| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Angeblich nymaim Trojaner eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.02.2015, 23:41
| #1 |
 |  Angeblich nymaim Trojaner eingefangen Hallo zusammen. Also ich hatte vor zwei Tagen einen Betrugsversuch beim Online-Banking. Mein Online-Banking wurde jetzt erst mal gesperrt und die Bank ist dem Betrug nachgegangen und schrieb mir, dass ich wohl einen nymaim Trojaner auf meinem PC habe. Ich habe derzeit kein Viren Programm laufen. Den PC habe ich mal mit Spybot checken lassen, der auch was gefunden und gelöscht hat, aber ich denke das war nicht der Trojaner. Beim Neustart des Systems bekomme ich Fehlermeldungen von irgendwelchen Harddrives die er nicht finden kann, wie z.B. DRM1 bis DRM5 oder so ähnlich. Und ein Fenster öffnet sich mit: SQL Server-Clientkonfigurationsprogramm Doch bevor ich jetzt noch mehr Schaden anrichte, als wohl eh schon besteht, dachte ich, ich frag mal freundlich hier nach Hilfe und Rat. Gruß Marcel Edit: Oh. ich war wohl etwas zu schnell mit posten. Ich gehe grade eure Checkliste durch und werde den Post hier aktuallisieren. Sry! Ich wollte den Beitrag oben bearbeiten, aber scheinbar geht das gar nicht? Ok hier die Log-Files: FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Wallace (administrator) on DRAGON64 on 21-02-2015 22:48:02
Running from C:\Users\Wallace\Desktop
Loaded Profiles: Wallace (Available profiles: Wallace)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\attrib.exe
(Dropbox, Inc.) C:\Users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Ideazon, Inc.) C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
(Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe
(Microsoft Corporation) C:\Windows\SysWOW64\sort.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\at.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steamerrorreporter.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [uninterruptible_power] => C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\HTMLHarness\hb_led\hb_led\biomimetic.exe [380928 2014-10-26] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Zboard] => C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe [182784 2011-02-22] (Ideazon, Inc.)
HKLM-x32\...\Run: [BF2Hub Client] => C:\Program Files (x86)\BF2Hub Client\bf2hub.exe [1521664 2014-07-17] (BF2Hub Systems)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Wallace\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-28] (Electronic Arts)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [openinglimited] => C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe [125440 2015-02-16] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [pace-egg] => C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe [79360 2015-02-16] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [jlaszwpn] => C:\Users\Wallace\AppData\Local\Temp\Kwqee\bhprplozwpn.exe [175616 2015-02-21] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [matter-visit] => C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe [206336 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [string-weekend] => C:\Users\Wallace\AppData\Local\Temp\Stringfirm\stringstuff.exe [77824 2015-02-14] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [proof-reflect] => C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe [156160 2015-02-14] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [uninterruptible_power] => C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\HTMLHarness\hb_led\hb_led\femto_base_station.exe [380928 2012-07-12] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [hat-date] => C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe [77312 2015-02-15] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [contest-compare] => C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe [71680 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [proof-reflect] => C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe [156160 2015-02-14] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [contest-compare] => C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe [71680 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [openinglimited] => C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe [125440 2015-02-16] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [matter-visit] => C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe [206336 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\MountPoints2: J - J:\pushinst.exe
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\MountPoints2: {30bf2fec-3347-11e4-bcb7-806e6f6e6963} - J:\pushinst.exe
Startup: C:\Users\Wallace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
SearchScopes: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "ftp", "182.239.95.137"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "182.239.95.137"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "182.239.95.137"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "182.239.95.137"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3810334735-2351705608-1866539249-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Wallace\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\user.js
FF SearchPlugin: C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\searchplugins\trovi-search.xml
FF Extension: Stealthy - C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\Extensions\stealthyextension@gmail.com.xpi [2013-12-15]
FF Extension: Adblock Plus - C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-15]
Chrome:
=======
CHR Profile: C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-02]
CHR Extension: (Docs) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-02]
CHR Extension: (Google Drive) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-02]
CHR Extension: (YouTube) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-02]
CHR Extension: (Google Search) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-02]
CHR Extension: (Google Sheets) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-02]
CHR Extension: (Google Wallet) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-02]
CHR Extension: (Gmail) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AsSysCtrlService; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S2 brayton_cycle; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\a_weighting.exe [203776 2015-01-08] (Company 'gora-sah') [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 leaded_chip_carrier; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\current_sensor.exe [214016 2012-09-27] (Company 'gora-sah') [File not signed]
S2 long_term_evolution; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\vacuum.exe [204288 2013-06-15] (Company 'gora-sah') [File not signed]
S2 optical_network_terminator; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\linear.exe [214016 2014-07-19] (Company 'gora-sah') [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
S2 preemphasis; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\toughness.exe [217600 2015-01-22] (Company 'gora-sah') [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 statistical_quality; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\pressure_pot_test.exe [212480 2014-01-08] (Company 'gora-sah') [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 thermal_shutdown; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\infrared_data_association.exe [217600 2012-04-06] (Company 'gora-sah') [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 MADFULEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard_DFU.sys [28680 2010-02-09] (M-Audio)
S3 MAUSBLEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard.sys [196616 2010-02-09] (M-Audio)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
S3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-12-28] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 22:48 - 2015-02-21 22:48 - 00026575 _____ () C:\Users\Wallace\Desktop\FRST.txt
2015-02-21 22:40 - 2015-02-21 22:40 - 00275848 _____ () C:\Windows\Minidump\022115-22308-01.dmp
2015-02-21 22:31 - 2015-02-21 22:31 - 00380416 _____ () C:\Users\Wallace\Desktop\Gmer-19357.exe
2015-02-21 22:25 - 2015-02-21 22:25 - 00048966 _____ () C:\Users\Wallace\Downloads\Addition.txt
2015-02-21 22:24 - 2015-02-21 22:48 - 00000000 ____D () C:\FRST
2015-02-21 22:24 - 2015-02-21 22:25 - 00051743 _____ () C:\Users\Wallace\Downloads\FRST.txt
2015-02-21 22:24 - 2015-02-21 22:24 - 02086912 _____ (Farbar) C:\Users\Wallace\Desktop\FRST64.exe
2015-02-21 22:07 - 2015-02-21 22:07 - 00000656 _____ () C:\Users\Wallace\Downloads\defogger_disable.log
2015-02-21 22:07 - 2015-02-21 22:07 - 00000188 _____ () C:\Users\Wallace\defogger_reenable
2015-02-21 22:06 - 2015-02-21 22:06 - 00050477 _____ () C:\Users\Wallace\Desktop\Defogger.exe
2015-02-21 21:40 - 2015-02-21 21:40 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Contest_team
2015-02-21 00:38 - 2015-02-21 00:38 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Matter-suffer
2015-02-20 11:14 - 2015-02-20 11:14 - 76322741 _____ () C:\Users\Wallace\Downloads\joux_plane141.zip
2015-02-20 10:19 - 2015-02-20 10:19 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-02-20 10:18 - 2015-02-20 10:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-20 10:18 - 2015-02-20 10:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-20 10:18 - 2015-02-20 10:18 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-20 10:18 - 2015-02-20 10:18 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-20 10:18 - 2015-02-20 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-20 10:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-02-20 10:17 - 2015-02-20 10:17 - 01203488 _____ () C:\Users\Wallace\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-02-20 10:16 - 2015-02-20 10:16 - 00000000 ____D () C:\Users\Wallace\AppData\Local\Steam
2015-02-18 07:54 - 2015-02-20 11:53 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Gpwzdqjjza
2015-02-16 20:01 - 2015-02-16 20:03 - 00000000 ____D () C:\Users\Wallace\Downloads\Fury.Herz.aus.Stahl
2015-02-16 18:48 - 2015-02-18 07:54 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Knkwzygm
2015-02-16 18:20 - 2015-02-16 18:20 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Pace-worried
2015-02-16 00:30 - 2015-02-16 00:30 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Opening-speed
2015-02-16 00:06 - 2015-02-16 00:06 - 13013970 _____ () C:\Users\Wallace\Downloads\blue_falcon v0.3.rar
2015-02-15 23:17 - 2015-02-15 23:20 - 107431599 _____ () C:\Users\Wallace\Downloads\fmodstudio10512win-installer.exe
2015-02-15 22:54 - 2015-02-15 22:55 - 26519355 _____ () C:\Users\Wallace\Downloads\speed8fixed.7z
2015-02-15 22:27 - 2015-02-15 22:31 - 167158099 _____ () C:\Users\Wallace\Downloads\SeatLeonEuroCup2014_AC_v12.zip
2015-02-15 22:25 - 2015-02-15 22:25 - 45068098 _____ () C:\Users\Wallace\Downloads\ac soundplaceholder.rar
2015-02-15 22:00 - 2015-02-15 22:00 - 75531201 _____ () C:\Users\Wallace\Downloads\broadspeedjaguar_v031.zip
2015-02-15 21:58 - 2015-02-15 22:00 - 19280556 _____ () C:\Users\Wallace\Downloads\AlfaRomeoTZ2_beta0.9.rar
2015-02-15 21:54 - 2015-02-15 21:54 - 24511863 _____ () C:\Users\Wallace\Downloads\speed8.rar
2015-02-15 21:51 - 2015-02-15 21:51 - 36840474 _____ () C:\Users\Wallace\Downloads\renault5_turbo V0.1.rar
2015-02-15 13:06 - 2015-02-15 13:06 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Hatinvite
2015-02-14 17:23 - 2015-02-16 18:48 - 00000000 ___HD () C:\Users\Wallace\AppData\Local\Hvxphis
2015-02-14 15:42 - 2015-02-14 15:44 - 126696140 _____ () C:\Users\Wallace\Downloads\BIMOMUAUDEUN4_MP.rar
2015-02-14 15:35 - 2015-02-14 15:37 - 156267359 _____ () C:\Users\Wallace\Downloads\BIMOMUAUDEUN4BOCD_MP.rar
2015-02-13 20:09 - 2015-02-13 20:12 - 00000000 ____D () C:\Users\Wallace\Downloads\i.roo.201drei.GE.BDR-W
2015-02-13 19:55 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 19:55 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 19:55 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 19:55 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 15:45 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 15:45 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 15:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 15:45 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 15:45 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 15:45 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 15:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 15:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 15:45 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 15:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 15:45 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 15:45 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 15:45 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 15:45 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 15:45 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 15:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 15:45 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 15:45 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 15:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 15:45 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 15:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 15:45 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 15:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 15:45 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 15:45 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 15:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 15:45 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 15:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 15:45 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 15:45 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 15:45 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 15:45 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 15:45 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 15:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 15:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 15:45 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 15:45 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 15:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 15:45 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 15:45 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 15:45 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 15:45 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 15:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 15:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 15:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 15:45 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 15:45 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 15:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 15:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 15:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 15:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 15:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 19:57 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 19:57 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 19:57 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 19:56 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 19:56 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 19:56 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 19:56 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 19:56 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 19:56 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 19:56 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 19:56 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 19:56 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 19:56 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 19:56 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 19:56 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 19:56 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 19:56 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 19:56 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 19:56 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 19:56 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 19:56 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 19:56 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 19:56 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 19:56 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 19:56 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 19:56 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 19:56 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 19:56 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 19:56 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 19:56 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 19:56 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 19:55 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 19:55 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 19:55 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 19:55 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 19:55 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 19:55 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 19:55 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 19:55 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 19:55 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 19:54 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 18:49 - 2015-02-11 19:42 - 00000000 ____D () C:\Users\Wallace\Downloads\Metro_Last_Light_Redux-FLT
2015-02-11 18:13 - 2015-02-21 22:10 - 00000000 ____D () C:\ProgramData\rnx
2015-02-11 16:07 - 2015-02-15 20:38 - 00055396 _____ (BitTorrent Inc.) C:\Users\Wallace\AppData\Roaming\QmVucXSdon.exe
2015-02-11 15:59 - 2015-02-11 16:10 - 00001003 _____ () C:\Users\Wallace\Desktop\Neues Textdokument.txt
2015-02-04 18:06 - 2015-02-04 18:08 - 00000000 ____D () C:\Users\Wallace\Documents\BFH Beta 2
2015-01-28 16:57 - 2015-01-28 16:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 22:48 - 2013-12-15 13:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-21 22:47 - 2013-12-15 13:15 - 00000000 ____D () C:\ProgramData\Origin
2015-02-21 22:47 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 22:47 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 22:45 - 2013-12-15 02:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 22:43 - 2014-07-06 13:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 22:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 22:42 - 2009-07-14 05:51 - 00083322 _____ () C:\Windows\setupact.log
2015-02-21 22:40 - 2013-12-15 11:36 - 680203791 _____ () C:\Windows\MEMORY.DMP
2015-02-21 22:40 - 2013-12-15 11:36 - 00000000 ____D () C:\Windows\Minidump
2015-02-21 22:33 - 2013-12-15 03:32 - 01765433 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 22:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-21 22:31 - 2014-07-06 13:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 22:22 - 2014-01-07 21:15 - 00000000 ___RD () C:\Users\Wallace\Dropbox
2015-02-21 22:21 - 2014-01-07 21:14 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\Dropbox
2015-02-21 22:13 - 2014-09-04 20:00 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\Raptr
2015-02-21 22:10 - 2013-12-15 13:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-21 22:10 - 2013-12-15 12:23 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\newnext.me
2015-02-21 22:09 - 2013-12-27 15:36 - 00000000 ____D () C:\Users\Wallace\AppData\Local\TSVNCache
2015-02-21 22:07 - 2013-12-15 03:32 - 00000000 ____D () C:\Users\Wallace
2015-02-16 20:03 - 2014-01-22 17:56 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\vlc
2015-02-16 19:50 - 2011-04-12 08:43 - 00710404 _____ () C:\Windows\system32\perfh007.dat
2015-02-16 19:50 - 2011-04-12 08:43 - 00154734 _____ () C:\Windows\system32\perfc007.dat
2015-02-16 19:50 - 2009-07-14 06:13 - 01651334 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 12:59 - 2013-12-15 13:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-15 12:59 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-15 12:54 - 2010-11-21 04:47 - 00256542 _____ () C:\Windows\PFRO.log
2015-02-14 19:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 17:18 - 2014-02-07 13:21 - 00003922 _____ () C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2015-02-12 15:43 - 2014-01-07 21:14 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 15:36 - 2009-07-14 05:45 - 04970104 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 15:33 - 2014-12-11 15:46 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 15:33 - 2014-09-03 19:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 20:04 - 2013-12-15 01:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 20:00 - 2013-12-15 01:27 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 19:26 - 2014-07-06 13:09 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 19:26 - 2014-07-06 13:09 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-07 13:00 - 2013-12-15 11:13 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-07 10:45 - 2013-12-15 02:02 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 10:45 - 2013-12-15 02:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 10:45 - 2013-12-15 02:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 19:44 - 2013-12-15 21:30 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-04 18:08 - 2013-12-27 02:10 - 00000000 ____D () C:\Users\Wallace\AppData\Local\PunkBuster
2015-02-04 18:08 - 2013-12-15 21:30 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-04 17:42 - 2013-12-15 21:30 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-04 17:41 - 2013-12-15 11:10 - 00588174 _____ () C:\Windows\DirectX.log
2015-02-01 11:02 - 2014-09-04 20:00 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-29 15:03 - 2013-12-15 01:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2014-02-12 20:22 - 2014-02-12 20:22 - 0002499 _____ () C:\Program Files (x86)\unins000.dat
2014-02-12 20:22 - 2014-02-12 20:22 - 0682266 _____ () C:\Program Files (x86)\unins000.exe
2015-02-11 04:36 - 2015-02-11 04:36 - 0039936 _____ () C:\Users\Wallace\AppData\Roaming\12 Bracelets Passed To Spanish Hands.mp3
2014-01-07 18:17 - 2014-01-07 18:17 - 0000132 _____ () C:\Users\Wallace\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2013-12-28 10:50 - 2014-11-12 09:56 - 0000132 _____ () C:\Users\Wallace\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-02-11 16:07 - 2015-02-15 20:38 - 0055396 _____ (BitTorrent Inc.) C:\Users\Wallace\AppData\Roaming\QmVucXSdon.exe
2014-07-11 14:46 - 2014-07-11 14:46 - 0000091 _____ () C:\Users\Wallace\AppData\Roaming\sversion.ini
2014-01-10 20:35 - 2014-04-11 02:10 - 0001456 _____ () C:\Users\Wallace\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-29 12:55 - 2013-12-29 12:55 - 0000095 _____ () C:\Users\Wallace\AppData\Local\fusioncache.dat
Files to move or delete:
====================
C:\Users\Wallace\AppData\Local\Temp\Kwqee\bhprplozwpn.exe
C:\Users\Wallace\AppData\Local\Temp\Stringfirm\stringstuff.exe
C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe
Some content of TEMP:
====================
C:\Users\Wallace\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe4wgt6.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 20:46
==================== End Of Log ============================
--- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015
Ran by Wallace at 2015-02-21 22:48:56
Running from C:\Users\Wallace\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AGEIA GAME System Software (HKLM-x32\...\{DEDF2885-0086-4534-9912-F9B97377ED07}) (Version: 2.7.3 - AGEIA Technologies)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 2.00.02 - )
Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )
Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: 1.5.1.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
BF2Hub Client (HKLM-x32\...\bf2hub) (Version: - BF2Hub Systems)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{63218538-4A69-497F-8455-904261B0E9E4}) (Version: 13.0 - Corel Corporation)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCS World (HKLM\...\DCS World_is1) (Version: 1.2.7.23803 - )
DCS World (HKLM-x32\...\Steam App 223750) (Version: - Eagle Dynamics)
DE (x32 Version: 13.0 - Corel Corporation) Hidden
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - )
Dropbox (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Drumaxx (HKLM-x32\...\Drumaxx) (Version: - Image-Line)
DX10 (HKLM-x32\...\DX10) (Version: - Image-Line)
Edison (HKLM-x32\...\Edison) (Version: - Image-Line)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee)
Far Cry 4 Gold Edition MULTi2 1.0 (HKLM-x32\...\Far Cry 4 Gold Edition MULTi2 1.0) (Version: - )
Far Cry 4 Gold Edition Update 1 MULTi2 1.3.0 (HKLM-x32\...\Far Cry 4 Gold Edition Update 1 MULTi2 1.3.0) (Version: - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Firebird v2.0 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
First Strike BF2142 Mod Launcher 1.6.6.0 (HKLM-x32\...\First Strike BF2142 Mod Launcher) (Version: 1.6.6.0 - First Strike Development Team)
First Strike Mod (HKLM-x32\...\First Strike Mod) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeTrack v2.2.0.279 (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\FreeTrack v2.2.0.279) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters Studios)
Groove Machine (HKLM-x32\...\Groove Machine) (Version: - Image-Line)
GT Legends (HKLM-x32\...\GT Legends_is1) (Version: - SimBin)
GT Power Expansion (HKLM-x32\...\Steam App 44650) (Version: - SimBin)
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)
Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line bvba)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL DrumSynth Live (HKLM-x32\...\IL DrumSynth Live) (Version: - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version: - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version: - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version: - Image-Line)
IL Juice Pack (HKLM-x32\...\IL Juice Pack) (Version: - Image-Line)
IL MiniHost (HKLM-x32\...\IL MiniHost) (Version: - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
IL Slicex (HKLM-x32\...\IL Slicex) (Version: - Image-Line)
IL Vocodex (HKLM-x32\...\IL Vocodex) (Version: - Image-Line)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{5D9EB565-39CB-4C8E-BF3B-CB8880A61404}) (Version: 12.1.258 - Intel Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LEGO Meine Welt - Fortgeschrittene (HKLM-x32\...\{E57FEDB3-37BD-11D4-9532-005004039EB0}) (Version: - )
Lock On: Air Combat Simulation (HKLM-x32\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - )
M-Audio Legacy Keyboard Driver 5.0.0 (x64) (HKLM\...\{2CA9F96F-AFFC-4D41-B781-47EBD2378DB8}) (Version: 5.0.0 - M-Audio)
M-Audio Oxygen Driver 1.2.1 (x64) (HKLM\...\{6F0B8408-835B-4A55-A429-EB899AD68467}) (Version: 1.2.1 - M-Audio)
Maximus (HKLM-x32\...\Maximus) (Version: - Image-Line)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Morphine (HKLM-x32\...\Morphine) (Version: - Image-Line bvba)
MorphVOX Pro (HKLM-x32\...\{2D7CF073-6583-464A-84D4-F86DE59DCA42}) (Version: 4.4.8 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\MyFreeCodec) (Version: - )
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 2.46 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 1.1.5 (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\OpenOffice.org 1.1.5) (Version: 1.1.5 - Sun Microsystems, Inc. for the OpenOffice.org-Community)
Operation Peacekeeper - Core (HKLM-x32\...\Operation Peacekeeper - Core) (Version: 0.3 - OPK Mod Team)
Operation Peacekeeper - Levels (HKLM-x32\...\Operation Peacekeeper - Levels) (Version: 0.3 - OPK Mod Team)
OPK-Mod - Core (HKLM-x32\...\OPK-Mod - Core) (Version: 0.4 - OPK Mod Team)
OPK-Mod - Levels (HKLM-x32\...\Operation Peacekeeper) (Version: 0.4 - OPK Mod Team)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PlanetSide 2 (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
RACE 07 - Formula RaceRoom Add-On (HKLM-x32\...\Steam App 44630) (Version: - )
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
RACE 07: Andy Priaulx Crowne Plaza Raceway (HKLM-x32\...\Steam App 8650) (Version: - SimBin)
RaceRoom Racing Experience (HKLM-x32\...\Steam App 211500) (Version: - SimBin Studios AB)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
reFX Slayer Demo 2.6.0 (HKLM-x32\...\reFX Slayer Demo 2.6.0_is1) (Version: - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Sakura (HKLM-x32\...\Sakura) (Version: - Image-Line)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimSynth (HKLM-x32\...\SimSynth) (Version: - Image-Line)
Sniper Elite V2 Version v1.0 (HKLM-x32\...\{E8CE0E34-8308-4146-BDB9-B5A9FB5536F1}_is1) (Version: v1.0 - Rebellion, Inc.)
