Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win 7: Malware im Bootsektor

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.09.2014, 15:54   #1
Joshunk
 
Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



Hallo,
Ich habe eine mittelschwere Katastrophe mit meinem Laptop.
Erstmal Vorab: Windows 7 Home 64 bit

Ich hab mir Wahrscheinlich bei dem Download von Plugins für Adobe Photoshop ein fieses Virus gefangen. (waren auch garkeine Plugins, war eine .exe datei).
Jedenfalls ist mein Laptop seit dem unglaublich langsam geworden, und der Taskmanager zeigt an, das der Internet explorer Dauerhaft ausgeführt wird.

Avira sagt genau "Es wurde ein Virus oder unerwünschtes programm im Masteboot sektor "boo/cidox.b" gefunden.
Ich hab avira jetzt des öfteren durchlaufen lassen, und es jedes mal entfernt, leider ohne erfolg. Nach kurzer Google suche habe ich mir "sophos Anto rootkit" heruntergeladen, welches seit fast 2 Stunden meinen Laptop scannt.
a
Desweiteren will ich sagen, das ich mich 0 mit dem Spaß auskenne, und euch bitten mir nicht böse zu sein wenn ich etwas nicht sofort verstehe.


und hier mal dieses frst dingen:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Josh (administrator) on JOSH-HP on 08-09-2014 17:04:26
Running from C:\Users\Josh\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Spotify Ltd) C:\Users\Josh\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-08] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586808 2011-04-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [Spotify] => C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-25] (Spotify Ltd)
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [Spotify Web Helper] => C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-25] (Spotify Ltd)
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [YbcbPack] => regsvr32.exe C:\Users\Josh\AppData\Local\YbcbPack\dsbpodkrvasg.dll <===== ATTENTION
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Run: [WerFaultSecure] => "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe"
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\RunOnce: [WerFaultSecure] => "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe"
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Policies\Explorer: [Run] "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe"
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-52797748-3383784608-1755536748-1000\...\Command Processor: "C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe" <===== ATTENTION!
IFEO\earegister.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WerFaultSecure.lnk
ShortcutTarget: WerFaultSecure.lnk -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFaultSecure.exe (No File)
ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM - {DC7D9CAC-98D4-480A-A614-05D459A05BB1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {DC7D9CAC-98D4-480A-A614-05D459A05BB1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {DC7D9CAC-98D4-480A-A614-05D459A05BB1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C6A6BEBD-105F-46A3-9323-8897A19279E1}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{D597288F-B011-433F-9FF3-4350A0811147}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\faststartff@gmail.com [2014-08-30]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\ich@maltegoetz.de [2014-03-08]
FF Extension: YouTube Unblocker - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-20]
FF Extension: Font Property Page - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\{0BD64A0D-DD26-96BF-46A3-8D319EFB73C3} [2014-08-30]
FF Extension: Adblock Plus - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\vaojjdik.default\extensions\faststartff@gmail.com

Chrome: 
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q"
CHR NewTab: Default -> "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchProvider: Default -> webssearches
CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=ds&ts=1409410230&from=ild&uid=ST9500325AS_S2W5768Q&q={searchTerms}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Font Property Page) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-30]
CHR Extension: (Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google-Suche) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Quick start) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-30]
CHR Extension: (Google Mail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-29] (Disc Soft Ltd)
S3 MEMSWEEP2; C:\Windows\system32\CFCE.tmp [6144 2009-06-18] (Sophos Plc) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 17:04 - 2014-09-08 17:04 - 00021934 _____ () C:\Users\Josh\Downloads\FRST.txt
2014-09-08 17:04 - 2014-09-08 17:04 - 00000000 ____D () C:\FRST
2014-09-08 17:03 - 2014-09-08 17:04 - 02105344 _____ (Farbar) C:\Users\Josh\Downloads\FRST64.exe
2014-09-08 16:53 - 2014-09-08 16:53 - 00013597 _____ () C:\Users\Josh\Desktop\Ereignisse.rar
2014-09-08 16:45 - 2014-09-08 16:45 - 00705232 _____ () C:\Users\Josh\Desktop\Ereignisse.txt
2014-09-08 16:42 - 2014-09-08 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Josh\Downloads\SpyHunter-installer.exe
2014-09-08 15:39 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\Windows\system32\CFCE.tmp
2014-09-08 15:32 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\Windows\system32\F161.tmp
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-08 15:26 - 2014-09-08 15:26 - 01101648 _____ () C:\Users\Josh\Downloads\Sophos Anti Rootkit - CHIP-Installer.exe
2014-09-05 23:27 - 2014-09-05 23:27 - 00000746 _____ () C:\Users\Josh\Desktop\VueScan.lnk
2014-09-05 23:27 - 2014-09-05 23:27 - 00000000 ____D () C:\Program Files\DIFX
2014-09-05 23:26 - 2014-09-05 23:27 - 00000000 ____D () C:\Program Files\VueScan
2014-09-05 23:25 - 2014-09-05 23:26 - 00000000 ____D () C:\Users\Josh\Downloads\SilverFast Ai
2014-09-05 23:25 - 2014-09-05 23:25 - 00000000 ____D () C:\Users\Josh\Downloads\VueScan Pro 9.4.28 (x86x64) Multilanguage Pre-Activated
2014-09-05 23:11 - 2014-09-05 23:27 - 00015274 _____ () C:\Windows\DPINST.LOG
2014-09-05 23:11 - 2014-09-05 23:11 - 00000000 ____D () C:\Program Files (x86)\VueScan
2014-09-05 23:09 - 2014-09-05 23:10 - 08322592 _____ (Hamrick Software) C:\Users\Josh\Downloads\vuex329442.exe
2014-09-05 17:22 - 2008-11-25 00:00 - 00065793 _____ () C:\Windows\system32\esfw8b.bin
2014-09-05 17:22 - 2008-06-19 00:00 - 00207360 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxuin8b.dll
2014-09-05 17:22 - 2008-06-19 00:00 - 00204800 _____ (SEIKO EPSON CORP.) C:\Windows\SysWOW64\esint8b.dll
2014-09-05 17:22 - 2007-12-28 00:00 - 00084992 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwia8b.dll
2014-09-05 17:22 - 2006-03-10 00:00 - 00004608 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwiaml.dll
2014-09-05 17:19 - 2014-09-05 17:20 - 11557888 _____ () C:\Users\Josh\Downloads\epson324868eu.exe
2014-09-05 17:12 - 2014-09-05 17:22 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-05 17:12 - 2014-09-05 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-09-05 17:12 - 2012-05-22 00:00 - 00465920 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2014-09-05 17:12 - 2009-10-16 00:00 - 00132560 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2014-09-05 17:12 - 2009-10-16 00:00 - 00013824 _____ (Seiko Epson Corporation) C:\Windows\system32\esxcdev.dll
2014-09-05 17:11 - 2014-09-05 17:11 - 17927680 _____ () C:\Users\Josh\Downloads\epson374212eu.exe
2014-09-05 17:01 - 2014-09-05 17:06 - 00001462 _____ () C:\Users\Josh\Sti_Trace.log
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Users\Josh\Downloads\BetterDS3_1.5.3.zip
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Program Files (x86)\BetterDS3_1.5.3.zip
2014-09-03 12:47 - 2014-09-03 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 22:44 - 2014-09-03 23:02 - 00000000 ____D () C:\Users\Josh\Desktop\Essen mit s50 und schwalbe
2014-09-01 16:38 - 2014-09-01 16:56 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen, Nebel
2014-08-31 00:29 - 2014-09-06 18:36 - 00000000 ____D () C:\Users\Josh\Desktop\Neuer Ordner
2014-08-30 19:35 - 2014-08-30 19:36 - 00000000 ____D () C:\Users\Josh\Documents\BFBC2
2014-08-30 19:28 - 2014-08-30 19:28 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-30 19:28 - 2014-08-30 19:28 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-30 17:11 - 2014-08-30 17:11 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-08-30 16:56 - 2014-09-05 11:08 - 00000000 ____D () C:\Users\Josh\AppData\Local\Ahfzworks
2014-08-30 16:56 - 2014-08-30 16:57 - 00000000 ____D () C:\Users\Josh\AppData\Local\YbcbPack
2014-08-30 16:50 - 2014-08-30 16:50 - 00000000 ____D () C:\Users\Josh\AppData\Local\Cool_Mirage
2014-08-30 15:23 - 2014-08-30 15:28 - 00000128 ____H () C:\ProgramData\V93GE
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\LaserSoft Imaging
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\EPSON
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Program Files (x86)\epson
2014-08-30 14:09 - 2014-09-05 17:02 - 00000000 ____D () C:\VueScan
2014-08-30 11:48 - 2014-08-30 12:03 - 00000000 ____D () C:\Users\Josh\Downloads\Battlefield.Bad.Company.2-RELOADED
2014-08-30 10:34 - 2014-08-30 10:40 - 00000000 ____D () C:\Users\Josh\Desktop\Battlefield 2
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-30 10:13 - 2009-08-20 17:24 - 51331352 _____ () C:\Users\Josh\Desktop\Objects_server.zip
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-08-26 12:49 - 2014-08-26 12:50 - 00000000 ____D () C:\Users\Josh\Documents\GTA San Andreas User Files
2014-08-26 12:49 - 2014-08-26 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-08-26 11:45 - 2014-08-26 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BF2 Unlock Weapons Mods
2014-08-26 11:08 - 2014-08-26 11:10 - 00000000 ____D () C:\Users\Josh\Documents\Battlefield 2
2014-08-25 23:15 - 2014-08-25 23:15 - 00000000 ____D () C:\Users\Josh\Desktop\Blog Backup
2014-08-25 19:53 - 2014-08-25 19:55 - 00000000 ____D () C:\Users\Josh\Desktop\Lightroom Presets
2014-08-25 13:01 - 2014-09-08 14:35 - 00000000 ____D () C:\Users\Josh\AppData\Local\Spotify
2014-08-25 13:01 - 2014-08-25 13:01 - 00001785 _____ () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-25 12:56 - 2014-09-08 16:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Spotify
2014-08-22 23:34 - 2014-09-08 14:33 - 00011444 _____ () C:\Windows\PFRO.log
2014-08-22 23:01 - 2014-09-08 14:33 - 00005264 _____ () C:\Windows\setupact.log
2014-08-22 23:01 - 2014-08-22 23:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-17 23:27 - 2014-08-22 22:50 - 00000000 ____D () C:\Windows\Minidump
2014-08-17 18:44 - 2014-08-17 18:44 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:44 - 00000000 ____D () C:\Users\Josh\AppData\Local\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 01101648 _____ () C:\Users\Josh\Better DS3 - CHIP-Installer.exe
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-14 20:45 - 2014-08-14 20:47 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf Flughafen - Basti
2014-08-13 23:47 - 2014-08-15 17:02 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf - Marius, Basti
2014-08-11 21:37 - 2014-08-15 15:45 - 00000000 ____D () C:\Users\Josh\Desktop\Heiligenhaus - Basti
2014-08-09 22:44 - 2014-08-29 21:15 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen x Essen - Schwalbe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 17:04 - 2014-09-08 17:04 - 00021934 _____ () C:\Users\Josh\Downloads\FRST.txt
2014-09-08 17:04 - 2014-09-08 17:04 - 00000000 ____D () C:\FRST
2014-09-08 17:04 - 2014-09-08 17:03 - 02105344 _____ (Farbar) C:\Users\Josh\Downloads\FRST64.exe
2014-09-08 16:53 - 2014-09-08 16:53 - 00013597 _____ () C:\Users\Josh\Desktop\Ereignisse.rar
2014-09-08 16:45 - 2014-09-08 16:45 - 00705232 _____ () C:\Users\Josh\Desktop\Ereignisse.txt
2014-09-08 16:42 - 2014-09-08 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Josh\Downloads\SpyHunter-installer.exe
2014-09-08 16:23 - 2014-08-25 12:56 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Spotify
2014-09-08 16:23 - 2013-12-18 16:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-08 15:31 - 2014-09-08 15:31 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-08 15:26 - 2014-09-08 15:26 - 01101648 _____ () C:\Users\Josh\Downloads\Sophos Anti Rootkit - CHIP-Installer.exe
2014-09-08 14:52 - 2013-12-30 00:52 - 00000000 ____D () C:\Users\Josh\AppData\Local\CrashDumps
2014-09-08 14:46 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 14:46 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 14:45 - 2012-03-07 11:18 - 01719697 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 14:44 - 2014-06-29 15:42 - 00000000 ____D () C:\Users\Josh\AppData\Local\Adobe
2014-09-08 14:39 - 2013-12-18 16:11 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5649FCFD-068A-46CF-A4DE-B11D56617AFA}
2014-09-08 14:35 - 2014-08-25 13:01 - 00000000 ____D () C:\Users\Josh\AppData\Local\Spotify
2014-09-08 14:35 - 2014-06-17 19:20 - 00000000 ___RD () C:\Users\Josh\Dropbox
2014-09-08 14:35 - 2014-06-17 19:18 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Dropbox
2014-09-08 14:33 - 2014-08-22 23:34 - 00011444 _____ () C:\Windows\PFRO.log
2014-09-08 14:33 - 2014-08-22 23:01 - 00005264 _____ () C:\Windows\setupact.log
2014-09-08 14:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-06 18:36 - 2014-08-31 00:29 - 00000000 ____D () C:\Users\Josh\Desktop\Neuer Ordner
2014-09-06 00:42 - 2013-12-29 20:51 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\BitTorrent
2014-09-05 23:27 - 2014-09-05 23:27 - 00000746 _____ () C:\Users\Josh\Desktop\VueScan.lnk
2014-09-05 23:27 - 2014-09-05 23:27 - 00000000 ____D () C:\Program Files\DIFX
2014-09-05 23:27 - 2014-09-05 23:26 - 00000000 ____D () C:\Program Files\VueScan
2014-09-05 23:27 - 2014-09-05 23:11 - 00015274 _____ () C:\Windows\DPINST.LOG
2014-09-05 23:26 - 2014-09-05 23:25 - 00000000 ____D () C:\Users\Josh\Downloads\SilverFast Ai
2014-09-05 23:25 - 2014-09-05 23:25 - 00000000 ____D () C:\Users\Josh\Downloads\VueScan Pro 9.4.28 (x86x64) Multilanguage Pre-Activated
2014-09-05 23:11 - 2014-09-05 23:11 - 00000000 ____D () C:\Program Files (x86)\VueScan
2014-09-05 23:10 - 2014-09-05 23:09 - 08322592 _____ (Hamrick Software) C:\Users\Josh\Downloads\vuex329442.exe
2014-09-05 17:22 - 2014-09-05 17:12 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-05 17:20 - 2014-09-05 17:19 - 11557888 _____ () C:\Users\Josh\Downloads\epson324868eu.exe
2014-09-05 17:12 - 2014-09-05 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-09-05 17:11 - 2014-09-05 17:11 - 17927680 _____ () C:\Users\Josh\Downloads\epson374212eu.exe
2014-09-05 17:06 - 2014-09-05 17:01 - 00001462 _____ () C:\Users\Josh\Sti_Trace.log
2014-09-05 17:02 - 2014-08-30 14:09 - 00000000 ____D () C:\VueScan
2014-09-05 17:01 - 2013-12-18 16:06 - 00000000 ____D () C:\Users\Josh
2014-09-05 11:46 - 2013-12-29 03:32 - 00000000 ____D () C:\Users\Josh\Documents\FIFA 12
2014-09-05 11:08 - 2014-08-30 16:56 - 00000000 ____D () C:\Users\Josh\AppData\Local\Ahfzworks
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Users\Josh\Downloads\BetterDS3_1.5.3.zip
2014-09-05 11:07 - 2014-09-05 11:07 - 00759932 _____ () C:\Program Files (x86)\BetterDS3_1.5.3.zip
2014-09-04 18:51 - 2013-12-18 16:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-03 23:02 - 2014-09-01 22:44 - 00000000 ____D () C:\Users\Josh\Desktop\Essen mit s50 und schwalbe
2014-09-03 12:47 - 2014-09-03 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 16:56 - 2014-09-01 16:38 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen, Nebel
2014-08-30 19:36 - 2014-08-30 19:35 - 00000000 ____D () C:\Users\Josh\Documents\BFBC2
2014-08-30 19:33 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-30 19:28 - 2014-08-30 19:28 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-30 19:28 - 2014-08-30 19:28 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-30 17:11 - 2014-08-30 17:11 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-08-30 16:57 - 2014-08-30 16:56 - 00000000 ____D () C:\Users\Josh\AppData\Local\YbcbPack
2014-08-30 16:50 - 2014-08-30 16:50 - 00000000 ____D () C:\Users\Josh\AppData\Local\Cool_Mirage
2014-08-30 16:50 - 2013-12-18 16:22 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-30 16:50 - 2013-12-18 16:11 - 00001609 _____ () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 15:28 - 2014-08-30 15:23 - 00000128 ____H () C:\ProgramData\V93GE
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\LaserSoft Imaging
2014-08-30 15:23 - 2014-08-30 15:23 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\EPSON
2014-08-30 14:12 - 2014-05-05 00:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 14:12 - 2014-05-05 00:37 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Program Files (x86)\epson
2014-08-30 12:03 - 2014-08-30 11:48 - 00000000 ____D () C:\Users\Josh\Downloads\Battlefield.Bad.Company.2-RELOADED
2014-08-30 10:41 - 2013-12-31 15:49 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2014-08-30 10:40 - 2014-08-30 10:34 - 00000000 ____D () C:\Users\Josh\Desktop\Battlefield 2
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-30 10:34 - 2014-08-30 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Combat
2014-08-29 22:29 - 2014-05-05 00:37 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-29 22:29 - 2014-05-05 00:37 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-29 21:15 - 2014-08-09 22:44 - 00000000 ____D () C:\Users\Josh\Desktop\Ratingen x Essen - Schwalbe
2014-08-26 23:21 - 2011-07-15 06:01 - 00699700 _____ () C:\Windows\system32\perfh007.dat
2014-08-26 23:21 - 2011-07-15 06:01 - 00149550 _____ () C:\Windows\system32\perfc007.dat
2014-08-26 23:21 - 2009-07-14 07:13 - 01620440 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-08-26 14:44 - 2014-08-26 14:44 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-08-26 14:44 - 2011-07-14 20:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-26 12:50 - 2014-08-26 12:49 - 00000000 ____D () C:\Users\Josh\Documents\GTA San Andreas User Files
2014-08-26 12:49 - 2014-08-26 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-08-26 12:49 - 2013-12-30 00:07 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-26 12:49 - 2013-12-23 18:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-08-26 12:49 - 2013-12-23 18:28 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-26 11:45 - 2014-08-26 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BF2 Unlock Weapons Mods
2014-08-26 11:10 - 2014-08-26 11:08 - 00000000 ____D () C:\Users\Josh\Documents\Battlefield 2
2014-08-25 23:15 - 2014-08-25 23:15 - 00000000 ____D () C:\Users\Josh\Desktop\Blog Backup
2014-08-25 19:55 - 2014-08-25 19:53 - 00000000 ____D () C:\Users\Josh\Desktop\Lightroom Presets
2014-08-25 13:01 - 2014-08-25 13:01 - 00001785 _____ () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-23 22:50 - 2013-12-21 17:30 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\vlc
2014-08-22 23:34 - 2014-06-23 00:24 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-22 23:01 - 2014-08-22 23:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-22 23:00 - 2014-05-20 17:30 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-22 23:00 - 2014-05-20 17:28 - 00000000 ____D () C:\ProgramData\Origin
2014-08-22 22:58 - 2014-08-03 14:37 - 00000000 ____D () C:\Users\Josh\AppData\Local\Unity
2014-08-22 22:50 - 2014-08-17 23:27 - 00000000 ____D () C:\Windows\Minidump
2014-08-17 23:27 - 2014-06-23 20:26 - 04942288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 19:21 - 2013-12-30 00:07 - 00000000 ____D () C:\Users\Josh\AppData\Local\NFS Underground 2
2014-08-17 18:45 - 2014-06-23 20:28 - 00072168 _____ () C:\Users\Josh\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-17 18:44 - 2014-08-17 18:44 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-17 18:44 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Josh\AppData\Local\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 01101648 _____ () C:\Users\Josh\Better DS3 - CHIP-Installer.exe
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Abelssoft
2014-08-17 18:43 - 2014-08-17 18:43 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-15 17:02 - 2014-08-13 23:47 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf - Marius, Basti
2014-08-15 16:02 - 2014-07-20 00:14 - 00000000 ____D () C:\Users\Josh\Desktop\Essen - Denito, Nils
2014-08-15 15:54 - 2014-02-05 23:19 - 00000000 ____D () C:\Users\Josh\Desktop\Bewerbung
2014-08-15 15:53 - 2014-04-15 19:32 - 00000000 ____D () C:\Users\Josh\Desktop\10-17
2014-08-15 15:45 - 2014-08-11 21:37 - 00000000 ____D () C:\Users\Josh\Desktop\Heiligenhaus - Basti
2014-08-14 20:47 - 2014-08-14 20:45 - 00000000 ____D () C:\Users\Josh\Desktop\Düsseldorf Flughafen - Basti
2014-08-14 20:45 - 2014-06-17 19:18 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-13 10:51 - 2013-12-18 16:48 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Adobe

