrichene Zeit: 8 Min, 10 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f88b27814c69c24fad98e2f15690208b
# engine=19832
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-25 04:48:10
# local_time=2014-08-25 06:48:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 17459 2870344 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3527190 160616481 0 0
# scanned=141412
# found=2
# cleaned=0
# scan_time=4893
sh=19F3AB30EF425C1C77360FF456FA435463A5B53D ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen Virus" ac=I fn="C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0U2NWRL\.jquery[1].php"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Rovnix.R Trojaner" ac=I fn="${Memory}"
|
|
25.08.2014, 22:15
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO.cidox Performance sinkt Hm...der findet noch was im RAM. Bitte mal das Kaspersky-Tool ausführen: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.08.2014, 13:32
| #20 |
| | BOO.cidox Performance sinktCode:
ATTFilter 14:26:01.0514 0x0e48 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:26:14.0748 0x0e48 ============================================================
14:26:14.0748 0x0e48 Current date / time: 2014/08/26 14:26:14.0748
14:26:14.0748 0x0e48 SystemInfo:
14:26:14.0748 0x0e48
14:26:14.0748 0x0e48 OS Version: 6.1.7601 ServicePack: 1.0
14:26:14.0748 0x0e48 Product type: Workstation
14:26:14.0748 0x0e48 ComputerName: KEVIN-PC
14:26:14.0748 0x0e48 UserName: Kevin
14:26:14.0748 0x0e48 Windows directory: C:\Windows
14:26:14.0748 0x0e48 System windows directory: C:\Windows
14:26:14.0749 0x0e48 Processor architecture: Intel x86
14:26:14.0749 0x0e48 Number of processors: 2
14:26:14.0749 0x0e48 Page size: 0x1000
14:26:14.0749 0x0e48 Boot type: Normal boot
14:26:14.0749 0x0e48 ============================================================
14:26:20.0553 0x0e48 KLMD registered as C:\Windows\system32\drivers\86900643.sys
14:26:20.0816 0x0e48 System UUID: {B55EC208-1154-2757-3633-062C86BE5AA2}
14:26:21.0772 0x0e48 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:26:21.0780 0x0e48 ============================================================
14:26:21.0780 0x0e48 \Device\Harddisk0\DR0:
14:26:21.0780 0x0e48 MBR partitions:
14:26:21.0780 0x0e48 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
14:26:21.0780 0x0e48 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x23BFB800
14:26:21.0780 0x0e48 ============================================================
14:26:21.0807 0x0e48 C: <-> \Device\Harddisk0\DR0\Partition2
14:26:21.0808 0x0e48 ============================================================
14:26:21.0808 0x0e48 Initialize success
14:26:21.0808 0x0e48 ============================================================
14:26:30.0773 0x05c0 ============================================================
14:26:30.0778 0x05c0 Scan started
14:26:30.0778 0x05c0 Mode: Manual;
14:26:30.0778 0x05c0 ============================================================
14:26:30.0778 0x05c0 KSN ping started
14:26:44.0492 0x05c0 KSN ping finished: true
14:26:49.0585 0x05c0 ================ Scan system memory ========================
14:26:49.0585 0x05c0 Scan was interrupted by user!
14:26:50.0133 0x05c0 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
14:26:50.0317 0x05c0 Win FW state via NFP2: enabled
14:26:53.0135 0x05c0 ============================================================
14:26:53.0135 0x05c0 Scan finished
14:26:53.0135 0x05c0 ============================================================
14:26:53.0156 0x149c Detected object count: 0
14:26:53.0156 0x149c Actual detected object count: 0
14:27:09.0206 0x17d0 ============================================================
14:27:09.0206 0x17d0 Scan started
14:27:09.0206 0x17d0 Mode: Manual; SigCheck; TDLFS;
14:27:09.0206 0x17d0 ============================================================
14:27:09.0206 0x17d0 KSN ping started
14:27:11.0651 0x17d0 KSN ping finished: true
14:27:14.0444 0x17d0 ================ Scan system memory ========================
14:27:14.0444 0x17d0 System memory - ok
14:27:14.0453 0x17d0 ================ Scan services =============================
14:27:14.0630 0x17d0 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:27:15.0004 0x17d0 1394ohci - ok
14:27:15.0082 0x17d0 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:27:15.0153 0x17d0 ACPI - ok
14:27:15.0199 0x17d0 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:27:15.0351 0x17d0 AcpiPmi - ok
14:27:15.0446 0x17d0 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:27:15.0469 0x17d0 AdobeARMservice - ok
14:27:15.0581 0x17d0 [ 9E5197D65BA34A4DB45B8BEFC3288C23, EBBE6126B6B73616032F8E1731642E35C6CB6B395EF74BCCB781CAE076EE8434 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:27:15.0665 0x17d0 AdobeFlashPlayerUpdateSvc - ok
14:27:15.0735 0x17d0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:27:15.0899 0x17d0 adp94xx - ok
14:27:15.0939 0x17d0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:27:15.0985 0x17d0 adpahci - ok
14:27:15.0998 0x17d0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:27:16.0036 0x17d0 adpu320 - ok
14:27:16.0061 0x17d0 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:27:16.0726 0x17d0 AeLookupSvc - ok
14:27:16.0909 0x17d0 [ 1151FD4FB0216CFED887BFDE29EBD516, 673C2B498744C7EB846F6BD4FDC852B0A9722377D75FD694F7F78E727ADF4563 ] AFD C:\Windows\system32\drivers\afd.sys
14:27:17.0091 0x17d0 AFD - ok
14:27:17.0192 0x17d0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:27:17.0263 0x17d0 agp440 - ok
14:27:17.0304 0x17d0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:27:17.0341 0x17d0 aic78xx - ok
14:27:17.0390 0x17d0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
14:27:17.0547 0x17d0 ALG - ok
14:27:17.0580 0x17d0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:27:17.0624 0x17d0 aliide - ok
14:27:17.0634 0x17d0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
14:27:17.0671 0x17d0 amdagp - ok
14:27:17.0681 0x17d0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:27:17.0705 0x17d0 amdide - ok
14:27:17.0729 0x17d0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:27:17.0786 0x17d0 AmdK8 - ok
14:27:17.0801 0x17d0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:27:17.0901 0x17d0 AmdPPM - ok
14:27:17.0939 0x17d0 [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
14:27:18.0030 0x17d0 amdsata - ok
14:27:18.0044 0x17d0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:27:18.0075 0x17d0 amdsbs - ok
14:27:18.0112 0x17d0 [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
14:27:18.0169 0x17d0 amdxata - ok
14:27:18.0458 0x17d0 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:27:18.0515 0x17d0 AntiVirSchedulerService - ok
14:27:18.0679 0x17d0 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:27:18.0722 0x17d0 AntiVirService - ok
14:27:18.0779 0x17d0 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
14:27:18.0917 0x17d0 AppID - ok
14:27:18.0981 0x17d0 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:27:19.0068 0x17d0 AppIDSvc - ok
14:27:19.0115 0x17d0 [ FB1959012294D6AD43E5304DF65E3C26, CFE906B07FF71A178CF9C254B056C6F5A303DDC511F0E4E1E75808F1D5326495 ] Appinfo C:\Windows\System32\appinfo.dll
14:27:19.0171 0x17d0 Appinfo - ok
14:27:19.0255 0x17d0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:27:19.0292 0x17d0 arc - ok
14:27:19.0304 0x17d0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:27:19.0335 0x17d0 arcsas - ok
14:27:19.0360 0x17d0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:27:19.0680 0x17d0 AsyncMac - ok
14:27:19.0697 0x17d0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:27:19.0709 0x17d0 atapi - ok
14:27:19.0784 0x17d0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:27:19.0954 0x17d0 AudioEndpointBuilder - ok
14:27:19.0977 0x17d0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:27:20.0090 0x17d0 Audiosrv - ok
14:27:20.0203 0x17d0 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:27:20.0338 0x17d0 avgntflt - ok
14:27:20.0389 0x17d0 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:27:20.0489 0x17d0 avipbb - ok
14:27:20.0521 0x17d0 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:27:20.0561 0x17d0 avkmgr - ok
14:27:20.0641 0x17d0 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:27:20.0754 0x17d0 AxInstSV - ok
14:27:20.0814 0x17d0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:27:20.0976 0x17d0 b06bdrv - ok
14:27:21.0015 0x17d0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:27:21.0084 0x17d0 b57nd60x - ok
14:27:21.0133 0x17d0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
14:27:21.0253 0x17d0 BDESVC - ok
14:27:21.0286 0x17d0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
14:27:21.0389 0x17d0 Beep - ok
14:27:21.0443 0x17d0 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
14:27:21.0650 0x17d0 BFE - ok
14:27:21.0705 0x17d0 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
14:27:21.0981 0x17d0 BITS - ok
14:27:22.0020 0x17d0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:27:22.0271 0x17d0 blbdrive - ok
14:27:22.0284 0x17d0 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:27:22.0541 0x17d0 bowser - ok
14:27:22.0547 0x17d0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:27:22.0723 0x17d0 BrFiltLo - ok
14:27:22.0730 0x17d0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:27:22.0836 0x17d0 BrFiltUp - ok
14:27:22.0888 0x17d0 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:27:22.0985 0x17d0 BridgeMP - ok
14:27:23.0026 0x17d0 [ 6E11F33D14D020F58D5E02E4D67DFA19, 9563E4E8CE769B7619745F6F6DE618389A1595785023BF1F295AD8301B27F0AF ] Browser C:\Windows\System32\browser.dll
14:27:23.0136 0x17d0 Browser - ok
14:27:23.0180 0x17d0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:27:23.0333 0x17d0 Brserid - ok
14:27:23.0342 0x17d0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:27:23.0536 0x17d0 BrSerWdm - ok
14:27:23.0566 0x17d0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:27:23.0751 0x17d0 BrUsbMdm - ok
14:27:23.0844 0x17d0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:27:24.0060 0x17d0 BrUsbSer - ok
14:27:24.0095 0x17d0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:27:24.0189 0x17d0 BTHMODEM - ok
14:27:24.0256 0x17d0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
14:27:24.0471 0x17d0 bthserv - ok
14:27:24.0650 0x17d0 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
14:27:24.0961 0x17d0 c2cautoupdatesvc - ok
14:27:25.0838 0x17d0 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
14:27:26.0423 0x17d0 c2cpnrsvc - ok
14:27:26.0860 0x17d0 catchme - ok
14:27:26.0919 0x17d0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:27:27.0072 0x17d0 cdfs - ok
14:27:27.0176 0x17d0 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:27:27.0302 0x17d0 cdrom - ok
14:27:27.0396 0x17d0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
14:27:27.0660 0x17d0 CertPropSvc - ok
14:27:27.0735 0x17d0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:27:27.0862 0x17d0 circlass - ok
14:27:27.0937 0x17d0 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
14:27:27.0982 0x17d0 CLFS - ok
14:27:28.0084 0x17d0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:27:28.0255 0x17d0 clr_optimization_v2.0.50727_32 - ok
14:27:28.0470 0x17d0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:27:28.0520 0x17d0 clr_optimization_v4.0.30319_32 - ok
14:27:28.0552 0x17d0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:27:28.0678 0x17d0 CmBatt - ok
14:27:28.0694 0x17d0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:27:28.0724 0x17d0 cmdide - ok
14:27:28.0756 0x17d0 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
14:27:28.0915 0x17d0 CNG - ok
14:27:28.0938 0x17d0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:27:28.0963 0x17d0 Compbatt - ok
14:27:29.0034 0x17d0 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:27:29.0172 0x17d0 CompositeBus - ok
14:27:29.0185 0x17d0 COMSysApp - ok
14:27:29.0203 0x17d0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:27:29.0269 0x17d0 crcdisk - ok
14:27:29.0320 0x17d0 [ A585BEBF7D054BD9618EDA0922D5484A, 340DF730E88F8B6A4EF542F620EBA2A720546AFAB4DFFA00F066B7610A1026C5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:27:29.0524 0x17d0 CryptSvc - ok
14:27:29.0656 0x17d0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
14:27:29.0912 0x17d0 DcomLaunch - ok
14:27:30.0012 0x17d0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
14:27:30.0365 0x17d0 defragsvc - ok
14:27:30.0406 0x17d0 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:27:30.0621 0x17d0 DfsC - ok
14:27:30.0705 0x17d0 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:27:30.0895 0x17d0 Dhcp - ok
14:27:30.0943 0x17d0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
14:27:31.0089 0x17d0 discache - ok
14:27:31.0146 0x17d0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:27:31.0198 0x17d0 Disk - ok
14:27:31.0242 0x17d0 [ 2FE30D71919C51131405797620E0A714, 16060DDC32EF95EB6E37B91D50A96AB53CB0DEBB3DFDCB31975D16361092ABA5 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:27:31.0401 0x17d0 Dnscache - ok
14:27:31.0439 0x17d0 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
14:27:31.0530 0x17d0 dot3svc - ok
14:27:31.0555 0x17d0 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
14:27:31.0808 0x17d0 DPS - ok
14:27:31.0865 0x17d0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:27:31.0977 0x17d0 drmkaud - ok
14:27:32.0079 0x17d0 [ 23F5D28378A160352BA8F817BD8C71CB, 11BF7B7E6276C28EFF74B8AF89B493CBB89B394D2A091708EDA15DA5C342FF19 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:27:32.0198 0x17d0 DXGKrnl - ok