Sound Forge Pro 10.0 (HKLM-x32\...\{3F9170C9-A7C2-408F-A4D8-EC77250040BF}) (Version: 10.0.368 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
STCC II (HKLM-x32\...\Steam App 44620) (Version: - SimBin)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sytrus (HKLM-x32\...\Sytrus) (Version: - Image-Line)
TDU2 Unpacked (HKLM-x32\...\TDU2 Unpacker GUI) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
The WTCC 2010 Pack (HKLM-x32\...\Steam App 44670) (Version: - SimBin)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2009 - Thrustmaster)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.9.6 - Electronic Arts)
TortoiseSVN 1.8.2.24708 (64 bit) (HKLM\...\{D0DC3918-460D-4229-811E-41F22D0CD7E9}) (Version: 1.8.24708 - TortoiseSVN)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line bvba)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
War Thunder Launcher 1.0.1.444 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Wasp (HKLM-x32\...\Wasp) (Version: - Image-Line)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Z Engine (HKLM-x32\...\{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}) (Version: 2.5.0.30_NA - Ideazon)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-02-2015 19:51:24 Geplanter Prüfpunkt
18-02-2015 07:05:46 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-09-05 13:50 - 00002573 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 hxxp://www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
There are 15 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {147D6D4C-AD38-47EA-9112-170087DF92F4} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\ProgramData\ASUS\AASP\1.02.00\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {1D1CCF39-ECF0-4186-A255-D86AD2448948} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11] (Macrovision Corporation)
Task: {1E129DBB-A2EB-4CC9-A0E4-BF1D64ACEAE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {2022DB2F-FFB8-4BF9-B864-BD8046E47BC0} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {274BF49F-D26B-4B81-BB05-0CEF3031AAC3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2D593611-20C4-43EE-A568-B98CAA86E48F} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {33384DA3-978F-4C19-ABAC-E529BBF7A8CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {4913FD79-08D9-4DC9-9000-743B8FA8C8B6} - System32\Tasks\{C8DCA755-6678-4EC3-B347-B1CA735230AF} => pcalua.exe -a O:\Downloads\Games\FreeTrack\FreeTrack_V2.2.exe -d O:\Downloads\Games\FreeTrack
Task: {4B37A0AE-E0E4-452F-AEB1-561060E7EB86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4C891BDC-A6D5-4931-9078-D8BA1CFB5080} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {504FB8EE-393C-44C6-ACA9-2C3E24D7F4C6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {5616B537-C26E-4E72-BF19-10BAFDD0CFA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6EEE4A8A-637F-4513-A267-DEEC4899027B} - System32\Tasks\{A68829E3-EC93-4320-9261-01B9CBA7445B} => pcalua.exe -a P:\setup.exe -d P:\
Task: {76E1E278-A64F-4444-8BCC-A23393B8BDA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {7C78E29A-3A97-4A16-BEEE-F52D915A9E50} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {84E349EC-D5B1-46AD-930B-A1355EA8DD59} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11] (Macrovision Corporation)
Task: {94A6A6CA-DCD5-4539-AC3E-FC9992E73A14} - System32\Tasks\ASUS-Online-Aktualisierungsprogramm => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {AC316486-7A8E-402D-B12E-327F9CB57EFB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B111B94F-6841-4A82-96F4-96D27B06CCB0} - System32\Tasks\{A1EED0A6-1E91-43BB-8BB2-471802A5E0D6} => pcalua.exe -a P:\Autorun.exe -d P:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2013-08-27 23:00 - 2013-08-27 23:00 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-08-27 22:59 - 2013-08-27 22:59 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-12-15 21:30 - 2015-02-04 17:42 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-16 09:24 - 2014-07-16 09:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-12-15 07:27 - 2011-12-06 02:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-12-15 07:27 - 2011-12-06 02:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-02-20 10:18 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-20 10:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-20 10:18 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-20 10:18 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-20 10:18 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-12-15 07:42 - 2009-04-29 14:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2013-12-15 07:42 - 2009-04-29 14:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2013-12-15 07:42 - 2009-04-29 14:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2015-02-15 12:56 - 2015-02-15 12:56 - 00112318 _____ () C:\Users\Wallace\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll
2011-02-16 13:38 - 2011-02-16 13:38 - 00015872 _____ () C:\Program Files (x86)\Ideazon\ZEngine\AxWBOCXLib.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Wallace\Cookies:j5I2fMvYcQRW4Gy0Kw59ncNW
AlternateDataStreams: C:\Users\Wallace\Lokale Einstellungen:NQkYBGtyzuXGtTSA5ZzrS
AlternateDataStreams: C:\Users\Wallace\AppData\Local:NQkYBGtyzuXGtTSA5ZzrS
AlternateDataStreams: C:\Users\Wallace\AppData\Local\Anwendungsdaten:NQkYBGtyzuXGtTSA5ZzrS
AlternateDataStreams: C:\Users\Wallace\AppData\Local\Temporary Internet Files:v72rVpuAyJAEO4mb8sPPQra0
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wallace\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3810334735-2351705608-1866539249-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3810334735-2351705608-1866539249-1006 - Limited - Enabled)
Gast (S-1-5-21-3810334735-2351705608-1866539249-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3810334735-2351705608-1866539249-1002 - Limited - Enabled)
Wallace (S-1-5-21-3810334735-2351705608-1866539249-1000 - Administrator - Enabled) => C:\Users\Wallace
==================== Faulty Device Manager Devices =============
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/21/2015 10:45:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: infrared_data_association.exe, Version: 0.12.4.868, Zeitstempel: 0x54e4147b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x7efde000
ID des fehlerhaften Prozesses: 0xdb8
Startzeit der fehlerhaften Anwendung: 0xinfrared_data_association.exe0
Pfad der fehlerhaften Anwendung: infrared_data_association.exe1
Pfad des fehlerhaften Moduls: infrared_data_association.exe2
Berichtskennung: infrared_data_association.exe3
Error: (02/21/2015 10:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ole32.DLL, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003aa87
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (02/21/2015 10:12:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 09:40:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:30:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm insurgency.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1cf0
Startzeit: 01d04d5cae176ef3
Endzeit: 244
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Berichts-ID:
Error: (02/20/2015 11:29:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm insurgency.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ed0
Startzeit: 01d04d59c7c14028
Endzeit: 272
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Berichts-ID:
Error: (02/20/2015 10:39:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm ArcaVir Tray Module wurde wegen dieses Fehlers geschlossen.
Programm: ArcaVir Tray Module
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {0000E466-20F3-974}, Version: 8.5.1.0, Zeitstempel: 0x54e6159b
Name des fehlerhaften Moduls: {0000E466-20F3-974}, Version: 8.5.1.0, Zeitstempel: 0x54e6159b
Ausnahmecode: 0xc0000096
Fehleroffset: 0x00003d3d
ID des fehlerhaften Prozesses: 0x20b8
Startzeit der fehlerhaften Anwendung: 0x{0000E466-20F3-974}0
Pfad der fehlerhaften Anwendung: {0000E466-20F3-974}1
Pfad des fehlerhaften Moduls: {0000E466-20F3-974}2
Berichtskennung: {0000E466-20F3-974}3
System errors:
=============
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "saw_filter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "non_return_to_zero" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "computer_aided_design" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "anode" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "down_converter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:43:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst inductor_based_switcher erreicht.
Error: (02/21/2015 10:42:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/21/2015 10:40:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AsIO
AsUpIO
discache
spldr
Wanarpv6
Error: (02/21/2015 10:40:43 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000109 (0xa3a039d89d2485bc, 0xb3b7465eefa2c08e, 0xfffff880009f45c0, 0x0000000000000002)C:\Windows\MEMORY.DMP022115-22308-01
Error: (02/21/2015 10:40:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.02.2015 um 22:39:21 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (02/21/2015 10:45:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: infrared_data_association.exe0.12.4.86854e4147bunknown0.0.0.000000000c00000057efde000db801d04e1fa4a3edecC:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\infrared_data_association.exeunknownf88e5457-ba12-11e4-8402-d838145415c9
Error: (02/21/2015 10:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.1.7600.163854a5bc100ole32.DLL6.1.7601.175144ce7b96fc00000050003aa879dc01d04e1ac7a211eaC:\Windows\syswow64\svchost.exeC:\Windows\syswow64\ole32.DLL288746f9-ba11-11e4-9183-bcee7b73f9a8
Error: (02/21/2015 10:12:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 09:40:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:30:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: insurgency.exe0.0.0.01cf001d04d5cae176ef3244C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Error: (02/20/2015 11:29:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: insurgency.exe0.0.0.01ed001d04d59c7c14028272C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Error: (02/20/2015 10:39:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: ArcaVir Tray Module000000000
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: {0000E466-20F3-974}8.5.1.054e6159b{0000E466-20F3-974}8.5.1.054e6159bc000009600003d3d20b801d04cf4ce7eca3eC:\Users\Wallace\AppData\Local\Temp\{0000E466-20F3-974}C:\Users\Wallace\AppData\Local\Temp\{0000E466-20F3-974}0cc201ac-b8e8-11e4-b6bd-bcee7b73f9a8
CodeIntegrity Errors:
===================================
Date: 2015-02-21 22:42:01.593
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 22:42:01.531
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 22:08:54.063
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 22:08:53.985
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 21:36:21.496
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 21:36:21.387
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 22:35:53.933
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 22:35:53.808
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 10:10:59.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 10:10:59.459
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD FX(tm)-4130 Quad-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 8190.12 MB
Available physical RAM: 6145.95 MB
Total Pagefile: 16378.42 MB
Available Pagefile: 13833.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:685.44 GB) (Free:35.39 GB) NTFS
Drive d: (Musik) (Fixed) (Total:48.91 GB) (Free:0.52 GB) NTFS
Drive e: (PRODUCER) (Fixed) (Total:97.66 GB) (Free:24.03 GB) NTFS
Drive f: (PROG) (Fixed) (Total:146.49 GB) (Free:62.71 GB) NTFS
Drive g: (DATA) (Fixed) (Total:172.69 GB) (Free:14.06 GB) NTFS
Drive h: (FACTORY_IMAGE) (Fixed) (Total:13.1 GB) (Free:12.02 GB) NTFS
Drive o: (My Book) (Fixed) (Total:1862.98 GB) (Free:1245.04 GB) NTFS
Drive q: (My Book) (Fixed) (Total:465.64 GB) (Free:94.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=685.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: EBF8BF2C)
Partition 1: (Not Active) - (Size=416.8 GB) - (Type=OF Extended)
Partition 2: (Not Active) - (Size=48.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00021365)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
==================== End Of Log ============================
|
|
21.02.2015, 23:43
| #2 |
| | Angeblich nymaim Trojaner eingefangen GMER
__________________Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-21 23:33:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3750528AS rev.HP34 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Wallace\AppData\Local\Temp\uxrcapod.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960001a4900 7 bytes [00, 99, F3, FF, 41, AC, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff960001a4908 3 bytes [00, 07, 02]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1376] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2708] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000738417fa 2 bytes CALL 771a11a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000073841860 2 bytes CALL 771a11a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000073841942 2 bytes JMP 770f7089 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 000000007384194d 2 bytes JMP 770fcba6 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1844] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3164] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3172] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3352] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\syswow64\svchost.exe[3864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4124] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
|
|
21.02.2015, 23:43
| #3 |
| | Angeblich nymaim Trojaner eingefangen GMER Teil2
__________________Code:
ATTFilter .text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\attrib.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\dllhost.exe[4544] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe[5700] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\notepad.exe[5716] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007789f8ea 1 byte [C3]
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\USER32.dll!GetSysColor 00000000760f6c3c 4 bytes JMP 000000016305da75
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\USER32.dll!GetSysColorBrush 00000000761035a4 4 bytes JMP 000000016305cbdd
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe[6064] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\typeperf.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\systeminfo.exe[2448] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5672] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4688] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\logagent.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\at.exe[5252] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076681401 2 bytes JMP 771cb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076681419 2 bytes JMP 771cb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076681431 2 bytes JMP 77248ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007668144a 2 bytes CALL 771a48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766814dd 2 bytes JMP 772487a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766814f5 2 bytes JMP 77248978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007668150d 2 bytes JMP 77248698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076681525 2 bytes JMP 77248a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007668153d 2 bytes JMP 771bfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076681555 2 bytes JMP 771c68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007668156d 2 bytes JMP 77248f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076681585 2 bytes JMP 77248ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007668159d 2 bytes JMP 7724865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766815b5 2 bytes JMP 771bfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766815cd 2 bytes JMP 771cb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766816b2 2 bytes JMP 77248e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[7952] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766816bd 2 bytes JMP 772485f1 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Windows\Explorer.EXE [1240:3800] 000000000708a020
Thread C:\Windows\Explorer.EXE [1240:3840] 0000000007086d40
Thread C:\Windows\Explorer.EXE [1240:3828] 000000000707b370
Thread C:\Windows\SysWOW64\attrib.exe [3428:4676] 000000007ef97c32
Thread C:\Windows\SysWOW64\attrib.exe [3428:4640] 000000007ef97be4
Thread C:\Windows\SysWOW64\attrib.exe [3428:4648] 000000007ef991d3
Thread C:\Windows\SysWOW64\attrib.exe [3428:1052] 000000007ef9dc0c
Thread C:\Windows\SysWOW64\dllhost.exe [4544:3788] 000000007ef90000
Thread C:\Windows\SysWOW64\dllhost.exe [4544:2736] 000000007ef91ca5
Thread C:\Windows\SysWOW64\dllhost.exe [4544:3816] 000000007ef96aad
Thread C:\Windows\SysWOW64\dllhost.exe [4544:3476] 000000007ef95a32
Thread C:\Windows\SysWOW64\notepad.exe [5716:5736] 000000007ef97c32
Thread C:\Windows\SysWOW64\notepad.exe [5716:5740] 000000007ef97be4
Thread C:\Windows\SysWOW64\notepad.exe [5716:5776] 000000007ef991d3
Thread C:\Windows\SysWOW64\notepad.exe [5716:5900] 000000007ef9dc0c
Thread C:\Windows\SysWOW64\typeperf.exe [6100:2176] 000000007ef97c32
Thread C:\Windows\SysWOW64\typeperf.exe [6100:5976] 000000007ef97be4
Thread C:\Windows\SysWOW64\typeperf.exe [6100:5404] 000000007ef991d3
Thread C:\Windows\SysWOW64\typeperf.exe [6100:6136] 000000007ef9dc0c
Thread C:\Windows\SysWOW64\sort.exe [5672:5432] 000000007ef97c32
Thread C:\Windows\SysWOW64\sort.exe [5672:5436] 000000007ef97be4
Thread C:\Windows\SysWOW64\sort.exe [5672:6132] 000000007ef991d3
Thread C:\Windows\SysWOW64\sort.exe [5672:4680] 000000007ef9dc0c
Thread C:\Windows\SysWOW64\logagent.exe [5352:4672] 000000007ef97c32
Thread C:\Windows\SysWOW64\logagent.exe [5352:5332] 000000007ef97be4
Thread C:\Windows\SysWOW64\logagent.exe [5352:5748] 000000007ef991d3
Thread C:\Windows\SysWOW64\logagent.exe [5352:5960] 000000007ef9dc0c
Thread C:\Windows\SysWOW64\at.exe [5252:240] 000000007ef97c95
Thread C:\Windows\SysWOW64\at.exe [5252:5724] 000000007ef97c47
Thread C:\Windows\SysWOW64\at.exe [5252:5788] 000000007ef99236
Thread C:\Windows\SysWOW64\at.exe [5252:6036] 000000007ef9e96a
Thread C:\Windows\system32\SearchFilterHost.exe [7116:8724] 0000000000910000
---- Processes - GMER 2.1 ----
Library C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsAcpi.dll (*** suspicious ***) @ C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [1552] (ASUS ACPI Interface/ASUS)(2009-03-05 13:28:36) 0000000010000000
Library C:\Users\Wallace\AppData\Roaming\newnext.me\nengine.dll (*** suspicious ***) @ C:\Windows\SysWOW64\rundll32.exe [4100] (NewNext Helper Engine/NewNextDotMe)(2013-12-15 11:23:28) 00000000724c0000
Library C:\Users\Wallace\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll (*** suspicious ***) @ C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe [6064](2015-02-15 11:56:07) 0000000010000000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x80 0x4A 0x36 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x96 0x7D 0x95 0xD7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFC 0xB3 0x51 0xE6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x80 0x4A 0x36 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x96 0x7D 0x95 0xD7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFC 0xB3 0x51 0xE6 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@ExcludeProfileDirs AppData\Local;AppData\LocalLow;$Recycle.Bin
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@BuildNumber 7601
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@FirstLogon 0
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@ParseAutoexec 1
---- EOF - GMER 2.1 ----
  Danke schonmal |
|
22.02.2015, 17:18
| #4 |
| /// the machine /// TB-Ausbilder    | Angeblich nymaim Trojaner eingefangen hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.02.2015, 20:22
| #5 |
| | Angeblich nymaim Trojaner eingefangen Vielen Dank für die Hilfe. Hab alles ausgeführt. Hier die Log-Files: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.02.22.05
rootkit: v2015.02.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17633
Wallace :: DRAGON64 [administrator]
22.02.2015 19:58:10
mbar-log-2015-02-22 (19-58-10).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 347528
Time elapsed: 11 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 20:13:56.0818 0x1304 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:14:00.0604 0x1304 ============================================================
20:14:00.0605 0x1304 Current date / time: 2015/02/22 20:14:00.0604
20:14:00.0605 0x1304 SystemInfo:
20:14:00.0605 0x1304
20:14:00.0605 0x1304 OS Version: 6.1.7601 ServicePack: 1.0
20:14:00.0605 0x1304 Product type: Workstation
20:14:00.0605 0x1304 ComputerName: DRAGON64
20:14:00.0605 0x1304 UserName: Wallace
20:14:00.0605 0x1304 Windows directory: C:\Windows
20:14:00.0605 0x1304 System windows directory: C:\Windows