Files to move or delete:
====================
C:\Users\Josh\Better DS3 - CHIP-Installer.exe


Some content of TEMP:
====================
C:\Users\Josh\AppData\Local\Temp\avgnt.exe
C:\Users\Josh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmc9lc3.dll
C:\Users\Josh\AppData\Local\Temp\htmlayout.dll
C:\Users\Josh\AppData\Local\Temp\tmpBA78.exe
C:\Users\Josh\AppData\Local\Temp\vsdel.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 15:40

==================== End Of Log ============================
         
--- --- ---

--- --- ---


und hier das addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Josh at 2014-09-08 17:05:11
Running from C:\Users\Josh\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CPU-Control (HKLM-x32\...\CPU-Control_is1) (Version:  - Koma-Code)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4119 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Graffiti Studio 2.0 (HKLM-x32\...\Graffiti Studio 2.0_is1) (Version:  - Less Rain)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}) (Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}) (Version: 2.4.3 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B446137B-18A1-4FAE-B0E4-ABE8F09705F1}) (Version: 4.1.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{A2E24035-9B11-4E1D-9FBC-FA7F20C16832}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed Most Wanted Black Edition (HKLM-x32\...\Need for Speed Most Wanted Black Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.7 - Google)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.01.0 - Ralink)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Roller Coaster Tycoon 3 Platinum  - CarlesNeo ! (HKLM-x32\...\Roller Coaster Tycoon 3 Platinum  - CarlesNeo !) (Version:  - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
Sophos Anti-Rootkit 1.5.0 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.0 - Sophos Plc)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7C8BBDE-FE98-11E1-87C9-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Driver Package - Hamrick Software Image  (08/21/2006 1.0.0.6) (HKLM\...\8471012B3F8399ABE3245A7CFC97D18A077429A1) (Version: 08/21/2006 1.0.0.6 - Hamrick Software)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-52797748-3383784608-1755536748-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-30 17:11 - 00001394 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
79.142.66.242 www.google-analytics.com.
79.142.66.242 google-analytics.com.
79.142.66.242 connect.facebook.net.
193.107.16.138 www.google-analytics.com.
193.107.16.138 google-analytics.com.
193.107.16.138 connect.facebook.net.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B676187-6AA2-481D-8594-9D9388CDFACE} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Control Panel\srspanel_64.exe [2011-01-14] (SRS Labs, Inc.)
Task: {292241CE-EED8-4FE9-8BCE-EEDE3054C8DD} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {30416528-78D7-4AF7-87C7-8FED569850A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {30BC4EF7-D3BA-4453-AAB0-9C23EC0F956C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {3CF68B91-F0C2-4AF3-8039-A9B778710918} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {4475C269-913C-4D7D-8367-6345F3E347FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {5EA60DD9-7225-48F4-ADA2-96B95A51EE23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {62840F14-A950-4738-9226-2E2ED18FA8CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {6B5E1FA7-97CE-46FB-B145-0A7E1B415950} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {85950537-EA1B-47C7-B023-FFC531BF53E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {A121561D-312C-42D7-AD78-EA743316F125} - System32\Tasks\{35AA11B3-F3E0-450C-9585-BB2D031BBC03} => C:\Program Files (x86)\EA GAMES\Need for Speed Undercover\nfs.exe
Task: {A574F939-BD43-4887-893F-461CEE6C70EC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {A743E416-46D4-4E8A-8510-0DFEFB497FDF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B2B08077-B8E8-4E31-8942-7B7175FECC5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {BBE7E9AE-5E70-4D1F-8BA3-01E61BC93733} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {DB192EB6-67F6-4FF3-802D-810F4223549D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {EAFB8D74-901F-4666-B391-28C88DFE1E6F} - System32\Tasks\AdobeAAMUpdater-1.0-Josh-HP-Josh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-30 16:56 - 2014-08-30 16:56 - 02576896 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll
2014-08-30 16:56 - 2014-08-30 16:56 - 02162688 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-05-07 01:40 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-03-20 15:44 - 2014-03-20 15:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-05-10 19:56 - 2011-05-10 19:56 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00610872 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-30 16:57 - 2014-08-30 16:57 - 00806912 _____ () C:\Users\Josh\AppData\Local\YbcbPack\dsbpodkrvasg.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 36966968 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\libcef.dll
2014-09-08 14:35 - 2014-09-08 14:35 - 00043008 _____ () c:\users\josh\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmc9lc3.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Josh\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00867896 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00886840 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-08-25 13:01 - 2014-08-25 13:01 - 00108600 _____ () C:\Users\Josh\AppData\Roaming\Spotify\Data\libegl.dll
2014-02-12 12:50 - 2014-02-12 12:50 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2012-03-07 11:16 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-03 12:47 - 2014-09-03 12:47 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 04:23 - 2014-07-09 04:23 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4
AlternateDataStreams: C:\Users\Josh\Cookies:jhpVjgGHP1EYOihgcVrIUuL
AlternateDataStreams: C:\Users\Josh\Lokale Einstellungen:JuPKmyHSwWiNqODTE
AlternateDataStreams: C:\Users\Josh\AppData\Local:JuPKmyHSwWiNqODTE
AlternateDataStreams: C:\Users\Josh\AppData\Local\Anwendungsdaten:JuPKmyHSwWiNqODTE
AlternateDataStreams: C:\Users\Josh\AppData\Local\Temp:NubSTJuWxaRjo74tCKWa43R
AlternateDataStreams: C:\Users\Josh\AppData\Local\Temporary Internet Files:mbsb9FYt6pMKic6HLeAel

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Josh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk => C:\Windows\pss\Need for Speed™ Undercover Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Josh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk => C:\Windows\pss\Real Desktop.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Real Desktop => "C:\Program Files (x86)\Real Desktop\rdesc.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spotify => "C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2014 05:05:13 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (09/08/2014 05:05:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (09/08/2014 04:35:25 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Überprüfen, ob das Volume vom Anbieter unterstützt wird
   Volume einem Schattenkopiesatz hinzufügen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 16
   Snapshotkontext: 16
   Ausführungskontext: Coordinator
   Anbieter-ID: {00000000-0000-0000-0000-000000000000}
   Volumename: C:\
   Ausführungskontext: Coordinator

Error: (09/08/2014 04:35:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Überprüfen, ob das Volume vom Anbieter unterstützt wird
   Volume einem Schattenkopiesatz hinzufügen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 16
   Snapshotkontext: 16
   Ausführungskontext: Coordinator
   Anbieter-ID: {00000000-0000-0000-0000-000000000000}
   Volumename: C:\
   Ausführungskontext: Coordinator

Error: (09/08/2014 03:08:43 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Überprüfen, ob das Volume vom Anbieter unterstützt wird
   Volume einem Schattenkopiesatz hinzufügen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 16
   Snapshotkontext: 16
   Ausführungskontext: Coordinator
   Anbieter-ID: {00000000-0000-0000-0000-000000000000}
   Volumename: C:\
   Ausführungskontext: Coordinator

Error: (09/08/2014 03:08:43 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Überprüfen, ob das Volume vom Anbieter unterstützt wird
   Volume einem Schattenkopiesatz hinzufügen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 16
   Snapshotkontext: 16
   Ausführungskontext: Coordinator
   Anbieter-ID: {00000000-0000-0000-0000-000000000000}
   Volumename: C:\
   Ausführungskontext: Coordinator

Error: (09/08/2014 02:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe, Version: 14.0.1000.275, Zeitstempel: 0x532ae230
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000108c5
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0xTuneUpSystemStatusCheck.exe0
Pfad der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe1
Pfad des fehlerhaften Moduls: TuneUpSystemStatusCheck.exe2
Berichtskennung: TuneUpSystemStatusCheck.exe3

Error: (09/08/2014 02:34:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/06/2014 07:33:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004751d
ID des fehlerhaften Prozesses: 0x524
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (09/06/2014 07:21:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/08/2014 04:51:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/08/2014 04:51:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/08/2014 04:51:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/08/2014 04:51:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/08/2014 04:51:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/08/2014 04:51:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/08/2014 04:51:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/08/2014 04:51:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/08/2014 03:39:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/08/2014 03:39:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\CFCE.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-08 16:51:44.512
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:44.474
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:43.139
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:43.100
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:42.461
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:42.414
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:40.850
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 16:51:40.798
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 15:39:36.630
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-08 15:39:36.588
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CFCE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 6091.86 MB
Available physical RAM: 3471.22 MB
Total Pagefile: 12183.72 MB
Available Pagefile: 8723.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446 GB) (Free:323.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.6 GB) (Free:1.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.95 GB) FAT32
Drive h: (BFBC2) (CDROM) (Total:5.42 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1A644923)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
         

Geändert von Joshunk (08.09.2014 um 16:08 Uhr)

Alt 08.09.2014, 16:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 08.09.2014, 16:17   #3
Joshunk
 
Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



Hallo, danke für die schnelle antwort, aber die Logfiles sind doch als code im Beitrag?
oder sind damit die ergebnisse von Avira gemeint? die lassen sich nicht als code einfügen..
__________________

Alt 08.09.2014, 19:05   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.09.2014, 21:56   #5
Joshunk
 
Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



Bitteschön h:


Code:
ATTFilter
22:52:47.0749 0x21a0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:52:56.0647 0x21a0  ============================================================
22:52:56.0647 0x21a0  Current date / time: 2014/09/08 22:52:56.0647
22:52:56.0647 0x21a0  SystemInfo:
22:52:56.0647 0x21a0  
22:52:56.0647 0x21a0  OS Version: 6.1.7601 ServicePack: 1.0
22:52:56.0647 0x21a0  Product type: Workstation
22:52:56.0647 0x21a0  ComputerName: JOSH-HP
22:52:56.0647 0x21a0  UserName: Josh
22:52:56.0647 0x21a0  Windows directory: C:\Windows
22:52:56.0647 0x21a0  System windows directory: C:\Windows
22:52:56.0647 0x21a0  Running under WOW64
22:52:56.0647 0x21a0  Processor architecture: Intel x64
22:52:56.0647 0x21a0  Number of processors: 4
22:52:56.0647 0x21a0  Page size: 0x1000
22:52:56.0647 0x21a0  Boot type: Normal boot
22:52:56.0647 0x21a0  ============================================================
22:52:57.0067 0x21a0  KLMD registered as C:\Windows\system32\drivers\78333833.sys
22:52:57.0300 0x21a0  System UUID: {A509F6F4-1269-C24B-6566-27A0CBDA2B33}
22:52:57.0747 0x21a0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:52:57.0750 0x21a0  ============================================================
22:52:57.0750 0x21a0  \Device\Harddisk0\DR0:
22:52:57.0751 0x21a0  MBR partitions:
22:52:57.0751 0x21a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:52:57.0751 0x21a0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C01000
22:52:57.0751 0x21a0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37C65000, BlocksNum 0x1F31000
22:52:57.0751 0x21a0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
22:52:57.0751 0x21a0  ============================================================
22:52:57.0781 0x21a0  C: <-> \Device\Harddisk0\DR0\Partition2
22:52:57.0844 0x21a0  D: <-> \Device\Harddisk0\DR0\Partition3
22:52:57.0855 0x21a0  E: <-> \Device\Harddisk0\DR0\Partition4
22:52:57.0855 0x21a0  ============================================================
22:52:57.0855 0x21a0  Initialize success
22:52:57.0855 0x21a0  ============================================================
22:52:59.0347 0x0efc  ============================================================
22:52:59.0347 0x0efc  Scan started
22:52:59.0347 0x0efc  Mode: Manual; 
22:52:59.0347 0x0efc  ============================================================
22:52:59.0347 0x0efc  KSN ping started
22:53:13.0084 0x0efc  KSN ping finished: true
22:53:14.0118 0x0efc  ================ Scan system memory ========================
22:53:14.0118 0x0efc  System memory - ok
22:53:14.0118 0x0efc  ================ Scan services =============================
22:53:14.0276 0x0efc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:53:14.0285 0x0efc  1394ohci - ok
22:53:14.0318 0x0efc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:53:14.0330 0x0efc  ACPI - ok
22:53:14.0359 0x0efc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:53:14.0362 0x0efc  AcpiPmi - ok
22:53:14.0480 0x0efc  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:14.0491 0x0efc  AdobeFlashPlayerUpdateSvc - ok
22:53:14.0522 0x0efc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:53:14.0534 0x0efc  adp94xx - ok
22:53:14.0570 0x0efc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:53:14.0579 0x0efc  adpahci - ok
22:53:14.0604 0x0efc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:53:14.0611 0x0efc  adpu320 - ok
22:53:14.0650 0x0efc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:53:14.0655 0x0efc  AeLookupSvc - ok
22:53:14.0693 0x0efc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
22:53:14.0707 0x0efc  AFD - ok
22:53:14.0734 0x0efc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:53:14.0738 0x0efc  agp440 - ok
22:53:14.0760 0x0efc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:53:14.0765 0x0efc  ALG - ok
22:53:14.0786 0x0efc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:53:14.0789 0x0efc  aliide - ok
22:53:14.0796 0x0efc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:53:14.0800 0x0efc  amdide - ok
22:53:14.0826 0x0efc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:53:14.0831 0x0efc  AmdK8 - ok
22:53:14.0845 0x0efc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:53:14.0850 0x0efc  AmdPPM - ok
22:53:14.0861 0x0efc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:53:14.0867 0x0efc  amdsata - ok
22:53:14.0889 0x0efc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:53:14.0896 0x0efc  amdsbs - ok
22:53:14.0910 0x0efc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:53:14.0914 0x0efc  amdxata - ok
22:53:15.0007 0x0efc  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:53:15.0020 0x0efc  AntiVirSchedulerService - ok
22:53:15.0062 0x0efc  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:53:15.0074 0x0efc  AntiVirService - ok
22:53:15.0121 0x0efc  [ CA9E51B4456B64A92FE60A592EE7DE61, 358B95623C8577A158D789FB03910ECB86EE746031C78EC97A6A8EE9A5B0086B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:53:15.0147 0x0efc  AntiVirWebService - ok
22:53:15.0167 0x0efc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:53:15.0171 0x0efc  AppID - ok
22:53:15.0192 0x0efc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:53:15.0198 0x0efc  AppIDSvc - ok
22:53:15.0229 0x0efc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:53:15.0235 0x0efc  Appinfo - ok
22:53:15.0262 0x0efc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:53:15.0268 0x0efc  arc - ok
22:53:15.0277 0x0efc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:53:15.0282 0x0efc  arcsas - ok
22:53:15.0379 0x0efc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:53:15.0385 0x0efc  aspnet_state - ok
22:53:15.0408 0x0efc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:15.0411 0x0efc  AsyncMac - ok
22:53:15.0438 0x0efc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:53:15.0441 0x0efc  atapi - ok
22:53:15.0480 0x0efc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:53:15.0498 0x0efc  AudioEndpointBuilder - ok
22:53:15.0546 0x0efc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:53:15.0558 0x0efc  AudioSrv - ok
22:53:15.0577 0x0efc  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:53:15.0584 0x0efc  avgntflt - ok
22:53:15.0601 0x0efc  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:53:15.0609 0x0efc  avipbb - ok
22:53:15.0631 0x0efc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:53:15.0635 0x0efc  avkmgr - ok
22:53:15.0645 0x0efc  [ 09036D9F85BE6B659D375D2F0BAD0AD2, CCF4D28F60CF8E2B0F781D41F9E9FA84739AC6F948C09203D2498D64222CF990 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:53:15.0650 0x0efc  avnetflt - ok
22:53:15.0670 0x0efc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:53:15.0679 0x0efc  AxInstSV - ok
22:53:15.0716 0x0efc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:53:15.0728 0x0efc  b06bdrv - ok
22:53:15.0750 0x0efc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:53:15.0759 0x0efc  b57nd60a - ok
22:53:15.0809 0x0efc  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
22:53:15.0836 0x0efc  BCM43XX - ok
22:53:15.0861 0x0efc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:53:15.0869 0x0efc  BDESVC - ok
22:53:15.0885 0x0efc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:53:15.0887 0x0efc  Beep - ok
22:53:15.0916 0x0efc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:53:15.0948 0x0efc  BFE - ok
22:53:16.0006 0x0efc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:53:16.0083 0x0efc  BITS - ok
22:53:16.0093 0x0efc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:53:16.0099 0x0efc  blbdrive - ok
22:53:16.0107 0x0efc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:53:16.0115 0x0efc  bowser - ok
22:53:16.0143 0x0efc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:53:16.0147 0x0efc  BrFiltLo - ok
22:53:16.0162 0x0efc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:53:16.0166 0x0efc  BrFiltUp - ok
22:53:16.0183 0x0efc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:53:16.0191 0x0efc  Browser - ok
22:53:16.0216 0x0efc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:53:16.0229 0x0efc  Brserid - ok
22:53:16.0239 0x0efc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:53:16.0245 0x0efc  BrSerWdm - ok
22:53:16.0259 0x0efc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:53:16.0263 0x0efc  BrUsbMdm - ok
22:53:16.0275 0x0efc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:53:16.0278 0x0efc  BrUsbSer - ok
22:53:16.0288 0x0efc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:53:16.0295 0x0efc  BTHMODEM - ok
22:53:16.0324 0x0efc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:53:16.0332 0x0efc  bthserv - ok
22:53:16.0355 0x0efc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:53:16.0362 0x0efc  cdfs - ok
22:53:16.0381 0x0efc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:53:16.0390 0x0efc  cdrom - ok
22:53:16.0407 0x0efc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:53:16.0417 0x0efc  CertPropSvc - ok
22:53:16.0437 0x0efc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:53:16.0443 0x0efc  circlass - ok
22:53:16.0467 0x0efc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:53:16.0489 0x0efc  CLFS - ok
22:53:16.0555 0x0efc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:53:16.0562 0x0efc  clr_optimization_v2.0.50727_32 - ok
22:53:16.0600 0x0efc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:53:16.0608 0x0efc  clr_optimization_v2.0.50727_64 - ok
22:53:16.0649 0x0efc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:53:16.0656 0x0efc  clr_optimization_v4.0.30319_32 - ok
22:53:16.0667 0x0efc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:53:16.0675 0x0efc  clr_optimization_v4.0.30319_64 - ok
22:53:16.0697 0x0efc  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
22:53:16.0702 0x0efc  clwvd - ok
22:53:16.0721 0x0efc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:53:16.0725 0x0efc  CmBatt - ok
22:53:16.0755 0x0efc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:53:16.0759 0x0efc  cmdide - ok
22:53:16.0801 0x0efc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:53:16.0845 0x0efc  CNG - ok
22:53:16.0850 0x0efc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:53:16.0854 0x0efc  Compbatt - ok
22:53:16.0858 0x0efc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:53:16.0864 0x0efc  CompositeBus - ok
22:53:16.0867 0x0efc  COMSysApp - ok
22:53:16.0883 0x0efc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:53:16.0888 0x0efc  crcdisk - ok
22:53:16.0917 0x0efc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:53:16.0925 0x0efc  CryptSvc - ok
22:53:17.0003 0x0efc  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:53:17.0068 0x0efc  cvhsvc - ok
22:53:17.0113 0x0efc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:53:17.0123 0x0efc  DcomLaunch - ok
22:53:17.0155 0x0efc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:53:17.0166 0x0efc  defragsvc - ok
22:53:17.0182 0x0efc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:53:17.0190 0x0efc  DfsC - ok
22:53:17.0211 0x0efc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:53:17.0232 0x0efc  Dhcp - ok
22:53:17.0248 0x0efc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:53:17.0252 0x0efc  discache - ok
22:53:17.0266 0x0efc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:53:17.0273 0x0efc  Disk - ok
22:53:17.0302 0x0efc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:53:17.0310 0x0efc  Dnscache - ok
22:53:17.0333 0x0efc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:53:17.0348 0x0efc  dot3svc - ok
22:53:17.0368 0x0efc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:53:17.0376 0x0efc  DPS - ok
22:53:17.0396 0x0efc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:53:17.0400 0x0efc  drmkaud - ok
22:53:17.0437 0x0efc  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:53:17.0450 0x0efc  dtsoftbus01 - ok
22:53:17.0507 0x0efc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:53:17.0554 0x0efc  DXGKrnl - ok
22:53:17.0600 0x0efc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:53:17.0607 0x0efc  EapHost - ok
22:53:17.0731 0x0efc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:53:17.0877 0x0efc  ebdrv - ok
22:53:17.0922 0x0efc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
22:53:17.0926 0x0efc  EFS - ok
22:53:18.0007 0x0efc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:53:18.0068 0x0efc  ehRecvr - ok
22:53:18.0093 0x0efc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:53:18.0102 0x0efc  ehSched - ok
22:53:18.0135 0x0efc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:53:18.0165 0x0efc  elxstor - ok
22:53:18.0174 0x0efc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:53:18.0177 0x0efc  ErrDev - ok
22:53:18.0219 0x0efc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:53:18.0241 0x0efc  EventSystem - ok
22:53:18.0267 0x0efc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:53:18.0275 0x0efc  exfat - ok
22:53:18.0280 0x0efc  ezSharedSvc - ok
22:53:18.0297 0x0efc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:53:18.0306 0x0efc  fastfat - ok
22:53:18.0335 0x0efc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:53:18.0368 0x0efc  Fax - ok
22:53:18.0381 0x0efc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:53:18.0387 0x0efc  fdc - ok
22:53:18.0396 0x0efc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:53:18.0399 0x0efc  fdPHost - ok
22:53:18.0413 0x0efc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:53:18.0419 0x0efc  FDResPub - ok
22:53:18.0424 0x0efc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:53:18.0430 0x0efc  FileInfo - ok
22:53:18.0447 0x0efc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:53:18.0452 0x0efc  Filetrace - ok
22:53:18.0456 0x0efc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:53:18.0460 0x0efc  flpydisk - ok
22:53:18.0475 0x0efc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:53:18.0489 0x0efc  FltMgr - ok
22:53:18.0547 0x0efc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:53:18.0623 0x0efc  FontCache - ok
22:53:18.0667 0x0efc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:53:18.0673 0x0efc  FontCache3.0.0.0 - ok
22:53:18.0695 0x0efc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:53:18.0701 0x0efc  FsDepends - ok
22:53:18.0726 0x0efc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:53:18.0729 0x0efc  Fs_Rec - ok
22:53:18.0752 0x0efc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:53:18.0767 0x0efc  fvevol - ok
22:53:18.0780 0x0efc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:53:18.0787 0x0efc  gagp30kx - ok
22:53:18.0843 0x0efc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:53:18.0875 0x0efc  gpsvc - ok
22:53:18.0914 0x0efc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:18.0923 0x0efc  gupdate - ok
22:53:18.0936 0x0efc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:18.0939 0x0efc  gupdatem - ok
22:53:18.0957 0x0efc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:53:18.0962 0x0efc  hcw85cir - ok
22:53:18.0980 0x0efc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:53:18.0995 0x0efc  HdAudAddService - ok
22:53:19.0012 0x0efc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:53:19.0021 0x0efc  HDAudBus - ok
22:53:19.0041 0x0efc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:53:19.0045 0x0efc  HidBatt - ok
22:53:19.0068 0x0efc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:53:19.0074 0x0efc  HidBth - ok
22:53:19.0088 0x0efc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:53:19.0094 0x0efc  HidIr - ok
22:53:19.0113 0x0efc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:53:19.0119 0x0efc  hidserv - ok
22:53:19.0148 0x0efc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:53:19.0153 0x0efc  HidUsb - ok
22:53:19.0178 0x0efc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:53:19.0187 0x0efc  hkmsvc - ok
22:53:19.0206 0x0efc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:53:19.0223 0x0efc  HomeGroupListener - ok
22:53:19.0266 0x0efc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:53:19.0274 0x0efc  HomeGroupProvider - ok
22:53:19.0351 0x0efc  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
22:53:19.0398 0x0efc  HPAuto - ok
22:53:19.0440 0x0efc  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
22:53:19.0457 0x0efc  HPClientSvc - ok
22:53:19.0530 0x0efc  [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559, FCC28D44C1E3F6FF65C596CDA9BF09C03D4EF3EEFCDB628954A07B0D3E182F3B ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:53:19.0563 0x0efc  hpqwmiex - ok
22:53:19.0587 0x0efc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:53:19.0594 0x0efc  HpSAMD - ok
22:53:19.0621 0x0efc  [ 28E15C3D39DCD27A79251BA0BF216A11, DF6CEA842B84148CCB90CA5DB02265BE71BA95CCDE0E186DD72191E0EFA14C11 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
22:53:19.0625 0x0efc  HPWMISVC - ok
22:53:19.0653 0x0efc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:53:19.0674 0x0efc  HTTP - ok
22:53:19.0684 0x0efc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:53:19.0687 0x0efc  hwpolicy - ok
22:53:19.0704 0x0efc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:53:19.0712 0x0efc  i8042prt - ok
22:53:19.0755 0x0efc  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:53:19.0764 0x0efc  iaStor - ok
22:53:19.0809 0x0efc  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:53:19.0812 0x0efc  IAStorDataMgrSvc - ok
22:53:19.0840 0x0efc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:53:19.0856 0x0efc  iaStorV - ok
22:53:19.0967 0x0efc  [ D22D82D74FD1B6C77E7556DBDC3EA9D2, D18B461034A2ECF76E87D13EADA8F9292E44D441B99519D382B29CF99875E5AD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:53:20.0122 0x0efc  IconMan_R - ok
22:53:20.0172 0x0efc  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:53:20.0181 0x0efc  IDriverT - ok
22:53:20.0237 0x0efc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:53:20.0312 0x0efc  idsvc - ok
22:53:20.0316 0x0efc  IEEtwCollectorService - ok
22:53:20.0707 0x0efc  [ 6383899C5F964D71B0F96B81FBE59BB8, 780B2B5945CF266CD0807B6F91177A558EC1E568F9D7D850C172A137414394E6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:53:21.0117 0x0efc  igfx - ok
22:53:21.0146 0x0efc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:53:21.0152 0x0efc  iirsp - ok
22:53:21.0205 0x0efc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:53:21.0242 0x0efc  IKEEXT - ok
22:53:21.0270 0x0efc  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:53:21.0283 0x0efc  IntcDAud - ok