14:27:32.0329 0x17d0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
14:27:32.0568 0x17d0 EapHost - ok
14:27:34.0098 0x17d0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:27:34.0980 0x17d0 ebdrv - ok
14:27:35.0105 0x17d0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
14:27:35.0400 0x17d0 EFS - ok
14:27:35.0643 0x17d0 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:27:36.0030 0x17d0 ehRecvr - ok
14:27:36.0073 0x17d0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
14:27:36.0186 0x17d0 ehSched - ok
14:27:36.0304 0x17d0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:27:36.0471 0x17d0 elxstor - ok
14:27:36.0499 0x17d0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:27:36.0631 0x17d0 ErrDev - ok
14:27:36.0706 0x17d0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
14:27:36.0860 0x17d0 EventSystem - ok
14:27:36.0915 0x17d0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
14:27:37.0019 0x17d0 exfat - ok
14:27:37.0061 0x17d0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:27:37.0379 0x17d0 fastfat - ok
14:27:37.0472 0x17d0 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
14:27:37.0638 0x17d0 Fax - ok
14:27:37.0899 0x17d0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:27:38.0280 0x17d0 fdc - ok
14:27:38.0441 0x17d0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
14:27:38.0720 0x17d0 fdPHost - ok
14:27:38.0787 0x17d0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
14:27:39.0001 0x17d0 FDResPub - ok
14:27:39.0048 0x17d0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:27:39.0107 0x17d0 FileInfo - ok
14:27:39.0173 0x17d0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:27:39.0274 0x17d0 Filetrace - ok
14:27:39.0325 0x17d0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:27:39.0424 0x17d0 flpydisk - ok
14:27:39.0482 0x17d0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:27:39.0568 0x17d0 FltMgr - ok
14:27:39.0634 0x17d0 [ FA6C66E4364D7DA57AADE5DCC03BB999, 9C0D0A04D2558CF60B7F7185CC9B369CDDD3B1C625960910CECF07611F288378 ] FontCache C:\Windows\system32\FntCache.dll
14:27:39.0854 0x17d0 FontCache - ok
14:27:39.0919 0x17d0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:27:39.0985 0x17d0 FontCache3.0.0.0 - ok
14:27:40.0062 0x17d0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:27:40.0115 0x17d0 FsDepends - ok
14:27:40.0172 0x17d0 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:27:40.0204 0x17d0 Fs_Rec - ok
14:27:40.0247 0x17d0 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:27:40.0312 0x17d0 fvevol - ok
14:27:40.0368 0x17d0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:27:40.0495 0x17d0 gagp30kx - ok
14:27:40.0600 0x17d0 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
14:27:40.0884 0x17d0 gpsvc - ok
14:27:41.0090 0x17d0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:27:41.0182 0x17d0 gupdate - ok
14:27:41.0219 0x17d0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:27:41.0232 0x17d0 gupdatem - ok
14:27:41.0293 0x17d0 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:27:41.0367 0x17d0 hamachi - ok
14:27:41.0621 0x17d0 [ 59370B23587672184DF890275C8C4BCB, 53D05329AAA65AE900CC84DFAC1EB532D46C94C9192B416F9EAA8A5547D278D1 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:27:41.0830 0x17d0 Hamachi2Svc - ok
14:27:41.0883 0x17d0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:27:42.0453 0x17d0 hcw85cir - ok
14:27:42.0503 0x17d0 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:27:42.0749 0x17d0 HdAudAddService - ok
14:27:42.0799 0x17d0 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:27:42.0912 0x17d0 HDAudBus - ok
14:27:42.0967 0x17d0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:27:43.0171 0x17d0 HidBatt - ok
14:27:43.0202 0x17d0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:27:43.0325 0x17d0 HidBth - ok
14:27:43.0335 0x17d0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:27:43.0629 0x17d0 HidIr - ok
14:27:43.0683 0x17d0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
14:27:43.0963 0x17d0 hidserv - ok
14:27:44.0025 0x17d0 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:27:44.0269 0x17d0 HidUsb - ok
14:27:44.0350 0x17d0 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
14:27:44.0421 0x17d0 hkmsvc - ok
14:27:44.0507 0x17d0 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:27:44.0726 0x17d0 HomeGroupListener - ok
14:27:44.0781 0x17d0 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:27:44.0868 0x17d0 HomeGroupProvider - ok
14:27:44.0929 0x17d0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:27:44.0962 0x17d0 HpSAMD - ok
14:27:45.0021 0x17d0 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:27:45.0190 0x17d0 HTTP - ok
14:27:45.0207 0x17d0 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:27:45.0259 0x17d0 hwpolicy - ok
14:27:45.0301 0x17d0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:27:45.0400 0x17d0 i8042prt - ok
14:27:45.0469 0x17d0 [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
14:27:45.0597 0x17d0 iaStorV - ok
14:27:45.0656 0x17d0 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:27:45.0794 0x17d0 idsvc - ok
14:27:45.0853 0x17d0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:27:45.0957 0x17d0 iirsp - ok
14:27:46.0037 0x17d0 [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT C:\Windows\System32\ikeext.dll
14:27:46.0554 0x17d0 IKEEXT - ok
14:27:46.0594 0x17d0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:27:46.0621 0x17d0 intelide - ok
14:27:46.0657 0x17d0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:27:46.0783 0x17d0 intelppm - ok
14:27:46.0820 0x17d0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:27:46.0959 0x17d0 IPBusEnum - ok
14:27:46.0987 0x17d0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:27:47.0116 0x17d0 IpFilterDriver - ok
14:27:47.0261 0x17d0 [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:27:47.0569 0x17d0 iphlpsvc - ok
14:27:47.0612 0x17d0 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:27:47.0696 0x17d0 IPMIDRV - ok
14:27:47.0722 0x17d0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:27:47.0864 0x17d0 IPNAT - ok
14:27:47.0928 0x17d0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:27:48.0057 0x17d0 IRENUM - ok
14:27:48.0079 0x17d0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:27:48.0180 0x17d0 isapnp - ok
14:27:48.0216 0x17d0 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:27:48.0418 0x17d0 iScsiPrt - ok
14:27:48.0506 0x17d0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:27:48.0570 0x17d0 kbdclass - ok
14:27:48.0658 0x17d0 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:27:48.0714 0x17d0 kbdhid - ok
14:27:48.0791 0x17d0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
14:27:48.0867 0x17d0 KeyIso - ok
14:27:48.0881 0x17d0 [ 412CEA1AA78CC02A447F5C9E62B32FF1, E06859E2CE2AFA3CE521851F8810778ED1748B812E601A58786605096AACEA81 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:27:49.0012 0x17d0 KSecDD - ok
14:27:49.0070 0x17d0 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:27:49.0129 0x17d0 KSecPkg - ok
14:27:49.0212 0x17d0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:27:49.0361 0x17d0 KtmRm - ok
14:27:49.0511 0x17d0 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:27:49.0739 0x17d0 LanmanServer - ok
14:27:49.0799 0x17d0 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:27:49.0904 0x17d0 LanmanWorkstation - ok
14:27:49.0993 0x17d0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:27:50.0119 0x17d0 lltdio - ok
14:27:50.0181 0x17d0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:27:50.0348 0x17d0 lltdsvc - ok
14:27:50.0396 0x17d0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:27:50.0507 0x17d0 lmhosts - ok
14:27:50.0610 0x17d0 [ 61535275E03AFAB541D7C94C69A96AF7, C8EEC418C844A7A303CFF4129F3A36C476DB927681E426010AA9E7246F461647 ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
14:27:50.0698 0x17d0 LMIGuardianSvc - ok
14:27:50.0753 0x17d0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:27:50.0799 0x17d0 LSI_FC - ok
14:27:50.0808 0x17d0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:27:50.0898 0x17d0 LSI_SAS - ok
14:27:50.0938 0x17d0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:27:50.0993 0x17d0 LSI_SAS2 - ok
14:27:51.0001 0x17d0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:27:51.0059 0x17d0 LSI_SCSI - ok
14:27:51.0080 0x17d0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
14:27:51.0219 0x17d0 luafv - ok
14:27:51.0303 0x17d0 [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:27:51.0338 0x17d0 MBAMProtector - ok
14:27:51.0574 0x17d0 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
14:27:51.0725 0x17d0 MBAMScheduler - ok
14:27:51.0868 0x17d0 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
14:27:52.0009 0x17d0 MBAMService - ok
14:27:52.0080 0x17d0 [ BD27D97297934FD4217A37FD28A7ABC7, 446F3D6D278A4B3B79B331AA325632FD038952E5E910FC927894E9171A623794 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:27:52.0163 0x17d0 MBAMWebAccessControl - ok
14:27:52.0224 0x17d0 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:27:52.0338 0x17d0 Mcx2Svc - ok
14:27:52.0375 0x17d0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:27:52.0410 0x17d0 megasas - ok
14:27:52.0441 0x17d0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:27:52.0504 0x17d0 MegaSR - ok
14:27:52.0554 0x17d0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
14:27:52.0629 0x17d0 MMCSS - ok
14:27:52.0645 0x17d0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
14:27:52.0741 0x17d0 Modem - ok
14:27:52.0795 0x17d0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:27:53.0003 0x17d0 monitor - ok
14:27:53.0055 0x17d0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:27:53.0096 0x17d0 mouclass - ok
14:27:53.0114 0x17d0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:27:53.0214 0x17d0 mouhid - ok
14:27:53.0259 0x17d0 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:27:53.0288 0x17d0 mountmgr - ok
14:27:53.0302 0x17d0 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:27:53.0335 0x17d0 mpio - ok
14:27:53.0390 0x17d0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:27:53.0614 0x17d0 mpsdrv - ok
14:27:53.0711 0x17d0 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:27:53.0896 0x17d0 MpsSvc - ok
14:27:53.0939 0x17d0 [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:27:54.0082 0x17d0 MRxDAV - ok
14:27:54.0130 0x17d0 [ B272B4C3E085EA860C12F2E4FAF2FFA2, DA99D8223D9FB7BFA52E66B73D1E1AA47B76B45A649400F7898E8D65D8672E52 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:27:54.0276 0x17d0 mrxsmb - ok
14:27:54.0329 0x17d0 [ 9AC33EF26C8A3AD0F117D00EB7301D03, 403445B07DC55F9DF98CA11AC87D4231187A2472A4E107786A5845B213355F0A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:27:54.0402 0x17d0 mrxsmb10 - ok
14:27:54.0483 0x17d0 [ E0ABDB5ED7E199E242A7D028E76C1D3A, 4014A1F0720F6D15A2FB0CF4F1F970595BC29929F92F461CDD68E4513F49563E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:27:54.0634 0x17d0 mrxsmb20 - ok
14:27:54.0644 0x17d0 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:27:54.0672 0x17d0 msahci - ok
14:27:54.0684 0x17d0 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:27:54.0723 0x17d0 msdsm - ok
14:27:54.0760 0x17d0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
14:27:55.0006 0x17d0 MSDTC - ok
14:27:55.0072 0x17d0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:27:55.0171 0x17d0 Msfs - ok
14:27:55.0204 0x17d0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:27:55.0273 0x17d0 mshidkmdf - ok
14:27:55.0288 0x17d0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:27:55.0336 0x17d0 msisadrv - ok
14:27:55.0371 0x17d0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:27:55.0501 0x17d0 MSiSCSI - ok
14:27:55.0525 0x17d0 msiserver - ok
14:27:55.0579 0x17d0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:27:55.0737 0x17d0 MSKSSRV - ok
14:27:55.0748 0x17d0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:27:55.0840 0x17d0 MSPCLOCK - ok
14:27:55.0878 0x17d0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:27:56.0039 0x17d0 MSPQM - ok
14:27:56.0101 0x17d0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:27:56.0184 0x17d0 MsRPC - ok
14:27:56.0204 0x17d0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:27:56.0242 0x17d0 mssmbios - ok
14:27:56.0266 0x17d0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:27:56.0439 0x17d0 MSTEE - ok
14:27:56.0474 0x17d0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:27:56.0681 0x17d0 MTConfig - ok
14:27:56.0875 0x17d0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
14:27:57.0078 0x17d0 Mup - ok
14:27:57.0501 0x17d0 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
14:27:57.0917 0x17d0 napagent - ok
14:27:58.0428 0x17d0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:27:58.0724 0x17d0 NativeWifiP - ok
14:27:58.0845 0x17d0 [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:27:58.0932 0x17d0 NDIS - ok
14:27:58.0980 0x17d0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:27:59.0142 0x17d0 NdisCap - ok
14:27:59.0181 0x17d0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:27:59.0291 0x17d0 NdisTapi - ok
14:27:59.0352 0x17d0 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:27:59.0469 0x17d0 Ndisuio - ok
14:27:59.0495 0x17d0 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:27:59.0576 0x17d0 NdisWan - ok
14:27:59.0639 0x17d0 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:27:59.0806 0x17d0 NDProxy - ok
14:27:59.0856 0x17d0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:28:00.0023 0x17d0 NetBIOS - ok