20:14:00.0605 0x1304 Running under WOW64
20:14:00.0605 0x1304 Processor architecture: Intel x64
20:14:00.0605 0x1304 Number of processors: 4
20:14:00.0605 0x1304 Page size: 0x1000
20:14:00.0605 0x1304 Boot type: Normal boot
20:14:00.0605 0x1304 ============================================================
20:14:04.0089 0x1304 KLMD registered as C:\Windows\system32\drivers\05542928.sys
20:14:04.0530 0x1304 System UUID: {16D1EC3B-9554-5EDC-4910-9ECB978DB774}
20:14:04.0907 0x1304 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:04.0926 0x1304 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:04.0929 0x1304 Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:14:04.0930 0x1304 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:14:10.0191 0x1304 ============================================================
20:14:10.0191 0x1304 \Device\Harddisk0\DR0:
20:14:10.0210 0x1304 MBR partitions:
20:14:10.0210 0x1304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:14:10.0210 0x1304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55AE0800
20:14:10.0210 0x1304 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55B13000, BlocksNum 0x1A32800
20:14:10.0211 0x1304 \Device\Harddisk1\DR1:
20:14:10.0216 0x1304 MBR partitions:
20:14:10.0222 0x1304 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x61D6AB1, BlocksNum 0xC35314E
20:14:10.0236 0x1304 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12529C3E, BlocksNum 0x124FAAB4
20:14:10.0253 0x1304 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x24A24731, BlocksNum 0x15960510
20:14:10.0253 0x1304 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x61D2B72
20:14:10.0253 0x1304 \Device\Harddisk2\DR2:
20:14:10.0253 0x1304 MBR partitions:
20:14:10.0253 0x1304 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
20:14:10.0253 0x1304 \Device\Harddisk3\DR3:
20:14:10.0271 0x1304 MBR partitions:
20:14:10.0271 0x1304 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
20:14:10.0271 0x1304 ============================================================
20:14:10.0297 0x1304 C: <-> \Device\Harddisk0\DR0\Partition2
20:14:10.0335 0x1304 D: <-> \Device\Harddisk1\DR1\Partition4
20:14:10.0366 0x1304 E: <-> \Device\Harddisk1\DR1\Partition1
20:14:10.0401 0x1304 F: <-> \Device\Harddisk1\DR1\Partition2
20:14:10.0421 0x1304 G: <-> \Device\Harddisk1\DR1\Partition3
20:14:10.0455 0x1304 H: <-> \Device\Harddisk0\DR0\Partition3
20:14:10.0868 0x1304 O: <-> \Device\Harddisk2\DR2\Partition1
20:14:10.0869 0x1304 Q: <-> \Device\Harddisk3\DR3\Partition1
20:14:10.0869 0x1304 ============================================================
20:14:10.0869 0x1304 Initialize success
20:14:10.0869 0x1304 ============================================================
20:15:36.0559 0x1768 ============================================================
20:15:36.0559 0x1768 Scan started
20:15:36.0559 0x1768 Mode: Manual; SigCheck; TDLFS;
20:15:36.0559 0x1768 ============================================================
20:15:36.0559 0x1768 KSN ping started
20:15:50.0246 0x1768 KSN ping finished: true
20:15:51.0576 0x1768 ================ Scan system memory ========================
20:15:51.0576 0x1768 System memory - ok
20:15:51.0576 0x1768 ================ Scan services =============================
20:15:51.0704 0x1768 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:51.0763 0x1768 1394ohci - ok
20:15:51.0794 0x1768 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:51.0816 0x1768 ACPI - ok
20:15:51.0833 0x1768 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:51.0863 0x1768 AcpiPmi - ok
20:15:51.0917 0x1768 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:51.0928 0x1768 AdobeARMservice - ok
20:15:52.0011 0x1768 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:52.0028 0x1768 AdobeFlashPlayerUpdateSvc - ok
20:15:52.0052 0x1768 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:15:52.0074 0x1768 adp94xx - ok
20:15:52.0097 0x1768 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:15:52.0113 0x1768 adpahci - ok
20:15:52.0131 0x1768 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:15:52.0144 0x1768 adpu320 - ok
20:15:52.0171 0x1768 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:52.0214 0x1768 AeLookupSvc - ok
20:15:52.0253 0x1768 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:15:52.0291 0x1768 AFD - ok
20:15:52.0310 0x1768 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:52.0320 0x1768 agp440 - ok
20:15:52.0337 0x1768 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:15:52.0351 0x1768 ALG - ok
20:15:52.0369 0x1768 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:52.0378 0x1768 aliide - ok
20:15:52.0402 0x1768 [ B3E801135E0C81733542C14D9AA8120A, 69A19C73BBB942DDEBD079EF924ED1AEFC3516867569618D2FBBD1CD831204C2 ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
20:15:52.0427 0x1768 Alpham1 - ok
20:15:52.0441 0x1768 [ 6493983FEDBC49D9112703ECE9B251FE, E5D0EEBA8C8D9C02CC4109C86ABC6375E5CF79F6549917C011238FD2DD78BF71 ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
20:15:52.0457 0x1768 Alpham2 - ok
20:15:52.0533 0x1768 [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:15:52.0559 0x1768 AMD External Events Utility - ok
20:15:52.0635 0x1768 AMD FUEL Service - ok
20:15:52.0649 0x1768 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:52.0659 0x1768 amdide - ok
20:15:52.0685 0x1768 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:15:52.0704 0x1768 AmdK8 - ok
20:15:53.0182 0x1768 [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:15:53.0737 0x1768 amdkmdag - ok
20:15:53.0808 0x1768 [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:15:53.0845 0x1768 amdkmdap - ok
20:15:53.0854 0x1768 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:53.0865 0x1768 AmdPPM - ok
20:15:53.0895 0x1768 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:53.0907 0x1768 amdsata - ok
20:15:53.0928 0x1768 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:15:53.0941 0x1768 amdsbs - ok
20:15:53.0953 0x1768 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:53.0964 0x1768 amdxata - ok
20:15:53.0966 0x1768 AODDriver4.2.0 - ok
20:15:53.0995 0x1768 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:15:54.0009 0x1768 AODDriver4.3 - ok
20:15:54.0030 0x1768 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:15:54.0124 0x1768 AppID - ok
20:15:54.0152 0x1768 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:54.0194 0x1768 AppIDSvc - ok
20:15:54.0215 0x1768 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:15:54.0246 0x1768 Appinfo - ok
20:15:54.0266 0x1768 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:15:54.0277 0x1768 arc - ok
20:15:54.0284 0x1768 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:15:54.0294 0x1768 arcsas - ok
20:15:54.0340 0x1768 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
20:15:54.0348 0x1768 AsIO - ok
20:15:54.0366 0x1768 [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
20:15:54.0410 0x1768 asmthub3 - ok
20:15:54.0433 0x1768 [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
20:15:54.0465 0x1768 asmtxhci - ok
20:15:54.0522 0x1768 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:15:54.0544 0x1768 aspnet_state - ok
20:15:54.0598 0x1768 [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
20:15:54.0607 0x1768 AsSysCtrlService - ok
20:15:54.0612 0x1768 [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
20:15:54.0621 0x1768 AsUpIO - ok
20:15:54.0635 0x1768 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:54.0674 0x1768 AsyncMac - ok
20:15:54.0694 0x1768 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:54.0704 0x1768 atapi - ok
20:15:54.0737 0x1768 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:15:54.0742 0x1768 AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
20:15:57.0185 0x1768 Detect skipped due to KSN trusted
20:15:57.0185 0x1768 AtiHDAudioService - ok
20:15:57.0781 0x1768 [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:15:58.0315 0x1768 atikmdag - ok
20:15:58.0367 0x1768 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:15:58.0375 0x1768 AtiPcie - ok
20:15:58.0455 0x1768 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:58.0516 0x1768 AudioEndpointBuilder - ok
20:15:58.0560 0x1768 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:58.0622 0x1768 AudioSrv - ok
20:15:58.0671 0x1768 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
20:15:58.0691 0x1768 avmeject - ok
20:15:58.0723 0x1768 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:58.0800 0x1768 AxInstSV - ok
20:15:58.0865 0x1768 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:15:58.0932 0x1768 b06bdrv - ok
20:15:58.0975 0x1768 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:59.0019 0x1768 b57nd60a - ok
20:15:59.0041 0x1768 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:59.0071 0x1768 BDESVC - ok
20:15:59.0088 0x1768 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:59.0136 0x1768 Beep - ok
20:15:59.0169 0x1768 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:15:59.0220 0x1768 BFE - ok
20:15:59.0282 0x1768 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:15:59.0364 0x1768 BITS - ok
20:15:59.0383 0x1768 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:59.0420 0x1768 blbdrive - ok
20:15:59.0445 0x1768 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:59.0474 0x1768 bowser - ok
20:15:59.0488 0x1768 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:15:59.0527 0x1768 BrFiltLo - ok
20:15:59.0547 0x1768 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:15:59.0580 0x1768 BrFiltUp - ok
20:15:59.0625 0x1768 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:15:59.0672 0x1768 Browser - ok
20:15:59.0698 0x1768 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:59.0765 0x1768 Brserid - ok
20:15:59.0801 0x1768 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:59.0828 0x1768 BrSerWdm - ok
20:15:59.0849 0x1768 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:59.0880 0x1768 BrUsbMdm - ok
20:15:59.0889 0x1768 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:59.0920 0x1768 BrUsbSer - ok
20:15:59.0931 0x1768 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:15:59.0966 0x1768 BTHMODEM - ok
20:16:00.0000 0x1768 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:16:00.0047 0x1768 bthserv - ok
20:16:00.0087 0x1768 [ DC22832C7A65054129DEFE8BC0C6E2B6, 913C8FE83A1FFDC6A1EA54B910D98D9A4C8EF049D0B1D0D0AFB5BF1514AABE59 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
20:16:00.0136 0x1768 camfilt2 - ok
20:16:00.0162 0x1768 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:16:00.0216 0x1768 cdfs - ok
20:16:00.0240 0x1768 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:16:00.0286 0x1768 cdrom - ok
20:16:00.0306 0x1768 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:16:00.0366 0x1768 CertPropSvc - ok
20:16:00.0386 0x1768 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:16:00.0417 0x1768 circlass - ok
20:16:00.0451 0x1768 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:16:00.0479 0x1768 CLFS - ok
20:16:00.0527 0x1768 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:16:00.0553 0x1768 clr_optimization_v2.0.50727_32 - ok
20:16:00.0600 0x1768 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:16:00.0618 0x1768 clr_optimization_v2.0.50727_64 - ok
20:16:00.0669 0x1768 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:16:00.0706 0x1768 clr_optimization_v4.0.30319_32 - ok
20:16:00.0719 0x1768 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:16:00.0734 0x1768 clr_optimization_v4.0.30319_64 - ok
20:16:00.0758 0x1768 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:16:00.0777 0x1768 CmBatt - ok
20:16:00.0818 0x1768 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:16:00.0837 0x1768 cmdide - ok
20:16:00.0894 0x1768 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
20:16:00.0921 0x1768 CNG - ok
20:16:00.0947 0x1768 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:16:00.0960 0x1768 Compbatt - ok
20:16:00.0974 0x1768 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:16:01.0011 0x1768 CompositeBus - ok
20:16:01.0016 0x1768 COMSysApp - ok
20:16:01.0030 0x1768 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:16:01.0045 0x1768 crcdisk - ok
20:16:01.0089 0x1768 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:16:01.0117 0x1768 CryptSvc - ok
20:16:01.0188 0x1768 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:16:01.0239 0x1768 DcomLaunch - ok
20:16:01.0290 0x1768 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:16:01.0331 0x1768 defragsvc - ok
20:16:01.0340 0x1768 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:16:01.0406 0x1768 DfsC - ok
20:16:01.0450 0x1768 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:16:01.0468 0x1768 dg_ssudbus - ok
20:16:01.0491 0x1768 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:16:01.0567 0x1768 Dhcp - ok
20:16:01.0590 0x1768 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:16:01.0654 0x1768 discache - ok
20:16:01.0660 0x1768 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:16:01.0670 0x1768 Disk - ok
20:16:01.0715 0x1768 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:16:01.0755 0x1768 Dnscache - ok
20:16:01.0781 0x1768 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:16:01.0858 0x1768 dot3svc - ok
20:16:01.0882 0x1768 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:16:01.0943 0x1768 DPS - ok
20:16:01.0974 0x1768 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:16:02.0029 0x1768 drmkaud - ok
20:16:02.0080 0x1768 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:16:02.0128 0x1768 DXGKrnl - ok
20:16:02.0155 0x1768 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:16:02.0209 0x1768 EapHost - ok
20:16:02.0324 0x1768 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:16:02.0507 0x1768 ebdrv - ok
20:16:02.0548 0x1768 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
20:16:02.0590 0x1768 EFS - ok
20:16:02.0669 0x1768 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:16:02.0731 0x1768 ehRecvr - ok
20:16:02.0757 0x1768 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:16:02.0797 0x1768 ehSched - ok
20:16:02.0834 0x1768 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:16:02.0883 0x1768 elxstor - ok
20:16:02.0900 0x1768 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:16:02.0932 0x1768 ErrDev - ok
20:16:02.0982 0x1768 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:16:03.0071 0x1768 EventSystem - ok
20:16:03.0102 0x1768 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:16:03.0150 0x1768 exfat - ok
20:16:03.0179 0x1768 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:16:03.0251 0x1768 fastfat - ok
20:16:03.0288 0x1768 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:16:03.0333 0x1768 Fax - ok
20:16:03.0361 0x1768 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:16:03.0394 0x1768 fdc - ok
20:16:03.0420 0x1768 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:16:03.0478 0x1768 fdPHost - ok
20:16:03.0497 0x1768 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:16:03.0535 0x1768 FDResPub - ok
20:16:03.0546 0x1768 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:16:03.0559 0x1768 FileInfo - ok
20:16:03.0573 0x1768 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:16:03.0627 0x1768 Filetrace - ok
20:16:03.0646 0x1768 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:16:03.0687 0x1768 flpydisk - ok
20:16:03.0705 0x1768 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:16:03.0745 0x1768 FltMgr - ok
20:16:03.0807 0x1768 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:16:03.0899 0x1768 FontCache - ok
20:16:03.0964 0x1768 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:16:03.0987 0x1768 FontCache3.0.0.0 - ok
20:16:04.0005 0x1768 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:16:04.0017 0x1768 FsDepends - ok
20:16:04.0055 0x1768 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:16:04.0068 0x1768 Fs_Rec - ok
20:16:04.0088 0x1768 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:16:04.0112 0x1768 fvevol - ok
20:16:04.0166 0x1768 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
20:16:04.0220 0x1768 FWLANUSB - ok
20:16:04.0244 0x1768 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:16:04.0281 0x1768 gagp30kx - ok
20:16:04.0320 0x1768 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:16:04.0391 0x1768 gpsvc - ok
20:16:04.0468 0x1768 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:16:04.0481 0x1768 gupdate - ok
20:16:04.0521 0x1768 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:16:04.0537 0x1768 gupdatem - ok
20:16:04.0559 0x1768 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:16:04.0619 0x1768 hcw85cir - ok
20:16:04.0671 0x1768 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:16:04.0733 0x1768 HdAudAddService - ok
20:16:04.0756 0x1768 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:16:04.0790 0x1768 HDAudBus - ok
20:16:04.0807 0x1768 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:16:04.0819 0x1768 HidBatt - ok
20:16:04.0844 0x1768 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:16:04.0897 0x1768 HidBth - ok
20:16:04.0922 0x1768 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:16:04.0967 0x1768 HidIr - ok
20:16:04.0990 0x1768 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:16:05.0030 0x1768 hidserv - ok
20:16:05.0050 0x1768 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:16:05.0076 0x1768 HidUsb - ok
20:16:05.0113 0x1768 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:16:05.0175 0x1768 hkmsvc - ok
20:16:05.0200 0x1768 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:16:05.0238 0x1768 HomeGroupListener - ok
20:16:05.0271 0x1768 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:16:05.0308 0x1768 HomeGroupProvider - ok
20:16:05.0324 0x1768 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:16:05.0355 0x1768 HpSAMD - ok
20:16:05.0403 0x1768 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:16:05.0476 0x1768 HTTP - ok
20:16:05.0519 0x1768 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:16:05.0545 0x1768 hwpolicy - ok
20:16:05.0573 0x1768 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:16:05.0599 0x1768 i8042prt - ok
20:16:05.0640 0x1768 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:16:05.0667 0x1768 iaStorV - ok
20:16:05.0730 0x1768 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:16:05.0753 0x1768 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
20:16:08.0179 0x1768 Detect skipped due to KSN trusted
20:16:08.0179 0x1768 IDriverT - ok
20:16:08.0254 0x1768 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:16:08.0289 0x1768 idsvc - ok
20:16:08.0329 0x1768 IEEtwCollectorService - ok
20:16:08.0341 0x1768 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:16:08.0375 0x1768 iirsp - ok
20:16:08.0426 0x1768 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:16:08.0467 0x1768 IKEEXT - ok
20:16:08.0486 0x1768 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:16:08.0495 0x1768 intelide - ok
20:16:08.0513 0x1768 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:16:08.0535 0x1768 intelppm - ok
20:16:08.0571 0x1768 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:16:08.0609 0x1768 IPBusEnum - ok
20:16:08.0640 0x1768 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:16:08.0691 0x1768 IpFilterDriver - ok
20:16:08.0731 0x1768 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:16:08.0775 0x1768 iphlpsvc - ok
20:16:08.0804 0x1768 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:16:08.0829 0x1768 IPMIDRV - ok
20:16:08.0850 0x1768 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:16:08.0887 0x1768 IPNAT - ok
20:16:08.0911 0x1768 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:16:08.0929 0x1768 IRENUM - ok
20:16:08.0940 0x1768 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:16:08.0952 0x1768 isapnp - ok
20:16:08.0982 0x1768 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:16:08.0999 0x1768 iScsiPrt - ok
20:16:09.0021 0x1768 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:16:09.0032 0x1768 kbdclass - ok
20:16:09.0040 0x1768 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:16:09.0067 0x1768 kbdhid - ok
20:16:09.0081 0x1768 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
20:16:09.0093 0x1768 KeyIso - ok
20:16:09.0114 0x1768 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:16:09.0125 0x1768 KSecDD - ok
20:16:09.0153 0x1768 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:16:09.0167 0x1768 KSecPkg - ok
20:16:09.0181 0x1768 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:16:09.0214 0x1768 ksthunk - ok
20:16:09.0247 0x1768 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:16:09.0292 0x1768 KtmRm - ok
20:16:09.0324 0x1768 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:16:09.0377 0x1768 LanmanServer - ok
20:16:09.0409 0x1768 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:16:09.0455 0x1768 LanmanWorkstation - ok
20:16:09.0473 0x1768 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:16:09.0507 0x1768 lltdio - ok
20:16:09.0532 0x1768 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:16:09.0588 0x1768 lltdsvc - ok
20:16:09.0604 0x1768 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:16:09.0654 0x1768 lmhosts - ok