22:53:21.0311 0x0efc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:53:21.0315 0x0efc  intelide - ok
22:53:21.0331 0x0efc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:53:21.0337 0x0efc  intelppm - ok
22:53:21.0360 0x0efc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:53:21.0371 0x0efc  IPBusEnum - ok
22:53:21.0386 0x0efc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:53:21.0393 0x0efc  IpFilterDriver - ok
22:53:21.0427 0x0efc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:53:21.0460 0x0efc  iphlpsvc - ok
22:53:21.0477 0x0efc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:53:21.0484 0x0efc  IPMIDRV - ok
22:53:21.0494 0x0efc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:53:21.0501 0x0efc  IPNAT - ok
22:53:21.0519 0x0efc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:53:21.0523 0x0efc  IRENUM - ok
22:53:21.0540 0x0efc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:53:21.0545 0x0efc  isapnp - ok
22:53:21.0579 0x0efc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:53:21.0593 0x0efc  iScsiPrt - ok
22:53:21.0648 0x0efc  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
22:53:21.0658 0x0efc  jhi_service - ok
22:53:21.0685 0x0efc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:53:21.0692 0x0efc  kbdclass - ok
22:53:21.0705 0x0efc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:53:21.0710 0x0efc  kbdhid - ok
22:53:21.0719 0x0efc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
22:53:21.0720 0x0efc  KeyIso - ok
22:53:21.0741 0x0efc  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:53:21.0749 0x0efc  KSecDD - ok
22:53:21.0766 0x0efc  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:53:21.0776 0x0efc  KSecPkg - ok
22:53:21.0786 0x0efc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:53:21.0791 0x0efc  ksthunk - ok
22:53:21.0834 0x0efc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:53:21.0851 0x0efc  KtmRm - ok
22:53:21.0880 0x0efc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:53:21.0891 0x0efc  LanmanServer - ok
22:53:21.0917 0x0efc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:53:21.0925 0x0efc  LanmanWorkstation - ok
22:53:21.0936 0x0efc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:53:21.0943 0x0efc  lltdio - ok
22:53:21.0968 0x0efc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:53:21.0985 0x0efc  lltdsvc - ok
22:53:21.0998 0x0efc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:53:22.0002 0x0efc  lmhosts - ok
22:53:22.0043 0x0efc  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:53:22.0063 0x0efc  LMS - ok
22:53:22.0090 0x0efc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:53:22.0097 0x0efc  LSI_FC - ok
22:53:22.0103 0x0efc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:53:22.0109 0x0efc  LSI_SAS - ok
22:53:22.0127 0x0efc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:53:22.0135 0x0efc  LSI_SAS2 - ok
22:53:22.0148 0x0efc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:53:22.0156 0x0efc  LSI_SCSI - ok
22:53:22.0173 0x0efc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:53:22.0183 0x0efc  luafv - ok
22:53:22.0218 0x0efc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:53:22.0228 0x0efc  Mcx2Svc - ok
22:53:22.0244 0x0efc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:53:22.0250 0x0efc  megasas - ok
22:53:22.0268 0x0efc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:53:22.0282 0x0efc  MegaSR - ok
22:53:22.0306 0x0efc  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:53:22.0312 0x0efc  MEIx64 - ok
22:53:22.0349 0x0efc  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2       C:\Windows\system32\CFCE.tmp
22:53:22.0352 0x0efc  MEMSWEEP2 - ok
22:53:22.0376 0x0efc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:53:22.0382 0x0efc  MMCSS - ok
22:53:22.0394 0x0efc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:53:22.0399 0x0efc  Modem - ok
22:53:22.0426 0x0efc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:53:22.0430 0x0efc  monitor - ok
22:53:22.0462 0x0efc  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
22:53:22.0471 0x0efc  MotioninJoyXFilter - ok
22:53:22.0496 0x0efc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:53:22.0502 0x0efc  mouclass - ok
22:53:22.0508 0x0efc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:53:22.0513 0x0efc  mouhid - ok
22:53:22.0526 0x0efc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:53:22.0534 0x0efc  mountmgr - ok
22:53:22.0570 0x0efc  [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:53:22.0579 0x0efc  MozillaMaintenance - ok
22:53:22.0597 0x0efc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:53:22.0607 0x0efc  mpio - ok
22:53:22.0624 0x0efc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:53:22.0631 0x0efc  mpsdrv - ok
22:53:22.0681 0x0efc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:53:22.0717 0x0efc  MpsSvc - ok
22:53:22.0739 0x0efc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:53:22.0749 0x0efc  MRxDAV - ok
22:53:22.0782 0x0efc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:53:22.0793 0x0efc  mrxsmb - ok
22:53:22.0808 0x0efc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:53:22.0824 0x0efc  mrxsmb10 - ok
22:53:22.0830 0x0efc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:53:22.0838 0x0efc  mrxsmb20 - ok
22:53:22.0853 0x0efc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:53:22.0856 0x0efc  msahci - ok
22:53:22.0880 0x0efc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:53:22.0889 0x0efc  msdsm - ok
22:53:22.0905 0x0efc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:53:22.0916 0x0efc  MSDTC - ok
22:53:22.0922 0x0efc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:53:22.0925 0x0efc  Msfs - ok
22:53:22.0936 0x0efc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:53:22.0939 0x0efc  mshidkmdf - ok
22:53:22.0942 0x0efc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:53:22.0946 0x0efc  msisadrv - ok
22:53:22.0973 0x0efc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:53:22.0986 0x0efc  MSiSCSI - ok
22:53:22.0989 0x0efc  msiserver - ok
22:53:23.0000 0x0efc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:53:23.0003 0x0efc  MSKSSRV - ok
22:53:23.0015 0x0efc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:53:23.0018 0x0efc  MSPCLOCK - ok
22:53:23.0034 0x0efc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:53:23.0038 0x0efc  MSPQM - ok
22:53:23.0059 0x0efc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:53:23.0070 0x0efc  MsRPC - ok
22:53:23.0081 0x0efc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:53:23.0086 0x0efc  mssmbios - ok
22:53:23.0104 0x0efc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:53:23.0107 0x0efc  MSTEE - ok
22:53:23.0117 0x0efc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:53:23.0121 0x0efc  MTConfig - ok
22:53:23.0137 0x0efc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:53:23.0143 0x0efc  Mup - ok
22:53:23.0183 0x0efc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:53:23.0216 0x0efc  napagent - ok
22:53:23.0240 0x0efc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:53:23.0255 0x0efc  NativeWifiP - ok
22:53:23.0311 0x0efc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:53:23.0362 0x0efc  NDIS - ok
22:53:23.0391 0x0efc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:53:23.0396 0x0efc  NdisCap - ok
22:53:23.0417 0x0efc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:53:23.0422 0x0efc  NdisTapi - ok
22:53:23.0434 0x0efc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:53:23.0440 0x0efc  Ndisuio - ok
22:53:23.0466 0x0efc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:53:23.0476 0x0efc  NdisWan - ok
22:53:23.0485 0x0efc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:53:23.0489 0x0efc  NDProxy - ok
22:53:23.0495 0x0efc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:53:23.0499 0x0efc  NetBIOS - ok
22:53:23.0575 0x0efc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:53:23.0588 0x0efc  NetBT - ok
22:53:23.0601 0x0efc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
22:53:23.0602 0x0efc  Netlogon - ok
22:53:23.0636 0x0efc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:53:23.0658 0x0efc  Netman - ok
22:53:23.0678 0x0efc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0686 0x0efc  NetMsmqActivator - ok
22:53:23.0700 0x0efc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0703 0x0efc  NetPipeActivator - ok
22:53:23.0735 0x0efc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:53:23.0763 0x0efc  netprofm - ok
22:53:23.0829 0x0efc  [ 5758FD37BF31E759F8610311E4D08ECA, 4F502E4DBD7725F2929CACD6D5E68018C5F7C10A9D12CD131CC69E72530DEA5F ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
22:53:23.0915 0x0efc  netr28x - ok
22:53:23.0931 0x0efc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0934 0x0efc  NetTcpActivator - ok
22:53:23.0941 0x0efc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:23.0944 0x0efc  NetTcpPortSharing - ok
22:53:23.0969 0x0efc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:53:23.0976 0x0efc  nfrd960 - ok
22:53:24.0012 0x0efc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:53:24.0024 0x0efc  NlaSvc - ok
22:53:24.0096 0x0efc  [ 91FC7F4BB192639E8893A9733E1F0E82, 095A807ACE813A8954018293D65294DFAFA2B1A66DCAFBCFDACA8654FF062C31 ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
22:53:24.0103 0x0efc  nlsX86cc - ok
22:53:24.0120 0x0efc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:53:24.0124 0x0efc  Npfs - ok
22:53:24.0145 0x0efc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:53:24.0150 0x0efc  nsi - ok
22:53:24.0159 0x0efc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:53:24.0162 0x0efc  nsiproxy - ok
22:53:24.0232 0x0efc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:53:24.0351 0x0efc  Ntfs - ok
22:53:24.0381 0x0efc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:53:24.0383 0x0efc  Null - ok
22:53:24.0408 0x0efc  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
22:53:24.0423 0x0efc  NVENETFD - ok
22:53:24.0430 0x0efc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:53:24.0438 0x0efc  nvraid - ok
22:53:24.0464 0x0efc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:53:24.0474 0x0efc  nvstor - ok
22:53:24.0487 0x0efc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:53:24.0495 0x0efc  nv_agp - ok
22:53:24.0571 0x0efc  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:53:24.0592 0x0efc  odserv - ok
22:53:24.0638 0x0efc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:53:24.0644 0x0efc  ohci1394 - ok
22:53:24.0672 0x0efc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:53:24.0683 0x0efc  ose - ok
22:53:24.0894 0x0efc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:53:25.0114 0x0efc  osppsvc - ok
22:53:25.0163 0x0efc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:53:25.0185 0x0efc  p2pimsvc - ok
22:53:25.0215 0x0efc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:53:25.0243 0x0efc  p2psvc - ok
22:53:25.0266 0x0efc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:53:25.0273 0x0efc  Parport - ok
22:53:25.0297 0x0efc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:53:25.0304 0x0efc  partmgr - ok
22:53:25.0339 0x0efc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:53:25.0348 0x0efc  PcaSvc - ok
22:53:25.0369 0x0efc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:53:25.0395 0x0efc  pci - ok
22:53:25.0414 0x0efc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:53:25.0418 0x0efc  pciide - ok
22:53:25.0445 0x0efc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:53:25.0457 0x0efc  pcmcia - ok
22:53:25.0461 0x0efc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:53:25.0466 0x0efc  pcw - ok
22:53:25.0498 0x0efc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:53:25.0536 0x0efc  PEAUTH - ok
22:53:25.0552 0x0efc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:53:25.0558 0x0efc  PerfHost - ok
22:53:25.0632 0x0efc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:53:25.0719 0x0efc  pla - ok
22:53:25.0749 0x0efc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:53:25.0770 0x0efc  PlugPlay - ok
22:53:25.0778 0x0efc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:53:25.0785 0x0efc  PNRPAutoReg - ok
22:53:25.0802 0x0efc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:53:25.0808 0x0efc  PNRPsvc - ok
22:53:25.0851 0x0efc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:53:25.0885 0x0efc  PolicyAgent - ok
22:53:25.0918 0x0efc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:53:25.0926 0x0efc  Power - ok
22:53:25.0954 0x0efc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:53:25.0962 0x0efc  PptpMiniport - ok
22:53:25.0979 0x0efc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:53:25.0985 0x0efc  Processor - ok
22:53:26.0015 0x0efc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:53:26.0026 0x0efc  ProfSvc - ok
22:53:26.0044 0x0efc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:53:26.0045 0x0efc  ProtectedStorage - ok
22:53:26.0062 0x0efc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:53:26.0069 0x0efc  Psched - ok
22:53:26.0094 0x0efc  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:53:26.0100 0x0efc  PxHlpa64 - ok
22:53:26.0184 0x0efc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:53:26.0326 0x0efc  ql2300 - ok
22:53:26.0341 0x0efc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:53:26.0349 0x0efc  ql40xx - ok
22:53:26.0376 0x0efc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:53:26.0391 0x0efc  QWAVE - ok
22:53:26.0406 0x0efc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:53:26.0411 0x0efc  QWAVEdrv - ok
22:53:26.0432 0x0efc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:53:26.0436 0x0efc  RasAcd - ok
22:53:26.0453 0x0efc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:53:26.0459 0x0efc  RasAgileVpn - ok
22:53:26.0475 0x0efc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:53:26.0484 0x0efc  RasAuto - ok
22:53:26.0490 0x0efc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:53:26.0498 0x0efc  Rasl2tp - ok
22:53:26.0532 0x0efc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:53:26.0555 0x0efc  RasMan - ok
22:53:26.0568 0x0efc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:53:26.0576 0x0efc  RasPppoe - ok
22:53:26.0581 0x0efc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:53:26.0587 0x0efc  RasSstp - ok
22:53:26.0608 0x0efc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:53:26.0623 0x0efc  rdbss - ok
22:53:26.0643 0x0efc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:53:26.0647 0x0efc  rdpbus - ok
22:53:26.0662 0x0efc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:53:26.0665 0x0efc  RDPCDD - ok
22:53:26.0670 0x0efc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:53:26.0672 0x0efc  RDPENCDD - ok
22:53:26.0677 0x0efc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:53:26.0680 0x0efc  RDPREFMP - ok
22:53:26.0718 0x0efc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:53:26.0725 0x0efc  RDPWD - ok
22:53:26.0748 0x0efc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:53:26.0760 0x0efc  rdyboost - ok
22:53:26.0797 0x0efc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:53:26.0806 0x0efc  RemoteAccess - ok
22:53:26.0837 0x0efc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:53:26.0847 0x0efc  RemoteRegistry - ok
22:53:26.0861 0x0efc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:53:26.0867 0x0efc  RpcEptMapper - ok
22:53:26.0892 0x0efc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:53:26.0896 0x0efc  RpcLocator - ok
22:53:26.0918 0x0efc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:53:26.0927 0x0efc  RpcSs - ok
22:53:26.0967 0x0efc  [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
22:53:26.0980 0x0efc  RSPCIESTOR - ok
22:53:27.0006 0x0efc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:53:27.0013 0x0efc  rspndr - ok
22:53:27.0042 0x0efc  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:53:27.0057 0x0efc  RTL8167 - ok
22:53:27.0100 0x0efc  [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService     C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
22:53:27.0107 0x0efc  RzKLService - ok
22:53:27.0122 0x0efc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
22:53:27.0123 0x0efc  SamSs - ok
22:53:27.0152 0x0efc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:53:27.0160 0x0efc  sbp2port - ok
22:53:27.0195 0x0efc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:53:27.0208 0x0efc  SCardSvr - ok
22:53:27.0220 0x0efc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:53:27.0225 0x0efc  scfilter - ok
22:53:27.0266 0x0efc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:53:27.0329 0x0efc  Schedule - ok
22:53:27.0346 0x0efc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:53:27.0348 0x0efc  SCPolicySvc - ok
22:53:27.0361 0x0efc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:53:27.0366 0x0efc  sdbus - ok
22:53:27.0386 0x0efc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:53:27.0400 0x0efc  SDRSVC - ok
22:53:27.0413 0x0efc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:53:27.0416 0x0efc  secdrv - ok
22:53:27.0424 0x0efc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:53:27.0430 0x0efc  seclogon - ok
22:53:27.0443 0x0efc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:53:27.0449 0x0efc  SENS - ok
22:53:27.0464 0x0efc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:53:27.0472 0x0efc  SensrSvc - ok
22:53:27.0486 0x0efc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:53:27.0491 0x0efc  Serenum - ok
22:53:27.0509 0x0efc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:53:27.0516 0x0efc  Serial - ok
22:53:27.0530 0x0efc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:53:27.0534 0x0efc  sermouse - ok
22:53:27.0558 0x0efc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:53:27.0569 0x0efc  SessionEnv - ok
22:53:27.0582 0x0efc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:53:27.0586 0x0efc  sffdisk - ok
22:53:27.0595 0x0efc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:53:27.0599 0x0efc  sffp_mmc - ok
22:53:27.0608 0x0efc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:53:27.0612 0x0efc  sffp_sd - ok
22:53:27.0623 0x0efc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:53:27.0627 0x0efc  sfloppy - ok
22:53:27.0675 0x0efc  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
22:53:27.0740 0x0efc  Sftfs - ok
22:53:27.0780 0x0efc  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:53:27.0793 0x0efc  Sftplay - ok