14:28:00.0082 0x17d0 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:28:00.0357 0x17d0 NetBT - ok
14:28:00.0397 0x17d0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
14:28:00.0489 0x17d0 Netlogon - ok
14:28:00.0543 0x17d0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
14:28:00.0661 0x17d0 Netman - ok
14:28:00.0705 0x17d0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
14:28:00.0834 0x17d0 netprofm - ok
14:28:00.0936 0x17d0 [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:28:01.0028 0x17d0 NetTcpPortSharing - ok
14:28:01.0085 0x17d0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:28:01.0148 0x17d0 nfrd960 - ok
14:28:01.0305 0x17d0 [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:28:01.0420 0x17d0 NlaSvc - ok
14:28:01.0459 0x17d0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:28:01.0556 0x17d0 Npfs - ok
14:28:01.0591 0x17d0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
14:28:01.0719 0x17d0 nsi - ok
14:28:01.0742 0x17d0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:28:01.0829 0x17d0 nsiproxy - ok
14:28:01.0974 0x17d0 [ 33C3093D09017CFE2E219F2472BFF6EB, DE46C7A53C3606F036DED1EE8A81B79CAF3171A7E97DA2F71712E2DA046A262E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:28:02.0119 0x17d0 Ntfs - ok
14:28:02.0185 0x17d0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
14:28:02.0362 0x17d0 Null - ok
14:28:02.0426 0x17d0 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
14:28:02.0482 0x17d0 NVHDA - ok
14:28:05.0322 0x17d0 [ 8E3BD4ED84EEF035B1AF3F90141D13D1, 764C700D9C08548225B1F0CD978265976B9CE65F20931970B69B2953CD00B611 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:28:06.0583 0x17d0 nvlddmkm - ok
14:28:06.0702 0x17d0 [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
14:28:06.0764 0x17d0 nvraid - ok
14:28:06.0806 0x17d0 [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
14:28:06.0842 0x17d0 nvstor - ok
14:28:06.0909 0x17d0 [ 7A50B5448C45C0BEBFCF0E6481ABD73F, 6890320DD8DC9A58F845D6C6E058858F4651067B62E25AEED9F94436F10A4EA1 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:28:07.0015 0x17d0 nvsvc - ok
14:28:07.0045 0x17d0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:28:07.0082 0x17d0 nv_agp - ok
14:28:07.0112 0x17d0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:28:07.0224 0x17d0 ohci1394 - ok
14:28:07.0290 0x17d0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:28:07.0504 0x17d0 p2pimsvc - ok
14:28:07.0531 0x17d0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
14:28:07.0650 0x17d0 p2psvc - ok
14:28:07.0701 0x17d0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:28:07.0818 0x17d0 Parport - ok
14:28:07.0862 0x17d0 [ BF8F6AF06DA75B336F07E23AEF97D93B, 2F2C4314872732550A112BFF2F803484D4A3D697F0D69D352350CE208FD8A1A4 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:28:07.0901 0x17d0 partmgr - ok
14:28:07.0912 0x17d0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:28:07.0998 0x17d0 Parvdm - ok
14:28:08.0040 0x17d0 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:28:08.0230 0x17d0 PcaSvc - ok
14:28:08.0334 0x17d0 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\DRIVERS\pci.sys
14:28:08.0367 0x17d0 pci - ok
14:28:08.0401 0x17d0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:28:08.0475 0x17d0 pciide - ok
14:28:08.0493 0x17d0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:28:08.0689 0x17d0 pcmcia - ok
14:28:08.0720 0x17d0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
14:28:08.0748 0x17d0 pcw - ok
14:28:08.0780 0x17d0 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:28:09.0517 0x17d0 PEAUTH - ok
14:28:09.0679 0x17d0 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
14:28:10.0098 0x17d0 pla - ok
14:28:10.0149 0x17d0 [ 92DC6E68D2C856C5C2F21AE9E22112B8, EFAA27886A05E57E629A9EFC3671D9D64144795EDF55438A676F5B43E59BE3FC ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:28:10.0327 0x17d0 PlugPlay - ok
14:28:10.0416 0x17d0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:28:10.0600 0x17d0 PNRPAutoReg - ok
14:28:10.0653 0x17d0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:28:10.0718 0x17d0 PNRPsvc - ok
14:28:10.0785 0x17d0 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:28:10.0920 0x17d0 PolicyAgent - ok
14:28:10.0999 0x17d0 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
14:28:11.0126 0x17d0 Power - ok
14:28:11.0198 0x17d0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:28:11.0484 0x17d0 PptpMiniport - ok
14:28:11.0552 0x17d0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:28:11.0731 0x17d0 Processor - ok
14:28:11.0770 0x17d0 [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc C:\Windows\system32\profsvc.dll
14:28:11.0863 0x17d0 ProfSvc - ok
14:28:11.0895 0x17d0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:28:11.0981 0x17d0 ProtectedStorage - ok
14:28:12.0028 0x17d0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:28:12.0169 0x17d0 Psched - ok
14:28:12.0243 0x17d0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:28:12.0343 0x17d0 ql2300 - ok
14:28:12.0399 0x17d0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:28:12.0444 0x17d0 ql40xx - ok
14:28:12.0499 0x17d0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
14:28:12.0585 0x17d0 QWAVE - ok
14:28:12.0643 0x17d0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:28:12.0781 0x17d0 QWAVEdrv - ok
14:28:12.0807 0x17d0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:28:13.0046 0x17d0 RasAcd - ok
14:28:13.0102 0x17d0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:28:13.0345 0x17d0 RasAgileVpn - ok
14:28:13.0415 0x17d0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
14:28:13.0584 0x17d0 RasAuto - ok
14:28:13.0643 0x17d0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:28:13.0849 0x17d0 Rasl2tp - ok
14:28:13.0986 0x17d0 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
14:28:14.0119 0x17d0 RasMan - ok
14:28:14.0160 0x17d0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:28:14.0268 0x17d0 RasPppoe - ok
14:28:14.0279 0x17d0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:28:14.0412 0x17d0 RasSstp - ok
14:28:14.0467 0x17d0 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:28:14.0596 0x17d0 rdbss - ok
14:28:14.0746 0x17d0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:28:14.0854 0x17d0 rdpbus - ok
14:28:14.0878 0x17d0 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:28:15.0022 0x17d0 RDPCDD - ok
14:28:15.0033 0x17d0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:28:15.0178 0x17d0 RDPENCDD - ok
14:28:15.0224 0x17d0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:28:15.0297 0x17d0 RDPREFMP - ok
14:28:15.0345 0x17d0 [ 288B06960D78428FF89E811632684E20, 82FB13C2749637E172381C9C205080921A45453191B6246C5D3FE946A06D17F5 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:28:15.0482 0x17d0 RDPWD - ok
14:28:15.0518 0x17d0 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:28:15.0566 0x17d0 rdyboost - ok
14:28:15.0643 0x17d0 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:28:15.0868 0x17d0 RemoteAccess - ok
14:28:15.0930 0x17d0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:28:16.0025 0x17d0 RemoteRegistry - ok
14:28:16.0052 0x17d0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:28:16.0166 0x17d0 RpcEptMapper - ok
14:28:16.0275 0x17d0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
14:28:16.0412 0x17d0 RpcLocator - ok
14:28:16.0460 0x17d0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
14:28:16.0525 0x17d0 RpcSs - ok
14:28:16.0568 0x17d0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:28:16.0696 0x17d0 rspndr - ok
14:28:16.0851 0x17d0 [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
14:28:16.0961 0x17d0 RTL8167 - ok
14:28:17.0023 0x17d0 [ EC659D5146BBA089B6A72980BA3D447A, 72B1D678CC6E28FECC2DC27B54E0D579BCFC68E20A470622D751991A8F50B6E6 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
14:28:17.0147 0x17d0 RTL8192cu - ok
14:28:17.0179 0x17d0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
14:28:17.0197 0x17d0 SamSs - ok
14:28:17.0238 0x17d0 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:28:17.0290 0x17d0 sbp2port - ok
14:28:17.0325 0x17d0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:28:17.0469 0x17d0 SCardSvr - ok
14:28:17.0501 0x17d0 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:28:17.0677 0x17d0 scfilter - ok
14:28:18.0042 0x17d0 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
14:28:18.0639 0x17d0 Schedule - ok
14:28:18.0661 0x17d0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:28:18.0874 0x17d0 SCPolicySvc - ok
14:28:18.0907 0x17d0 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:28:19.0138 0x17d0 SDRSVC - ok
14:28:19.0191 0x17d0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:28:19.0303 0x17d0 secdrv - ok
14:28:19.0331 0x17d0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
14:28:19.0467 0x17d0 seclogon - ok
14:28:19.0508 0x17d0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
14:28:19.0657 0x17d0 SENS - ok
14:28:19.0686 0x17d0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:28:19.0829 0x17d0 SensrSvc - ok
14:28:19.0941 0x17d0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:28:20.0066 0x17d0 Serenum - ok
14:28:20.0157 0x17d0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:28:20.0246 0x17d0 Serial - ok
14:28:20.0297 0x17d0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:28:20.0360 0x17d0 sermouse - ok
14:28:20.0443 0x17d0 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
14:28:20.0582 0x17d0 SessionEnv - ok
14:28:20.0590 0x17d0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:28:20.0669 0x17d0 sffdisk - ok
14:28:20.0692 0x17d0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:28:20.0751 0x17d0 sffp_mmc - ok
14:28:20.0793 0x17d0 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:28:20.0899 0x17d0 sffp_sd - ok
14:28:20.0913 0x17d0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:28:20.0990 0x17d0 sfloppy - ok
14:28:21.0074 0x17d0 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:28:21.0173 0x17d0 SharedAccess - ok
14:28:21.0223 0x17d0 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:28:21.0331 0x17d0 ShellHWDetection - ok
14:28:21.0402 0x17d0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
14:28:21.0436 0x17d0 sisagp - ok
14:28:21.0461 0x17d0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:28:21.0524 0x17d0 SiSRaid2 - ok
14:28:21.0547 0x17d0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:28:21.0608 0x17d0 SiSRaid4 - ok
14:28:21.0714 0x17d0 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:28:21.0782 0x17d0 SkypeUpdate - ok
14:28:21.0809 0x17d0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:28:21.0945 0x17d0 Smb - ok
14:28:22.0025 0x17d0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:28:22.0136 0x17d0 SNMPTRAP - ok
14:28:22.0171 0x17d0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
14:28:22.0197 0x17d0 spldr - ok
14:28:22.0239 0x17d0 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
14:28:22.0382 0x17d0 Spooler - ok
14:28:22.0557 0x17d0 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
14:28:22.0765 0x17d0 sppsvc - ok
14:28:22.0802 0x17d0 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:28:22.0879 0x17d0 sppuinotify - ok
14:28:22.0917 0x17d0 [ 112127C3B2E64D7680CC39CD0A39DD7E, ABE8B868CFE0EF4DAF886517047DBFD5A9C964983FAA499AC086CCD45BA46366 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:28:23.0010 0x17d0 srv - ok
14:28:23.0027 0x17d0 [ E5DD784A4EE5EBC72A86C677C988FCDB, 5D54C9AF291F8047DD66C31671F279A5D7EE8BCB5E55640F5F976E16211F59DD ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:28:23.0131 0x17d0 srv2 - ok
14:28:23.0146 0x17d0 [ CDBE627E16CC9E98F343D73F8E81D258, 25A68A6F943FCBA79A0D97ABC5B2EAEEB65C268F1CB2DD445ABF7E2758DF2802 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:28:23.0227 0x17d0 srvnet - ok
14:28:23.0266 0x17d0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:28:23.0373 0x17d0 SSDPSRV - ok
14:28:23.0428 0x17d0 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:28:23.0477 0x17d0 ssmdrv - ok
14:28:23.0502 0x17d0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:28:23.0587 0x17d0 SstpSvc - ok
14:28:23.0655 0x17d0 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
14:28:23.0787 0x17d0 Steam Client Service - ok
14:28:23.0867 0x17d0 [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:28:23.0953 0x17d0 Stereo Service - ok
14:28:23.0983 0x17d0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:28:24.0021 0x17d0 stexstor - ok
14:28:24.0081 0x17d0 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
14:28:24.0242 0x17d0 StiSvc - ok
14:28:24.0267 0x17d0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:28:24.0296 0x17d0 swenum - ok
14:28:24.0347 0x17d0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
14:28:24.0455 0x17d0 swprv - ok
14:28:24.0520 0x17d0 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
14:28:24.0709 0x17d0 SysMain - ok
14:28:24.0723 0x17d0 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
14:28:25.0047 0x17d0 TabletInputService - ok
14:28:25.0080 0x17d0 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
14:28:25.0302 0x17d0 TapiSrv - ok
14:28:25.0365 0x17d0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
14:28:25.0545 0x17d0 TBS - ok
14:28:25.0671 0x17d0 [ 37E8FA3779668837CA9E2C36D2415949, FDDA99B7501CDBC3032AA12FD8E929F5E3B47DA112D0F8A05E2D833E5609EDEA ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:28:25.0807 0x17d0 Tcpip - ok
14:28:25.0867 0x17d0 [ 37E8FA3779668837CA9E2C36D2415949, FDDA99B7501CDBC3032AA12FD8E929F5E3B47DA112D0F8A05E2D833E5609EDEA ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:28:25.0915 0x17d0 TCPIP6 - ok