20:16:09.0678 0x1768 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:16:09.0691 0x1768 LSI_FC - ok
20:16:09.0698 0x1768 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:16:09.0714 0x1768 LSI_SAS - ok
20:16:09.0722 0x1768 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:16:09.0734 0x1768 LSI_SAS2 - ok
20:16:09.0743 0x1768 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:16:09.0754 0x1768 LSI_SCSI - ok
20:16:09.0762 0x1768 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:16:09.0812 0x1768 luafv - ok
20:16:09.0844 0x1768 [ F0DCD0FD9D79668E34A660F49C8C00BC, 1A57E0E6528AD21F983577E3945B3B72A3A3614E6245313330A4351D9FD3F207 ] MADFULEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard_DFU.sys
20:16:09.0854 0x1768 MADFULEGACYKEYBOARD - ok
20:16:09.0870 0x1768 [ FAEDBEE189A877E302B023BD24FAEBF8, C6E77B90D5D53E539A3AE35D42DD17E90AC1F90B3698C4600BC537E58EA867E4 ] MAUSBLEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard.sys
20:16:09.0883 0x1768 MAUSBLEGACYKEYBOARD - ok
20:16:09.0921 0x1768 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:16:09.0939 0x1768 Mcx2Svc - ok
20:16:09.0957 0x1768 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
20:16:09.0969 0x1768 megasas - ok
20:16:09.0995 0x1768 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:16:10.0012 0x1768 MegaSR - ok
20:16:10.0031 0x1768 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:16:10.0080 0x1768 MMCSS - ok
20:16:10.0095 0x1768 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:16:10.0126 0x1768 Modem - ok
20:16:10.0146 0x1768 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:16:10.0170 0x1768 monitor - ok
20:16:10.0195 0x1768 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:16:10.0206 0x1768 mouclass - ok
20:16:10.0212 0x0bbc Object required for P2P: [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject
20:16:10.0222 0x1768 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:16:10.0243 0x1768 mouhid - ok
20:16:10.0252 0x1768 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:16:10.0265 0x1768 mountmgr - ok
20:16:10.0295 0x1768 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:16:10.0305 0x1768 MozillaMaintenance - ok
20:16:10.0320 0x1768 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:16:10.0334 0x1768 mpio - ok
20:16:10.0350 0x1768 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:16:10.0398 0x1768 mpsdrv - ok
20:16:10.0439 0x1768 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:16:10.0495 0x1768 MpsSvc - ok
20:16:10.0522 0x1768 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:16:10.0557 0x1768 MRxDAV - ok
20:16:10.0574 0x1768 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:16:10.0610 0x1768 mrxsmb - ok
20:16:10.0645 0x1768 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:16:10.0663 0x1768 mrxsmb10 - ok
20:16:10.0671 0x1768 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:16:10.0692 0x1768 mrxsmb20 - ok
20:16:10.0712 0x1768 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:16:10.0722 0x1768 msahci - ok
20:16:10.0730 0x1768 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:16:10.0744 0x1768 msdsm - ok
20:16:10.0772 0x1768 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:16:10.0789 0x1768 MSDTC - ok
20:16:10.0801 0x1768 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:16:10.0833 0x1768 Msfs - ok
20:16:10.0848 0x1768 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:16:10.0881 0x1768 mshidkmdf - ok
20:16:10.0885 0x1768 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:16:10.0896 0x1768 msisadrv - ok
20:16:10.0917 0x1768 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:16:10.0976 0x1768 MSiSCSI - ok
20:16:10.0981 0x1768 msiserver - ok
20:16:10.0999 0x1768 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:16:11.0030 0x1768 MSKSSRV - ok
20:16:11.0049 0x1768 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:16:11.0082 0x1768 MSPCLOCK - ok
20:16:11.0095 0x1768 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:16:11.0140 0x1768 MSPQM - ok
20:16:11.0168 0x1768 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:16:11.0188 0x1768 MsRPC - ok
20:16:11.0205 0x1768 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:16:11.0216 0x1768 mssmbios - ok
20:16:11.0235 0x1768 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:16:11.0265 0x1768 MSTEE - ok
20:16:11.0283 0x1768 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:16:11.0302 0x1768 MTConfig - ok
20:16:11.0319 0x1768 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:16:11.0327 0x1768 MTsensor - ok
20:16:11.0333 0x1768 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:16:11.0346 0x1768 Mup - ok
20:16:11.0372 0x1768 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:16:11.0417 0x1768 napagent - ok
20:16:11.0454 0x1768 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:16:11.0496 0x1768 NativeWifiP - ok
20:16:11.0553 0x1768 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:16:11.0588 0x1768 NDIS - ok
20:16:11.0598 0x1768 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:16:11.0635 0x1768 NdisCap - ok
20:16:11.0647 0x1768 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:16:11.0678 0x1768 NdisTapi - ok
20:16:11.0699 0x1768 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:16:11.0732 0x1768 Ndisuio - ok
20:16:11.0759 0x1768 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:16:11.0806 0x1768 NdisWan - ok
20:16:11.0822 0x1768 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:16:11.0856 0x1768 NDProxy - ok
20:16:11.0862 0x1768 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:16:11.0908 0x1768 NetBIOS - ok
20:16:11.0918 0x1768 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:16:11.0957 0x1768 NetBT - ok
20:16:11.0978 0x1768 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
20:16:11.0989 0x1768 Netlogon - ok
20:16:12.0009 0x1768 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:16:12.0054 0x1768 Netman - ok
20:16:12.0087 0x1768 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:16:12.0102 0x1768 NetMsmqActivator - ok
20:16:12.0111 0x1768 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:16:12.0124 0x1768 NetPipeActivator - ok
20:16:12.0160 0x1768 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:16:12.0217 0x1768 netprofm - ok
20:16:12.0229 0x1768 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:16:12.0244 0x1768 NetTcpActivator - ok
20:16:12.0253 0x1768 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:16:12.0269 0x1768 NetTcpPortSharing - ok
20:16:12.0297 0x1768 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:16:12.0307 0x1768 nfrd960 - ok
20:16:12.0335 0x1768 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:16:12.0381 0x1768 NlaSvc - ok
20:16:12.0390 0x1768 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:16:12.0424 0x1768 Npfs - ok
20:16:12.0443 0x1768 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:16:12.0492 0x1768 nsi - ok
20:16:12.0500 0x1768 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:16:12.0535 0x1768 nsiproxy - ok
20:16:12.0608 0x1768 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:16:12.0663 0x1768 Ntfs - ok
20:16:12.0682 0x1768 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:16:12.0727 0x1768 Null - ok
20:16:12.0753 0x1768 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:16:12.0767 0x1768 nvraid - ok
20:16:12.0787 0x1768 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:16:12.0800 0x1768 nvstor - ok
20:16:12.0829 0x1768 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:16:12.0843 0x1768 nv_agp - ok
20:16:12.0878 0x1768 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:16:12.0890 0x1768 ohci1394 - ok
20:16:12.0921 0x1768 [ FA5D730CE3F3A3BD21C1040E212230D4, 74C4C5DD79D60D7A5821F514614861FC7EE0C7160F7F8A96683087DEDE67C2C6 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
20:16:12.0937 0x1768 OM0530 - ok
20:16:13.0043 0x1768 [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:16:13.0121 0x1768 Origin Client Service - ok
20:16:13.0163 0x1768 [ 2B7D360154E5324F9BA181AF0DBFB2AA, DD53FEDAEC6CB8243142561A946B7A372C320A2C69F8896D33DB504B78707D35 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
20:16:13.0175 0x1768 OverwolfUpdaterService - ok
20:16:13.0241 0x1768 [ E357862CA46F2C3E98E5E8007A317363, 0A3ADF2F6A8800EA1A76BBA58D5CB1B22A70DF895EF5D4C7169456B0C44061ED ] OxygenAudioDevMon C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
20:16:13.0289 0x1768 OxygenAudioDevMon - ok
20:16:13.0317 0x1768 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:16:13.0356 0x1768 p2pimsvc - ok
20:16:13.0383 0x1768 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:16:13.0406 0x1768 p2psvc - ok
20:16:13.0426 0x1768 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:16:13.0455 0x1768 Parport - ok
20:16:13.0477 0x1768 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:16:13.0487 0x1768 partmgr - ok
20:16:13.0511 0x1768 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:16:13.0549 0x1768 PcaSvc - ok
20:16:13.0563 0x1768 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:16:13.0578 0x1768 pci - ok
20:16:13.0594 0x1768 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:16:13.0603 0x1768 pciide - ok
20:16:13.0632 0x1768 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:16:13.0647 0x1768 pcmcia - ok
20:16:13.0653 0x1768 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:16:13.0665 0x1768 pcw - ok
20:16:13.0704 0x1768 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:16:13.0769 0x1768 PEAUTH - ok
20:16:13.0817 0x1768 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:16:13.0842 0x1768 PerfHost - ok
20:16:13.0911 0x1768 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:16:13.0991 0x1768 pla - ok
20:16:14.0028 0x1768 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:16:14.0073 0x1768 PlugPlay - ok
20:16:14.0116 0x1768 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:16:14.0127 0x1768 PnkBstrA - ok
20:16:14.0142 0x1768 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:16:14.0169 0x1768 PNRPAutoReg - ok
20:16:14.0191 0x1768 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:16:14.0208 0x1768 PNRPsvc - ok
20:16:14.0237 0x1768 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:16:14.0283 0x1768 PolicyAgent - ok
20:16:14.0311 0x1768 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:16:14.0358 0x1768 Power - ok
20:16:14.0390 0x1768 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:16:14.0422 0x1768 PptpMiniport - ok
20:16:14.0442 0x1768 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
20:16:14.0472 0x1768 Processor - ok
20:16:14.0499 0x1768 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:16:14.0531 0x1768 ProfSvc - ok
20:16:14.0550 0x1768 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:16:14.0562 0x1768 ProtectedStorage - ok
20:16:14.0576 0x1768 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:16:14.0609 0x1768 Psched - ok
20:16:14.0630 0x1768 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:16:14.0641 0x1768 PxHlpa64 - ok
20:16:14.0695 0x1768 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:16:14.0762 0x1768 ql2300 - ok
20:16:14.0780 0x1768 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:16:14.0793 0x1768 ql40xx - ok
20:16:14.0807 0x1768 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:16:14.0829 0x1768 QWAVE - ok
20:16:14.0843 0x1768 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:16:14.0873 0x1768 QWAVEdrv - ok
20:16:14.0896 0x1768 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:16:14.0926 0x1768 RasAcd - ok
20:16:14.0943 0x1768 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:16:14.0976 0x1768 RasAgileVpn - ok
20:16:14.0990 0x1768 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:16:15.0026 0x1768 RasAuto - ok
20:16:15.0035 0x1768 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:16:15.0070 0x1768 Rasl2tp - ok
20:16:15.0105 0x1768 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:16:15.0157 0x1768 RasMan - ok
20:16:15.0166 0x1768 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:16:15.0213 0x1768 RasPppoe - ok
20:16:15.0220 0x1768 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:16:15.0255 0x1768 RasSstp - ok
20:16:15.0279 0x1768 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:16:15.0320 0x1768 rdbss - ok
20:16:15.0335 0x1768 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:16:15.0367 0x1768 rdpbus - ok
20:16:15.0389 0x1768 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:16:15.0419 0x1768 RDPCDD - ok
20:16:15.0430 0x1768 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:16:15.0474 0x1768 RDPENCDD - ok
20:16:15.0482 0x1768 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:16:15.0515 0x1768 RDPREFMP - ok
20:16:15.0551 0x1768 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:16:15.0588 0x1768 RdpVideoMiniport - ok
20:16:15.0607 0x1768 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:16:15.0639 0x1768 RDPWD - ok
20:16:15.0668 0x1768 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:16:15.0684 0x1768 rdyboost - ok
20:16:15.0705 0x1768 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:16:15.0749 0x1768 RemoteAccess - ok
20:16:15.0782 0x1768 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:16:15.0822 0x1768 RemoteRegistry - ok
20:16:15.0830 0x1768 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:16:15.0866 0x1768 RpcEptMapper - ok
20:16:15.0883 0x1768 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:16:15.0897 0x1768 RpcLocator - ok
20:16:15.0930 0x1768 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:16:15.0975 0x1768 RpcSs - ok
20:16:15.0987 0x1768 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:16:16.0035 0x1768 rspndr - ok
20:16:16.0078 0x1768 [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:16:16.0106 0x1768 RTL8167 - ok
20:16:16.0123 0x1768 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
20:16:16.0135 0x1768 SamSs - ok
20:16:16.0150 0x1768 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:16:16.0164 0x1768 sbp2port - ok
20:16:16.0177 0x1768 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:16:16.0228 0x1768 SCardSvr - ok
20:16:16.0249 0x1768 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:16:16.0282 0x1768 scfilter - ok
20:16:16.0324 0x1768 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:16:16.0395 0x1768 Schedule - ok
20:16:16.0437 0x1768 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:16:16.0470 0x1768 SCPolicySvc - ok
20:16:16.0495 0x1768 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
20:16:16.0507 0x1768 ScreamBAudioSvc - ok
20:16:16.0531 0x1768 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:16:16.0568 0x1768 SDRSVC - ok
20:16:16.0720 0x1768 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:16:16.0773 0x1768 SDScannerService - ok
20:16:16.0876 0x1768 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:16:16.0935 0x1768 SDUpdateService - ok
20:16:16.0962 0x1768 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:16:16.0983 0x1768 SDWSCService - ok
20:16:17.0001 0x1768 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:16:17.0035 0x1768 secdrv - ok
20:16:17.0044 0x1768 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:16:17.0093 0x1768 seclogon - ok
20:16:17.0114 0x1768 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:16:17.0151 0x1768 SENS - ok
20:16:17.0165 0x1768 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:16:17.0184 0x1768 SensrSvc - ok
20:16:17.0196 0x1768 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:16:17.0207 0x1768 Serenum - ok
20:16:17.0222 0x1768 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:16:17.0236 0x1768 Serial - ok
20:16:17.0253 0x1768 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:16:17.0265 0x1768 sermouse - ok
20:16:17.0294 0x1768 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:16:17.0340 0x1768 SessionEnv - ok
20:16:17.0361 0x1768 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:16:17.0389 0x1768 sffdisk - ok
20:16:17.0407 0x1768 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:16:17.0420 0x1768 sffp_mmc - ok
20:16:17.0434 0x1768 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:16:17.0451 0x1768 sffp_sd - ok
20:16:17.0468 0x1768 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:16:17.0481 0x1768 sfloppy - ok
20:16:17.0542 0x1768 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:16:17.0600 0x1768 SharedAccess - ok
20:16:17.0638 0x1768 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:16:17.0692 0x1768 ShellHWDetection - ok
20:16:17.0714 0x1768 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:16:17.0724 0x1768 SiSRaid2 - ok
20:16:17.0739 0x1768 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:16:17.0751 0x1768 SiSRaid4 - ok
20:16:17.0773 0x1768 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:16:17.0823 0x1768 Smb - ok
20:16:17.0846 0x1768 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:16:17.0859 0x1768 SNMPTRAP - ok
20:16:17.0869 0x1768 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:16:17.0879 0x1768 spldr - ok
20:16:17.0921 0x1768 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:16:17.0960 0x1768 Spooler - ok
20:16:18.0077 0x1768 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:16:18.0202 0x1768 sppsvc - ok
20:16:18.0231 0x1768 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:16:18.0266 0x1768 sppuinotify - ok
20:16:18.0315 0x1768 [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\System32\Drivers\sptd.sys
20:16:18.0355 0x1768 sptd - ok
20:16:18.0392 0x1768 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:16:18.0443 0x1768 srv - ok
20:16:18.0464 0x1768 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:16:18.0488 0x1768 srv2 - ok
20:16:18.0508 0x1768 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:16:18.0523 0x1768 srvnet - ok
20:16:18.0536 0x1768 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:16:18.0591 0x1768 SSDPSRV - ok
20:16:18.0609 0x1768 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:16:18.0648 0x1768 SstpSvc - ok
20:16:18.0694 0x1768 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:16:18.0708 0x1768 ssudmdm - ok
20:16:18.0745 0x1768 [ F7093A27C4AF6D9EEA0ACAC1C4FF6828, 40E1A8FB08D3063711E87C15B24009B397CAD279905AA72FADBB4A8B611474CD ] ssudserd C:\Windows\system32\DRIVERS\ssudserd.sys
20:16:18.0759 0x1768 ssudserd - ok
20:16:18.0838 0x1768 [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:16:18.0864 0x1768 Steam Client Service - ok
20:16:18.0897 0x1768 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:16:18.0910 0x1768 stexstor - ok
20:16:18.0941 0x1768 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:16:18.0991 0x1768 stisvc - ok
20:16:19.0009 0x1768 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:16:19.0020 0x1768 swenum - ok
20:16:19.0087 0x1768 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:16:19.0123 0x1768 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:16:21.0537 0x1768 Detect skipped due to KSN trusted
20:16:21.0537 0x1768 SwitchBoard - ok
20:16:21.0582 0x1768 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:16:21.0635 0x1768 swprv - ok
20:16:21.0694 0x1768 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:16:21.0781 0x1768 SysMain - ok
20:16:21.0791 0x1768 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:16:21.0821 0x1768 TabletInputService - ok
20:16:21.0852 0x1768 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:16:21.0910 0x1768 TapiSrv - ok
20:16:21.0936 0x1768 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:16:21.0986 0x1768 TBS - ok
20:16:22.0072 0x1768 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:16:22.0156 0x1768 Tcpip - ok
20:16:22.0223 0x1768 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:16:22.0290 0x1768 TCPIP6 - ok
20:16:22.0318 0x1768 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:16:22.0329 0x1768 tcpipreg - ok
20:16:22.0359 0x1768 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:16:22.0393 0x1768 TDPIPE - ok
20:16:22.0425 0x1768 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:16:22.0437 0x1768 TDTCP - ok
20:16:22.0467 0x1768 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:16:22.0490 0x1768 tdx - ok
20:16:22.0509 0x1768 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:16:22.0518 0x1768 TermDD - ok
20:16:22.0555 0x1768 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:16:22.0592 0x1768 TermService - ok
20:16:22.0610 0x1768 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:16:22.0629 0x1768 Themes - ok
20:16:22.0650 0x1768 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:16:22.0686 0x1768 THREADORDER - ok
20:16:22.0701 0x1768 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:16:22.0737 0x1768 TrkWks - ok
20:16:22.0785 0x1768 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:16:22.0822 0x1768 TrustedInstaller - ok
20:16:22.0858 0x1768 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:16:22.0871 0x1768 tssecsrv - ok
20:16:22.0893 0x1768 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:16:22.0929 0x1768 TsUsbFlt - ok
20:16:22.0950 0x1768 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:16:22.0976 0x1768 TsUsbGD - ok
20:16:23.0083 0x1768 [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
20:16:23.0148 0x1768 TuneUp.UtilitiesSvc - ok
20:16:23.0177 0x1768 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