22:53:27.0813 0x0efc  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:53:27.0818 0x0efc  Sftredir - ok
22:53:27.0837 0x0efc  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
22:53:27.0844 0x0efc  Sftvol - ok
22:53:27.0883 0x0efc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:53:27.0902 0x0efc  SharedAccess - ok
22:53:27.0959 0x0efc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:53:27.0975 0x0efc  ShellHWDetection - ok
22:53:28.0001 0x0efc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:53:28.0008 0x0efc  SiSRaid2 - ok
22:53:28.0020 0x0efc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:53:28.0026 0x0efc  SiSRaid4 - ok
22:53:28.0046 0x0efc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:53:28.0053 0x0efc  Smb - ok
22:53:28.0077 0x0efc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:53:28.0083 0x0efc  SNMPTRAP - ok
22:53:28.0110 0x0efc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:53:28.0113 0x0efc  spldr - ok
22:53:28.0149 0x0efc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:53:28.0181 0x0efc  Spooler - ok
22:53:28.0303 0x0efc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:53:28.0425 0x0efc  sppsvc - ok
22:53:28.0446 0x0efc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:53:28.0455 0x0efc  sppuinotify - ok
22:53:28.0485 0x0efc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:53:28.0512 0x0efc  srv - ok
22:53:28.0591 0x0efc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:53:28.0619 0x0efc  srv2 - ok
22:53:28.0662 0x0efc  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:53:28.0675 0x0efc  SrvHsfHDA - ok
22:53:28.0735 0x0efc  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:53:28.0866 0x0efc  SrvHsfV92 - ok
22:53:28.0904 0x0efc  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:53:28.0946 0x0efc  SrvHsfWinac - ok
22:53:28.0968 0x0efc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:53:28.0979 0x0efc  srvnet - ok
22:53:29.0014 0x0efc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:53:29.0024 0x0efc  SSDPSRV - ok
22:53:29.0043 0x0efc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:53:29.0049 0x0efc  SstpSvc - ok
22:53:29.0100 0x0efc  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0, AD540FB4F300731DE403FB95F110A0F3DBA25917A91EAB23966286DD88C98D17 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
22:53:29.0111 0x0efc  STacSV - ok
22:53:29.0130 0x0efc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:53:29.0136 0x0efc  stexstor - ok
22:53:29.0176 0x0efc  [ EBA98394A7D58F7552C52192BD8FA7E6, 4238870E50132E87772300058B37E36973695CC1A5E62117EEF4B424C6A137E4 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
22:53:29.0207 0x0efc  STHDA - ok
22:53:29.0248 0x0efc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:53:29.0283 0x0efc  stisvc - ok
22:53:29.0299 0x0efc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:53:29.0303 0x0efc  swenum - ok
22:53:29.0360 0x0efc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:53:29.0396 0x0efc  SwitchBoard - ok
22:53:29.0437 0x0efc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:53:29.0470 0x0efc  swprv - ok
22:53:29.0538 0x0efc  [ C447977ED2A4AE9346FE3A0579A34D7C, 35A8F13AAB57549BBC1457AD86F44FEF2394E55841A1D6D6C5E029310E02F377 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:53:29.0625 0x0efc  SynTP - ok
22:53:29.0715 0x0efc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:53:29.0766 0x0efc  SysMain - ok
22:53:29.0783 0x0efc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:53:29.0791 0x0efc  TabletInputService - ok
22:53:29.0808 0x0efc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:53:29.0830 0x0efc  TapiSrv - ok
22:53:29.0850 0x0efc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:53:29.0857 0x0efc  TBS - ok
22:53:29.0938 0x0efc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:53:30.0056 0x0efc  Tcpip - ok
22:53:30.0124 0x0efc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:53:30.0156 0x0efc  TCPIP6 - ok
22:53:30.0180 0x0efc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:53:30.0186 0x0efc  tcpipreg - ok
22:53:30.0212 0x0efc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:53:30.0216 0x0efc  TDPIPE - ok
22:53:30.0237 0x0efc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:53:30.0242 0x0efc  TDTCP - ok
22:53:30.0264 0x0efc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:53:30.0272 0x0efc  tdx - ok
22:53:30.0288 0x0efc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:53:30.0295 0x0efc  TermDD - ok
22:53:30.0339 0x0efc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
22:53:30.0403 0x0efc  TermService - ok
22:53:30.0419 0x0efc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:53:30.0426 0x0efc  Themes - ok
22:53:30.0442 0x0efc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:53:30.0444 0x0efc  THREADORDER - ok
22:53:30.0461 0x0efc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:53:30.0468 0x0efc  TrkWks - ok
22:53:30.0522 0x0efc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:53:30.0529 0x0efc  TrustedInstaller - ok
22:53:30.0546 0x0efc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:53:30.0551 0x0efc  tssecsrv - ok
22:53:30.0564 0x0efc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:53:30.0571 0x0efc  TsUsbFlt - ok
22:53:30.0591 0x0efc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:53:30.0596 0x0efc  TsUsbGD - ok
22:53:30.0702 0x0efc  [ FDD4A2791EAC764854CA2C20F611E428, CD8F6FD6A544D7A7C689EA006925962929466693BAA7947CFAA221D686531C5D ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
22:53:30.0737 0x0efc  TuneUp.UtilitiesSvc - ok
22:53:30.0761 0x0efc  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
22:53:30.0765 0x0efc  TuneUpUtilitiesDrv - ok
22:53:30.0778 0x0efc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:53:30.0786 0x0efc  tunnel - ok
22:53:30.0807 0x0efc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:53:30.0814 0x0efc  uagp35 - ok
22:53:30.0833 0x0efc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:53:30.0847 0x0efc  udfs - ok
22:53:30.0884 0x0efc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:53:30.0891 0x0efc  UI0Detect - ok
22:53:30.0910 0x0efc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:53:30.0916 0x0efc  uliagpkx - ok
22:53:30.0928 0x0efc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:53:30.0934 0x0efc  umbus - ok
22:53:30.0944 0x0efc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:53:30.0948 0x0efc  UmPass - ok
22:53:30.0990 0x0efc  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:53:30.0993 0x0efc  UnlockerDriver5 - ok
22:53:31.0115 0x0efc  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:53:31.0167 0x0efc  UNS - ok
22:53:31.0209 0x0efc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:53:31.0231 0x0efc  upnphost - ok
22:53:31.0252 0x0efc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:53:31.0260 0x0efc  usbccgp - ok
22:53:31.0286 0x0efc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:53:31.0296 0x0efc  usbcir - ok
22:53:31.0320 0x0efc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:53:31.0326 0x0efc  usbehci - ok
22:53:31.0345 0x0efc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:53:31.0362 0x0efc  usbhub - ok
22:53:31.0378 0x0efc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:53:31.0383 0x0efc  usbohci - ok
22:53:31.0407 0x0efc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:53:31.0412 0x0efc  usbprint - ok
22:53:31.0448 0x0efc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:53:31.0454 0x0efc  usbscan - ok
22:53:31.0470 0x0efc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:53:31.0478 0x0efc  USBSTOR - ok
22:53:31.0482 0x0efc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:53:31.0487 0x0efc  usbuhci - ok
22:53:31.0525 0x0efc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:53:31.0535 0x0efc  usbvideo - ok
22:53:31.0558 0x0efc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:53:31.0564 0x0efc  UxSms - ok
22:53:31.0585 0x0efc  [ ED52BD327DE6B8AAFC05CF8F46B0E4FB, FBDB05197DFDBB9BE7C762B38BC35B45267D9FB68B49297BB521F2852AB80C12 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
22:53:31.0592 0x0efc  UxTuneUp - ok
22:53:31.0600 0x0efc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
22:53:31.0602 0x0efc  VaultSvc - ok
22:53:31.0637 0x0efc  [ B0A8C5BC95689A130F9E05492341833D, 8DDC6D77B0541813919B685D2DFCDFA4F752F8DD99400DA87523F8D2E9D72D27 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:53:31.0644 0x0efc  VBoxNetAdp - ok
22:53:31.0647 0x0efc  VBoxNetFlt - ok
22:53:31.0672 0x0efc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:53:31.0676 0x0efc  vdrvroot - ok
22:53:31.0714 0x0efc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:53:31.0744 0x0efc  vds - ok
22:53:31.0759 0x0efc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:53:31.0764 0x0efc  vga - ok
22:53:31.0777 0x0efc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:53:31.0782 0x0efc  VgaSave - ok
22:53:31.0806 0x0efc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:53:31.0819 0x0efc  vhdmp - ok
22:53:31.0842 0x0efc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:53:31.0846 0x0efc  viaide - ok
22:53:31.0861 0x0efc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:53:31.0867 0x0efc  volmgr - ok
22:53:31.0893 0x0efc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:53:31.0930 0x0efc  volmgrx - ok
22:53:31.0950 0x0efc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:53:31.0980 0x0efc  volsnap - ok
22:53:31.0998 0x0efc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:53:32.0010 0x0efc  vsmraid - ok
22:53:32.0083 0x0efc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:53:32.0152 0x0efc  VSS - ok
22:53:32.0170 0x0efc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:53:32.0175 0x0efc  vwifibus - ok
22:53:32.0201 0x0efc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:53:32.0207 0x0efc  vwififlt - ok
22:53:32.0226 0x0efc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:53:32.0248 0x0efc  W32Time - ok
22:53:32.0268 0x0efc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:53:32.0273 0x0efc  WacomPen - ok
22:53:32.0279 0x0efc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:53:32.0285 0x0efc  WANARP - ok
22:53:32.0289 0x0efc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:53:32.0291 0x0efc  Wanarpv6 - ok
22:53:32.0355 0x0efc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:53:32.0454 0x0efc  wbengine - ok
22:53:32.0474 0x0efc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:53:32.0517 0x0efc  WbioSrvc - ok
22:53:32.0546 0x0efc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:53:32.0563 0x0efc  wcncsvc - ok
22:53:32.0577 0x0efc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:53:32.0585 0x0efc  WcsPlugInService - ok
22:53:32.0615 0x0efc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:53:32.0620 0x0efc  Wd - ok
22:53:32.0661 0x0efc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:53:32.0706 0x0efc  Wdf01000 - ok
22:53:32.0731 0x0efc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:53:32.0738 0x0efc  WdiServiceHost - ok
22:53:32.0744 0x0efc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:53:32.0746 0x0efc  WdiSystemHost - ok
22:53:32.0780 0x0efc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:53:32.0795 0x0efc  WebClient - ok
22:53:32.0820 0x0efc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:53:32.0835 0x0efc  Wecsvc - ok
22:53:32.0849 0x0efc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:53:32.0856 0x0efc  wercplsupport - ok
22:53:32.0873 0x0efc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:53:32.0876 0x0efc  WerSvc - ok
22:53:32.0902 0x0efc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:53:32.0906 0x0efc  WfpLwf - ok
22:53:32.0919 0x0efc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:53:32.0924 0x0efc  WIMMount - ok
22:53:32.0950 0x0efc  WinDefend - ok
22:53:32.0955 0x0efc  WinHttpAutoProxySvc - ok
22:53:33.0019 0x0efc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:53:33.0030 0x0efc  Winmgmt - ok
22:53:33.0107 0x0efc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:53:33.0251 0x0efc  WinRM - ok
22:53:33.0279 0x0efc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:53:33.0287 0x0efc  WinUsb - ok
22:53:33.0324 0x0efc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:53:33.0366 0x0efc  Wlansvc - ok
22:53:33.0378 0x0efc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:53:33.0382 0x0efc  WmiAcpi - ok
22:53:33.0419 0x0efc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:53:33.0430 0x0efc  wmiApSrv - ok
22:53:33.0454 0x0efc  WMPNetworkSvc - ok
22:53:33.0478 0x0efc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:53:33.0484 0x0efc  WPCSvc - ok
22:53:33.0495 0x0efc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:53:33.0504 0x0efc  WPDBusEnum - ok
22:53:33.0526 0x0efc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:53:33.0530 0x0efc  ws2ifsl - ok
22:53:33.0542 0x0efc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:53:33.0549 0x0efc  wscsvc - ok
22:53:33.0552 0x0efc  WSearch - ok
22:53:33.0648 0x0efc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:53:33.0747 0x0efc  wuauserv - ok
22:53:33.0766 0x0efc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:53:33.0773 0x0efc  WudfPf - ok
22:53:33.0791 0x0efc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:53:33.0801 0x0efc  WUDFRd - ok
22:53:33.0822 0x0efc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:53:33.0828 0x0efc  wudfsvc - ok
22:53:33.0858 0x0efc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:53:33.0874 0x0efc  WwanSvc - ok
22:53:33.0908 0x0efc  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
22:53:33.0916 0x0efc  xusb21 - ok
22:53:33.0919 0x0efc  ================ Scan global ===============================
22:53:33.0968 0x0efc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:53:33.0999 0x0efc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:53:34.0032 0x0efc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:53:34.0057 0x0efc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:53:34.0098 0x0efc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:53:34.0106 0x0efc  [ Global ] - ok
22:53:34.0106 0x0efc  ================ Scan MBR ==================================
22:53:34.0121 0x0efc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:53:34.0484 0x0efc  \Device\Harddisk0\DR0 - ok
22:53:34.0485 0x0efc  ================ Scan VBR ==================================
22:53:34.0487 0x0efc  [ A4DC00C02F3683C414B1CE784E20712E ] \Device\Harddisk0\DR0\Partition1
22:53:34.0489 0x0efc  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
22:53:34.0489 0x0efc  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
22:53:37.0289 0x0efc  [ C9C4119342B56580733A3024F1A669D1 ] \Device\Harddisk0\DR0\Partition2
22:53:37.0290 0x0efc  \Device\Harddisk0\DR0\Partition2 - ok
22:53:37.0292 0x0efc  [ 3EDD318BEF1AA489B91CE654B3892F2A ] \Device\Harddisk0\DR0\Partition3
22:53:37.0293 0x0efc  \Device\Harddisk0\DR0\Partition3 - ok
22:53:37.0376 0x0efc  [ EB419202B5D013C661F5D158DF2A6D69 ] \Device\Harddisk0\DR0\Partition4
22:53:37.0379 0x0efc  \Device\Harddisk0\DR0\Partition4 - ok
22:53:37.0380 0x0efc  ================ Scan generic autorun ======================
22:53:37.0443 0x0efc  [ 7A84E598C4C11ADBBA4E99C7485B4155, 81E85FBB82C860E20B7F4BF7BCD73ED40C669596C5CFC0A6170F3EF836D70B8F ] C:\Windows\system32\igfxtray.exe
22:53:37.0451 0x0efc  IgfxTray - ok
22:53:37.0483 0x0efc  [ 78D3B79668EA01B205EECEF05925FB77, 00409843BBA6C0F105FCA7F5558DAD227769459853A4AC6CECA5E5764C7ECAA7 ] C:\Windows\system32\hkcmd.exe
22:53:37.0504 0x0efc  HotKeysCmds - ok
22:53:37.0531 0x0efc  [ A29F379B1FB9A4777A1D8174DDE4191F, 0C87D894AE43A3C06FE506FAB1837037CDAA55476839A837243F84B90368D1E1 ] C:\Windows\system32\igfxpers.exe
22:53:37.0552 0x0efc  Persistence - ok
22:53:37.0553 0x0efc  SynTPEnh - ok
22:53:37.0607 0x0efc  [ D5A3EB5ED95E36B643E55F9F489FC8FC, 9DAE0075888E540659E6FC3FAB433108BF296CDF52DA11ECA4440E06E5187ED1 ] C:\Program Files\IDT\WDM\sttray64.exe
22:53:37.0631 0x0efc  SysTrayApp - ok
22:53:37.0692 0x0efc  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:53:37.0724 0x0efc  AdobeAAMUpdater-1.0 - ok
22:53:37.0783 0x0efc  [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:53:37.0794 0x0efc  IAStorIcon - ok
22:53:37.0841 0x0efc  [ 6BC1FD51069D65F5A938468BF95871CC, 4EEF809CA11CEA8B6BF81242B8CE1AA8B280FCEF1AE98AF2AEE29DDC71167621 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
22:53:37.0858 0x0efc  HP Quick Launch - ok
22:53:37.0859 0x0efc  Sidebar - ok
22:53:37.0886 0x0efc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:53:37.0893 0x0efc  mctadmin - ok
22:53:37.0893 0x0efc  Sidebar - ok
22:53:37.0908 0x0efc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:53:37.0910 0x0efc  mctadmin - ok
22:53:38.0039 0x0efc  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
22:53:38.0139 0x0efc  DAEMON Tools Lite - ok
22:53:38.0397 0x0efc  [ 5B30F5BF4A6EC5AD6B5075C1241A419B, A19B7C90D5BB5EB8B358CEB3C46CD1274486C016608412434ACDB3E45838F4E6 ] C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe
22:53:38.0626 0x0efc  Spotify - ok
22:53:38.0688 0x0efc  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:53:38.0734 0x0efc  Spotify Web Helper - ok
22:53:38.0737 0x0efc  YbcbPack - ok
22:53:38.0772 0x0efc  WerFaultSecure - ok
22:53:38.0831 0x0efc  [ 0B21477ABA5EAB50457390823B22D793, FC31028248BC41FD73B745E22E73D0F7194FC6667B4B7EBF71B25019EFAA51B6 ] C:\Users\Josh\AppData\Local\Ahfzworks\tmp3CDD.exe
22:53:38.0842 0x0efc  Ahfzworks - ok
22:53:38.0842 0x0efc  WerFaultSecure - ok
22:53:38.0844 0x0efc  Waiting for KSN requests completion. In queue: 48
22:53:39.0844 0x0efc  Waiting for KSN requests completion. In queue: 13
22:53:40.0844 0x0efc  Waiting for KSN requests completion. In queue: 13
22:53:41.0861 0x0efc  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
22:53:41.0870 0x0efc  Win FW state via NFP2: enabled
22:53:44.0574 0x0efc  ============================================================
22:53:44.0574 0x0efc  Scan finished
22:53:44.0574 0x0efc  ============================================================
22:53:44.0582 0x2210  Detected object count: 1
22:53:44.0582 0x2210  Actual detected object count: 1
22:54:03.0622 0x2210  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
22:54:03.0622 0x2210  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip 
22:54:38.0748 0x1864  Deinitialize success
         