14:28:25.0946 0x17d0 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:28:26.0022 0x17d0 tcpipreg - ok
14:28:26.0040 0x17d0 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:28:26.0132 0x17d0 TDPIPE - ok
14:28:26.0155 0x17d0 [ 2C10395BAA4847F83042813C515CC289, CBC058AE2EB6AA5905F9D2EF52573E1C06330462952E6D6E7083F8DB2C441E3E ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:28:26.0362 0x17d0 TDTCP - ok
14:28:26.0388 0x17d0 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:28:26.0694 0x17d0 tdx - ok
14:28:26.0741 0x17d0 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:28:26.0784 0x17d0 TermDD - ok
14:28:26.0818 0x17d0 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
14:28:27.0069 0x17d0 TermService - ok
14:28:27.0112 0x17d0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
14:28:27.0218 0x17d0 Themes - ok
14:28:27.0262 0x17d0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
14:28:27.0315 0x17d0 THREADORDER - ok
14:28:27.0348 0x17d0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
14:28:27.0409 0x17d0 TrkWks - ok
14:28:27.0455 0x17d0 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:28:27.0588 0x17d0 TrustedInstaller - ok
14:28:27.0617 0x17d0 [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:28:27.0734 0x17d0 tssecsrv - ok
14:28:27.0787 0x17d0 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:28:27.0967 0x17d0 TsUsbFlt - ok
14:28:27.0978 0x17d0 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\DRIVERS\TsUsbGD.sys
14:28:28.0040 0x17d0 TsUsbGD - ok
14:28:28.0080 0x17d0 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:28:28.0221 0x17d0 tunnel - ok
14:28:28.0257 0x17d0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:28:28.0290 0x17d0 uagp35 - ok
14:28:28.0316 0x17d0 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:28:28.0490 0x17d0 udfs - ok
14:28:28.0574 0x17d0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:28:28.0733 0x17d0 UI0Detect - ok
14:28:28.0756 0x17d0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:28:28.0811 0x17d0 uliagpkx - ok
14:28:28.0855 0x17d0 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:28:28.0933 0x17d0 umbus - ok
14:28:28.0972 0x17d0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:28:29.0039 0x17d0 UmPass - ok
14:28:29.0123 0x17d0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
14:28:29.0233 0x17d0 upnphost - ok
14:28:29.0289 0x17d0 [ 1D9F2BD026E8E2D45033A4DF3F16B78C, 72603E0A614F382AF69972F0930FD168B805922599DB9A7410B20CB391A9B933 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:28:29.0370 0x17d0 usbaudio - ok
14:28:29.0400 0x17d0 [ 7E72E7D7E0757D59481D530FD2B0BFAE, 288CAC9F4AC09DEB2B30C6E3A6ACF8D62A75576F62F0EC159D5E1B257419E9DC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:28:29.0525 0x17d0 usbccgp - ok
14:28:29.0586 0x17d0 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:28:29.0694 0x17d0 usbcir - ok
14:28:29.0746 0x17d0 [ CFBCE999C057D78979A181C9C60F208E, D60698EAA8A085214D5945818B0863976CF116EBE523046C344AF4E9392FDF80 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:28:29.0885 0x17d0 usbehci - ok
14:28:29.0941 0x17d0 [ 9D22AAD9AC6A07C691A1113E5F860868, AC34D36DBB5649650FCD873A792CA1387AE841D4C46781C63C0D29834F9B58E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:28:30.0121 0x17d0 usbhub - ok
14:28:30.0195 0x17d0 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:28:30.0254 0x17d0 usbohci - ok
14:28:30.0264 0x17d0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:28:30.0575 0x17d0 usbprint - ok
14:28:30.0618 0x17d0 [ BF63EBFC6979FEFB2BC03DF7989A0C1A, AFEF764A3E5D52CDBB5074F0E87F2B5EBCDF8D9B6E8F88EE235602B80145BE31 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:28:30.0707 0x17d0 USBSTOR - ok
14:28:30.0748 0x17d0 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:28:30.0822 0x17d0 usbuhci - ok
14:28:30.0872 0x17d0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
14:28:30.0972 0x17d0 UxSms - ok
14:28:30.0999 0x17d0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
14:28:31.0023 0x17d0 VaultSvc - ok
14:28:31.0037 0x17d0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:28:31.0065 0x17d0 vdrvroot - ok
14:28:31.0113 0x17d0 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
14:28:31.0236 0x17d0 vds - ok
14:28:31.0270 0x17d0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:28:31.0330 0x17d0 vga - ok
14:28:31.0369 0x17d0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:28:31.0471 0x17d0 VgaSave - ok
14:28:31.0531 0x17d0 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:28:31.0571 0x17d0 vhdmp - ok
14:28:31.0604 0x17d0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
14:28:31.0632 0x17d0 viaagp - ok
14:28:31.0654 0x17d0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:28:31.0730 0x17d0 ViaC7 - ok
14:28:31.0767 0x17d0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:28:31.0797 0x17d0 viaide - ok
14:28:31.0825 0x17d0 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:28:31.0852 0x17d0 volmgr - ok
14:28:31.0870 0x17d0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:28:31.0958 0x17d0 volmgrx - ok
14:28:31.0986 0x17d0 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:28:32.0030 0x17d0 volsnap - ok
14:28:32.0085 0x17d0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:28:32.0159 0x17d0 vsmraid - ok
14:28:32.0223 0x17d0 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
14:28:32.0506 0x17d0 VSS - ok
14:28:32.0524 0x17d0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:28:32.0621 0x17d0 vwifibus - ok
14:28:32.0662 0x17d0 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:28:32.0734 0x17d0 vwififlt - ok
14:28:32.0836 0x17d0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
14:28:32.0953 0x17d0 W32Time - ok
14:28:32.0966 0x17d0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:28:33.0035 0x17d0 WacomPen - ok
14:28:33.0069 0x17d0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:28:33.0157 0x17d0 WANARP - ok
14:28:33.0165 0x17d0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:28:33.0231 0x17d0 Wanarpv6 - ok
14:28:33.0378 0x17d0 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
14:28:33.0797 0x17d0 wbengine - ok
14:28:34.0039 0x17d0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:28:34.0393 0x17d0 WbioSrvc - ok
14:28:34.0603 0x17d0 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:28:35.0146 0x17d0 wcncsvc - ok
14:28:35.0191 0x17d0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:28:35.0320 0x17d0 WcsPlugInService - ok
14:28:35.0356 0x17d0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:28:35.0417 0x17d0 Wd - ok
14:28:35.0459 0x17d0 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:28:35.0618 0x17d0 Wdf01000 - ok
14:28:35.0713 0x17d0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:28:35.0885 0x17d0 WdiServiceHost - ok
14:28:35.0897 0x17d0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:28:36.0075 0x17d0 WdiSystemHost - ok
14:28:36.0122 0x17d0 [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient C:\Windows\System32\webclnt.dll
14:28:36.0263 0x17d0 WebClient - ok
14:28:36.0322 0x17d0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:28:36.0436 0x17d0 Wecsvc - ok
14:28:36.0468 0x17d0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:28:36.0658 0x17d0 wercplsupport - ok
14:28:36.0681 0x17d0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
14:28:36.0824 0x17d0 WerSvc - ok
14:28:36.0858 0x17d0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:28:37.0020 0x17d0 WfpLwf - ok
14:28:37.0048 0x17d0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:28:37.0077 0x17d0 WIMMount - ok
14:28:37.0147 0x17d0 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:28:37.0273 0x17d0 WinDefend - ok
14:28:37.0308 0x17d0 WinHttpAutoProxySvc - ok
14:28:37.0405 0x17d0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:28:37.0510 0x17d0 Winmgmt - ok
14:28:37.0583 0x17d0 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
14:28:37.0743 0x17d0 WinRM - ok
14:28:37.0834 0x17d0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:28:38.0008 0x17d0 Wlansvc - ok
14:28:38.0041 0x17d0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:28:38.0111 0x17d0 WmiAcpi - ok
14:28:38.0136 0x17d0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:28:38.0261 0x17d0 wmiApSrv - ok
14:28:38.0388 0x17d0 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:28:38.0589 0x17d0 WMPNetworkSvc - ok
14:28:38.0708 0x17d0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:28:38.0892 0x17d0 WPCSvc - ok
14:28:38.0939 0x17d0 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:28:39.0054 0x17d0 WPDBusEnum - ok
14:28:39.0098 0x17d0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:28:39.0175 0x17d0 ws2ifsl - ok
14:28:39.0255 0x17d0 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
14:28:39.0337 0x17d0 wscsvc - ok
14:28:39.0364 0x17d0 WSearch - ok
14:28:39.0467 0x17d0 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
14:28:39.0600 0x17d0 wuauserv - ok
14:28:39.0642 0x17d0 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:28:39.0740 0x17d0 WudfPf - ok
14:28:39.0773 0x17d0 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:28:39.0847 0x17d0 WUDFRd - ok
14:28:39.0881 0x17d0 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:28:39.0979 0x17d0 wudfsvc - ok
14:28:40.0036 0x17d0 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:28:40.0119 0x17d0 WwanSvc - ok
14:28:40.0172 0x17d0 ================ Scan global ===============================
14:28:40.0238 0x17d0 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
14:28:40.0313 0x17d0 [ A9F564F254E9DDDE120A7135767EC24B, F255DCB4C7F4F941BA27700D66684AD0BA3DF114D6F298E2A909095B71B11D94 ] C:\Windows\system32\winsrv.dll
14:28:40.0360 0x17d0 [ A9F564F254E9DDDE120A7135767EC24B, F255DCB4C7F4F941BA27700D66684AD0BA3DF114D6F298E2A909095B71B11D94 ] C:\Windows\system32\winsrv.dll
14:28:40.0397 0x17d0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
14:28:40.0439 0x17d0 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
14:28:40.0483 0x17d0 [ Global ] - ok
14:28:40.0487 0x17d0 ================ Scan MBR ==================================
14:28:40.0509 0x17d0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:28:41.0307 0x17d0 \Device\Harddisk0\DR0 - ok
14:28:41.0311 0x17d0 ================ Scan VBR ==================================
14:28:41.0328 0x17d0 [ E9FB6FD94C9D52CAFD32B0B5D333CAC5 ] \Device\Harddisk0\DR0\Partition1
14:28:41.0337 0x17d0 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
14:28:41.0337 0x17d0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
14:28:44.0117 0x17d0 [ D0E3CE8A3DEA89B2ED6066E20DC6E1A9 ] \Device\Harddisk0\DR0\Partition2
14:28:44.0119 0x17d0 \Device\Harddisk0\DR0\Partition2 - ok
14:28:44.0119 0x17d0 ================ Scan generic autorun ======================
14:28:44.0221 0x17d0 [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:28:44.0362 0x17d0 SunJavaUpdateSched - ok
14:28:44.0464 0x17d0 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:28:44.0591 0x17d0 Adobe ARM - ok
14:28:44.0864 0x17d0 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
14:28:45.0018 0x17d0 avgnt - ok
14:28:45.0024 0x17d0 AzubaCulwu - ok
14:28:45.0029 0x17d0 Waiting for KSN requests completion. In queue: 181
14:28:46.0029 0x17d0 Waiting for KSN requests completion. In queue: 3
14:28:47.0029 0x17d0 Waiting for KSN requests completion. In queue: 3
14:28:48.0103 0x17d0 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
14:28:48.0168 0x17d0 Win FW state via NFP2: enabled
14:28:50.0725 0x17d0 ============================================================
14:28:50.0725 0x17d0 Scan finished
14:28:50.0725 0x17d0 ============================================================
14:28:50.0763 0x0d9c Detected object count: 1
14:28:50.0763 0x0d9c Actual detected object count: 1
14:31:30.0007 0x0d9c \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
14:31:30.0007 0x0d9c \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
|
|
26.08.2014, 21:52
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO.cidox Performance sinktZitat:
Nach dieser Prozedur Windows rebooten und ein frisches Log mit dem TDSS-Killer erstellen und posten
__________________ --> BOO.cidox Performance sinkt |
|
27.08.2014, 12:59
| #22 |
| | BOO.cidox Performance sinktCode:
ATTFilter 13:55:52.0437 0x0de8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:55:52.0733 0x0de8 ============================================================
13:55:52.0733 0x0de8 Current date / time: 2014/08/27 13:55:52.0733
13:55:52.0733 0x0de8 SystemInfo:
13:55:52.0733 0x0de8
13:55:52.0733 0x0de8 OS Version: 6.1.7601 ServicePack: 1.0
13:55:52.0733 0x0de8 Product type: Workstation
13:55:52.0733 0x0de8 ComputerName: KEVIN-PC
13:55:52.0733 0x0de8 UserName: Kevin
13:55:52.0733 0x0de8 Windows directory: C:\Windows
13:55:52.0733 0x0de8 System windows directory: C:\Windows
13:55:52.0733 0x0de8 Processor architecture: Intel x86
13:55:52.0733 0x0de8 Number of processors: 2
13:55:52.0733 0x0de8 Page size: 0x1000
13:55:52.0733 0x0de8 Boot type: Normal boot
13:55:52.0733 0x0de8 ============================================================
13:55:52.0733 0x0de8 BG loaded
13:55:53.0451 0x0de8 System UUID: {B55EC208-1154-2757-3633-062C86BE5AA2}
13:55:54.0886 0x0de8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:55:54.0917 0x0de8 ============================================================
13:55:54.0917 0x0de8 \Device\Harddisk0\DR0:
13:55:54.0933 0x0de8 MBR partitions:
13:55:54.0933 0x0de8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