20:16:23.0188 0x1768 TuneUpUtilitiesDrv - ok
20:16:23.0212 0x1768 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:16:23.0248 0x1768 tunnel - ok
20:16:23.0267 0x1768 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:16:23.0277 0x1768 uagp35 - ok
20:16:23.0317 0x1768 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:16:23.0361 0x1768 udfs - ok
20:16:23.0378 0x1768 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:16:23.0402 0x1768 UI0Detect - ok
20:16:23.0428 0x1768 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:16:23.0440 0x1768 uliagpkx - ok
20:16:23.0467 0x1768 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:16:23.0490 0x1768 umbus - ok
20:16:23.0501 0x1768 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
20:16:23.0527 0x1768 UmPass - ok
20:16:23.0555 0x1768 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:16:23.0599 0x1768 upnphost - ok
20:16:23.0624 0x1768 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:16:23.0645 0x1768 usbaudio - ok
20:16:23.0666 0x1768 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:16:23.0700 0x1768 usbccgp - ok
20:16:23.0728 0x1768 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:16:23.0749 0x1768 usbcir - ok
20:16:23.0771 0x1768 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:16:23.0783 0x1768 usbehci - ok
20:16:23.0799 0x1768 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:16:23.0838 0x1768 usbhub - ok
20:16:23.0858 0x1768 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:16:23.0877 0x1768 usbohci - ok
20:16:23.0901 0x1768 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:16:23.0937 0x1768 usbprint - ok
20:16:23.0964 0x1768 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:16:24.0001 0x1768 USBSTOR - ok
20:16:24.0027 0x1768 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:16:24.0046 0x1768 usbuhci - ok
20:16:24.0089 0x1768 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:16:24.0104 0x1768 usbvideo - ok
20:16:24.0128 0x1768 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:16:24.0165 0x1768 UxSms - ok
20:16:24.0196 0x1768 [ 97BCD40E27C46B398524DF9B4DC88A6F, D1466C414B6044B65D63138B3C42B54B3B6E54AD40613E171F980D0E0D9627B5 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
20:16:24.0207 0x1768 UxTuneUp - ok
20:16:24.0222 0x1768 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
20:16:24.0236 0x1768 VaultSvc - ok
20:16:24.0245 0x1768 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:16:24.0258 0x1768 vdrvroot - ok
20:16:24.0282 0x1768 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:16:24.0347 0x1768 vds - ok
20:16:24.0373 0x1768 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:16:24.0387 0x1768 vga - ok
20:16:24.0411 0x1768 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:16:24.0454 0x1768 VgaSave - ok
20:16:24.0474 0x1768 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:16:24.0490 0x1768 vhdmp - ok
20:16:24.0582 0x1768 [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
20:16:24.0673 0x1768 VIAHdAudAddService - ok
20:16:24.0708 0x1768 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:16:24.0718 0x1768 viaide - ok
20:16:24.0732 0x1768 [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
20:16:24.0741 0x1768 VIAKaraokeService - ok
20:16:24.0750 0x1768 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:16:24.0761 0x1768 volmgr - ok
20:16:24.0775 0x1768 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:16:24.0795 0x1768 volmgrx - ok
20:16:24.0806 0x1768 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:16:24.0824 0x1768 volsnap - ok
20:16:24.0838 0x1768 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:16:24.0853 0x1768 vsmraid - ok
20:16:24.0907 0x1768 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:16:25.0015 0x1768 VSS - ok
20:16:25.0040 0x1768 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:16:25.0067 0x1768 vwifibus - ok
20:16:25.0096 0x1768 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:16:25.0145 0x1768 W32Time - ok
20:16:25.0170 0x1768 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:16:25.0206 0x1768 WacomPen - ok
20:16:25.0222 0x1768 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:16:25.0256 0x1768 WANARP - ok
20:16:25.0264 0x1768 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:16:25.0298 0x1768 Wanarpv6 - ok
20:16:25.0352 0x1768 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:16:25.0430 0x1768 wbengine - ok
20:16:25.0455 0x1768 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:16:25.0479 0x1768 WbioSrvc - ok
20:16:25.0505 0x1768 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:16:25.0533 0x1768 wcncsvc - ok
20:16:25.0550 0x1768 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:16:25.0574 0x1768 WcsPlugInService - ok
20:16:25.0588 0x1768 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
20:16:25.0599 0x1768 Wd - ok
20:16:25.0620 0x1768 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:16:25.0645 0x1768 WDC_SAM - ok
20:16:25.0696 0x1768 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:16:25.0731 0x1768 Wdf01000 - ok
20:16:25.0743 0x1768 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:16:25.0823 0x1768 WdiServiceHost - ok
20:16:25.0833 0x1768 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:16:25.0851 0x1768 WdiSystemHost - ok
20:16:25.0878 0x1768 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:16:25.0911 0x1768 WebClient - ok
20:16:25.0943 0x1768 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:16:25.0998 0x1768 Wecsvc - ok
20:16:26.0008 0x1768 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:16:26.0043 0x1768 wercplsupport - ok
20:16:26.0064 0x1768 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:16:26.0100 0x1768 WerSvc - ok
20:16:26.0111 0x1768 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:16:26.0142 0x1768 WfpLwf - ok
20:16:26.0165 0x1768 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:16:26.0175 0x1768 WIMMount - ok
20:16:26.0210 0x1768 WinDefend - ok
20:16:26.0220 0x1768 WinHttpAutoProxySvc - ok
20:16:26.0273 0x1768 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:16:26.0312 0x1768 Winmgmt - ok
20:16:26.0396 0x1768 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:16:26.0502 0x1768 WinRM - ok
20:16:26.0540 0x1768 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:16:26.0556 0x1768 WinUsb - ok
20:16:26.0593 0x1768 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:16:26.0636 0x1768 Wlansvc - ok
20:16:26.0782 0x1768 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:16:26.0846 0x1768 wlidsvc - ok
20:16:26.0862 0x1768 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:16:26.0877 0x1768 WmiAcpi - ok
20:16:26.0897 0x1768 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:16:26.0915 0x1768 wmiApSrv - ok
20:16:26.0923 0x1768 WMPNetworkSvc - ok
20:16:26.0939 0x1768 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:16:26.0958 0x1768 WPCSvc - ok
20:16:26.0976 0x1768 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:16:26.0995 0x1768 WPDBusEnum - ok
20:16:27.0007 0x1768 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:16:27.0041 0x1768 ws2ifsl - ok
20:16:27.0059 0x1768 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:16:27.0079 0x1768 wscsvc - ok
20:16:27.0085 0x1768 WSearch - ok
20:16:27.0191 0x1768 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
20:16:27.0272 0x1768 wuauserv - ok
20:16:27.0300 0x1768 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:16:27.0324 0x1768 WudfPf - ok
20:16:27.0349 0x1768 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:16:27.0370 0x1768 WUDFRd - ok
20:16:27.0386 0x1768 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:16:27.0403 0x1768 wudfsvc - ok
20:16:27.0433 0x1768 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:16:27.0468 0x1768 WwanSvc - ok
20:16:27.0474 0x1768 ================ Scan global ===============================
20:16:27.0517 0x1768 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:16:27.0553 0x1768 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:16:27.0569 0x1768 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:16:27.0595 0x1768 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:16:27.0614 0x1768 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:16:27.0625 0x1768 [ Global ] - ok
20:16:27.0626 0x1768 ================ Scan MBR ==================================
20:16:27.0639 0x1768 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:16:27.0871 0x1768 \Device\Harddisk0\DR0 - ok
20:16:27.0890 0x1768 [ 205060F860AA1EC25B607A1B5B40A40C ] \Device\Harddisk1\DR1
20:16:27.0974 0x1768 \Device\Harddisk1\DR1 - ok
20:16:27.0978 0x1768 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
20:16:28.0516 0x1768 \Device\Harddisk2\DR2 - ok
20:16:28.0520 0x1768 [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk3\DR3
20:16:28.0946 0x1768 \Device\Harddisk3\DR3 - ok
20:16:28.0946 0x1768 ================ Scan VBR ==================================
20:16:28.0969 0x1768 [ C07BC3BE82CA91B4832947491A4E6E31 ] \Device\Harddisk0\DR0\Partition1
20:16:28.0971 0x1768 \Device\Harddisk0\DR0\Partition1 - ok
20:16:28.0978 0x1768 [ EDB793810F8BAECAE2F9D3C0C5311652 ] \Device\Harddisk0\DR0\Partition2
20:16:29.0013 0x1768 \Device\Harddisk0\DR0\Partition2 - ok
20:16:29.0017 0x1768 [ ED28D0D8202823080428C72EEA85B213 ] \Device\Harddisk0\DR0\Partition3
20:16:29.0018 0x1768 \Device\Harddisk0\DR0\Partition3 - ok
20:16:29.0038 0x1768 [ 7604813F6EDB7C5C5A77592F1C163FE0 ] \Device\Harddisk1\DR1\Partition1
20:16:29.0039 0x1768 \Device\Harddisk1\DR1\Partition1 - ok
20:16:29.0051 0x1768 [ 887DD3C8B480381118BB555328DFF85E ] \Device\Harddisk1\DR1\Partition2
20:16:29.0052 0x1768 \Device\Harddisk1\DR1\Partition2 - ok
20:16:29.0068 0x1768 [ 81023E46A17A1940216BCDC3921122DC ] \Device\Harddisk1\DR1\Partition3
20:16:29.0070 0x1768 \Device\Harddisk1\DR1\Partition3 - ok
20:16:29.0073 0x1768 [ 60B4F8F9D84337FFBADD364A2E6A3988 ] \Device\Harddisk1\DR1\Partition4
20:16:29.0076 0x1768 \Device\Harddisk1\DR1\Partition4 - ok
20:16:29.0079 0x1768 [ 97793C6EBE782489632BE676E2C9BE30 ] \Device\Harddisk2\DR2\Partition1
20:16:29.0136 0x1768 \Device\Harddisk2\DR2\Partition1 - ok
20:16:29.0140 0x1768 [ EFB00E60BB2055492290E549E5A4574A ] \Device\Harddisk3\DR3\Partition1
20:16:29.0159 0x1768 \Device\Harddisk3\DR3\Partition1 - ok
20:16:29.0160 0x1768 ================ Scan generic autorun ======================
20:16:29.0221 0x1768 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:16:29.0242 0x1768 AdobeAAMUpdater-1.0 - ok
20:16:29.0467 0x1768 [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
20:16:29.0629 0x1768 HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
20:16:30.0040 0x0bbc Object send P2P result: true
20:16:32.0048 0x1768 Detect skipped due to KSN trusted
20:16:32.0048 0x1768 HDAudDeck - ok
20:16:32.0111 0x1768 [ 94D247679E0862C7FA8C5AD712E03948, B6579E5675DDEE338D5248B6A1769CFCEC72DF127A5A367980F388FE782C4748 ] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
20:16:32.0145 0x1768 Cpu Level Up help - ok
20:16:32.0217 0x1768 [ 80F72159E0EB98A9B32FF61132C2E60D, 7F9AD5AE0C23EC5AB7DD63020897646A57CD275D325D399C35001C3DAC0B147F ] C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
20:16:32.0281 0x1768 Turbo Key - detected UnsignedFile.Multi.Generic ( 1 )
20:16:34.0333 0x1424 Object required for P2P: [ 320681DF28D82CDCA7E3EED0846625DB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:16:34.0699 0x1768 Detect skipped due to KSN trusted
20:16:34.0699 0x1768 Turbo Key - ok
20:16:34.0738 0x1768 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:16:34.0758 0x1768 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:16:34.0758 0x1768 Detect skipped due to KSN trusted
20:16:34.0758 0x1768 SwitchBoard - ok
20:16:34.0809 0x1768 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
20:16:34.0860 0x1768 AdobeCS6ServiceManager - ok
20:16:34.0890 0x1768 [ C5239F47944FA3036A256DE9BDB94EB6, 3464B8B5036FA954553850A590D765D30E805818049FBF2E6C444B5FB0147BD4 ] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
20:16:34.0912 0x1768 Zboard - detected UnsignedFile.Multi.Generic ( 1 )
20:16:37.0328 0x1768 Detect skipped due to KSN trusted
20:16:37.0328 0x1768 Zboard - ok
20:16:37.0406 0x1768 [ DB3682851D0218AEC5911CD0D1D7AABE, E3186E075F788131C7E6746D035DED5E3056E20784D635D5CAEC00EF3D27CC72 ] C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
20:16:37.0469 0x1768 BF2Hub Client - detected UnsignedFile.Multi.Generic ( 1 )
20:16:39.0955 0x1768 BF2Hub Client ( UnsignedFile.Multi.Generic ) - warning
20:16:39.0955 0x1768 Force sending object to P2P due to detect: C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
20:16:53.0873 0x1424 Object send P2P result: true
20:16:56.0712 0x1768 Object send P2P result: true
20:17:10.0166 0x1768 [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
20:17:10.0182 0x1768 KiesTrayAgent - ok
20:17:10.0216 0x1768 [ ACFE2A5FBB735E6463B51D19A84B5C1E, ECCA84BD6E56C2370BBCF1EFE88F92649DF040C53D73711C5BBEF19962214119 ] C:\Program Files (x86)\Raptr\raptrstub.exe
20:17:10.0228 0x1768 Raptr - ok
20:17:10.0311 0x1768 [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:17:10.0344 0x1768 StartCCC - ok
20:17:10.0500 0x1768 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
20:17:10.0656 0x1768 SDTray - ok
20:17:10.0748 0x1768 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:17:10.0835 0x1768 Sidebar - ok
20:17:10.0859 0x1768 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:17:10.0878 0x1768 mctadmin - ok
20:17:10.0932 0x1768 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:17:10.0973 0x1768 Sidebar - ok
20:17:10.0981 0x1768 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:17:10.0999 0x1768 mctadmin - ok
20:17:11.0053 0x1768 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
20:17:11.0078 0x1768 NextLive - ok
20:17:11.0191 0x1768 [ 3255867AE34EDD5346C750677EE63354, 3FC8E1EFF33EE83717C285D0CD388886135C5BF977B69CF6ADCFD4196139D483 ] C:\Program Files (x86)\Steam\Steam.exe
20:17:11.0265 0x1768 Steam - ok
20:17:11.0398 0x1768 [ 1BFCA8EBFBDC43B5C7C3BCF92A47DD77, EA4A4B5E4BFB31451A472A3E5F23CA163EB53B7D08C892454D6905B034ABBBF6 ] C:\Program Files (x86)\Origin\Origin.exe
20:17:11.0542 0x1768 EADM - ok
20:17:11.0620 0x1768 [ 2F85D5E63A1ECE08085D32C1B615BBFD, 7263F4E0CC7D375CBAA44406F90F427E6EC9382184B3CD62A90C0DD6B7D88372 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
20:17:11.0664 0x1768 KiesPreload - ok
20:17:11.0701 0x1768 [ 06ACC931AD00231ECAD476F56AE73368, BFB82E25F4D6021E43BF8627A7BF0DFA7027AB38B4F3B6AD1DEB8461D4F87AD5 ] C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe
20:17:11.0701 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe. md5: 06ACC931AD00231ECAD476F56AE73368, sha256: BFB82E25F4D6021E43BF8627A7BF0DFA7027AB38B4F3B6AD1DEB8461D4F87AD5
20:17:11.0701 0x1768 pace-egg - detected LockedFile.Multi.Generic ( 1 )
20:17:14.0110 0x1768 Detect turned to UDS exact due to KSN untrusted
20:17:14.0110 0x1768 pace-egg ( UDS:DangerousObject.Multi.Generic ) - infected
20:17:14.0110 0x1768 Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe
20:17:32.0320 0x1768 Object send P2P result: true
20:17:34.0723 0x1768 [ C9F15C15E1B5B06062CD9BAA1133D77C, 49F466489532FF55F2BF7AA8E28A6277BE04211B0BED2BF7F3DB15D9485BAB6F ] C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe
20:17:34.0723 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe. md5: C9F15C15E1B5B06062CD9BAA1133D77C, sha256: 49F466489532FF55F2BF7AA8E28A6277BE04211B0BED2BF7F3DB15D9485BAB6F
20:17:34.0745 0x1768 string-weekend - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
20:17:37.0161 0x1768 string-weekend ( Trojan-Spy.Win32.ZBot.gen ) - infected
20:17:37.0161 0x1768 Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe
20:17:57.0162 0x1768 Object send P2P result: false
20:17:59.0525 0x1768 [ F4FAEFA73454CD942314ECF40953D93B, 3645ACF85998631E4E75FF7D9DAF7A813684DB77DFD7996A6A1768231B7250E9 ] C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
20:17:59.0526 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe. md5: F4FAEFA73454CD942314ECF40953D93B, sha256: 3645ACF85998631E4E75FF7D9DAF7A813684DB77DFD7996A6A1768231B7250E9
20:17:59.0526 0x1768 hat-date - detected LockedFile.Multi.Generic ( 1 )
20:18:01.0944 0x1768 Object required for P2P: [ F4FAEFA73454CD942314ECF40953D93B ] C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
20:18:21.0945 0x1768 Object send P2P result: false
20:18:21.0945 0x1768 Detect turned to UDS exact due to KSN untrusted
20:18:21.0945 0x1768 hat-date ( UDS:DangerousObject.Multi.Generic ) - infected
20:18:21.0945 0x1768 Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
20:18:41.0946 0x1768 Object send P2P result: false
20:18:44.0314 0x1768 [ 6E1E462001758C45B740158E831B19C1, 3936F8F783E3E3CA933831E17D6C0066830B55D7F26E1D78799982FF53022158 ] C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe
20:18:44.0314 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe. md5: 6E1E462001758C45B740158E831B19C1, sha256: 3936F8F783E3E3CA933831E17D6C0066830B55D7F26E1D78799982FF53022158
20:18:44.0315 0x1768 contest-compare - detected LockedFile.Multi.Generic ( 1 )
20:18:46.0735 0x1768 Detect turned to UDS exact due to KSN untrusted
20:18:46.0735 0x1768 contest-compare ( UDS:DangerousObject.Multi.Generic ) - infected
20:18:46.0735 0x1768 Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe
20:19:02.0669 0x1768 Object send P2P result: true
20:19:05.0057 0x1768 [ 682A590D24524DC5EC2C96F59407A9D3, CB36F86D80FF0EA329183FD6393ECBFAB4081B6146821B8A1B5D29F46451E9B6 ] C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe
20:19:05.0058 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe. md5: 682A590D24524DC5EC2C96F59407A9D3, sha256: CB36F86D80FF0EA329183FD6393ECBFAB4081B6146821B8A1B5D29F46451E9B6
20:19:05.0062 0x1768 proof-reflect - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
20:19:07.0479 0x1768 proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - infected
20:19:07.0479 0x1768 Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe
20:19:22.0632 0x1768 Object send P2P result: true
20:19:25.0025 0x1768 [ E0942E3DD4A6078D0A678A9093018CFC, 0C9BD42A55E5A6EA7F1F911944D64B6E9CE43E6675508C69663A99F5B39E1A48 ] C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe
20:19:25.0025 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe. md5: E0942E3DD4A6078D0A678A9093018CFC, sha256: 0C9BD42A55E5A6EA7F1F911944D64B6E9CE43E6675508C69663A99F5B39E1A48
20:19:25.0025 0x1768 openinglimited - detected LockedFile.Multi.Generic ( 1 )
20:19:27.0446 0x1768 openinglimited ( LockedFile.Multi.Generic ) - warning
20:19:29.0837 0x1768 [ 648847084828A4E2EB16342306F04A03, 99028B19114A3081BA0E34F1ED3CB8A5F9FC87DA3186EFA445F2C2783A248063 ] C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe
20:19:29.0838 0x1768 Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe. md5: 648847084828A4E2EB16342306F04A03, sha256: 99028B19114A3081BA0E34F1ED3CB8A5F9FC87DA3186EFA445F2C2783A248063
20:19:29.0838 0x1768 matter-visit - detected LockedFile.Multi.Generic ( 1 )
20:19:32.0270 0x1768 Detect turned to UDS exact due to KSN untrusted
20:19:32.0270 0x1768 matter-visit ( UDS:DangerousObject.Multi.Generic ) - infected
20:19:32.0270 0x1768 Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe
20:19:52.0273 0x1768 Object send P2P result: false
20:20:06.0658 0x1768 Win FW state via NFP2: enabled
20:20:08.0997 0x1768 ============================================================
20:20:08.0997 0x1768 Scan finished
20:20:08.0997 0x1768 ============================================================
20:20:09.0009 0x0d80 Detected object count: 8
20:20:09.0009 0x0d80 Actual detected object count: 8
20:20:57.0623 0x0d80 BF2Hub Client ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:57.0624 0x0d80 BF2Hub Client ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:57.0625 0x0d80 pace-egg ( UDS:DangerousObject.Multi.Generic ) - skipped by user
20:20:57.0625 0x0d80 pace-egg ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
20:20:57.0626 0x0d80 string-weekend ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
20:20:57.0627 0x0d80 string-weekend ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
20:20:57.0628 0x0d80 hat-date ( UDS:DangerousObject.Multi.Generic ) - skipped by user
20:20:57.0628 0x0d80 hat-date ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
20:20:57.0629 0x0d80 contest-compare ( UDS:DangerousObject.Multi.Generic ) - skipped by user
20:20:57.0629 0x0d80 contest-compare ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
20:20:57.0630 0x0d80 proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
20:20:57.0630 0x0d80 proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
20:20:57.0631 0x0d80 openinglimited ( LockedFile.Multi.Generic ) - skipped by user
20:20:57.0631 0x0d80 openinglimited ( LockedFile.Multi.Generic ) - User select action: Skip
20:20:57.0632 0x0d80 matter-visit ( UDS:DangerousObject.Multi.Generic ) - skipped by user
20:20:57.0633 0x0d80 matter-visit ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
|
|
23.02.2015, 12:22
| #6 | |
| /// the machine /// TB-Ausbilder | Angeblich nymaim Trojaner eingefangenZitat:
Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread. Dann nochmal einen Scan mit TDSSKiller machen.