Alt 09.09.2014, 20:44   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.
__________________
--> Win 7: Malware im Bootsektor

Alt 09.09.2014, 21:48   #7
Joshunk
 
Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



läuft schon was flüssiger und avira hat bis jetzt noch nicht gemekert.
iexplorer.exe*32 wird aber trotzdem noch ausgefühlt, und das mehr als 1mal. Das zieht zwar nicht viel ram, aber komisch find ichs schon da ich den internet explorer nie benutze..

hier der code:

Code:
ATTFilter
22:29:51.0009 0x5678  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:29:56.0041 0x5678  ============================================================
22:29:56.0041 0x5678  Current date / time: 2014/09/09 22:29:56.0041
22:29:56.0041 0x5678  SystemInfo:
22:29:56.0041 0x5678  
22:29:56.0041 0x5678  OS Version: 6.1.7601 ServicePack: 1.0
22:29:56.0041 0x5678  Product type: Workstation
22:29:56.0042 0x5678  ComputerName: JOSH-HP
22:29:56.0042 0x5678  UserName: Josh
22:29:56.0042 0x5678  Windows directory: C:\Windows
22:29:56.0042 0x5678  System windows directory: C:\Windows
22:29:56.0042 0x5678  Running under WOW64
22:29:56.0042 0x5678  Processor architecture: Intel x64
22:29:56.0042 0x5678  Number of processors: 4
22:29:56.0042 0x5678  Page size: 0x1000
22:29:56.0042 0x5678  Boot type: Normal boot
22:29:56.0042 0x5678  ============================================================
22:29:56.0708 0x5678  KLMD registered as C:\Windows\system32\drivers\91534881.sys
22:29:56.0987 0x5678  System UUID: {A509F6F4-1269-C24B-6566-27A0CBDA2B33}
22:29:57.0670 0x5678  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:29:57.0695 0x5678  ============================================================
22:29:57.0695 0x5678  \Device\Harddisk0\DR0:
22:29:57.0696 0x5678  MBR partitions:
22:29:57.0696 0x5678  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:29:57.0696 0x5678  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C01000
22:29:57.0696 0x5678  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37C65000, BlocksNum 0x1F31000
22:29:57.0696 0x5678  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
22:29:57.0696 0x5678  ============================================================
22:29:57.0759 0x5678  C: <-> \Device\Harddisk0\DR0\Partition2
22:29:57.0811 0x5678  D: <-> \Device\Harddisk0\DR0\Partition3
22:29:57.0822 0x5678  E: <-> \Device\Harddisk0\DR0\Partition4
22:29:57.0849 0x5678  ============================================================
22:29:57.0849 0x5678  Initialize success
22:29:57.0849 0x5678  ============================================================
22:31:27.0670 0x464c  ============================================================
22:31:27.0670 0x464c  Scan started
22:31:27.0670 0x464c  Mode: Manual; 
22:31:27.0670 0x464c  ============================================================
22:31:27.0670 0x464c  KSN ping started
22:31:30.0504 0x464c  KSN ping finished: true
22:31:33.0364 0x464c  ================ Scan system memory ========================
22:31:33.0364 0x464c  System memory - ok
22:31:33.0366 0x464c  ================ Scan services =============================
22:31:33.0521 0x464c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:31:33.0536 0x464c  1394ohci - ok
22:31:33.0586 0x464c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:31:33.0601 0x464c  ACPI - ok
22:31:33.0626 0x464c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:31:33.0629 0x464c  AcpiPmi - ok
22:31:33.0746 0x464c  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:31:33.0751 0x464c  AdobeFlashPlayerUpdateSvc - ok
22:31:33.0779 0x464c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:31:33.0811 0x464c  adp94xx - ok
22:31:33.0849 0x464c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:31:33.0864 0x464c  adpahci - ok
22:31:33.0881 0x464c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:31:33.0894 0x464c  adpu320 - ok
22:31:33.0939 0x464c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:31:33.0941 0x464c  AeLookupSvc - ok
22:31:33.0981 0x464c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
22:31:34.0019 0x464c  AFD - ok
22:31:34.0044 0x464c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:31:34.0051 0x464c  agp440 - ok
22:31:34.0094 0x464c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:31:34.0099 0x464c  ALG - ok
22:31:34.0129 0x464c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:31:34.0134 0x464c  aliide - ok
22:31:34.0151 0x464c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:31:34.0156 0x464c  amdide - ok
22:31:34.0169 0x464c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:31:34.0179 0x464c  AmdK8 - ok
22:31:34.0189 0x464c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:31:34.0196 0x464c  AmdPPM - ok
22:31:34.0216 0x464c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:31:34.0226 0x464c  amdsata - ok
22:31:34.0244 0x464c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:31:34.0256 0x464c  amdsbs - ok
22:31:34.0276 0x464c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:31:34.0281 0x464c  amdxata - ok
22:31:34.0374 0x464c  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:31:34.0381 0x464c  AntiVirSchedulerService - ok
22:31:34.0429 0x464c  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:31:34.0436 0x464c  AntiVirService - ok
22:31:34.0476 0x464c  [ CA9E51B4456B64A92FE60A592EE7DE61, 358B95623C8577A158D789FB03910ECB86EE746031C78EC97A6A8EE9A5B0086B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:31:34.0496 0x464c  AntiVirWebService - ok
22:31:34.0521 0x464c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:31:34.0534 0x464c  AppID - ok
22:31:34.0569 0x464c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:31:34.0576 0x464c  AppIDSvc - ok
22:31:34.0606 0x464c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:31:34.0609 0x464c  Appinfo - ok
22:31:34.0639 0x464c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:31:34.0649 0x464c  arc - ok
22:31:34.0664 0x464c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:31:34.0674 0x464c  arcsas - ok
22:31:34.0746 0x464c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:31:34.0761 0x464c  aspnet_state - ok
22:31:34.0784 0x464c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:31:34.0791 0x464c  AsyncMac - ok
22:31:34.0816 0x464c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:31:34.0821 0x464c  atapi - ok
22:31:34.0869 0x464c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:31:34.0901 0x464c  AudioEndpointBuilder - ok
22:31:34.0934 0x464c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:31:34.0946 0x464c  AudioSrv - ok
22:31:34.0974 0x464c  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:31:34.0976 0x464c  avgntflt - ok
22:31:35.0001 0x464c  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:31:35.0004 0x464c  avipbb - ok
22:31:35.0014 0x464c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:31:35.0016 0x464c  avkmgr - ok
22:31:35.0044 0x464c  [ 09036D9F85BE6B659D375D2F0BAD0AD2, CCF4D28F60CF8E2B0F781D41F9E9FA84739AC6F948C09203D2498D64222CF990 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:31:35.0046 0x464c  avnetflt - ok
22:31:35.0069 0x464c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:31:35.0081 0x464c  AxInstSV - ok
22:31:35.0116 0x464c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:31:35.0149 0x464c  b06bdrv - ok
22:31:35.0186 0x464c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:31:35.0211 0x464c  b57nd60a - ok
22:31:35.0284 0x464c  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
22:31:35.0376 0x464c  BCM43XX - ok
22:31:35.0404 0x464c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:31:35.0414 0x464c  BDESVC - ok
22:31:35.0439 0x464c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:31:35.0441 0x464c  Beep - ok
22:31:35.0481 0x464c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:31:35.0514 0x464c  BFE - ok
22:31:35.0584 0x464c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:31:35.0619 0x464c  BITS - ok
22:31:35.0636 0x464c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:31:35.0641 0x464c  blbdrive - ok
22:31:35.0659 0x464c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:31:35.0669 0x464c  bowser - ok
22:31:35.0696 0x464c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:31:35.0701 0x464c  BrFiltLo - ok
22:31:35.0716 0x464c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:31:35.0719 0x464c  BrFiltUp - ok
22:31:35.0759 0x464c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:31:35.0761 0x464c  Browser - ok
22:31:35.0781 0x464c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:31:35.0796 0x464c  Brserid - ok
22:31:35.0814 0x464c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:31:35.0821 0x464c  BrSerWdm - ok
22:31:35.0834 0x464c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:31:35.0839 0x464c  BrUsbMdm - ok
22:31:35.0861 0x464c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:31:35.0866 0x464c  BrUsbSer - ok
22:31:35.0886 0x464c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:31:35.0891 0x464c  BTHMODEM - ok
22:31:35.0921 0x464c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:31:35.0931 0x464c  bthserv - ok
22:31:35.0951 0x464c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:31:35.0961 0x464c  cdfs - ok
22:31:36.0001 0x464c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:31:36.0011 0x464c  cdrom - ok
22:31:36.0026 0x464c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:31:36.0031 0x464c  CertPropSvc - ok
22:31:36.0044 0x464c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:31:36.0051 0x464c  circlass - ok
22:31:36.0079 0x464c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:31:36.0089 0x464c  CLFS - ok
22:31:36.0329 0x464c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:31:36.0357 0x464c  clr_optimization_v2.0.50727_32 - ok
22:31:36.0397 0x464c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:31:36.0404 0x464c  clr_optimization_v2.0.50727_64 - ok
22:31:36.0457 0x464c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:31:36.0464 0x464c  clr_optimization_v4.0.30319_32 - ok
22:31:36.0474 0x464c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:31:36.0479 0x464c  clr_optimization_v4.0.30319_64 - ok
22:31:36.0504 0x464c  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
22:31:36.0509 0x464c  clwvd - ok
22:31:36.0527 0x464c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:31:36.0532 0x464c  CmBatt - ok
22:31:36.0562 0x464c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:31:36.0567 0x464c  cmdide - ok
22:31:36.0622 0x464c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:31:36.0662 0x464c  CNG - ok
22:31:36.0677 0x464c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:31:36.0682 0x464c  Compbatt - ok
22:31:36.0702 0x464c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:31:36.0714 0x464c  CompositeBus - ok
22:31:36.0717 0x464c  COMSysApp - ok
22:31:36.0734 0x464c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:31:36.0739 0x464c  crcdisk - ok
22:31:36.0779 0x464c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:31:36.0787 0x464c  CryptSvc - ok
22:31:36.0877 0x464c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:31:36.0987 0x464c  cvhsvc - ok
22:31:37.0039 0x464c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:31:37.0064 0x464c  DcomLaunch - ok
22:31:37.0107 0x464c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:31:37.0122 0x464c  defragsvc - ok
22:31:37.0144 0x464c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:31:37.0152 0x464c  DfsC - ok
22:31:37.0172 0x464c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:31:37.0182 0x464c  Dhcp - ok
22:31:37.0209 0x464c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:31:37.0214 0x464c  discache - ok
22:31:37.0227 0x464c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:31:37.0234 0x464c  Disk - ok
22:31:37.0252 0x464c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:31:37.0259 0x464c  Dnscache - ok
22:31:37.0284 0x464c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:31:37.0299 0x464c  dot3svc - ok
22:31:37.0319 0x464c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:31:37.0324 0x464c  DPS - ok
22:31:37.0357 0x464c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:31:37.0362 0x464c  drmkaud - ok
22:31:37.0399 0x464c  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:31:37.0414 0x464c  dtsoftbus01 - ok
22:31:37.0482 0x464c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:31:37.0549 0x464c  DXGKrnl - ok
22:31:37.0584 0x464c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:31:37.0587 0x464c  EapHost - ok
22:31:37.0914 0x464c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:31:38.0109 0x464c  ebdrv - ok
22:31:38.0157 0x464c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
22:31:38.0159 0x464c  EFS - ok
22:31:38.0262 0x464c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:31:38.0314 0x464c  ehRecvr - ok
22:31:38.0339 0x464c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:31:38.0349 0x464c  ehSched - ok
22:31:38.0384 0x464c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:31:38.0442 0x464c  elxstor - ok
22:31:38.0454 0x464c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:31:38.0459 0x464c  ErrDev - ok
22:31:38.0602 0x464c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:31:38.0622 0x464c  EventSystem - ok
22:31:38.0647 0x464c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:31:38.0657 0x464c  exfat - ok
22:31:38.0664 0x464c  ezSharedSvc - ok
22:31:38.0687 0x464c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:31:38.0702 0x464c  fastfat - ok
22:31:38.0752 0x464c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:31:38.0804 0x464c  Fax - ok
22:31:38.0837 0x464c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:31:38.0847 0x464c  fdc - ok
22:31:38.0884 0x464c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:31:38.0887 0x464c  fdPHost - ok
22:31:38.0902 0x464c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:31:38.0904 0x464c  FDResPub - ok
22:31:38.0927 0x464c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:31:38.0934 0x464c  FileInfo - ok
22:31:38.0947 0x464c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:31:38.0957 0x464c  Filetrace - ok
22:31:38.0992 0x464c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:31:39.0002 0x464c  flpydisk - ok
22:31:39.0032 0x464c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:31:39.0052 0x464c  FltMgr - ok
22:31:39.0117 0x464c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:31:39.0182 0x464c  FontCache - ok
22:31:39.0222 0x464c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:31:39.0264 0x464c  FontCache3.0.0.0 - ok
22:31:39.0294 0x464c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:31:39.0302 0x464c  FsDepends - ok
22:31:39.0324 0x464c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:31:39.0329 0x464c  Fs_Rec - ok
22:31:39.0362 0x464c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:31:39.0389 0x464c  fvevol - ok
22:31:39.0424 0x464c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:31:39.0432 0x464c  gagp30kx - ok
22:31:39.0487 0x464c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:31:39.0522 0x464c  gpsvc - ok
22:31:39.0569 0x464c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:39.0572 0x464c  gupdate - ok
22:31:39.0579 0x464c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:39.0582 0x464c  gupdatem - ok
22:31:39.0599 0x464c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:31:39.0607 0x464c  hcw85cir - ok
22:31:39.0634 0x464c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:31:39.0652 0x464c  HdAudAddService - ok
22:31:39.0667 0x464c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:31:39.0674 0x464c  HDAudBus - ok
22:31:39.0694 0x464c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:31:39.0699 0x464c  HidBatt - ok
22:31:39.0722 0x464c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:31:39.0732 0x464c  HidBth - ok
22:31:39.0754 0x464c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:31:39.0759 0x464c  HidIr - ok
22:31:39.0779 0x464c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:31:39.0779 0x464c  hidserv - ok
22:31:39.0802 0x464c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:31:39.0807 0x464c  HidUsb - ok
22:31:39.0832 0x464c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:31:39.0834 0x464c  hkmsvc - ok
22:31:39.0849 0x464c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:31:39.0869 0x464c  HomeGroupListener - ok
22:31:39.0899 0x464c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:31:39.0904 0x464c  HomeGroupProvider - ok
22:31:39.0984 0x464c  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
22:31:40.0037 0x464c  HPAuto - ok
22:31:40.0084 0x464c  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
22:31:40.0099 0x464c  HPClientSvc - ok
22:31:40.0187 0x464c  [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559, FCC28D44C1E3F6FF65C596CDA9BF09C03D4EF3EEFCDB628954A07B0D3E182F3B ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:31:40.0219 0x464c  hpqwmiex - ok
22:31:40.0307 0x464c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:31:40.0317 0x464c  HpSAMD - ok
22:31:40.0342 0x464c  [ 28E15C3D39DCD27A79251BA0BF216A11, DF6CEA842B84148CCB90CA5DB02265BE71BA95CCDE0E186DD72191E0EFA14C11 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
22:31:40.0342 0x464c  HPWMISVC - ok
22:31:40.0374 0x464c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:31:40.0387 0x464c  HTTP - ok
22:31:40.0414 0x464c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:31:40.0419 0x464c  hwpolicy - ok
22:31:40.0447 0x464c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:40.0454 0x464c  i8042prt - ok
22:31:40.0662 0x464c  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:31:40.0672 0x464c  iaStor - ok
22:31:40.0717 0x464c  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:31:40.0717 0x464c  IAStorDataMgrSvc - ok
22:31:40.0747 0x464c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:31:40.0764 0x464c  iaStorV - ok
22:31:40.0884 0x464c  [ D22D82D74FD1B6C77E7556DBDC3EA9D2, D18B461034A2ECF76E87D13EADA8F9292E44D441B99519D382B29CF99875E5AD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:31:40.0987 0x464c  IconMan_R - ok
22:31:41.0057 0x464c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:31:41.0082 0x464c  IDriverT - ok
22:31:41.0167 0x464c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:31:41.0239 0x464c  idsvc - ok
22:31:41.0247 0x464c  IEEtwCollectorService - ok
22:31:41.0652 0x464c  [ 6383899C5F964D71B0F96B81FBE59BB8, 780B2B5945CF266CD0807B6F91177A558EC1E568F9D7D850C172A137414394E6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:31:42.0127 0x464c  igfx - ok
22:31:42.0184 0x464c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:31:42.0192 0x464c  iirsp - ok
22:31:42.0247 0x464c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:31:42.0277 0x464c  IKEEXT - ok
22:31:42.0319 0x464c  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:31:42.0337 0x464c  IntcDAud - ok
22:31:42.0359 0x464c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:31:42.0367 0x464c  intelide - ok
22:31:42.0402 0x464c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:31:42.0409 0x464c  intelppm - ok
22:31:42.0432 0x464c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:31:42.0442 0x464c  IPBusEnum - ok
22:31:42.0457 0x464c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:42.0467 0x464c  IpFilterDriver - ok
22:31:42.0499 0x464c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:31:42.0527 0x464c  iphlpsvc - ok
22:31:42.0549 0x464c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:31:42.0557 0x464c  IPMIDRV - ok
22:31:42.0577 0x464c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:31:42.0584 0x464c  IPNAT - ok
22:31:42.0602 0x464c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:31:42.0607 0x464c  IRENUM - ok
22:31:42.0622 0x464c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:31:42.0629 0x464c  isapnp - ok
22:31:42.0662 0x464c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:31:42.0677 0x464c  iScsiPrt - ok
22:31:42.0732 0x464c  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
22:31:42.0737 0x464c  jhi_service - ok
22:31:42.0767 0x464c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:42.0777 0x464c  kbdclass - ok
22:31:42.0787 0x464c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:42.0794 0x464c  kbdhid - ok
22:31:42.0812 0x464c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
22:31:42.0814 0x464c  KeyIso - ok
22:31:42.0844 0x464c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:31:42.0854 0x464c  KSecDD - ok
22:31:42.0869 0x464c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:31:42.0882 0x464c  KSecPkg - ok
22:31:42.0892 0x464c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:31:42.0894 0x464c  ksthunk - ok
22:31:42.0939 0x464c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:31:42.0957 0x464c  KtmRm - ok
22:31:42.0997 0x464c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:31:43.0004 0x464c  LanmanServer - ok
22:31:43.0032 0x464c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:43.0037 0x464c  LanmanWorkstation - ok
22:31:43.0052 0x464c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:31:43.0059 0x464c  lltdio - ok
22:31:43.0094 0x464c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:31:43.0112 0x464c  lltdsvc - ok
22:31:43.0124 0x464c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:31:43.0127 0x464c  lmhosts - ok
22:31:43.0169 0x464c  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:31:43.0179 0x464c  LMS - ok
22:31:43.0204 0x464c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:31:43.0214 0x464c  LSI_FC - ok
22:31:43.0219 0x464c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:31:43.0227 0x464c  LSI_SAS - ok
22:31:43.0242 0x464c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:31:43.0252 0x464c  LSI_SAS2 - ok
22:31:43.0274 0x464c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:31:43.0284 0x464c  LSI_SCSI - ok
22:31:43.0299 0x464c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:31:43.0314 0x464c  luafv - ok
22:31:43.0467 0x464c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:31:43.0477 0x464c  Mcx2Svc - ok
22:31:43.0492 0x464c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:31:43.0499 0x464c  megasas - ok
22:31:43.0527 0x464c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:31:43.0544 0x464c  MegaSR - ok
22:31:43.0564 0x464c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:31:43.0572 0x464c  MEIx64 - ok
22:31:43.0607 0x464c  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2       C:\Windows\system32\CFCE.tmp
22:31:43.0627 0x464c  MEMSWEEP2 - ok
22:31:43.0657 0x464c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:31:43.0659 0x464c  MMCSS - ok
22:31:43.0674 0x464c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:31:43.0679 0x464c  Modem - ok
22:31:43.0707 0x464c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:31:43.0707 0x464c  monitor - ok
22:31:43.0732 0x464c  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
22:31:43.0742 0x464c  MotioninJoyXFilter - ok
22:31:43.0764 0x464c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:31:43.0777 0x464c  mouclass - ok
22:31:43.0789 0x464c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:31:43.0794 0x464c  mouhid - ok
22:31:43.0807 0x464c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:31:43.0814 0x464c  mountmgr - ok
22:31:43.0849 0x464c  [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:31:43.0854 0x464c  MozillaMaintenance - ok
22:31:43.0877 0x464c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:31:43.0889 0x464c  mpio - ok
22:31:43.0904 0x464c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:31:43.0912 0x464c  mpsdrv - ok
22:31:43.0962 0x464c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:31:43.0994 0x464c  MpsSvc - ok
22:31:44.0019 0x464c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:31:44.0029 0x464c  MRxDAV - ok
22:31:44.0064 0x464c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:44.0074 0x464c  mrxsmb - ok
22:31:44.0089 0x464c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:44.0107 0x464c  mrxsmb10 - ok
22:31:44.0114 0x464c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:44.0122 0x464c  mrxsmb20 - ok
22:31:44.0142 0x464c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:31:44.0157 0x464c  msahci - ok
22:31:44.0472 0x464c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:31:44.0479 0x464c  msdsm - ok
22:31:44.0604 0x464c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:31:44.0617 0x464c  MSDTC - ok
22:31:44.0624 0x464c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:31:44.0629 0x464c  Msfs - ok
22:31:44.0644 0x464c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:31:44.0649 0x464c  mshidkmdf - ok
22:31:44.0654 0x464c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:31:44.0662 0x464c  msisadrv - ok
22:31:44.0717 0x464c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:31:44.0727 0x464c  MSiSCSI - ok
22:31:44.0729 0x464c  msiserver - ok
22:31:44.0774 0x464c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:31:44.0779 0x464c  MSKSSRV - ok
22:31:44.0789 0x464c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:44.0794 0x464c  MSPCLOCK - ok
22:31:44.0809 0x464c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:31:44.0814 0x464c  MSPQM - ok
22:31:44.0879 0x464c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:31:44.0987 0x464c  MsRPC - ok
22:31:45.0077 0x464c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:31:45.0089 0x464c  mssmbios - ok
22:31:45.0144 0x464c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:31:45.0157 0x464c  MSTEE - ok
22:31:45.0167 0x464c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:31:45.0177 0x464c  MTConfig - ok
22:31:45.0199 0x464c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:31:45.0212 0x464c  Mup - ok
22:31:45.0314 0x464c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:31:45.0327 0x464c  napagent - ok
22:31:45.0374 0x464c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:31:45.0392 0x464c  NativeWifiP - ok
22:31:45.0574 0x464c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:31:45.0617 0x464c  NDIS - ok
22:31:45.0652 0x464c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:31:45.0662 0x464c  NdisCap - ok
22:31:45.0709 0x464c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:45.0724 0x464c  NdisTapi - ok
22:31:45.0837 0x464c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:45.0842 0x464c  Ndisuio - ok
22:31:45.0849 0x464c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:45.0862 0x464c  NdisWan - ok
22:31:45.0887 0x464c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:31:45.0894 0x464c  NDProxy - ok
22:31:45.0907 0x464c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:31:45.0912 0x464c  NetBIOS - ok
22:31:45.0977 0x464c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:31:45.0992 0x464c  NetBT - ok
22:31:46.0004 0x464c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
22:31:46.0007 0x464c  Netlogon - ok
22:31:46.0074 0x464c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:31:46.0094 0x464c  Netman - ok
22:31:46.0114 0x464c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:46.0384 0x464c  NetMsmqActivator - ok
22:31:46.0504 0x464c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:46.0507 0x464c  NetPipeActivator - ok
22:31:46.0634 0x464c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:31:46.0654 0x464c  netprofm - ok
22:31:46.0884 0x464c  [ 5758FD37BF31E759F8610311E4D08ECA, 4F502E4DBD7725F2929CACD6D5E68018C5F7C10A9D12CD131CC69E72530DEA5F ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
22:31:46.0987 0x464c  netr28x - ok
22:31:47.0007 0x464c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:47.0009 0x464c  NetTcpActivator - ok
22:31:47.0017 0x464c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:47.0019 0x464c  NetTcpPortSharing - ok