13:55:54.0933 0x0de8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x23BFB800
13:55:54.0933 0x0de8 ============================================================
13:55:55.0058 0x0de8 C: <-> \Device\Harddisk0\DR0\Partition2
13:55:55.0058 0x0de8 ============================================================
13:55:55.0058 0x0de8 Initialize success
13:55:55.0058 0x0de8 ============================================================
13:56:29.0249 0x0858 ============================================================
13:56:29.0249 0x0858 Scan started
13:56:29.0249 0x0858 Mode: Manual; SigCheck; TDLFS;
13:56:29.0249 0x0858 ============================================================
13:56:29.0249 0x0858 KSN ping started
13:56:31.0699 0x0858 KSN ping finished: true
13:56:34.0117 0x0858 ================ Scan system memory ========================
13:56:34.0117 0x0858 System memory - ok
13:56:34.0117 0x0858 ================ Scan services =============================
13:56:34.0288 0x0858 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:56:34.0460 0x0858 1394ohci - ok
13:56:34.0491 0x0858 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
13:56:34.0522 0x0858 ACPI - ok
13:56:34.0553 0x0858 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
13:56:34.0631 0x0858 AcpiPmi - ok
13:56:34.0725 0x0858 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:56:34.0756 0x0858 AdobeARMservice - ok
13:56:34.0865 0x0858 [ 9E5197D65BA34A4DB45B8BEFC3288C23, EBBE6126B6B73616032F8E1731642E35C6CB6B395EF74BCCB781CAE076EE8434 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:56:34.0897 0x0858 AdobeFlashPlayerUpdateSvc - ok
13:56:34.0959 0x0858 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:56:34.0990 0x0858 adp94xx - ok
13:56:35.0006 0x0858 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:56:35.0037 0x0858 adpahci - ok
13:56:35.0037 0x0858 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:56:35.0053 0x0858 adpu320 - ok
13:56:35.0099 0x0858 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:56:35.0224 0x0858 AeLookupSvc - ok
13:56:35.0287 0x0858 [ 1151FD4FB0216CFED887BFDE29EBD516, 673C2B498744C7EB846F6BD4FDC852B0A9722377D75FD694F7F78E727ADF4563 ] AFD C:\Windows\system32\drivers\afd.sys
13:56:35.0349 0x0858 AFD - ok
13:56:35.0380 0x0858 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
13:56:35.0411 0x0858 agp440 - ok
13:56:35.0427 0x0858 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:56:35.0458 0x0858 aic78xx - ok
13:56:35.0505 0x0858 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:56:35.0583 0x0858 ALG - ok
13:56:35.0583 0x0858 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
13:56:35.0599 0x0858 aliide - ok
13:56:35.0614 0x0858 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
13:56:35.0630 0x0858 amdagp - ok
13:56:35.0630 0x0858 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
13:56:35.0645 0x0858 amdide - ok
13:56:35.0661 0x0858 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:56:35.0677 0x0858 AmdK8 - ok
13:56:35.0692 0x0858 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:56:35.0723 0x0858 AmdPPM - ok
13:56:35.0770 0x0858 [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
13:56:35.0786 0x0858 amdsata - ok
13:56:35.0786 0x0858 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:56:35.0817 0x0858 amdsbs - ok
13:56:35.0833 0x0858 [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
13:56:35.0848 0x0858 amdxata - ok
13:56:36.0051 0x0858 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:56:36.0082 0x0858 AntiVirSchedulerService - ok
13:56:36.0145 0x0858 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:56:36.0176 0x0858 AntiVirService - ok
13:56:36.0191 0x0858 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
13:56:36.0254 0x0858 AppID - ok
13:56:36.0285 0x0858 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:56:36.0363 0x0858 AppIDSvc - ok
13:56:36.0394 0x0858 [ FB1959012294D6AD43E5304DF65E3C26, CFE906B07FF71A178CF9C254B056C6F5A303DDC511F0E4E1E75808F1D5326495 ] Appinfo C:\Windows\System32\appinfo.dll
13:56:36.0441 0x0858 Appinfo - ok
13:56:36.0503 0x0858 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:56:36.0519 0x0858 arc - ok
13:56:36.0519 0x0858 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:56:36.0535 0x0858 arcsas - ok
13:56:36.0550 0x0858 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:56:36.0659 0x0858 AsyncMac - ok
13:56:36.0675 0x0858 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
13:56:36.0691 0x0858 atapi - ok
13:56:36.0722 0x0858 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:56:36.0784 0x0858 AudioEndpointBuilder - ok
13:56:36.0800 0x0858 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:56:36.0831 0x0858 Audiosrv - ok
13:56:36.0878 0x0858 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:56:36.0940 0x0858 avgntflt - ok
13:56:37.0003 0x0858 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:56:37.0018 0x0858 avipbb - ok
13:56:37.0049 0x0858 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:56:37.0065 0x0858 avkmgr - ok
13:56:37.0112 0x0858 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:56:37.0205 0x0858 AxInstSV - ok
13:56:37.0252 0x0858 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:56:37.0330 0x0858 b06bdrv - ok
13:56:37.0377 0x0858 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:56:37.0424 0x0858 b57nd60x - ok
13:56:37.0486 0x0858 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
13:56:37.0533 0x0858 BDESVC - ok
13:56:37.0564 0x0858 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
13:56:37.0595 0x0858 Beep - ok
13:56:37.0658 0x0858 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
13:56:37.0751 0x0858 BFE - ok
13:56:37.0814 0x0858 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
13:56:37.0907 0x0858 BITS - ok
13:56:37.0939 0x0858 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:56:37.0970 0x0858 blbdrive - ok
13:56:37.0970 0x0858 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:56:38.0001 0x0858 bowser - ok
13:56:38.0017 0x0858 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:56:38.0063 0x0858 BrFiltLo - ok
13:56:38.0063 0x0858 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:56:38.0095 0x0858 BrFiltUp - ok
13:56:38.0126 0x0858 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:56:38.0173 0x0858 BridgeMP - ok
13:56:38.0204 0x0858 [ 6E11F33D14D020F58D5E02E4D67DFA19, 9563E4E8CE769B7619745F6F6DE618389A1595785023BF1F295AD8301B27F0AF ] Browser C:\Windows\System32\browser.dll
13:56:38.0251 0x0858 Browser - ok
13:56:38.0282 0x0858 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:56:38.0360 0x0858 Brserid - ok
13:56:38.0360 0x0858 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:56:38.0422 0x0858 BrSerWdm - ok
13:56:38.0422 0x0858 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:56:38.0453 0x0858 BrUsbMdm - ok
13:56:38.0469 0x0858 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:56:38.0516 0x0858 BrUsbSer - ok
13:56:38.0531 0x0858 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:56:38.0563 0x0858 BTHMODEM - ok
13:56:38.0594 0x0858 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
13:56:38.0641 0x0858 bthserv - ok
13:56:38.0781 0x0858 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
13:56:38.0828 0x0858 c2cautoupdatesvc - ok
13:56:38.0921 0x0858 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
13:56:38.0984 0x0858 c2cpnrsvc - ok
13:56:39.0077 0x0858 catchme - ok
13:56:39.0124 0x0858 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:56:39.0187 0x0858 cdfs - ok
13:56:39.0249 0x0858 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:56:39.0280 0x0858 cdrom - ok
13:56:39.0327 0x0858 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
13:56:39.0405 0x0858 CertPropSvc - ok
13:56:39.0421 0x0858 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:56:39.0467 0x0858 circlass - ok
13:56:39.0514 0x0858 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
13:56:39.0530 0x0858 CLFS - ok
13:56:39.0608 0x0858 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:56:39.0639 0x0858 clr_optimization_v2.0.50727_32 - ok
13:56:39.0826 0x0858 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:56:39.0857 0x0858 clr_optimization_v4.0.30319_32 - ok
13:56:39.0889 0x0858 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:56:39.0951 0x0858 CmBatt - ok
13:56:39.0951 0x0858 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
13:56:39.0982 0x0858 cmdide - ok
13:56:39.0998 0x0858 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
13:56:40.0045 0x0858 CNG - ok
13:56:40.0045 0x0858 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:56:40.0060 0x0858 Compbatt - ok
13:56:40.0107 0x0858 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:56:40.0154 0x0858 CompositeBus - ok
13:56:40.0185 0x0858 COMSysApp - ok
13:56:40.0201 0x0858 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:56:40.0216 0x0858 crcdisk - ok
13:56:40.0247 0x0858 [ A585BEBF7D054BD9618EDA0922D5484A, 340DF730E88F8B6A4EF542F620EBA2A720546AFAB4DFFA00F066B7610A1026C5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:56:40.0279 0x0858 CryptSvc - ok
13:56:40.0310 0x0858 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
13:56:40.0357 0x0858 DcomLaunch - ok
13:56:40.0403 0x0858 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
13:56:40.0466 0x0858 defragsvc - ok
13:56:40.0497 0x0858 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:56:40.0544 0x0858 DfsC - ok
13:56:40.0591 0x0858 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:56:40.0653 0x0858 Dhcp - ok
13:56:40.0684 0x0858 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
13:56:40.0762 0x0858 discache - ok
13:56:40.0778 0x0858 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:56:40.0793 0x0858 Disk - ok
13:56:40.0825 0x0858 [ 2FE30D71919C51131405797620E0A714, 16060DDC32EF95EB6E37B91D50A96AB53CB0DEBB3DFDCB31975D16361092ABA5 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:56:40.0887 0x0858 Dnscache - ok
13:56:40.0918 0x0858 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
13:56:40.0981 0x0858 dot3svc - ok
13:56:40.0996 0x0858 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
13:56:41.0027 0x0858 DPS - ok
13:56:41.0074 0x0858 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:56:41.0121 0x0858 drmkaud - ok
13:56:41.0183 0x0858 [ 23F5D28378A160352BA8F817BD8C71CB, 11BF7B7E6276C28EFF74B8AF89B493CBB89B394D2A091708EDA15DA5C342FF19 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:56:41.0215 0x0858 DXGKrnl - ok
13:56:41.0246 0x0858 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
13:56:41.0324 0x0858 EapHost - ok
13:56:41.0464 0x0858 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:56:41.0620 0x0858 ebdrv - ok
13:56:41.0651 0x0858 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
13:56:41.0698 0x0858 EFS - ok
13:56:41.0807 0x0858 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:56:41.0917 0x0858 ehRecvr - ok
13:56:41.0963 0x0858 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
13:56:42.0026 0x0858 ehSched - ok
13:56:42.0088 0x0858 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:56:42.0135 0x0858 elxstor - ok
13:56:42.0135 0x0858 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
13:56:42.0182 0x0858 ErrDev - ok
13:56:42.0244 0x0858 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
13:56:42.0291 0x0858 EventSystem - ok
13:56:42.0322 0x0858 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
13:56:42.0369 0x0858 exfat - ok
13:56:42.0385 0x0858 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:56:42.0416 0x0858 fastfat - ok
13:56:42.0478 0x0858 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
13:56:42.0541 0x0858 Fax - ok
13:56:42.0556 0x0858 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:56:42.0587 0x0858 fdc - ok
13:56:42.0619 0x0858 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
13:56:42.0681 0x0858 fdPHost - ok
13:56:42.0697 0x0858 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
13:56:42.0743 0x0858 FDResPub - ok
13:56:42.0759 0x0858 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:56:42.0775 0x0858 FileInfo - ok
13:56:42.0775 0x0858 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:56:42.0806 0x0858 Filetrace - ok
13:56:42.0821 0x0858 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:56:42.0837 0x0858 flpydisk - ok
13:56:42.0868 0x0858 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:56:42.0884 0x0858 FltMgr - ok
13:56:42.0931 0x0858 [ FA6C66E4364D7DA57AADE5DCC03BB999, 9C0D0A04D2558CF60B7F7185CC9B369CDDD3B1C625960910CECF07611F288378 ] FontCache C:\Windows\system32\FntCache.dll
13:56:43.0009 0x0858 FontCache - ok
13:56:43.0055 0x0858 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:56:43.0071 0x0858 FontCache3.0.0.0 - ok
13:56:43.0087 0x0858 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:56:43.0087 0x0858 FsDepends - ok
13:56:43.0102 0x0858 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:56:43.0118 0x0858 Fs_Rec - ok
13:56:43.0149 0x0858 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:56:43.0180 0x0858 fvevol - ok
13:56:43.0211 0x0858 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:56:43.0227 0x0858 gagp30kx - ok
13:56:43.0258 0x0858 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
13:56:43.0321 0x0858 gpsvc - ok
13:56:43.0399 0x0858 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:56:43.0430 0x0858 gupdate - ok
13:56:43.0430 0x0858 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:56:43.0445 0x0858 gupdatem - ok
13:56:43.0492 0x0858 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