__________________ --> Angeblich nymaim Trojaner eingefangen |
|
23.02.2015, 20:04
| #7 |
| | Angeblich nymaim Trojaner eingefangen Ok, hab es ausgeführt. Hier nach dem Scan und Continue der Log: Code:
ATTFilter 19:57:06.0358 0x16ac TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:57:19.0379 0x16ac ============================================================
19:57:19.0380 0x16ac Current date / time: 2015/02/23 19:57:19.0379
19:57:19.0380 0x16ac SystemInfo:
19:57:19.0380 0x16ac
19:57:19.0380 0x16ac OS Version: 6.1.7601 ServicePack: 1.0
19:57:19.0380 0x16ac Product type: Workstation
19:57:19.0380 0x16ac ComputerName: DRAGON64
19:57:19.0380 0x16ac UserName: Wallace
19:57:19.0380 0x16ac Windows directory: C:\Windows
19:57:19.0380 0x16ac System windows directory: C:\Windows
19:57:19.0380 0x16ac Running under WOW64
19:57:19.0380 0x16ac Processor architecture: Intel x64
19:57:19.0380 0x16ac Number of processors: 4
19:57:19.0380 0x16ac Page size: 0x1000
19:57:19.0380 0x16ac Boot type: Normal boot
19:57:19.0380 0x16ac ============================================================
19:57:19.0525 0x16ac System UUID: {16D1EC3B-9554-5EDC-4910-9ECB978DB774}
19:57:19.0762 0x16ac Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:57:19.0767 0x16ac Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:57:19.0770 0x16ac Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:57:19.0771 0x16ac Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:57:19.0791 0x16ac ============================================================
19:57:19.0791 0x16ac \Device\Harddisk0\DR0:
19:57:19.0791 0x16ac MBR partitions:
19:57:19.0791 0x16ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:57:19.0791 0x16ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55AE0800
19:57:19.0791 0x16ac \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55B13000, BlocksNum 0x1A32800
19:57:19.0791 0x16ac \Device\Harddisk1\DR1:
19:57:19.0800 0x16ac MBR partitions:
19:57:19.0807 0x16ac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x61D6AB1, BlocksNum 0xC35314E
19:57:19.0820 0x16ac \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12529C3E, BlocksNum 0x124FAAB4
19:57:19.0837 0x16ac \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x24A24731, BlocksNum 0x15960510
19:57:19.0837 0x16ac \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x61D2B72
19:57:19.0837 0x16ac \Device\Harddisk2\DR2:
19:57:19.0837 0x16ac MBR partitions:
19:57:19.0837 0x16ac \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
19:57:19.0837 0x16ac \Device\Harddisk3\DR3:
19:57:19.0837 0x16ac MBR partitions:
19:57:19.0837 0x16ac \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
19:57:19.0837 0x16ac ============================================================
19:57:19.0856 0x16ac C: <-> \Device\Harddisk0\DR0\Partition2
19:57:19.0895 0x16ac D: <-> \Device\Harddisk1\DR1\Partition4
19:57:19.0925 0x16ac E: <-> \Device\Harddisk1\DR1\Partition1
19:57:19.0960 0x16ac F: <-> \Device\Harddisk1\DR1\Partition2
19:57:19.0981 0x16ac G: <-> \Device\Harddisk1\DR1\Partition3
19:57:20.0015 0x16ac H: <-> \Device\Harddisk0\DR0\Partition3
19:57:20.0016 0x16ac O: <-> \Device\Harddisk2\DR2\Partition1
19:57:20.0016 0x16ac Q: <-> \Device\Harddisk3\DR3\Partition1
19:57:20.0016 0x16ac ============================================================
19:57:20.0016 0x16ac Initialize success
19:57:20.0016 0x16ac ============================================================
19:57:36.0246 0x0ddc ============================================================
19:57:36.0246 0x0ddc Scan started
19:57:36.0246 0x0ddc Mode: Manual; SigCheck; TDLFS;
19:57:36.0246 0x0ddc ============================================================
19:57:36.0246 0x0ddc KSN ping started
19:57:49.0602 0x0ddc KSN ping finished: true
19:57:50.0714 0x0ddc ================ Scan system memory ========================
19:57:50.0714 0x0ddc System memory - ok
19:57:50.0715 0x0ddc ================ Scan services =============================
19:57:50.0815 0x0ddc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:57:50.0867 0x0ddc 1394ohci - ok
19:57:50.0959 0x0ddc [ EB2290ED2AFEA6D9C9773B818F2C1EA3, 7CC151FD71E0F32C106A6699B54E9C18CC43859A98B5A891646DD7FAEF9FFC54 ] 46463773 C:\Windows\system32\drivers\08076999.sys
19:57:50.0998 0x0ddc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:57:51.0019 0x0ddc ACPI - ok
19:57:51.0035 0x0ddc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:57:51.0046 0x0ddc AcpiPmi - ok
19:57:51.0075 0x0ddc [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:57:51.0084 0x0ddc AdobeARMservice - ok
19:57:51.0161 0x0ddc [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:51.0173 0x0ddc AdobeFlashPlayerUpdateSvc - ok
19:57:51.0210 0x0ddc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:57:51.0228 0x0ddc adp94xx - ok
19:57:51.0256 0x0ddc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:57:51.0271 0x0ddc adpahci - ok
19:57:51.0283 0x0ddc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:57:51.0294 0x0ddc adpu320 - ok
19:57:51.0323 0x0ddc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:57:51.0363 0x0ddc AeLookupSvc - ok
19:57:51.0404 0x0ddc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:57:51.0423 0x0ddc AFD - ok
19:57:51.0445 0x0ddc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:57:51.0454 0x0ddc agp440 - ok
19:57:51.0516 0x0ddc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:57:51.0565 0x0ddc ALG - ok
19:57:51.0621 0x0ddc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:57:51.0634 0x0ddc aliide - ok
19:57:51.0662 0x0ddc [ B3E801135E0C81733542C14D9AA8120A, 69A19C73BBB942DDEBD079EF924ED1AEFC3516867569618D2FBBD1CD831204C2 ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
19:57:51.0671 0x0ddc Alpham1 - ok
19:57:51.0685 0x0ddc [ 6493983FEDBC49D9112703ECE9B251FE, E5D0EEBA8C8D9C02CC4109C86ABC6375E5CF79F6549917C011238FD2DD78BF71 ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
19:57:51.0700 0x0ddc Alpham2 - ok
19:57:51.0756 0x0ddc [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:57:51.0777 0x0ddc AMD External Events Utility - ok
19:57:51.0845 0x0ddc AMD FUEL Service - ok
19:57:51.0859 0x0ddc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:57:51.0867 0x0ddc amdide - ok
19:57:51.0886 0x0ddc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:57:51.0914 0x0ddc AmdK8 - ok
19:57:52.0504 0x0ddc [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:52.0873 0x0ddc amdkmdag - ok
19:57:52.0950 0x0ddc [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:57:52.0987 0x0ddc amdkmdap - ok
19:57:52.0992 0x0ddc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:57:53.0004 0x0ddc AmdPPM - ok
19:57:53.0030 0x0ddc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:57:53.0040 0x0ddc amdsata - ok
19:57:53.0055 0x0ddc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:57:53.0066 0x0ddc amdsbs - ok
19:57:53.0080 0x0ddc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:57:53.0088 0x0ddc amdxata - ok
19:57:53.0091 0x0ddc AODDriver4.2.0 - ok
19:57:53.0121 0x0ddc [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:57:53.0135 0x0ddc AODDriver4.3 - ok
19:57:53.0165 0x0ddc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:57:53.0192 0x0ddc AppID - ok
19:57:53.0212 0x0ddc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:57:53.0252 0x0ddc AppIDSvc - ok
19:57:53.0275 0x0ddc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:57:53.0294 0x0ddc Appinfo - ok
19:57:53.0310 0x0ddc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:57:53.0319 0x0ddc arc - ok
19:57:53.0324 0x0ddc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:57:53.0336 0x0ddc arcsas - ok
19:57:53.0375 0x0ddc [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:57:53.0394 0x0ddc AsIO - ok
19:57:53.0420 0x0ddc [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:57:53.0445 0x0ddc asmthub3 - ok
19:57:53.0475 0x0ddc [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:57:53.0500 0x0ddc asmtxhci - ok
19:57:53.0548 0x0ddc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:57:53.0575 0x0ddc aspnet_state - ok
19:57:53.0627 0x0ddc [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
19:57:53.0646 0x0ddc AsSysCtrlService - ok
19:57:53.0653 0x0ddc [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
19:57:53.0666 0x0ddc AsUpIO - ok
19:57:53.0679 0x0ddc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:57:53.0711 0x0ddc AsyncMac - ok
19:57:53.0730 0x0ddc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:57:53.0737 0x0ddc atapi - ok
19:57:53.0763 0x0ddc [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:57:53.0768 0x0ddc AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
19:57:56.0183 0x0ddc Detect skipped due to KSN trusted
19:57:56.0183 0x0ddc AtiHDAudioService - ok
19:57:56.0671 0x0ddc [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:57.0043 0x0ddc atikmdag - ok
19:57:57.0104 0x0ddc [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:57:57.0111 0x0ddc AtiPcie - ok
19:57:57.0138 0x0ddc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:57:57.0169 0x0ddc AudioEndpointBuilder - ok
19:57:57.0187 0x0ddc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:57:57.0209 0x0ddc AudioSrv - ok
19:57:57.0257 0x0ddc [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
19:57:57.0264 0x0ddc avmeject - ok
19:57:57.0288 0x0ddc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:57:57.0313 0x0ddc AxInstSV - ok
19:57:57.0358 0x0ddc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:57:57.0376 0x0ddc b06bdrv - ok
19:57:57.0392 0x0ddc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:57:57.0416 0x0ddc b57nd60a - ok
19:57:57.0422 0x0ddc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:57:57.0449 0x0ddc BDESVC - ok
19:57:57.0474 0x0ddc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:57:57.0500 0x0ddc Beep - ok
19:57:57.0528 0x0ddc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:57:57.0551 0x0ddc BFE - ok
19:57:57.0600 0x0ddc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:57:57.0644 0x0ddc BITS - ok
19:57:57.0654 0x0ddc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:57:57.0663 0x0ddc blbdrive - ok
19:57:57.0678 0x0ddc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:57:57.0688 0x0ddc bowser - ok
19:57:57.0699 0x0ddc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:57:57.0711 0x0ddc BrFiltLo - ok
19:57:57.0720 0x0ddc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:57:57.0743 0x0ddc BrFiltUp - ok
19:57:57.0765 0x0ddc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:57:57.0777 0x0ddc Browser - ok
19:57:57.0787 0x0ddc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:57:57.0802 0x0ddc Brserid - ok
19:57:57.0817 0x0ddc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:57:57.0829 0x0ddc BrSerWdm - ok
19:57:57.0844 0x0ddc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:57:57.0865 0x0ddc BrUsbMdm - ok
19:57:57.0901 0x0ddc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:57:57.0909 0x0ddc BrUsbSer - ok
19:57:57.0959 0x0ddc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:57:57.0990 0x0ddc BTHMODEM - ok
19:57:58.0006 0x0ddc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:57:58.0045 0x0ddc bthserv - ok
19:57:58.0073 0x0ddc [ DC22832C7A65054129DEFE8BC0C6E2B6, 913C8FE83A1FFDC6A1EA54B910D98D9A4C8EF049D0B1D0D0AFB5BF1514AABE59 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
19:57:58.0084 0x0ddc camfilt2 - ok
19:57:58.0106 0x0ddc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:57:58.0144 0x0ddc cdfs - ok
19:57:58.0159 0x0ddc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:57:58.0171 0x0ddc cdrom - ok
19:57:58.0182 0x0ddc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:57:58.0209 0x0ddc CertPropSvc - ok
19:57:58.0222 0x0ddc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:57:58.0243 0x0ddc circlass - ok
19:57:58.0270 0x0ddc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:57:58.0285 0x0ddc CLFS - ok
19:57:58.0330 0x0ddc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:58.0340 0x0ddc clr_optimization_v2.0.50727_32 - ok
19:57:58.0369 0x0ddc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:57:58.0378 0x0ddc clr_optimization_v2.0.50727_64 - ok
19:57:58.0434 0x0ddc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:58.0467 0x0ddc clr_optimization_v4.0.30319_32 - ok
19:57:58.0480 0x0ddc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:57:58.0493 0x0ddc clr_optimization_v4.0.30319_64 - ok
19:57:58.0509 0x0ddc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:57:58.0519 0x0ddc CmBatt - ok
19:57:58.0546 0x0ddc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:57:58.0554 0x0ddc cmdide - ok
19:57:58.0587 0x0ddc [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
19:57:58.0610 0x0ddc CNG - ok
19:57:58.0626 0x0ddc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:57:58.0633 0x0ddc Compbatt - ok
19:57:58.0644 0x0ddc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:57:58.0655 0x0ddc CompositeBus - ok
19:57:58.0658 0x0ddc COMSysApp - ok
19:57:58.0675 0x0ddc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:57:58.0683 0x0ddc crcdisk - ok
19:57:58.0709 0x0ddc [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:57:58.0721 0x0ddc CryptSvc - ok
19:57:58.0748 0x0ddc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:57:58.0786 0x0ddc DcomLaunch - ok
19:57:58.0808 0x0ddc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:57:58.0840 0x0ddc defragsvc - ok
19:57:58.0846 0x0ddc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:57:58.0890 0x0ddc DfsC - ok
19:57:58.0919 0x0ddc [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:57:58.0928 0x0ddc dg_ssudbus - ok
19:57:58.0943 0x0ddc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:57:58.0968 0x0ddc Dhcp - ok
19:57:58.0985 0x0ddc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:57:59.0025 0x0ddc discache - ok
19:57:59.0031 0x0ddc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:57:59.0040 0x0ddc Disk - ok
19:57:59.0068 0x0ddc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:57:59.0080 0x0ddc Dnscache - ok
19:57:59.0117 0x0ddc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:57:59.0148 0x0ddc dot3svc - ok
19:57:59.0203 0x0ddc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:57:59.0251 0x0ddc DPS - ok
19:57:59.0294 0x0ddc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:57:59.0364 0x0ddc drmkaud - ok
19:57:59.0438 0x0ddc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:57:59.0468 0x0ddc DXGKrnl - ok
19:57:59.0483 0x0ddc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:57:59.0527 0x0ddc EapHost - ok
19:57:59.0650 0x0ddc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:57:59.0739 0x0ddc ebdrv - ok
19:57:59.0766 0x0ddc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
19:57:59.0786 0x0ddc EFS - ok
19:57:59.0852 0x0ddc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:57:59.0890 0x0ddc ehRecvr - ok
19:57:59.0911 0x0ddc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:57:59.0923 0x0ddc ehSched - ok
19:57:59.0944 0x0ddc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:57:59.0962 0x0ddc elxstor - ok
19:57:59.0976 0x0ddc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:57:59.0994 0x0ddc ErrDev - ok
19:58:00.0023 0x0ddc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:58:00.0076 0x0ddc EventSystem - ok
19:58:00.0095 0x0ddc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:58:00.0125 0x0ddc exfat - ok
19:58:00.0149 0x0ddc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:58:00.0189 0x0ddc fastfat - ok
19:58:00.0207 0x0ddc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:58:00.0231 0x0ddc Fax - ok
19:58:00.0249 0x0ddc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:58:00.0258 0x0ddc fdc - ok
19:58:00.0272 0x0ddc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:58:00.0306 0x0ddc fdPHost - ok
19:58:00.0327 0x0ddc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:58:00.0357 0x0ddc FDResPub - ok
19:58:00.0366 0x0ddc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:58:00.0374 0x0ddc FileInfo - ok
19:58:00.0386 0x0ddc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:58:00.0413 0x0ddc Filetrace - ok
19:58:00.0426 0x0ddc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:58:00.0447 0x0ddc flpydisk - ok
19:58:00.0456 0x0ddc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:58:00.0470 0x0ddc FltMgr - ok
19:58:00.0523 0x0ddc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:58:00.0557 0x0ddc FontCache - ok
19:58:00.0592 0x0ddc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:58:00.0600 0x0ddc FontCache3.0.0.0 - ok
19:58:00.0617 0x0ddc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:58:00.0626 0x0ddc FsDepends - ok
19:58:00.0651 0x0ddc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:58:00.0659 0x0ddc Fs_Rec - ok
19:58:00.0675 0x0ddc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:58:00.0690 0x0ddc fvevol - ok
19:58:00.0739 0x0ddc [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
19:58:00.0764 0x0ddc FWLANUSB - ok
19:58:00.0782 0x0ddc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:58:00.0791 0x0ddc gagp30kx - ok
19:58:00.0832 0x0ddc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:58:00.0875 0x0ddc gpsvc - ok
19:58:00.0942 0x0ddc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:00.0964 0x0ddc gupdate - ok
19:58:00.0978 0x0ddc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:00.0994 0x0ddc gupdatem - ok
19:58:01.0005 0x0ddc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:58:01.0015 0x0ddc hcw85cir - ok
19:58:01.0049 0x0ddc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:58:01.0093 0x0ddc HdAudAddService - ok
19:58:01.0111 0x0ddc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:58:01.0126 0x0ddc HDAudBus - ok
19:58:01.0144 0x0ddc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:58:01.0166 0x0ddc HidBatt - ok
19:58:01.0182 0x0ddc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:58:01.0207 0x0ddc HidBth - ok
19:58:01.0225 0x0ddc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:58:01.0238 0x0ddc HidIr - ok
19:58:01.0258 0x0ddc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:58:01.0295 0x0ddc hidserv - ok
19:58:01.0313 0x0ddc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:58:01.0322 0x0ddc HidUsb - ok
19:58:01.0336 0x0ddc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:58:01.0379 0x0ddc hkmsvc - ok
19:58:01.0397 0x0ddc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:58:01.0410 0x0ddc HomeGroupListener - ok
19:58:01.0427 0x0ddc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:58:01.0440 0x0ddc HomeGroupProvider - ok
19:58:01.0453 0x0ddc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:58:01.0462 0x0ddc HpSAMD - ok
19:58:01.0489 0x0ddc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:58:01.0530 0x0ddc HTTP - ok
19:58:01.0540 0x0ddc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:58:01.0548 0x0ddc hwpolicy - ok
19:58:01.0566 0x0ddc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:58:01.0577 0x0ddc i8042prt - ok
19:58:01.0611 0x0ddc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:58:01.0627 0x0ddc iaStorV - ok
19:58:01.0679 0x0ddc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:58:01.0700 0x0ddc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:58:04.0126 0x0ddc Detect skipped due to KSN trusted
19:58:04.0126 0x0ddc IDriverT - ok
19:58:04.0221 0x0ddc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:58:04.0252 0x0ddc idsvc - ok
19:58:04.0256 0x0ddc IEEtwCollectorService - ok
19:58:04.0275 0x0ddc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:58:04.0284 0x0ddc iirsp - ok
19:58:04.0326 0x0ddc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:58:04.0353 0x0ddc IKEEXT - ok
19:58:04.0390 0x0ddc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:58:04.0398 0x0ddc intelide - ok
19:58:04.0434 0x0ddc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:58:04.0482 0x0ddc intelppm - ok
19:58:04.0528 0x0ddc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:58:04.0578 0x0ddc IPBusEnum - ok
19:58:04.0635 0x0ddc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:58:04.0678 0x0ddc IpFilterDriver - ok
19:58:04.0710 0x0ddc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:58:04.0730 0x0ddc iphlpsvc - ok