22:31:47.0044 0x464c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:31:47.0054 0x464c  nfrd960 - ok
22:31:47.0137 0x464c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:31:47.0147 0x464c  NlaSvc - ok
22:31:47.0577 0x464c  [ 91FC7F4BB192639E8893A9733E1F0E82, 095A807ACE813A8954018293D65294DFAFA2B1A66DCAFBCFDACA8654FF062C31 ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
22:31:47.0582 0x464c  nlsX86cc - ok
22:31:47.0602 0x464c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:31:47.0607 0x464c  Npfs - ok
22:31:47.0627 0x464c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:31:47.0629 0x464c  nsi - ok
22:31:47.0639 0x464c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:31:47.0644 0x464c  nsiproxy - ok
22:31:47.0714 0x464c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:31:47.0802 0x464c  Ntfs - ok
22:31:47.0839 0x464c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:31:47.0844 0x464c  Null - ok
22:31:47.0867 0x464c  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
22:31:47.0884 0x464c  NVENETFD - ok
22:31:47.0892 0x464c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:31:47.0902 0x464c  nvraid - ok
22:31:47.0947 0x464c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:31:47.0957 0x464c  nvstor - ok
22:31:47.0969 0x464c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:31:47.0977 0x464c  nv_agp - ok
22:31:48.0054 0x464c  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:31:48.0109 0x464c  odserv - ok
22:31:48.0134 0x464c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:31:48.0277 0x464c  ohci1394 - ok
22:31:48.0407 0x464c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:48.0437 0x464c  ose - ok
22:31:48.0644 0x464c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:48.0867 0x464c  osppsvc - ok
22:31:48.0942 0x464c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:31:48.0952 0x464c  p2pimsvc - ok
22:31:48.0972 0x464c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:31:48.0994 0x464c  p2psvc - ok
22:31:49.0022 0x464c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:31:49.0032 0x464c  Parport - ok
22:31:49.0054 0x464c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:31:49.0062 0x464c  partmgr - ok
22:31:49.0074 0x464c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:31:49.0082 0x464c  PcaSvc - ok
22:31:49.0107 0x464c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:31:49.0119 0x464c  pci - ok
22:31:49.0137 0x464c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:31:49.0144 0x464c  pciide - ok
22:31:49.0169 0x464c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:31:49.0184 0x464c  pcmcia - ok
22:31:49.0189 0x464c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:31:49.0197 0x464c  pcw - ok
22:31:49.0232 0x464c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:31:49.0279 0x464c  PEAUTH - ok
22:31:49.0297 0x464c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:31:49.0324 0x464c  PerfHost - ok
22:31:49.0402 0x464c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:31:49.0487 0x464c  pla - ok
22:31:49.0527 0x464c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:31:49.0539 0x464c  PlugPlay - ok
22:31:49.0547 0x464c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:31:49.0554 0x464c  PNRPAutoReg - ok
22:31:49.0579 0x464c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:31:49.0587 0x464c  PNRPsvc - ok
22:31:49.0632 0x464c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:31:49.0664 0x464c  PolicyAgent - ok
22:31:49.0709 0x464c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:31:49.0714 0x464c  Power - ok
22:31:49.0744 0x464c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:31:49.0752 0x464c  PptpMiniport - ok
22:31:49.0769 0x464c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:31:49.0777 0x464c  Processor - ok
22:31:49.0804 0x464c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:31:49.0812 0x464c  ProfSvc - ok
22:31:49.0822 0x464c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:49.0824 0x464c  ProtectedStorage - ok
22:31:49.0842 0x464c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:31:49.0844 0x464c  Psched - ok
22:31:49.0884 0x464c  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:31:49.0892 0x464c  PxHlpa64 - ok
22:31:49.0964 0x464c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:31:50.0084 0x464c  ql2300 - ok
22:31:50.0109 0x464c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:31:50.0119 0x464c  ql40xx - ok
22:31:50.0157 0x464c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:31:50.0267 0x464c  QWAVE - ok
22:31:50.0349 0x464c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:31:50.0359 0x464c  QWAVEdrv - ok
22:31:50.0432 0x464c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:31:50.0437 0x464c  RasAcd - ok
22:31:50.0484 0x464c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:31:50.0492 0x464c  RasAgileVpn - ok
22:31:50.0519 0x464c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:31:50.0529 0x464c  RasAuto - ok
22:31:50.0537 0x464c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:50.0547 0x464c  Rasl2tp - ok
22:31:50.0577 0x464c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:31:50.0587 0x464c  RasMan - ok
22:31:50.0599 0x464c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:50.0609 0x464c  RasPppoe - ok
22:31:50.0614 0x464c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:31:50.0622 0x464c  RasSstp - ok
22:31:50.0662 0x464c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:31:50.0677 0x464c  rdbss - ok
22:31:50.0697 0x464c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:31:50.0702 0x464c  rdpbus - ok
22:31:50.0717 0x464c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:50.0719 0x464c  RDPCDD - ok
22:31:50.0724 0x464c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:31:50.0727 0x464c  RDPENCDD - ok
22:31:50.0734 0x464c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:31:50.0737 0x464c  RDPREFMP - ok
22:31:50.0772 0x464c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:31:50.0784 0x464c  RDPWD - ok
22:31:50.0802 0x464c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:31:50.0814 0x464c  rdyboost - ok
22:31:50.0852 0x464c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:31:50.0862 0x464c  RemoteAccess - ok
22:31:50.0892 0x464c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:31:50.0902 0x464c  RemoteRegistry - ok
22:31:50.0914 0x464c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:31:50.0919 0x464c  RpcEptMapper - ok
22:31:50.0934 0x464c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:31:50.0939 0x464c  RpcLocator - ok
22:31:50.0962 0x464c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:31:50.0972 0x464c  RpcSs - ok
22:31:51.0009 0x464c  [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
22:31:51.0017 0x464c  RSPCIESTOR - ok
22:31:51.0039 0x464c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:31:51.0044 0x464c  rspndr - ok
22:31:51.0074 0x464c  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:31:51.0089 0x464c  RTL8167 - ok
22:31:51.0132 0x464c  [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService     C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
22:31:51.0134 0x464c  RzKLService - ok
22:31:51.0154 0x464c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
22:31:51.0154 0x464c  SamSs - ok
22:31:51.0174 0x464c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:31:51.0184 0x464c  sbp2port - ok
22:31:51.0217 0x464c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:31:51.0232 0x464c  SCardSvr - ok
22:31:51.0252 0x464c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:31:51.0257 0x464c  scfilter - ok
22:31:51.0302 0x464c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:31:51.0364 0x464c  Schedule - ok
22:31:51.0389 0x464c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:31:51.0392 0x464c  SCPolicySvc - ok
22:31:51.0414 0x464c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:31:51.0419 0x464c  sdbus - ok
22:31:51.0439 0x464c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:31:51.0454 0x464c  SDRSVC - ok
22:31:51.0467 0x464c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:31:51.0472 0x464c  secdrv - ok
22:31:51.0489 0x464c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:31:51.0497 0x464c  seclogon - ok
22:31:51.0507 0x464c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:31:51.0509 0x464c  SENS - ok
22:31:51.0517 0x464c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:31:51.0527 0x464c  SensrSvc - ok
22:31:51.0539 0x464c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:31:51.0544 0x464c  Serenum - ok
22:31:51.0562 0x464c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:31:51.0572 0x464c  Serial - ok
22:31:51.0584 0x464c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:31:51.0589 0x464c  sermouse - ok
22:31:51.0612 0x464c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:31:51.0617 0x464c  SessionEnv - ok
22:31:51.0637 0x464c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:31:51.0642 0x464c  sffdisk - ok
22:31:51.0649 0x464c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:31:51.0654 0x464c  sffp_mmc - ok
22:31:51.0662 0x464c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:31:51.0667 0x464c  sffp_sd - ok
22:31:51.0677 0x464c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:31:51.0682 0x464c  sfloppy - ok
22:31:51.0732 0x464c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
22:31:51.0799 0x464c  Sftfs - ok
22:31:51.0837 0x464c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:31:51.0849 0x464c  Sftplay - ok
22:31:51.0867 0x464c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:31:51.0872 0x464c  Sftredir - ok
22:31:51.0892 0x464c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
22:31:51.0897 0x464c  Sftvol - ok
22:31:51.0937 0x464c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:31:51.0957 0x464c  SharedAccess - ok
22:31:52.0002 0x464c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:52.0009 0x464c  ShellHWDetection - ok
22:31:52.0034 0x464c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:31:52.0039 0x464c  SiSRaid2 - ok
22:31:52.0052 0x464c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:31:52.0059 0x464c  SiSRaid4 - ok
22:31:52.0079 0x464c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:31:52.0084 0x464c  Smb - ok
22:31:52.0109 0x464c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:31:52.0114 0x464c  SNMPTRAP - ok
22:31:52.0142 0x464c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:31:52.0152 0x464c  spldr - ok
22:31:52.0302 0x464c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:31:52.0379 0x464c  Spooler - ok
22:31:52.0502 0x464c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:31:52.0614 0x464c  sppsvc - ok
22:31:52.0632 0x464c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:31:52.0642 0x464c  sppuinotify - ok
22:31:52.0672 0x464c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:31:52.0702 0x464c  srv - ok
22:31:52.0719 0x464c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:31:52.0737 0x464c  srv2 - ok
22:31:52.0772 0x464c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:31:52.0787 0x464c  SrvHsfHDA - ok
22:31:52.0847 0x464c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:31:52.0934 0x464c  SrvHsfV92 - ok
22:31:52.0992 0x464c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:31:53.0044 0x464c  SrvHsfWinac - ok
22:31:53.0067 0x464c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:31:53.0077 0x464c  srvnet - ok
22:31:53.0122 0x464c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:31:53.0129 0x464c  SSDPSRV - ok
22:31:53.0142 0x464c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:31:53.0144 0x464c  SstpSvc - ok
22:31:53.0197 0x464c  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0, AD540FB4F300731DE403FB95F110A0F3DBA25917A91EAB23966286DD88C98D17 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
22:31:53.0204 0x464c  STacSV - ok
22:31:53.0229 0x464c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:31:53.0234 0x464c  stexstor - ok
22:31:53.0274 0x464c  [ EBA98394A7D58F7552C52192BD8FA7E6, 4238870E50132E87772300058B37E36973695CC1A5E62117EEF4B424C6A137E4 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
22:31:53.0307 0x464c  STHDA - ok
22:31:53.0347 0x464c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:31:53.0382 0x464c  stisvc - ok
22:31:53.0407 0x464c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:31:53.0412 0x464c  swenum - ok
22:31:53.0472 0x464c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:31:53.0492 0x464c  SwitchBoard - ok
22:31:53.0537 0x464c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:31:53.0569 0x464c  swprv - ok
22:31:53.0637 0x464c  [ C447977ED2A4AE9346FE3A0579A34D7C, 35A8F13AAB57549BBC1457AD86F44FEF2394E55841A1D6D6C5E029310E02F377 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:31:53.0729 0x464c  SynTP - ok
22:31:53.0874 0x464c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:31:53.0947 0x464c  SysMain - ok
22:31:53.0969 0x464c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:53.0974 0x464c  TabletInputService - ok
22:31:53.0994 0x464c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:31:54.0002 0x464c  TapiSrv - ok
22:31:54.0014 0x464c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:31:54.0024 0x464c  TBS - ok
22:31:54.0112 0x464c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:31:54.0669 0x464c  Tcpip - ok
22:31:54.0942 0x464c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:31:54.0982 0x464c  TCPIP6 - ok
22:31:55.0027 0x464c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:31:55.0034 0x464c  tcpipreg - ok
22:31:55.0057 0x464c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:31:55.0062 0x464c  TDPIPE - ok
22:31:55.0084 0x464c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:31:55.0087 0x464c  TDTCP - ok
22:31:55.0109 0x464c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:31:55.0119 0x464c  tdx - ok
22:31:55.0134 0x464c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:31:55.0142 0x464c  TermDD - ok
22:31:55.0199 0x464c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
22:31:55.0229 0x464c  TermService - ok
22:31:55.0244 0x464c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:31:55.0252 0x464c  Themes - ok
22:31:55.0289 0x464c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:31:55.0292 0x464c  THREADORDER - ok
22:31:55.0319 0x464c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:31:55.0322 0x464c  TrkWks - ok
22:31:55.0402 0x464c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:55.0409 0x464c  TrustedInstaller - ok
22:31:55.0437 0x464c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:55.0442 0x464c  tssecsrv - ok
22:31:55.0454 0x464c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:31:55.0462 0x464c  TsUsbFlt - ok
22:31:55.0482 0x464c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:31:55.0487 0x464c  TsUsbGD - ok
22:31:55.0597 0x464c  [ FDD4A2791EAC764854CA2C20F611E428, CD8F6FD6A544D7A7C689EA006925962929466693BAA7947CFAA221D686531C5D ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
22:31:55.0684 0x464c  TuneUp.UtilitiesSvc - ok
22:31:55.0717 0x464c  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
22:31:55.0722 0x464c  TuneUpUtilitiesDrv - ok
22:31:55.0734 0x464c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:31:55.0744 0x464c  tunnel - ok
22:31:55.0774 0x464c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:31:55.0782 0x464c  uagp35 - ok
22:31:55.0812 0x464c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:31:55.0829 0x464c  udfs - ok
22:31:55.0862 0x464c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:31:55.0869 0x464c  UI0Detect - ok
22:31:55.0887 0x464c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:31:55.0894 0x464c  uliagpkx - ok
22:31:55.0907 0x464c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:31:55.0914 0x464c  umbus - ok
22:31:55.0934 0x464c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:31:55.0937 0x464c  UmPass - ok
22:31:55.0979 0x464c  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:31:55.0984 0x464c  UnlockerDriver5 - ok
22:31:56.0107 0x464c  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:31:56.0204 0x464c  UNS - ok
22:31:56.0407 0x464c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:31:56.0419 0x464c  upnphost - ok
22:31:56.0439 0x464c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:56.0447 0x464c  usbccgp - ok
22:31:56.0474 0x464c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:31:56.0484 0x464c  usbcir - ok
22:31:56.0684 0x464c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:31:56.0697 0x464c  usbehci - ok
22:31:56.0762 0x464c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:31:56.0782 0x464c  usbhub - ok
22:31:56.0852 0x464c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:31:56.0857 0x464c  usbohci - ok
22:31:56.0882 0x464c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:31:56.0887 0x464c  usbprint - ok
22:31:56.0922 0x464c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:31:56.0929 0x464c  usbscan - ok
22:31:56.0944 0x464c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:56.0952 0x464c  USBSTOR - ok
22:31:56.0957 0x464c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:31:56.0962 0x464c  usbuhci - ok
22:31:56.0999 0x464c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:31:57.0009 0x464c  usbvideo - ok
22:31:57.0032 0x464c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:31:57.0034 0x464c  UxSms - ok
22:31:57.0059 0x464c  [ ED52BD327DE6B8AAFC05CF8F46B0E4FB, FBDB05197DFDBB9BE7C762B38BC35B45267D9FB68B49297BB521F2852AB80C12 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
22:31:57.0064 0x464c  UxTuneUp - ok
22:31:57.0074 0x464c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
22:31:57.0074 0x464c  VaultSvc - ok
22:31:57.0112 0x464c  [ B0A8C5BC95689A130F9E05492341833D, 8DDC6D77B0541813919B685D2DFCDFA4F752F8DD99400DA87523F8D2E9D72D27 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:31:57.0119 0x464c  VBoxNetAdp - ok
22:31:57.0124 0x464c  VBoxNetFlt - ok
22:31:57.0147 0x464c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:31:57.0152 0x464c  vdrvroot - ok
22:31:57.0187 0x464c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:31:57.0219 0x464c  vds - ok
22:31:57.0232 0x464c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:57.0237 0x464c  vga - ok
22:31:57.0252 0x464c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:31:57.0257 0x464c  VgaSave - ok
22:31:57.0279 0x464c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:31:57.0292 0x464c  vhdmp - ok
22:31:57.0317 0x464c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:31:57.0319 0x464c  viaide - ok
22:31:57.0324 0x464c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:31:57.0332 0x464c  volmgr - ok
22:31:57.0357 0x464c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:31:57.0387 0x464c  volmgrx - ok
22:31:57.0402 0x464c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:31:57.0432 0x464c  volsnap - ok
22:31:57.0449 0x464c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:31:57.0459 0x464c  vsmraid - ok
22:31:57.0537 0x464c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:31:57.0602 0x464c  VSS - ok
22:31:57.0622 0x464c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:31:57.0627 0x464c  vwifibus - ok
22:31:57.0652 0x464c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:31:57.0659 0x464c  vwififlt - ok
22:31:57.0677 0x464c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:31:57.0689 0x464c  W32Time - ok
22:31:57.0709 0x464c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:31:57.0714 0x464c  WacomPen - ok
22:31:57.0719 0x464c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:31:57.0727 0x464c  WANARP - ok
22:31:57.0732 0x464c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:31:57.0732 0x464c  Wanarpv6 - ok
22:31:57.0807 0x464c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:31:57.0862 0x464c  wbengine - ok
22:31:57.0882 0x464c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:31:57.0899 0x464c  WbioSrvc - ok
22:31:57.0922 0x464c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:31:57.0939 0x464c  wcncsvc - ok
22:31:57.0952 0x464c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:57.0959 0x464c  WcsPlugInService - ok
22:31:57.0989 0x464c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:31:57.0994 0x464c  Wd - ok
22:31:58.0037 0x464c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:31:58.0112 0x464c  Wdf01000 - ok
22:31:58.0127 0x464c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:31:58.0132 0x464c  WdiServiceHost - ok
22:31:58.0172 0x464c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:31:58.0174 0x464c  WdiSystemHost - ok
22:31:58.0462 0x464c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:31:58.0519 0x464c  WebClient - ok
22:31:58.0569 0x464c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:31:58.0657 0x464c  Wecsvc - ok
22:31:58.0762 0x464c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:31:58.0767 0x464c  wercplsupport - ok
22:31:58.0777 0x464c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:31:58.0779 0x464c  WerSvc - ok
22:31:58.0794 0x464c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:31:58.0797 0x464c  WfpLwf - ok
22:31:58.0812 0x464c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:31:58.0817 0x464c  WIMMount - ok
22:31:58.0897 0x464c  WinDefend - ok
22:31:58.0904 0x464c  WinHttpAutoProxySvc - ok
22:31:58.0967 0x464c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:31:58.0977 0x464c  Winmgmt - ok
22:31:59.0094 0x464c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:31:59.0209 0x464c  WinRM - ok
22:31:59.0237 0x464c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:31:59.0244 0x464c  WinUsb - ok
22:31:59.0317 0x464c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:31:59.0349 0x464c  Wlansvc - ok
22:31:59.0359 0x464c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:31:59.0362 0x464c  WmiAcpi - ok
22:31:59.0399 0x464c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:31:59.0412 0x464c  wmiApSrv - ok
22:31:59.0434 0x464c  WMPNetworkSvc - ok
22:31:59.0447 0x464c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:31:59.0454 0x464c  WPCSvc - ok
22:31:59.0474 0x464c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:31:59.0487 0x464c  WPDBusEnum - ok
22:31:59.0517 0x464c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:31:59.0522 0x464c  ws2ifsl - ok
22:31:59.0544 0x464c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:31:59.0549 0x464c  wscsvc - ok
22:31:59.0552 0x464c  WSearch - ok
22:31:59.0654 0x464c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:31:59.0729 0x464c  wuauserv - ok
22:31:59.0757 0x464c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:31:59.0764 0x464c  WudfPf - ok
22:31:59.0782 0x464c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:59.0792 0x464c  WUDFRd - ok
22:31:59.0812 0x464c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:31:59.0819 0x464c  wudfsvc - ok
22:31:59.0852 0x464c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:31:59.0867 0x464c  WwanSvc - ok
22:31:59.0899 0x464c  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
22:31:59.0912 0x464c  xusb21 - ok
22:31:59.0914 0x464c  ================ Scan global ===============================
22:31:59.0992 0x464c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:32:00.0024 0x464c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:32:00.0039 0x464c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:32:00.0069 0x464c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:32:00.0112 0x464c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:32:00.0119 0x464c  [ Global ] - ok
22:32:00.0122 0x464c  ================ Scan MBR ==================================
22:32:00.0134 0x464c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:32:00.0562 0x464c  \Device\Harddisk0\DR0 - ok
22:32:00.0562 0x464c  ================ Scan VBR ==================================
22:32:00.0577 0x464c  [ A4DC00C02F3683C414B1CE784E20712E ] \Device\Harddisk0\DR0\Partition1
22:32:00.0579 0x464c  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
22:32:00.0579 0x464c  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
22:32:03.0454 0x464c  [ C9C4119342B56580733A3024F1A669D1 ] \Device\Harddisk0\DR0\Partition2
22:32:03.0457 0x464c  \Device\Harddisk0\DR0\Partition2 - ok
22:32:03.0484 0x464c  [ 3EDD318BEF1AA489B91CE654B3892F2A ] \Device\Harddisk0\DR0\Partition3
22:32:03.0487 0x464c  \Device\Harddisk0\DR0\Partition3 - ok
22:32:03.0499 0x464c  [ EB419202B5D013C661F5D158DF2A6D69 ] \Device\Harddisk0\DR0\Partition4
22:32:03.0502 0x464c  \Device\Harddisk0\DR0\Partition4 - ok
22:32:03.0502 0x464c  ================ Scan generic autorun ======================
22:32:03.0554 0x464c  [ 7A84E598C4C11ADBBA4E99C7485B4155, 81E85FBB82C860E20B7F4BF7BCD73ED40C669596C5CFC0A6170F3EF836D70B8F ] C:\Windows\system32\igfxtray.exe
22:32:03.0567 0x464c  IgfxTray - ok
22:32:03.0584 0x464c  [ 78D3B79668EA01B205EECEF05925FB77, 00409843BBA6C0F105FCA7F5558DAD227769459853A4AC6CECA5E5764C7ECAA7 ] C:\Windows\system32\hkcmd.exe
22:32:03.0592 0x464c  HotKeysCmds - ok
22:32:03.0619 0x464c  [ A29F379B1FB9A4777A1D8174DDE4191F, 0C87D894AE43A3C06FE506FAB1837037CDAA55476839A837243F84B90368D1E1 ] C:\Windows\system32\igfxpers.exe
22:32:03.0629 0x464c  Persistence - ok
22:32:03.0629 0x464c  SynTPEnh - ok
22:32:03.0687 0x464c  [ D5A3EB5ED95E36B643E55F9F489FC8FC, 9DAE0075888E540659E6FC3FAB433108BF296CDF52DA11ECA4440E06E5187ED1 ] C:\Program Files\IDT\WDM\sttray64.exe
22:32:03.0704 0x464c  SysTrayApp - ok
22:32:03.0762 0x464c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:32:03.0784 0x464c  AdobeAAMUpdater-1.0 - ok
22:32:03.0842 0x464c  [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:32:03.0847 0x464c  IAStorIcon - ok
22:32:03.0887 0x464c  [ 6BC1FD51069D65F5A938468BF95871CC, 4EEF809CA11CEA8B6BF81242B8CE1AA8B280FCEF1AE98AF2AEE29DDC71167621 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
22:32:03.0909 0x464c  HP Quick Launch - ok
22:32:03.0909 0x464c  Sidebar - ok
22:32:03.0932 0x464c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:32:03.0939 0x464c  mctadmin - ok
22:32:03.0942 0x464c  Sidebar - ok
22:32:03.0947 0x464c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:32:03.0949 0x464c  mctadmin - ok
22:32:04.0087 0x464c  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
22:32:04.0194 0x464c  DAEMON Tools Lite - ok
22:32:04.0444 0x464c  [ 5B30F5BF4A6EC5AD6B5075C1241A419B, A19B7C90D5BB5EB8B358CEB3C46CD1274486C016608412434ACDB3E45838F4E6 ] C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe
22:32:04.0659 0x464c  Spotify - ok
22:32:04.0734 0x464c  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:32:04.0779 0x464c  Spotify Web Helper - ok
22:32:04.0782 0x464c  YbcbPack - ok
22:32:04.0817 0x464c  WerFaultSecure - ok
22:32:04.0817 0x464c  Waiting for KSN requests completion. In queue: 47
22:32:05.0817 0x464c  Waiting for KSN requests completion. In queue: 47
22:32:06.0817 0x464c  Waiting for KSN requests completion. In queue: 47
22:32:07.0922 0x464c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
22:32:07.0939 0x464c  Win FW state via NFP2: enabled
22:32:10.0737 0x464c  ============================================================
22:32:10.0737 0x464c  Scan finished
22:32:10.0737 0x464c  ============================================================
22:32:10.0745 0x31f0  Detected object count: 1
22:32:10.0745 0x31f0  Actual detected object count: 1
22:32:39.0332 0x31f0  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
22:32:39.0337 0x31f0  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
22:32:39.0372 0x31f0  \Device\Harddisk0\DR0\Partition1 - ok
22:32:39.0372 0x31f0  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure 
22:32:39.0470 0x31f0  KLMD registered as C:\Windows\system32\drivers\33763986.sys
22:32:44.0263 0x460c  Deinitialize success
         