13:56:43.0508 0x0858 hamachi - ok
13:56:43.0633 0x0858 [ 59370B23587672184DF890275C8C4BCB, 53D05329AAA65AE900CC84DFAC1EB532D46C94C9192B416F9EAA8A5547D278D1 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
13:56:43.0679 0x0858 Hamachi2Svc - ok
13:56:43.0711 0x0858 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:56:43.0773 0x0858 hcw85cir - ok
13:56:43.0820 0x0858 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:56:43.0882 0x0858 HdAudAddService - ok
13:56:43.0929 0x0858 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:56:43.0991 0x0858 HDAudBus - ok
13:56:44.0007 0x0858 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:56:44.0023 0x0858 HidBatt - ok
13:56:44.0054 0x0858 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:56:44.0101 0x0858 HidBth - ok
13:56:44.0116 0x0858 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:56:44.0132 0x0858 HidIr - ok
13:56:44.0163 0x0858 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
13:56:44.0210 0x0858 hidserv - ok
13:56:44.0210 0x0858 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:56:44.0241 0x0858 HidUsb - ok
13:56:44.0272 0x0858 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
13:56:44.0319 0x0858 hkmsvc - ok
13:56:44.0350 0x0858 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:56:44.0381 0x0858 HomeGroupListener - ok
13:56:44.0413 0x0858 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:56:44.0491 0x0858 HomeGroupProvider - ok
13:56:44.0537 0x0858 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
13:56:44.0569 0x0858 HpSAMD - ok
13:56:44.0631 0x0858 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:56:44.0678 0x0858 HTTP - ok
13:56:44.0693 0x0858 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:56:44.0709 0x0858 hwpolicy - ok
13:56:44.0740 0x0858 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:56:44.0771 0x0858 i8042prt - ok
13:56:44.0803 0x0858 [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
13:56:44.0818 0x0858 iaStorV - ok
13:56:44.0896 0x0858 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:56:44.0959 0x0858 idsvc - ok
13:56:44.0959 0x0858 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:56:44.0974 0x0858 iirsp - ok
13:56:45.0068 0x0858 [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT C:\Windows\System32\ikeext.dll
13:56:45.0146 0x0858 IKEEXT - ok
13:56:45.0177 0x0858 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:56:45.0193 0x0858 intelide - ok
13:56:45.0208 0x0858 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:56:45.0239 0x0858 intelppm - ok
13:56:45.0271 0x0858 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:56:45.0317 0x0858 IPBusEnum - ok
13:56:45.0333 0x0858 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:56:45.0364 0x0858 IpFilterDriver - ok
13:56:45.0427 0x0858 [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:56:45.0489 0x0858 iphlpsvc - ok
13:56:45.0520 0x0858 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:56:45.0551 0x0858 IPMIDRV - ok
13:56:45.0551 0x0858 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:56:45.0598 0x0858 IPNAT - ok
13:56:45.0614 0x0858 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:56:45.0645 0x0858 IRENUM - ok
13:56:45.0661 0x0858 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
13:56:45.0676 0x0858 isapnp - ok
13:56:45.0692 0x0858 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:56:45.0723 0x0858 iScsiPrt - ok
13:56:45.0754 0x0858 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:56:45.0770 0x0858 kbdclass - ok
13:56:45.0817 0x0858 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:56:45.0863 0x0858 kbdhid - ok
13:56:45.0895 0x0858 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
13:56:45.0910 0x0858 KeyIso - ok
13:56:45.0926 0x0858 [ 412CEA1AA78CC02A447F5C9E62B32FF1, E06859E2CE2AFA3CE521851F8810778ED1748B812E601A58786605096AACEA81 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:56:45.0941 0x0858 KSecDD - ok
13:56:45.0957 0x0858 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:56:45.0973 0x0858 KSecPkg - ok
13:56:46.0004 0x0858 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:56:46.0066 0x0858 KtmRm - ok
13:56:46.0113 0x0858 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:56:46.0191 0x0858 LanmanServer - ok
13:56:46.0222 0x0858 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:56:46.0269 0x0858 LanmanWorkstation - ok
13:56:46.0300 0x0858 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:56:46.0347 0x0858 lltdio - ok
13:56:46.0394 0x0858 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:56:46.0441 0x0858 lltdsvc - ok
13:56:46.0456 0x0858 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:56:46.0487 0x0858 lmhosts - ok
13:56:46.0550 0x0858 [ 61535275E03AFAB541D7C94C69A96AF7, C8EEC418C844A7A303CFF4129F3A36C476DB927681E426010AA9E7246F461647 ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
13:56:46.0581 0x0858 LMIGuardianSvc - ok
13:56:46.0612 0x0858 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:56:46.0643 0x0858 LSI_FC - ok
13:56:46.0643 0x0858 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:56:46.0659 0x0858 LSI_SAS - ok
13:56:46.0675 0x0858 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:56:46.0690 0x0858 LSI_SAS2 - ok
13:56:46.0690 0x0858 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:56:46.0706 0x0858 LSI_SCSI - ok
13:56:46.0737 0x0858 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
13:56:46.0784 0x0858 luafv - ok
13:56:46.0846 0x0858 [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:56:46.0862 0x0858 MBAMProtector - ok
13:56:46.0971 0x0858 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:56:47.0018 0x0858 MBAMScheduler - ok
13:56:47.0065 0x0858 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:56:47.0096 0x0858 MBAMService - ok
13:56:47.0143 0x0858 [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:56:47.0174 0x0858 MBAMSwissArmy - ok
13:56:47.0221 0x0858 [ BD27D97297934FD4217A37FD28A7ABC7, 446F3D6D278A4B3B79B331AA325632FD038952E5E910FC927894E9171A623794 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:56:47.0236 0x0858 MBAMWebAccessControl - ok
13:56:47.0283 0x0858 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:56:47.0314 0x0858 Mcx2Svc - ok
13:56:47.0330 0x0858 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:56:47.0345 0x0858 megasas - ok
13:56:47.0377 0x0858 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:56:47.0408 0x0858 MegaSR - ok
13:56:47.0423 0x0858 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
13:56:47.0470 0x0858 MMCSS - ok
13:56:47.0470 0x0858 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
13:56:47.0501 0x0858 Modem - ok
13:56:47.0533 0x0858 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:56:47.0579 0x0858 monitor - ok
13:56:47.0595 0x0858 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:56:47.0611 0x0858 mouclass - ok
13:56:47.0611 0x0858 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:56:47.0642 0x0858 mouhid - ok
13:56:47.0689 0x0858 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:56:47.0720 0x0858 mountmgr - ok
13:56:47.0720 0x0858 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
13:56:47.0751 0x0858 mpio - ok
13:56:47.0751 0x0858 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:56:47.0798 0x0858 mpsdrv - ok
13:56:47.0829 0x0858 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:56:47.0891 0x0858 MpsSvc - ok
13:56:47.0923 0x0858 [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:56:47.0969 0x0858 MRxDAV - ok
13:56:47.0985 0x0858 [ B272B4C3E085EA860C12F2E4FAF2FFA2, DA99D8223D9FB7BFA52E66B73D1E1AA47B76B45A649400F7898E8D65D8672E52 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:56:48.0032 0x0858 mrxsmb - ok
13:56:48.0063 0x0858 [ 9AC33EF26C8A3AD0F117D00EB7301D03, 403445B07DC55F9DF98CA11AC87D4231187A2472A4E107786A5845B213355F0A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:56:48.0094 0x0858 mrxsmb10 - ok
13:56:48.0110 0x0858 [ E0ABDB5ED7E199E242A7D028E76C1D3A, 4014A1F0720F6D15A2FB0CF4F1F970595BC29929F92F461CDD68E4513F49563E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:56:48.0157 0x0858 mrxsmb20 - ok
13:56:48.0157 0x0858 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
13:56:48.0172 0x0858 msahci - ok
13:56:48.0172 0x0858 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
13:56:48.0188 0x0858 msdsm - ok
13:56:48.0219 0x0858 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
13:56:48.0235 0x0858 MSDTC - ok
13:56:48.0281 0x0858 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:56:48.0328 0x0858 Msfs - ok
13:56:48.0344 0x0858 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:56:48.0359 0x0858 mshidkmdf - ok
13:56:48.0375 0x0858 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
13:56:48.0375 0x0858 msisadrv - ok
13:56:48.0422 0x0858 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:56:48.0500 0x0858 MSiSCSI - ok
13:56:48.0500 0x0858 msiserver - ok
13:56:48.0515 0x0858 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:56:48.0562 0x0858 MSKSSRV - ok
13:56:48.0578 0x0858 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:56:48.0593 0x0858 MSPCLOCK - ok
13:56:48.0609 0x0858 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:56:48.0640 0x0858 MSPQM - ok
13:56:48.0656 0x0858 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:56:48.0671 0x0858 MsRPC - ok
13:56:48.0671 0x0858 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:56:48.0687 0x0858 mssmbios - ok
13:56:48.0703 0x0858 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:56:48.0718 0x0858 MSTEE - ok
13:56:48.0718 0x0858 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:56:48.0749 0x0858 MTConfig - ok
13:56:48.0749 0x0858 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
13:56:48.0765 0x0858 Mup - ok
13:56:48.0796 0x0858 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
13:56:48.0859 0x0858 napagent - ok
13:56:48.0905 0x0858 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:56:48.0952 0x0858 NativeWifiP - ok
13:56:49.0015 0x0858 [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:56:49.0046 0x0858 NDIS - ok
13:56:49.0061 0x0858 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:56:49.0124 0x0858 NdisCap - ok
13:56:49.0139 0x0858 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:56:49.0186 0x0858 NdisTapi - ok
13:56:49.0217 0x0858 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:56:49.0264 0x0858 Ndisuio - ok
13:56:49.0264 0x0858 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:56:49.0295 0x0858 NdisWan - ok
13:56:49.0327 0x0858 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:56:49.0358 0x0858 NDProxy - ok
13:56:49.0389 0x0858 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:56:49.0451 0x0858 NetBIOS - ok
13:56:49.0451 0x0858 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:56:49.0498 0x0858 NetBT - ok
13:56:49.0514 0x0858 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
13:56:49.0529 0x0858 Netlogon - ok
13:56:49.0576 0x0858 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
13:56:49.0670 0x0858 Netman - ok
13:56:49.0701 0x0858 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
13:56:49.0748 0x0858 netprofm - ok
13:56:49.0779 0x0858 [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:56:49.0810 0x0858 NetTcpPortSharing - ok
13:56:49.0857 0x0858 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:56:49.0888 0x0858 nfrd960 - ok
13:56:49.0919 0x0858 [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:56:49.0951 0x0858 NlaSvc - ok
13:56:49.0951 0x0858 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:56:49.0982 0x0858 Npfs - ok
13:56:49.0997 0x0858 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
13:56:50.0029 0x0858 nsi - ok
13:56:50.0029 0x0858 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:56:50.0075 0x0858 nsiproxy - ok
13:56:50.0153 0x0858 [ 33C3093D09017CFE2E219F2472BFF6EB, DE46C7A53C3606F036DED1EE8A81B79CAF3171A7E97DA2F71712E2DA046A262E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:56:50.0231 0x0858 Ntfs - ok
13:56:50.0263 0x0858 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
13:56:50.0325 0x0858 Null - ok
13:56:50.0372 0x0858 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
13:56:50.0387 0x0858 NVHDA - ok
13:56:50.0715 0x0858 [ 8E3BD4ED84EEF035B1AF3F90141D13D1, 764C700D9C08548225B1F0CD978265976B9CE65F20931970B69B2953CD00B611 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:56:50.0965 0x0858 nvlddmkm - ok
13:56:51.0058 0x0858 [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
13:56:51.0074 0x0858 nvraid - ok
13:56:51.0121 0x0858 [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
13:56:51.0136 0x0858 nvstor - ok
13:56:51.0214 0x0858 [ 7A50B5448C45C0BEBFCF0E6481ABD73F, 6890320DD8DC9A58F845D6C6E058858F4651067B62E25AEED9F94436F10A4EA1 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:56:51.0245 0x0858 nvsvc - ok
13:56:51.0261 0x0858 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
13:56:51.0277 0x0858 nv_agp - ok
13:56:51.0292 0x0858 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:56:51.0339 0x0858 ohci1394 - ok
13:56:51.0370 0x0858 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:56:51.0401 0x0858 p2pimsvc - ok
13:56:51.0433 0x0858 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
13:56:51.0495 0x0858 p2psvc - ok
13:56:51.0542 0x0858 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:56:51.0573 0x0858 Parport - ok
13:56:51.0604 0x0858 [ BF8F6AF06DA75B336F07E23AEF97D93B, 2F2C4314872732550A112BFF2F803484D4A3D697F0D69D352350CE208FD8A1A4 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:56:51.0620 0x0858 partmgr - ok