19:58:04.0758 0x0ddc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:58:04.0782 0x0ddc IPMIDRV - ok
19:58:04.0804 0x0ddc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:58:04.0832 0x0ddc IPNAT - ok
19:58:04.0849 0x0ddc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:58:04.0861 0x0ddc IRENUM - ok
19:58:04.0869 0x0ddc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:58:04.0877 0x0ddc isapnp - ok
19:58:04.0903 0x0ddc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:58:04.0916 0x0ddc iScsiPrt - ok
19:58:04.0934 0x0ddc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:58:04.0943 0x0ddc kbdclass - ok
19:58:04.0954 0x0ddc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:58:04.0963 0x0ddc kbdhid - ok
19:58:04.0970 0x0ddc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
19:58:04.0979 0x0ddc KeyIso - ok
19:58:04.0994 0x0ddc [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:58:05.0003 0x0ddc KSecDD - ok
19:58:05.0016 0x0ddc [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:58:05.0026 0x0ddc KSecPkg - ok
19:58:05.0036 0x0ddc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:58:05.0068 0x0ddc ksthunk - ok
19:58:05.0106 0x0ddc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:58:05.0161 0x0ddc KtmRm - ok
19:58:05.0185 0x0ddc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:58:05.0216 0x0ddc LanmanServer - ok
19:58:05.0239 0x0ddc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:58:05.0280 0x0ddc LanmanWorkstation - ok
19:58:05.0295 0x0ddc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:58:05.0335 0x0ddc lltdio - ok
19:58:05.0362 0x0ddc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:58:05.0406 0x0ddc lltdsvc - ok
19:58:05.0417 0x0ddc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:58:05.0453 0x0ddc lmhosts - ok
19:58:05.0473 0x0ddc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:58:05.0482 0x0ddc LSI_FC - ok
19:58:05.0487 0x0ddc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:58:05.0497 0x0ddc LSI_SAS - ok
19:58:05.0511 0x0ddc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:58:05.0519 0x0ddc LSI_SAS2 - ok
19:58:05.0525 0x0ddc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:58:05.0535 0x0ddc LSI_SCSI - ok
19:58:05.0540 0x0ddc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:58:05.0651 0x0ddc luafv - ok
19:58:05.0675 0x0ddc [ F0DCD0FD9D79668E34A660F49C8C00BC, 1A57E0E6528AD21F983577E3945B3B72A3A3614E6245313330A4351D9FD3F207 ] MADFULEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard_DFU.sys
19:58:05.0682 0x0ddc MADFULEGACYKEYBOARD - ok
19:58:05.0700 0x0ddc [ FAEDBEE189A877E302B023BD24FAEBF8, C6E77B90D5D53E539A3AE35D42DD17E90AC1F90B3698C4600BC537E58EA867E4 ] MAUSBLEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard.sys
19:58:05.0710 0x0ddc MAUSBLEGACYKEYBOARD - ok
19:58:05.0735 0x0ddc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:58:05.0746 0x0ddc Mcx2Svc - ok
19:58:05.0762 0x0ddc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:58:05.0771 0x0ddc megasas - ok
19:58:05.0792 0x0ddc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:58:05.0806 0x0ddc MegaSR - ok
19:58:05.0820 0x0ddc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:58:05.0856 0x0ddc MMCSS - ok
19:58:05.0868 0x0ddc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:58:05.0894 0x0ddc Modem - ok
19:58:05.0910 0x0ddc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:58:05.0921 0x0ddc monitor - ok
19:58:05.0933 0x0ddc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:58:05.0942 0x0ddc mouclass - ok
19:58:05.0953 0x0ddc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:58:05.0962 0x0ddc mouhid - ok
19:58:05.0967 0x0ddc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:58:05.0976 0x0ddc mountmgr - ok
19:58:06.0001 0x0ddc [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:58:06.0011 0x0ddc MozillaMaintenance - ok
19:58:06.0025 0x0ddc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:58:06.0036 0x0ddc mpio - ok
19:58:06.0045 0x0ddc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:58:06.0087 0x0ddc mpsdrv - ok
19:58:06.0127 0x0ddc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:58:06.0179 0x0ddc MpsSvc - ok
19:58:06.0203 0x0ddc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:58:06.0213 0x0ddc MRxDAV - ok
19:58:06.0229 0x0ddc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:58:06.0240 0x0ddc mrxsmb - ok
19:58:06.0266 0x0ddc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:58:06.0280 0x0ddc mrxsmb10 - ok
19:58:06.0286 0x0ddc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:58:06.0305 0x0ddc mrxsmb20 - ok
19:58:06.0317 0x0ddc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:58:06.0325 0x0ddc msahci - ok
19:58:06.0331 0x0ddc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:58:06.0342 0x0ddc msdsm - ok
19:58:06.0361 0x0ddc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:58:06.0374 0x0ddc MSDTC - ok
19:58:06.0380 0x0ddc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:58:06.0406 0x0ddc Msfs - ok
19:58:06.0427 0x0ddc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:58:06.0452 0x0ddc mshidkmdf - ok
19:58:06.0455 0x0ddc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:58:06.0463 0x0ddc msisadrv - ok
19:58:06.0489 0x0ddc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:58:06.0524 0x0ddc MSiSCSI - ok
19:58:06.0527 0x0ddc msiserver - ok
19:58:06.0555 0x0ddc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:58:06.0580 0x0ddc MSKSSRV - ok
19:58:06.0597 0x0ddc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:58:06.0622 0x0ddc MSPCLOCK - ok
19:58:06.0668 0x0ddc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:58:06.0730 0x0ddc MSPQM - ok
19:58:06.0757 0x0ddc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:58:06.0772 0x0ddc MsRPC - ok
19:58:06.0785 0x0ddc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:58:06.0793 0x0ddc mssmbios - ok
19:58:06.0807 0x0ddc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:58:06.0833 0x0ddc MSTEE - ok
19:58:06.0847 0x0ddc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:58:06.0865 0x0ddc MTConfig - ok
19:58:06.0883 0x0ddc [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:58:06.0889 0x0ddc MTsensor - ok
19:58:06.0899 0x0ddc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:58:06.0907 0x0ddc Mup - ok
19:58:06.0927 0x0ddc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:58:06.0962 0x0ddc napagent - ok
19:58:07.0000 0x0ddc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:58:07.0032 0x0ddc NativeWifiP - ok
19:58:07.0082 0x0ddc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:58:07.0109 0x0ddc NDIS - ok
19:58:07.0115 0x0ddc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:58:07.0141 0x0ddc NdisCap - ok
19:58:07.0153 0x0ddc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:58:07.0179 0x0ddc NdisTapi - ok
19:58:07.0195 0x0ddc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:58:07.0220 0x0ddc Ndisuio - ok
19:58:07.0227 0x0ddc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:58:07.0265 0x0ddc NdisWan - ok
19:58:07.0278 0x0ddc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:58:07.0314 0x0ddc NDProxy - ok
19:58:07.0319 0x0ddc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:58:07.0351 0x0ddc NetBIOS - ok
19:58:07.0360 0x0ddc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:58:07.0390 0x0ddc NetBT - ok
19:58:07.0409 0x0ddc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
19:58:07.0417 0x0ddc Netlogon - ok
19:58:07.0439 0x0ddc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:58:07.0473 0x0ddc Netman - ok
19:58:07.0509 0x0ddc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:07.0521 0x0ddc NetMsmqActivator - ok
19:58:07.0529 0x0ddc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:07.0542 0x0ddc NetPipeActivator - ok
19:58:07.0607 0x0ddc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:58:07.0652 0x0ddc netprofm - ok
19:58:07.0658 0x0ddc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:07.0670 0x0ddc NetTcpActivator - ok
19:58:07.0676 0x0ddc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:07.0688 0x0ddc NetTcpPortSharing - ok
19:58:07.0702 0x0ddc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:58:07.0711 0x0ddc nfrd960 - ok
19:58:07.0732 0x0ddc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:58:07.0756 0x0ddc NlaSvc - ok
19:58:07.0760 0x0ddc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:58:07.0786 0x0ddc Npfs - ok
19:58:07.0798 0x0ddc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:58:07.0840 0x0ddc nsi - ok
19:58:07.0843 0x0ddc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:58:07.0870 0x0ddc nsiproxy - ok
19:58:07.0937 0x0ddc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:58:07.0979 0x0ddc Ntfs - ok
19:58:07.0988 0x0ddc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:58:08.0014 0x0ddc Null - ok
19:58:08.0033 0x0ddc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:58:08.0044 0x0ddc nvraid - ok
19:58:08.0067 0x0ddc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:58:08.0078 0x0ddc nvstor - ok
19:58:08.0102 0x0ddc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:58:08.0112 0x0ddc nv_agp - ok
19:58:08.0125 0x0ddc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:58:08.0135 0x0ddc ohci1394 - ok
19:58:08.0160 0x0ddc [ FA5D730CE3F3A3BD21C1040E212230D4, 74C4C5DD79D60D7A5821F514614861FC7EE0C7160F7F8A96683087DEDE67C2C6 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
19:58:08.0170 0x0ddc OM0530 - ok
19:58:08.0280 0x0ddc [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:58:08.0326 0x0ddc Origin Client Service - ok
19:58:08.0380 0x0ddc [ 2B7D360154E5324F9BA181AF0DBFB2AA, DD53FEDAEC6CB8243142561A946B7A372C320A2C69F8896D33DB504B78707D35 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
19:58:08.0401 0x0ddc OverwolfUpdaterService - ok
19:58:08.0479 0x0ddc [ E357862CA46F2C3E98E5E8007A317363, 0A3ADF2F6A8800EA1A76BBA58D5CB1B22A70DF895EF5D4C7169456B0C44061ED ] OxygenAudioDevMon C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
19:58:08.0520 0x0ddc OxygenAudioDevMon - ok
19:58:08.0552 0x0ddc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:58:08.0567 0x0ddc p2pimsvc - ok
19:58:08.0588 0x0ddc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:58:08.0605 0x0ddc p2psvc - ok
19:58:08.0668 0x0ddc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:58:08.0699 0x0ddc Parport - ok
19:58:08.0719 0x0ddc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:58:08.0729 0x0ddc partmgr - ok
19:58:08.0742 0x0ddc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:58:08.0774 0x0ddc PcaSvc - ok
19:58:08.0782 0x0ddc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:58:08.0794 0x0ddc pci - ok
19:58:08.0807 0x0ddc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:58:08.0816 0x0ddc pciide - ok
19:58:08.0846 0x0ddc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:58:08.0858 0x0ddc pcmcia - ok
19:58:08.0862 0x0ddc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:58:08.0870 0x0ddc pcw - ok
19:58:08.0910 0x0ddc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:58:08.0963 0x0ddc PEAUTH - ok
19:58:08.0999 0x0ddc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:58:09.0020 0x0ddc PerfHost - ok
19:58:09.0071 0x0ddc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:58:09.0126 0x0ddc pla - ok
19:58:09.0157 0x0ddc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:58:09.0188 0x0ddc PlugPlay - ok
19:58:09.0222 0x0ddc [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
19:58:09.0230 0x0ddc PnkBstrA - ok
19:58:09.0248 0x0ddc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:58:09.0257 0x0ddc PNRPAutoReg - ok
19:58:09.0272 0x0ddc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:58:09.0287 0x0ddc PNRPsvc - ok
19:58:09.0317 0x0ddc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:58:09.0354 0x0ddc PolicyAgent - ok
19:58:09.0383 0x0ddc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:58:09.0424 0x0ddc Power - ok
19:58:09.0437 0x0ddc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:58:09.0464 0x0ddc PptpMiniport - ok
19:58:09.0482 0x0ddc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:58:09.0509 0x0ddc Processor - ok
19:58:09.0550 0x0ddc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:58:09.0588 0x0ddc ProfSvc - ok
19:58:09.0606 0x0ddc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:58:09.0615 0x0ddc ProtectedStorage - ok
19:58:09.0678 0x0ddc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:58:09.0721 0x0ddc Psched - ok
19:58:09.0745 0x0ddc [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:58:09.0753 0x0ddc PxHlpa64 - ok
19:58:10.0036 0x0ddc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:58:10.0077 0x0ddc ql2300 - ok
19:58:10.0093 0x0ddc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:58:10.0104 0x0ddc ql40xx - ok
19:58:10.0122 0x0ddc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:58:10.0140 0x0ddc QWAVE - ok
19:58:10.0149 0x0ddc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:58:10.0176 0x0ddc QWAVEdrv - ok
19:58:10.0193 0x0ddc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:58:10.0218 0x0ddc RasAcd - ok
19:58:10.0249 0x0ddc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:58:10.0275 0x0ddc RasAgileVpn - ok
19:58:10.0288 0x0ddc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:58:10.0316 0x0ddc RasAuto - ok
19:58:10.0322 0x0ddc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:58:10.0352 0x0ddc Rasl2tp - ok
19:58:10.0369 0x0ddc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:58:10.0416 0x0ddc RasMan - ok
19:58:10.0421 0x0ddc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:58:10.0449 0x0ddc RasPppoe - ok
19:58:10.0455 0x0ddc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:58:10.0482 0x0ddc RasSstp - ok
19:58:10.0501 0x0ddc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:58:10.0533 0x0ddc rdbss - ok
19:58:10.0549 0x0ddc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:58:10.0571 0x0ddc rdpbus - ok
19:58:10.0587 0x0ddc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:58:10.0612 0x0ddc RDPCDD - ok
19:58:10.0617 0x0ddc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:58:10.0702 0x0ddc RDPENCDD - ok
19:58:10.0709 0x0ddc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:58:10.0735 0x0ddc RDPREFMP - ok
19:58:10.0765 0x0ddc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:58:10.0779 0x0ddc RdpVideoMiniport - ok
19:58:10.0811 0x0ddc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:58:10.0834 0x0ddc RDPWD - ok
19:58:10.0848 0x0ddc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:58:10.0861 0x0ddc rdyboost - ok
19:58:10.0886 0x0ddc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:58:10.0925 0x0ddc RemoteAccess - ok
19:58:10.0955 0x0ddc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:58:10.0984 0x0ddc RemoteRegistry - ok
19:58:10.0989 0x0ddc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:58:11.0017 0x0ddc RpcEptMapper - ok
19:58:11.0031 0x0ddc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:58:11.0041 0x0ddc RpcLocator - ok
19:58:11.0094 0x0ddc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:58:11.0130 0x0ddc RpcSs - ok
19:58:11.0143 0x0ddc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:58:11.0177 0x0ddc rspndr - ok
19:58:11.0217 0x0ddc [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:58:11.0237 0x0ddc RTL8167 - ok
19:58:11.0246 0x0ddc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
19:58:11.0255 0x0ddc SamSs - ok
19:58:11.0264 0x0ddc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:58:11.0274 0x0ddc sbp2port - ok
19:58:11.0292 0x0ddc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:58:11.0338 0x0ddc SCardSvr - ok
19:58:11.0356 0x0ddc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:58:11.0382 0x0ddc scfilter - ok
19:58:11.0420 0x0ddc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:58:11.0469 0x0ddc Schedule - ok
19:58:11.0493 0x0ddc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:58:11.0519 0x0ddc SCPolicySvc - ok
19:58:11.0543 0x0ddc [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
19:58:11.0551 0x0ddc ScreamBAudioSvc - ok
19:58:11.0570 0x0ddc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:58:11.0597 0x0ddc SDRSVC - ok
19:58:11.0714 0x0ddc [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:58:11.0757 0x0ddc SDScannerService - ok
19:58:11.0839 0x0ddc [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:58:11.0889 0x0ddc SDUpdateService - ok
19:58:11.0908 0x0ddc [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:58:11.0918 0x0ddc SDWSCService - ok
19:58:11.0932 0x0ddc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:58:11.0958 0x0ddc secdrv - ok
19:58:11.0967 0x0ddc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:58:11.0994 0x0ddc seclogon - ok
19:58:12.0004 0x0ddc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:58:12.0031 0x0ddc SENS - ok
19:58:12.0038 0x0ddc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:58:12.0047 0x0ddc SensrSvc - ok
19:58:12.0061 0x0ddc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:58:12.0069 0x0ddc Serenum - ok
19:58:12.0079 0x0ddc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:58:12.0089 0x0ddc Serial - ok
19:58:12.0109 0x0ddc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:58:12.0118 0x0ddc sermouse - ok
19:58:12.0142 0x0ddc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:58:12.0183 0x0ddc SessionEnv - ok
19:58:12.0199 0x0ddc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:58:12.0219 0x0ddc sffdisk - ok
19:58:12.0230 0x0ddc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:58:12.0241 0x0ddc sffp_mmc - ok
19:58:12.0258 0x0ddc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:58:12.0268 0x0ddc sffp_sd - ok
19:58:12.0283 0x0ddc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:58:12.0292 0x0ddc sfloppy - ok
19:58:12.0360 0x0ddc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:58:12.0409 0x0ddc SharedAccess - ok
19:58:12.0436 0x0ddc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:58:12.0478 0x0ddc ShellHWDetection - ok
19:58:12.0487 0x0ddc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:58:12.0495 0x0ddc SiSRaid2 - ok
19:58:12.0504 0x0ddc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:58:12.0513 0x0ddc SiSRaid4 - ok
19:58:12.0530 0x0ddc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:58:12.0560 0x0ddc Smb - ok
19:58:12.0611 0x0ddc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:58:12.0633 0x0ddc SNMPTRAP - ok
19:58:12.0651 0x0ddc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:58:12.0662 0x0ddc spldr - ok
19:58:12.0705 0x0ddc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:58:12.0749 0x0ddc Spooler - ok
19:58:12.0866 0x0ddc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:58:12.0966 0x0ddc sppsvc - ok
19:58:12.0979 0x0ddc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:58:13.0008 0x0ddc sppuinotify - ok
19:58:13.0070 0x0ddc [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\System32\Drivers\sptd.sys
19:58:13.0099 0x0ddc sptd - ok
19:58:13.0134 0x0ddc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:58:13.0151 0x0ddc srv - ok
19:58:13.0163 0x0ddc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:58:13.0187 0x0ddc srv2 - ok
19:58:13.0195 0x0ddc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:58:13.0206 0x0ddc srvnet - ok
19:58:13.0234 0x0ddc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:58:13.0273 0x0ddc SSDPSRV - ok
19:58:13.0290 0x0ddc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:58:13.0326 0x0ddc SstpSvc - ok
19:58:13.0366 0x0ddc [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:58:13.0377 0x0ddc ssudmdm - ok
19:58:13.0401 0x0ddc [ F7093A27C4AF6D9EEA0ACAC1C4FF6828, 40E1A8FB08D3063711E87C15B24009B397CAD279905AA72FADBB4A8B611474CD ] ssudserd C:\Windows\system32\DRIVERS\ssudserd.sys
19:58:13.0413 0x0ddc ssudserd - ok
19:58:13.0467 0x0ddc [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:58:13.0490 0x0ddc Steam Client Service - ok
19:58:13.0510 0x0ddc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:58:13.0518 0x0ddc stexstor - ok
19:58:13.0552 0x0ddc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:58:13.0577 0x0ddc stisvc - ok