Alt 10.09.2014, 17:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: Malware im Bootsektor - Standard

Win 7: Malware im Bootsektor



Mach bitte nochmal nen neuen Scan mit TDSSKiller und poste das Log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win 7: Malware im Bootsektor
0x8007042, adobe, bootsektor, datei, download, dvdvideosoft ltd., entfernt, explorer, fast start, google, grand theft auto, home, internet, internet explorer, langsam, launch, malware, mas, newtab, photoshop, programm, rootkit, scan, sophos, spotify web helper, suche, taskmanager, unerwünschtes programm, virus, win, windows, windows 7



Ähnliche Themen: Win 7: Malware im Bootsektor


  1. Danke Bootsektor
    Lob, Kritik und Wünsche - 21.01.2015 (1)
  2. Danke Bootsektor
    Lob, Kritik und Wünsche - 01.09.2014 (1)
  3. Danke an Bootsektor
    Lob, Kritik und Wünsche - 14.05.2014 (1)
  4. Daaaanke Bootsektor
    Lob, Kritik und Wünsche - 11.05.2014 (1)
  5. Dank an Bootsektor
    Lob, Kritik und Wünsche - 27.10.2013 (1)
  6. virus im bootsektor
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (23)
  7. email link Malware Funde Heur.PE@4294967295, Malware@#nwdk01o66rpro, Malware@#2x6qrvr63cjrw
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (10)
  8. Bootsektor Virus?
    Log-Analyse und Auswertung - 22.07.2011 (18)
  9. Bootsektor war weg
    Log-Analyse und Auswertung - 26.04.2007 (1)
  10. Virus im bootsektor ?
    Plagegeister aller Art und deren Bekämpfung - 14.06.2006 (5)

Zum Thema Win 7: Malware im Bootsektor - Hallo, Ich habe eine mittelschwere Katastrophe mit meinem Laptop. Erstmal Vorab: Windows 7 Home 64 bit Ich hab mir Wahrscheinlich bei dem Download von Plugins für Adobe Photoshop ein fieses - Win 7: Malware im Bootsektor...
Archiv
Du betrachtest: Win 7: Malware im Bootsektor auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.