13:56:51.0620 0x0858 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:56:51.0651 0x0858 Parvdm - ok
13:56:51.0667 0x0858 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:56:51.0682 0x0858 PcaSvc - ok
13:56:51.0698 0x0858 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\DRIVERS\pci.sys
13:56:51.0713 0x0858 pci - ok
13:56:51.0713 0x0858 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
13:56:51.0729 0x0858 pciide - ok
13:56:51.0760 0x0858 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:56:51.0776 0x0858 pcmcia - ok
13:56:51.0791 0x0858 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
13:56:51.0807 0x0858 pcw - ok
13:56:51.0823 0x0858 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:56:51.0901 0x0858 PEAUTH - ok
13:56:51.0979 0x0858 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
13:56:52.0088 0x0858 pla - ok
13:56:52.0119 0x0858 [ 92DC6E68D2C856C5C2F21AE9E22112B8, EFAA27886A05E57E629A9EFC3671D9D64144795EDF55438A676F5B43E59BE3FC ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:56:52.0166 0x0858 PlugPlay - ok
13:56:52.0213 0x0858 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:56:52.0275 0x0858 PNRPAutoReg - ok
13:56:52.0322 0x0858 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:56:52.0353 0x0858 PNRPsvc - ok
13:56:52.0525 0x0858 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:56:52.0634 0x0858 PolicyAgent - ok
13:56:52.0665 0x0858 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
13:56:52.0712 0x0858 Power - ok
13:56:52.0790 0x0858 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:56:52.0883 0x0858 PptpMiniport - ok
13:56:52.0915 0x0858 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:56:53.0024 0x0858 Processor - ok
13:56:53.0149 0x0858 [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc C:\Windows\system32\profsvc.dll
13:56:53.0211 0x0858 ProfSvc - ok
13:56:53.0227 0x0858 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:56:53.0242 0x0858 ProtectedStorage - ok
13:56:53.0273 0x0858 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:56:53.0320 0x0858 Psched - ok
13:56:53.0367 0x0858 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:56:53.0445 0x0858 ql2300 - ok
13:56:53.0461 0x0858 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:56:53.0492 0x0858 ql40xx - ok
13:56:53.0507 0x0858 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
13:56:53.0570 0x0858 QWAVE - ok
13:56:53.0570 0x0858 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:56:53.0585 0x0858 QWAVEdrv - ok
13:56:53.0601 0x0858 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:56:53.0632 0x0858 RasAcd - ok
13:56:53.0648 0x0858 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:56:53.0679 0x0858 RasAgileVpn - ok
13:56:53.0695 0x0858 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
13:56:53.0726 0x0858 RasAuto - ok
13:56:53.0741 0x0858 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:56:53.0804 0x0858 Rasl2tp - ok
13:56:53.0835 0x0858 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
13:56:53.0897 0x0858 RasMan - ok
13:56:53.0897 0x0858 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:56:53.0929 0x0858 RasPppoe - ok
13:56:53.0944 0x0858 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:56:53.0975 0x0858 RasSstp - ok
13:56:54.0007 0x0858 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:56:54.0053 0x0858 rdbss - ok
13:56:54.0085 0x0858 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:56:54.0131 0x0858 rdpbus - ok
13:56:54.0131 0x0858 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:56:54.0225 0x0858 RDPCDD - ok
13:56:54.0256 0x0858 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:56:54.0287 0x0858 RDPENCDD - ok
13:56:54.0287 0x0858 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:56:54.0334 0x0858 RDPREFMP - ok
13:56:54.0365 0x0858 [ 288B06960D78428FF89E811632684E20, 82FB13C2749637E172381C9C205080921A45453191B6246C5D3FE946A06D17F5 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:56:54.0412 0x0858 RDPWD - ok
13:56:54.0459 0x0858 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:56:54.0475 0x0858 rdyboost - ok
13:56:54.0506 0x0858 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:56:54.0553 0x0858 RemoteAccess - ok
13:56:54.0599 0x0858 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:56:54.0646 0x0858 RemoteRegistry - ok
13:56:54.0677 0x0858 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:56:54.0724 0x0858 RpcEptMapper - ok
13:56:54.0755 0x0858 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
13:56:54.0787 0x0858 RpcLocator - ok
13:56:54.0833 0x0858 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
13:56:54.0880 0x0858 RpcSs - ok
13:56:54.0911 0x0858 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:56:54.0974 0x0858 rspndr - ok
13:56:55.0021 0x0858 [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
13:56:55.0067 0x0858 RTL8167 - ok
13:56:55.0114 0x0858 [ EC659D5146BBA089B6A72980BA3D447A, 72B1D678CC6E28FECC2DC27B54E0D579BCFC68E20A470622D751991A8F50B6E6 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
13:56:55.0145 0x0858 RTL8192cu - ok
13:56:55.0177 0x0858 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
13:56:55.0177 0x0858 SamSs - ok
13:56:55.0223 0x0858 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
13:56:55.0239 0x0858 sbp2port - ok
13:56:55.0255 0x0858 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:56:55.0317 0x0858 SCardSvr - ok
13:56:55.0333 0x0858 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:56:55.0395 0x0858 scfilter - ok
13:56:55.0473 0x0858 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
13:56:55.0551 0x0858 Schedule - ok
13:56:55.0582 0x0858 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:56:55.0598 0x0858 SCPolicySvc - ok
13:56:55.0613 0x0858 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:56:55.0691 0x0858 SDRSVC - ok
13:56:55.0723 0x0858 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:56:55.0754 0x0858 secdrv - ok
13:56:55.0785 0x0858 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
13:56:55.0832 0x0858 seclogon - ok
13:56:55.0863 0x0858 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
13:56:55.0910 0x0858 SENS - ok
13:56:55.0925 0x0858 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:56:55.0988 0x0858 SensrSvc - ok
13:56:55.0988 0x0858 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:56:56.0019 0x0858 Serenum - ok
13:56:56.0050 0x0858 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:56:56.0081 0x0858 Serial - ok
13:56:56.0097 0x0858 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:56:56.0113 0x0858 sermouse - ok
13:56:56.0144 0x0858 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
13:56:56.0206 0x0858 SessionEnv - ok
13:56:56.0206 0x0858 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:56:56.0222 0x0858 sffdisk - ok
13:56:56.0222 0x0858 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:56:56.0253 0x0858 sffp_mmc - ok
13:56:56.0284 0x0858 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:56:56.0315 0x0858 sffp_sd - ok
13:56:56.0331 0x0858 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:56:56.0362 0x0858 sfloppy - ok
13:56:56.0393 0x0858 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:56:56.0440 0x0858 SharedAccess - ok
13:56:56.0471 0x0858 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:56:56.0534 0x0858 ShellHWDetection - ok
13:56:56.0534 0x0858 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
13:56:56.0549 0x0858 sisagp - ok
13:56:56.0565 0x0858 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:56:56.0581 0x0858 SiSRaid2 - ok
13:56:56.0581 0x0858 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:56:56.0596 0x0858 SiSRaid4 - ok
13:56:56.0674 0x0858 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:56:56.0705 0x0858 SkypeUpdate - ok
13:56:56.0737 0x0858 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:56:56.0783 0x0858 Smb - ok
13:56:56.0815 0x0858 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:56:56.0830 0x0858 SNMPTRAP - ok
13:56:56.0846 0x0858 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
13:56:56.0861 0x0858 spldr - ok
13:56:56.0877 0x0858 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
13:56:56.0939 0x0858 Spooler - ok
13:56:57.0080 0x0858 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
13:56:57.0267 0x0858 sppsvc - ok
13:56:57.0283 0x0858 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:56:57.0329 0x0858 sppuinotify - ok
13:56:57.0361 0x0858 [ 112127C3B2E64D7680CC39CD0A39DD7E, ABE8B868CFE0EF4DAF886517047DBFD5A9C964983FAA499AC086CCD45BA46366 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:56:57.0392 0x0858 srv - ok
13:56:57.0407 0x0858 [ E5DD784A4EE5EBC72A86C677C988FCDB, 5D54C9AF291F8047DD66C31671F279A5D7EE8BCB5E55640F5F976E16211F59DD ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:56:57.0470 0x0858 srv2 - ok
13:56:57.0470 0x0858 [ CDBE627E16CC9E98F343D73F8E81D258, 25A68A6F943FCBA79A0D97ABC5B2EAEEB65C268F1CB2DD445ABF7E2758DF2802 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:56:57.0501 0x0858 srvnet - ok
13:56:57.0548 0x0858 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:56:57.0595 0x0858 SSDPSRV - ok
13:56:57.0657 0x0858 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
13:56:57.0657 0x0858 ssmdrv - ok
13:56:57.0673 0x0858 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:56:57.0688 0x0858 SstpSvc - ok
13:56:57.0766 0x0858 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
13:56:57.0844 0x0858 Steam Client Service - ok
13:56:57.0907 0x0858 [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:56:57.0953 0x0858 Stereo Service - ok
13:56:57.0985 0x0858 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:56:58.0000 0x0858 stexstor - ok
13:56:58.0063 0x0858 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
13:56:58.0156 0x0858 StiSvc - ok
13:56:58.0156 0x0858 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:56:58.0187 0x0858 swenum - ok
13:56:58.0219 0x0858 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
13:56:58.0328 0x0858 swprv - ok
13:56:58.0437 0x0858 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
13:56:58.0484 0x0858 SysMain - ok
13:56:58.0484 0x0858 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:56:58.0546 0x0858 TabletInputService - ok
13:56:58.0562 0x0858 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
13:56:58.0609 0x0858 TapiSrv - ok
13:56:58.0687 0x0858 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
13:56:58.0796 0x0858 TBS - ok
13:56:59.0233 0x0858 [ 37E8FA3779668837CA9E2C36D2415949, FDDA99B7501CDBC3032AA12FD8E929F5E3B47DA112D0F8A05E2D833E5609EDEA ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:56:59.0638 0x0858 Tcpip - ok
13:56:59.0935 0x0858 [ 37E8FA3779668837CA9E2C36D2415949, FDDA99B7501CDBC3032AA12FD8E929F5E3B47DA112D0F8A05E2D833E5609EDEA ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:56:59.0966 0x0858 TCPIP6 - ok
13:57:00.0106 0x0858 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:57:00.0169 0x0858 tcpipreg - ok
13:57:00.0200 0x0858 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:57:00.0293 0x0858 TDPIPE - ok
13:57:00.0293 0x0858 [ 2C10395BAA4847F83042813C515CC289, CBC058AE2EB6AA5905F9D2EF52573E1C06330462952E6D6E7083F8DB2C441E3E ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:57:00.0434 0x0858 TDTCP - ok
13:57:00.0465 0x0858 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:57:00.0527 0x0858 tdx - ok
13:57:00.0590 0x0858 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:57:00.0621 0x0858 TermDD - ok
13:57:00.0777 0x0858 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
13:57:00.0933 0x0858 TermService - ok
13:57:00.0995 0x0858 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
13:57:01.0073 0x0858 Themes - ok
13:57:01.0120 0x0858 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
13:57:01.0151 0x0858 THREADORDER - ok
13:57:01.0229 0x0858 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
13:57:01.0323 0x0858 TrkWks - ok
13:57:01.0510 0x0858 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:57:01.0682 0x0858 TrustedInstaller - ok
13:57:01.0697 0x0858 [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:57:01.0822 0x0858 tssecsrv - ok
13:57:01.0853 0x0858 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:57:01.0963 0x0858 TsUsbFlt - ok
13:57:01.0978 0x0858 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\DRIVERS\TsUsbGD.sys
13:57:02.0025 0x0858 TsUsbGD - ok
13:57:02.0072 0x0858 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:57:02.0197 0x0858 tunnel - ok
13:57:02.0290 0x0858 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:57:02.0415 0x0858 uagp35 - ok
13:57:02.0555 0x0858 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:57:02.0883 0x0858 udfs - ok
13:57:03.0008 0x0858 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:57:03.0148 0x0858 UI0Detect - ok
13:57:03.0242 0x0858 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
13:57:03.0320 0x0858 uliagpkx - ok
13:57:03.0413 0x0858 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:57:03.0460 0x0858 umbus - ok
13:57:03.0523 0x0858 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:57:03.0601 0x0858 UmPass - ok
13:57:03.0710 0x0858 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
13:57:03.0803 0x0858 upnphost - ok
13:57:03.0881 0x0858 [ 1D9F2BD026E8E2D45033A4DF3F16B78C, 72603E0A614F382AF69972F0930FD168B805922599DB9A7410B20CB391A9B933 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:57:03.0913 0x0858 usbaudio - ok
13:57:03.0944 0x0858 [ 7E72E7D7E0757D59481D530FD2B0BFAE, 288CAC9F4AC09DEB2B30C6E3A6ACF8D62A75576F62F0EC159D5E1B257419E9DC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:57:03.0975 0x0858 usbccgp - ok
13:57:04.0037 0x0858 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
13:57:04.0069 0x0858 usbcir - ok
13:57:04.0100 0x0858 [ CFBCE999C057D78979A181C9C60F208E, D60698EAA8A085214D5945818B0863976CF116EBE523046C344AF4E9392FDF80 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:57:04.0147 0x0858 usbehci - ok
13:57:04.0162 0x0858 [ 9D22AAD9AC6A07C691A1113E5F860868, AC34D36DBB5649650FCD873A792CA1387AE841D4C46781C63C0D29834F9B58E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:57:04.0209 0x0858 usbhub - ok
13:57:04.0240 0x0858 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:57:04.0287 0x0858 usbohci - ok
13:57:04.0303 0x0858 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:57:04.0334 0x0858 usbprint - ok
13:57:04.0365 0x0858 [ BF63EBFC6979FEFB2BC03DF7989A0C1A, AFEF764A3E5D52CDBB5074F0E87F2B5EBCDF8D9B6E8F88EE235602B80145BE31 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:57:04.0396 0x0858 USBSTOR - ok
13:57:04.0443 0x0858 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:57:04.0490 0x0858 usbuhci - ok
13:57:04.0537 0x0858 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
13:57:04.0599 0x0858 UxSms - ok
13:57:04.0630 0x0858 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
13:57:04.0646 0x0858 VaultSvc - ok
13:57:04.0708 0x0858 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
13:57:04.0739 0x0858 vdrvroot - ok
13:57:04.0849 0x0858 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
13:57:04.0973 0x0858 vds - ok
13:57:05.0020 0x0858 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:57:05.0083 0x0858 vga - ok
13:57:05.0083 0x0858 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:57:05.0114 0x0858 VgaSave - ok
13:57:05.0129 0x0858 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:57:05.0176 0x0858 vhdmp - ok
13:57:05.0254 0x0858 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
13:57:05.0270 0x0858 viaagp - ok
13:57:05.0301 0x0858 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:57:05.0332 0x0858 ViaC7 - ok
13:57:05.0348 0x0858 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
13:57:05.0379 0x0858 viaide - ok
13:57:05.0410 0x0858 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
13:57:05.0441 0x0858 volmgr - ok
13:57:05.0473 0x0858 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:57:05.0504 0x0858 volmgrx - ok
13:57:05.0519 0x0858 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
13:57:05.0566 0x0858 volsnap - ok
13:57:05.0629 0x0858 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:57:05.0660 0x0858 vsmraid - ok
13:57:05.0769 0x0858 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
13:57:05.0972 0x0858 VSS - ok
13:57:05.0987 0x0858 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:57:06.0034 0x0858 vwifibus - ok
13:57:06.0081 0x0858 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:57:06.0128 0x0858 vwififlt - ok
13:57:06.0237 0x0858 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
13:57:06.0331 0x0858 W32Time - ok
13:57:06.0346 0x0858 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:57:06.0393 0x0858 WacomPen - ok
13:57:06.0440 0x0858 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:57:06.0487 0x0858 WANARP - ok
13:57:06.0487 0x0858 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:57:06.0518 0x0858 Wanarpv6 - ok
13:57:06.0674 0x0858 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
13:57:06.0783 0x0858 wbengine - ok
13:57:06.0845 0x0858 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:57:06.0892 0x0858 WbioSrvc - ok
13:57:06.0923 0x0858 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:57:07.0017 0x0858 wcncsvc - ok
13:57:07.0033 0x0858 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:57:07.0111 0x0858 WcsPlugInService - ok
13:57:07.0142 0x0858 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:57:07.0157 0x0858 Wd - ok
13:57:07.0204 0x0858 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:57:07.0438 0x0858 Wdf01000 - ok
13:57:07.0454 0x0858 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:57:07.0594 0x0858 WdiServiceHost - ok
13:57:07.0610 0x0858 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:57:07.0625 0x0858 WdiSystemHost - ok
13:57:07.0672 0x0858 [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient C:\Windows\System32\webclnt.dll
13:57:07.0735 0x0858 WebClient - ok
13:57:07.0766 0x0858 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:57:07.0797 0x0858 Wecsvc - ok
13:57:07.0813 0x0858 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:57:07.0875 0x0858 wercplsupport - ok
13:57:07.0922 0x0858 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
13:57:07.0953 0x0858 WerSvc - ok
13:57:08.0015 0x0858 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:57:08.0093 0x0858 WfpLwf - ok
13:57:08.0093 0x0858 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:57:08.0109 0x0858 WIMMount - ok
13:57:08.0187 0x0858 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:57:08.0343 0x0858 WinDefend - ok
13:57:08.0343 0x0858 WinHttpAutoProxySvc - ok
13:57:08.0421 0x0858 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:57:08.0468 0x0858 Winmgmt - ok
13:57:08.0639 0x0858 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
13:57:08.0780 0x0858 WinRM - ok
13:57:08.0967 0x0858 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:57:08.0998 0x0858 Wlansvc - ok
13:57:09.0061 0x0858 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:57:09.0107 0x0858 WmiAcpi - ok
13:57:09.0154 0x0858 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:57:09.0232 0x0858 wmiApSrv - ok
13:57:09.0341 0x0858 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:57:09.0607 0x0858 WMPNetworkSvc - ok
13:57:09.0622 0x0858 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:57:09.0700 0x0858 WPCSvc - ok
13:57:09.0716 0x0858 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:57:09.0872 0x0858 WPDBusEnum - ok
13:57:09.0934 0x0858 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:57:09.0997 0x0858 ws2ifsl - ok
13:57:10.0043 0x0858 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
13:57:10.0059 0x0858 wscsvc - ok
13:57:10.0075 0x0858 WSearch - ok
13:57:10.0215 0x0858 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
13:57:10.0496 0x0858 wuauserv - ok
13:57:10.0527 0x0858 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:57:10.0589 0x0858 WudfPf - ok
13:57:10.0683 0x0858 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:57:10.0730 0x0858 WUDFRd - ok
13:57:10.0792 0x0858 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:57:10.0855 0x0858 wudfsvc - ok
13:57:10.0901 0x0858 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:57:10.0964 0x0858 WwanSvc - ok
13:57:11.0011 0x0858 ================ Scan global ===============================
13:57:11.0104 0x0858 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:57:11.0151 0x0858 [ A9F564F254E9DDDE120A7135767EC24B, F255DCB4C7F4F941BA27700D66684AD0BA3DF114D6F298E2A909095B71B11D94 ] C:\Windows\system32\winsrv.dll
13:57:11.0198 0x0858 [ A9F564F254E9DDDE120A7135767EC24B, F255DCB4C7F4F941BA27700D66684AD0BA3DF114D6F298E2A909095B71B11D94 ] C:\Windows\system32\winsrv.dll
13:57:11.0245 0x0858 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:57:11.0291 0x0858 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
13:57:11.0323 0x0858 [ Global ] - ok
13:57:11.0323 0x0858 ================ Scan MBR ==================================
13:57:11.0338 0x0858 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:57:12.0446 0x0858 \Device\Harddisk0\DR0 - ok
13:57:12.0446 0x0858 ================ Scan VBR ==================================
13:57:12.0461 0x0858 [ DE0011E2551A05BFF0C0726184CCCAA9 ] \Device\Harddisk0\DR0\Partition1
13:57:12.0493 0x0858 \Device\Harddisk0\DR0\Partition1 - ok
13:57:12.0508 0x0858 [ D0E3CE8A3DEA89B2ED6066E20DC6E1A9 ] \Device\Harddisk0\DR0\Partition2
13:57:12.0524 0x0858 \Device\Harddisk0\DR0\Partition2 - ok
13:57:12.0524 0x0858 ================ Scan generic autorun ======================
13:57:12.0602 0x0858 [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
13:57:12.0633 0x0858 SunJavaUpdateSched - ok
13:57:12.0758 0x0858 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:57:12.0789 0x0858 Adobe ARM - ok
13:57:13.0226 0x0858 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
13:57:13.0257 0x0858 avgnt - ok
13:57:13.0257 0x0858 AzubaCulwu - ok
13:57:13.0257 0x0858 Waiting for KSN requests completion. In queue: 201
13:57:14.0271 0x0858 Waiting for KSN requests completion. In queue: 201
13:57:15.0285 0x0858 Waiting for KSN requests completion. In queue: 201
13:57:16.0393 0x0858 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
13:57:16.0408 0x0858 Win FW state via NFP2: enabled
13:57:18.0889 0x0858 ============================================================
13:57:18.0889 0x0858 Scan finished
13:57:18.0889 0x0858 ============================================================
13:57:18.0889 0x0654 Detected object count: 0
13:57:18.0889 0x0654 Actual detected object count: 0
13:57:29.0871 0x0dc4 Deinitialize success
|
|
27.08.2014, 13:14
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO.cidox Performance sinktZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.08.2014, 18:27
| #24 |
| | BOO.cidox Performance sinkt das sagt mir nichts, aber avira meldet mir wenigstens nichts mehr Also das Hauptproblem scheint nun beseitig worden zu sein und ich bedanke mich schon mal sehr bei dir. |
|
28.08.2014, 11:25
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO.cidox Performance sinkt Ok, mach bitte nochmal neue Kontrollscans mit MBAM und ESET
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.08.2014, 15:28
| #26 |
| | BOO.cidox Performance sinkt Soll ich mögliche Funde gleich löschen oder möchtest du nur die logfiles? |
|
28.08.2014, 15:29
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO.cidox Performance sinkt Wie beim letzten Mal auch
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.08.2014, 20:06
| #28 |
| | BOO.cidox Performance sinkt ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=f88b27814c69c24fad98e2f15690208b # engine=19885 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-08-28 02:40:37 # local_time=2014-08-28 04:40:37 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Avira Desktop' # compatibility_mode=1810 16777213 100 99 6644 3121891 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 3778737 160868028 0 0 # scanned=133649 # found=5 # cleaned=0 # scan_time=5887 sh=23F0093EE1722BD79082C28E34F83E775D558A07 ft=1 fh=a829e940a5c77507 vn="Variante von Win32/Kryptik.CJRB Trojaner" ac=I fn="C:\ProgramData\Windows Genuine Advantage\{29B1E860-912D-4CBA-85EB-C8BF64E223F5}\api-ms-win-system-ieapfltr-l1-1-0.dll" sh=23F0093EE1722BD79082C28E34F83E775D558A07 ft=1 fh=a829e940a5c77507 vn="Variante von Win32/Kryptik.CJRB Trojaner" ac=I fn="C:\Users\All Users\Windows Genuine Advantage\{29B1E860-912D-4CBA-85EB-C8BF64E223F5}\api-ms-win-system-ieapfltr-l1-1-0.dll" sh=7E0B7FC15E205EB94D9ABF4D3DB7337E4A3F785A ft=1 fh=dd4cec0c39c615f9 vn="Variante von Win32/Injector.BKQE Trojaner" ac=I fn="C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0DDO7B2Z\index[1].php" sh=19F3AB30EF425C1C77360FF456FA435463A5B53D ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen Virus" ac=I fn="C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0U2NWRL\.jquery[1].php" sh=0FFAF5E56CA907ABBC50151F5F46276CA24934FE ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen Virus" ac=I fn="C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L4BG3COW\.jquery[1].php" Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 28.08.2014 Suchlauf-Zeit: 16:44:08 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.28.02 Rootkit Datenbank: v2014.08.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Kevin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 272655 Verstrichene Zeit: 9 Min, 26 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 2 Trojan.FakeMS, C:\ProgramData\Windows Genuine Advantage\{29B1E860-912D-4CBA-85EB-C8BF64E223F5}\api-ms-win-system-ieapfltr-l1-1-0.dll, In Quarantäne, [14dedeede992d3635a2a6b4706fbf40c], Trojan.Kelihos.ED, C:\ProgramData\Windows Genuine Advantage\{6E9AAB6F-0110-4F54-986C-A8058D2C9642}\msiexec.exe, In Quarantäne, [c1312aa1cfacfd39958f8b0fe120b24e], Physische Sektoren: 0 (No malicious items detected) (end) |
|
28.08.2014, 20:26
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BOO.cidox Performance sinkt Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\Windows Genuine Advantage
C:\Users\All Users\Windows Genuine Advantage
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.08.2014, 13:09
| #30 |
| | BOO.cidox Performance sinktCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-08-2014 01
Ran by Kevin at 2014-08-29 14:05:57 Run:1
Running from C:\Users\Kevin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\Windows Genuine Advantage
C:\Users\All Users\Windows Genuine Advantage
EmptyTemp:
*****************
C:\ProgramData\Windows Genuine Advantage => Moved successfully.
"C:\Users\All Users\Windows Genuine Advantage" => File/Directory not found.
EmptyTemp: => Removed 626.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
|
|
| Themen zu BOO.cidox Performance sinkt |
| ausgeführt, auslastung, boo.cidox, boo/cidox.b, computer, computers, erscheine, erscheinen, explorer.exe, html/iframe.b.gen, performance, rootkit.boot.cidox.b, screenshots, spyhunter, spyhunter entfernen, taskmanager, trojan.fakems, trojan.kelihos.ed, trojaner, win32/injector.bkqe, win32/kryptik.cjrb, win32/rovnix.r |
Linear-Darstellung