19:58:13.0625 0x0ddc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:58:13.0644 0x0ddc swenum - ok
19:58:13.0707 0x0ddc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:58:13.0737 0x0ddc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
19:58:16.0165 0x0ddc Detect skipped due to KSN trusted
19:58:16.0165 0x0ddc SwitchBoard - ok
19:58:16.0232 0x0ddc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:58:16.0278 0x0ddc swprv - ok
19:58:16.0344 0x0ddc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:58:16.0395 0x0ddc SysMain - ok
19:58:16.0415 0x0ddc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:58:16.0441 0x0ddc TabletInputService - ok
19:58:16.0466 0x0ddc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:58:16.0508 0x0ddc TapiSrv - ok
19:58:16.0518 0x0ddc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:58:16.0573 0x0ddc TBS - ok
19:58:16.0702 0x0ddc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:58:16.0751 0x0ddc Tcpip - ok
19:58:16.0807 0x0ddc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:58:16.0854 0x0ddc TCPIP6 - ok
19:58:16.0875 0x0ddc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:58:16.0884 0x0ddc tcpipreg - ok
19:58:16.0907 0x0ddc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:58:16.0916 0x0ddc TDPIPE - ok
19:58:16.0957 0x0ddc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:58:16.0978 0x0ddc TDTCP - ok
19:58:17.0008 0x0ddc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:58:17.0022 0x0ddc tdx - ok
19:58:17.0033 0x0ddc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:58:17.0045 0x0ddc TermDD - ok
19:58:17.0088 0x0ddc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:58:17.0115 0x0ddc TermService - ok
19:58:17.0125 0x0ddc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:58:17.0139 0x0ddc Themes - ok
19:58:17.0157 0x0ddc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:58:17.0184 0x0ddc THREADORDER - ok
19:58:17.0200 0x0ddc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:58:17.0228 0x0ddc TrkWks - ok
19:58:17.0274 0x0ddc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:58:17.0303 0x0ddc TrustedInstaller - ok
19:58:17.0331 0x0ddc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:58:17.0340 0x0ddc tssecsrv - ok
19:58:17.0359 0x0ddc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:58:17.0367 0x0ddc TsUsbFlt - ok
19:58:17.0391 0x0ddc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:58:17.0399 0x0ddc TsUsbGD - ok
19:58:17.0503 0x0ddc [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
19:58:17.0556 0x0ddc TuneUp.UtilitiesSvc - ok
19:58:17.0618 0x0ddc [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
19:58:17.0637 0x0ddc TuneUpUtilitiesDrv - ok
19:58:17.0660 0x0ddc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:58:17.0699 0x0ddc tunnel - ok
19:58:17.0715 0x0ddc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:58:17.0724 0x0ddc uagp35 - ok
19:58:17.0756 0x0ddc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:58:17.0787 0x0ddc udfs - ok
19:58:17.0802 0x0ddc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:58:17.0812 0x0ddc UI0Detect - ok
19:58:17.0835 0x0ddc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:58:17.0843 0x0ddc uliagpkx - ok
19:58:17.0865 0x0ddc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:58:17.0895 0x0ddc umbus - ok
19:58:17.0909 0x0ddc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:58:17.0944 0x0ddc UmPass - ok
19:58:17.0970 0x0ddc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:58:18.0012 0x0ddc upnphost - ok
19:58:18.0030 0x0ddc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:58:18.0040 0x0ddc usbaudio - ok
19:58:18.0056 0x0ddc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:58:18.0066 0x0ddc usbccgp - ok
19:58:18.0084 0x0ddc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:58:18.0094 0x0ddc usbcir - ok
19:58:18.0112 0x0ddc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:58:18.0129 0x0ddc usbehci - ok
19:58:18.0149 0x0ddc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:58:18.0163 0x0ddc usbhub - ok
19:58:18.0174 0x0ddc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:58:18.0191 0x0ddc usbohci - ok
19:58:18.0208 0x0ddc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:58:18.0232 0x0ddc usbprint - ok
19:58:18.0263 0x0ddc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:58:18.0272 0x0ddc USBSTOR - ok
19:58:18.0293 0x0ddc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:58:18.0311 0x0ddc usbuhci - ok
19:58:18.0347 0x0ddc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:58:18.0359 0x0ddc usbvideo - ok
19:58:18.0377 0x0ddc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:58:18.0404 0x0ddc UxSms - ok
19:58:18.0429 0x0ddc [ 97BCD40E27C46B398524DF9B4DC88A6F, D1466C414B6044B65D63138B3C42B54B3B6E54AD40613E171F980D0E0D9627B5 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
19:58:18.0436 0x0ddc UxTuneUp - ok
19:58:18.0446 0x0ddc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
19:58:18.0455 0x0ddc VaultSvc - ok
19:58:18.0469 0x0ddc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:58:18.0477 0x0ddc vdrvroot - ok
19:58:18.0497 0x0ddc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:58:18.0534 0x0ddc vds - ok
19:58:18.0555 0x0ddc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:58:18.0566 0x0ddc vga - ok
19:58:18.0585 0x0ddc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:58:18.0623 0x0ddc VgaSave - ok
19:58:18.0679 0x0ddc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:58:18.0700 0x0ddc vhdmp - ok
19:58:18.0799 0x0ddc [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
19:58:18.0852 0x0ddc VIAHdAudAddService - ok
19:58:18.0874 0x0ddc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:58:18.0881 0x0ddc viaide - ok
19:58:18.0890 0x0ddc [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
19:58:18.0897 0x0ddc VIAKaraokeService - ok
19:58:18.0902 0x0ddc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:58:18.0911 0x0ddc volmgr - ok
19:58:18.0922 0x0ddc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:58:18.0936 0x0ddc volmgrx - ok
19:58:18.0946 0x0ddc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:58:18.0960 0x0ddc volsnap - ok
19:58:18.0970 0x0ddc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:58:18.0981 0x0ddc vsmraid - ok
19:58:19.0028 0x0ddc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:58:19.0098 0x0ddc VSS - ok
19:58:19.0114 0x0ddc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:58:19.0140 0x0ddc vwifibus - ok
19:58:19.0161 0x0ddc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:58:19.0196 0x0ddc W32Time - ok
19:58:19.0219 0x0ddc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:58:19.0257 0x0ddc WacomPen - ok
19:58:19.0272 0x0ddc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:58:19.0303 0x0ddc WANARP - ok
19:58:19.0308 0x0ddc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:58:19.0334 0x0ddc Wanarpv6 - ok
19:58:19.0380 0x0ddc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:58:19.0420 0x0ddc wbengine - ok
19:58:19.0437 0x0ddc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:58:19.0454 0x0ddc WbioSrvc - ok
19:58:19.0469 0x0ddc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:58:19.0489 0x0ddc wcncsvc - ok
19:58:19.0499 0x0ddc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:58:19.0509 0x0ddc WcsPlugInService - ok
19:58:19.0521 0x0ddc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:58:19.0528 0x0ddc Wd - ok
19:58:19.0544 0x0ddc [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:58:19.0551 0x0ddc WDC_SAM - ok
19:58:19.0580 0x0ddc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:58:19.0606 0x0ddc Wdf01000 - ok
19:58:19.0669 0x0ddc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:58:19.0719 0x0ddc WdiServiceHost - ok
19:58:19.0729 0x0ddc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:58:19.0751 0x0ddc WdiSystemHost - ok
19:58:19.0777 0x0ddc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:58:19.0792 0x0ddc WebClient - ok
19:58:19.0808 0x0ddc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:58:19.0847 0x0ddc Wecsvc - ok
19:58:19.0852 0x0ddc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:58:19.0880 0x0ddc wercplsupport - ok
19:58:19.0895 0x0ddc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:58:19.0923 0x0ddc WerSvc - ok
19:58:19.0934 0x0ddc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:58:19.0961 0x0ddc WfpLwf - ok
19:58:19.0979 0x0ddc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:58:19.0987 0x0ddc WIMMount - ok
19:58:20.0008 0x0ddc WinDefend - ok
19:58:20.0013 0x0ddc WinHttpAutoProxySvc - ok
19:58:20.0054 0x0ddc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:58:20.0086 0x0ddc Winmgmt - ok
19:58:20.0156 0x0ddc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
19:58:20.0207 0x0ddc WinRM - ok
19:58:20.0230 0x0ddc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:58:20.0241 0x0ddc WinUsb - ok
19:58:20.0282 0x0ddc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:58:20.0316 0x0b40 Object required for P2P: [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject
19:58:20.0321 0x0ddc Wlansvc - ok
19:58:20.0497 0x0ddc [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:58:20.0553 0x0ddc wlidsvc - ok
19:58:20.0594 0x0ddc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:58:20.0603 0x0ddc WmiAcpi - ok
19:58:20.0621 0x0ddc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:58:20.0633 0x0ddc wmiApSrv - ok
19:58:20.0638 0x0ddc WMPNetworkSvc - ok
19:58:20.0652 0x0ddc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:58:20.0661 0x0ddc WPCSvc - ok
19:58:20.0690 0x0ddc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:58:20.0703 0x0ddc WPDBusEnum - ok
19:58:20.0714 0x0ddc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:58:20.0740 0x0ddc ws2ifsl - ok
19:58:20.0749 0x0ddc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:58:20.0763 0x0ddc wscsvc - ok
19:58:20.0766 0x0ddc WSearch - ok
19:58:20.0849 0x0ddc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
19:58:20.0911 0x0ddc wuauserv - ok
19:58:20.0932 0x0ddc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:58:20.0941 0x0ddc WudfPf - ok
19:58:20.0955 0x0ddc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:58:20.0967 0x0ddc WUDFRd - ok
19:58:20.0993 0x0ddc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:58:21.0003 0x0ddc wudfsvc - ok
19:58:21.0023 0x0ddc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:58:21.0048 0x0ddc WwanSvc - ok
19:58:21.0054 0x0ddc ================ Scan global ===============================
19:58:21.0100 0x0ddc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:58:21.0136 0x0ddc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:58:21.0154 0x0ddc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:58:21.0176 0x0ddc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:58:21.0220 0x0ddc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:58:21.0238 0x0ddc [ Global ] - ok
19:58:21.0239 0x0ddc ================ Scan MBR ==================================
19:58:21.0245 0x0ddc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:58:21.0512 0x0ddc \Device\Harddisk0\DR0 - ok
19:58:21.0532 0x0ddc [ 205060F860AA1EC25B607A1B5B40A40C ] \Device\Harddisk1\DR1
19:58:21.0618 0x0ddc \Device\Harddisk1\DR1 - ok
19:58:21.0628 0x0ddc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
19:58:22.0174 0x0ddc \Device\Harddisk2\DR2 - ok
19:58:22.0182 0x0ddc [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk3\DR3
19:58:22.0643 0x0ddc \Device\Harddisk3\DR3 - ok
19:58:22.0644 0x0ddc ================ Scan VBR ==================================
19:58:22.0652 0x0ddc [ C07BC3BE82CA91B4832947491A4E6E31 ] \Device\Harddisk0\DR0\Partition1
19:58:22.0655 0x0ddc \Device\Harddisk0\DR0\Partition1 - ok
19:58:22.0668 0x0ddc [ EDB793810F8BAECAE2F9D3C0C5311652 ] \Device\Harddisk0\DR0\Partition2
19:58:22.0705 0x0ddc \Device\Harddisk0\DR0\Partition2 - ok
19:58:22.0707 0x0ddc [ ED28D0D8202823080428C72EEA85B213 ] \Device\Harddisk0\DR0\Partition3
19:58:22.0708 0x0ddc \Device\Harddisk0\DR0\Partition3 - ok
19:58:22.0730 0x0ddc [ 7604813F6EDB7C5C5A77592F1C163FE0 ] \Device\Harddisk1\DR1\Partition1
19:58:22.0731 0x0ddc \Device\Harddisk1\DR1\Partition1 - ok
19:58:22.0731 0x0b40 Object send P2P result: true
19:58:22.0752 0x0ddc [ 887DD3C8B480381118BB555328DFF85E ] \Device\Harddisk1\DR1\Partition2
19:58:22.0753 0x0ddc \Device\Harddisk1\DR1\Partition2 - ok
19:58:22.0769 0x0ddc [ 81023E46A17A1940216BCDC3921122DC ] \Device\Harddisk1\DR1\Partition3
19:58:22.0770 0x0ddc \Device\Harddisk1\DR1\Partition3 - ok
19:58:22.0774 0x0ddc [ 60B4F8F9D84337FFBADD364A2E6A3988 ] \Device\Harddisk1\DR1\Partition4
19:58:22.0775 0x0ddc \Device\Harddisk1\DR1\Partition4 - ok
19:58:22.0778 0x0ddc [ 97793C6EBE782489632BE676E2C9BE30 ] \Device\Harddisk2\DR2\Partition1
19:58:22.0780 0x0ddc \Device\Harddisk2\DR2\Partition1 - ok
19:58:22.0782 0x0ddc [ EFB00E60BB2055492290E549E5A4574A ] \Device\Harddisk3\DR3\Partition1
19:58:22.0783 0x0ddc \Device\Harddisk3\DR3\Partition1 - ok
19:58:22.0785 0x0ddc ================ Scan generic autorun ======================
19:58:22.0857 0x0ddc [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:58:22.0875 0x0ddc AdobeAAMUpdater-1.0 - ok
19:58:23.0052 0x0ddc [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
19:58:23.0173 0x0ddc HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
19:58:25.0590 0x0ddc Detect skipped due to KSN trusted
19:58:25.0590 0x0ddc HDAudDeck - ok
19:58:25.0653 0x0ddc [ 94D247679E0862C7FA8C5AD712E03948, B6579E5675DDEE338D5248B6A1769CFCEC72DF127A5A367980F388FE782C4748 ] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
19:58:25.0677 0x0ddc Cpu Level Up help - ok
19:58:25.0738 0x0ddc [ 80F72159E0EB98A9B32FF61132C2E60D, 7F9AD5AE0C23EC5AB7DD63020897646A57CD275D325D399C35001C3DAC0B147F ] C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
19:58:25.0781 0x0ddc Turbo Key - detected UnsignedFile.Multi.Generic ( 1 )
19:58:28.0198 0x0ddc Detect skipped due to KSN trusted
19:58:28.0198 0x0ddc Turbo Key - ok
19:58:28.0232 0x0ddc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:58:28.0255 0x0ddc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
19:58:28.0255 0x0ddc Detect skipped due to KSN trusted
19:58:28.0255 0x0ddc SwitchBoard - ok
19:58:28.0299 0x0ddc [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
19:58:28.0326 0x0ddc AdobeCS6ServiceManager - ok
19:58:28.0356 0x0ddc [ C5239F47944FA3036A256DE9BDB94EB6, 3464B8B5036FA954553850A590D765D30E805818049FBF2E6C444B5FB0147BD4 ] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
19:58:28.0369 0x0ddc Zboard - detected UnsignedFile.Multi.Generic ( 1 )
19:58:30.0789 0x0ddc Detect skipped due to KSN trusted
19:58:30.0789 0x0ddc Zboard - ok
19:58:30.0887 0x0ddc [ DB3682851D0218AEC5911CD0D1D7AABE, E3186E075F788131C7E6746D035DED5E3056E20784D635D5CAEC00EF3D27CC72 ] C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
19:58:30.0923 0x0ddc BF2Hub Client - detected UnsignedFile.Multi.Generic ( 1 )
19:58:33.0310 0x0f98 Object required for P2P: [ 320681DF28D82CDCA7E3EED0846625DB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:58:33.0402 0x0ddc BF2Hub Client ( UnsignedFile.Multi.Generic ) - warning
19:58:35.0733 0x0f98 Object send P2P result: true
19:58:35.0803 0x0ddc [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
19:58:35.0826 0x0ddc KiesTrayAgent - ok
19:58:35.0861 0x0ddc [ ACFE2A5FBB735E6463B51D19A84B5C1E, ECCA84BD6E56C2370BBCF1EFE88F92649DF040C53D73711C5BBEF19962214119 ] C:\Program Files (x86)\Raptr\raptrstub.exe
19:58:35.0871 0x0ddc Raptr - ok
19:58:35.0961 0x0ddc [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:58:35.0988 0x0ddc StartCCC - ok
19:58:36.0149 0x0ddc [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
19:58:36.0239 0x0ddc SDTray - ok
19:58:36.0247 0x0ddc {438CD09C-011B-459C-A685-5269559B3DF4} - ok
19:58:36.0336 0x0ddc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:58:36.0384 0x0ddc Sidebar - ok
19:58:36.0413 0x0ddc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:58:36.0427 0x0ddc mctadmin - ok
19:58:36.0474 0x0ddc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:58:36.0507 0x0ddc Sidebar - ok
19:58:36.0513 0x0ddc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:58:36.0527 0x0ddc mctadmin - ok
19:58:36.0574 0x0ddc [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
19:58:36.0598 0x0ddc NextLive - ok
19:58:36.0712 0x0ddc [ 3255867AE34EDD5346C750677EE63354, 3FC8E1EFF33EE83717C285D0CD388886135C5BF977B69CF6ADCFD4196139D483 ] C:\Program Files (x86)\Steam\Steam.exe
19:58:36.0776 0x0ddc Steam - ok
19:58:36.0920 0x0ddc [ 1BFCA8EBFBDC43B5C7C3BCF92A47DD77, EA4A4B5E4BFB31451A472A3E5F23CA163EB53B7D08C892454D6905B034ABBBF6 ] C:\Program Files (x86)\Origin\Origin.exe
19:58:37.0000 0x0ddc EADM - ok
19:58:37.0061 0x0ddc [ 2F85D5E63A1ECE08085D32C1B615BBFD, 7263F4E0CC7D375CBAA44406F90F427E6EC9382184B3CD62A90C0DD6B7D88372 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
19:58:37.0098 0x0ddc KiesPreload - ok
19:58:37.0134 0x0ddc [ 06ACC931AD00231ECAD476F56AE73368, BFB82E25F4D6021E43BF8627A7BF0DFA7027AB38B4F3B6AD1DEB8461D4F87AD5 ] C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe
19:58:37.0134 0x0ddc Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe. md5: 06ACC931AD00231ECAD476F56AE73368, sha256: BFB82E25F4D6021E43BF8627A7BF0DFA7027AB38B4F3B6AD1DEB8461D4F87AD5
19:58:37.0134 0x0ddc pace-egg - detected LockedFile.Multi.Generic ( 1 )
19:58:39.0549 0x0ddc Detect turned to UDS exact due to KSN untrusted
19:58:39.0549 0x0ddc pace-egg ( UDS:DangerousObject.Multi.Generic ) - infected
19:58:39.0549 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe
19:58:41.0974 0x0ddc Object send P2P result: true
19:58:44.0359 0x0ddc [ F4FAEFA73454CD942314ECF40953D93B, 3645ACF85998631E4E75FF7D9DAF7A813684DB77DFD7996A6A1768231B7250E9 ] C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
19:58:44.0359 0x0ddc Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe. md5: F4FAEFA73454CD942314ECF40953D93B, sha256: 3645ACF85998631E4E75FF7D9DAF7A813684DB77DFD7996A6A1768231B7250E9
19:58:44.0360 0x0ddc hat-date - detected LockedFile.Multi.Generic ( 1 )
19:58:46.0789 0x0ddc Object required for P2P: [ F4FAEFA73454CD942314ECF40953D93B ] C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
19:58:49.0214 0x0ddc Object send P2P result: true
19:58:49.0214 0x0ddc Detect turned to UDS exact due to KSN untrusted
19:58:49.0214 0x0ddc hat-date ( UDS:DangerousObject.Multi.Generic ) - infected
19:58:49.0214 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
19:59:02.0654 0x0ddc Object send P2P result: true
19:59:05.0066 0x0ddc [ C9F15C15E1B5B06062CD9BAA1133D77C, 49F466489532FF55F2BF7AA8E28A6277BE04211B0BED2BF7F3DB15D9485BAB6F ] C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe
19:59:05.0067 0x0ddc Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe. md5: C9F15C15E1B5B06062CD9BAA1133D77C, sha256: 49F466489532FF55F2BF7AA8E28A6277BE04211B0BED2BF7F3DB15D9485BAB6F
19:59:05.0087 0x0ddc string-weekend - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
19:59:07.0507 0x0ddc string-weekend ( Trojan-Spy.Win32.ZBot.gen ) - infected
19:59:07.0507 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe
19:59:09.0934 0x0ddc Object send P2P result: true
19:59:12.0322 0x0ddc [ 6E1E462001758C45B740158E831B19C1, 3936F8F783E3E3CA933831E17D6C0066830B55D7F26E1D78799982FF53022158 ] C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe
19:59:12.0323 0x0ddc Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe. md5: 6E1E462001758C45B740158E831B19C1, sha256: 3936F8F783E3E3CA933831E17D6C0066830B55D7F26E1D78799982FF53022158
19:59:12.0323 0x0ddc contest-compare - detected LockedFile.Multi.Generic ( 1 )
19:59:14.0749 0x0ddc Detect turned to UDS exact due to KSN untrusted
19:59:14.0749 0x0ddc contest-compare ( UDS:DangerousObject.Multi.Generic ) - infected
19:59:14.0749 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe
19:59:17.0182 0x0ddc Object send P2P result: true
19:59:19.0580 0x0ddc [ E0942E3DD4A6078D0A678A9093018CFC, 0C9BD42A55E5A6EA7F1F911944D64B6E9CE43E6675508C69663A99F5B39E1A48 ] C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe
19:59:19.0580 0x0ddc Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe. md5: E0942E3DD4A6078D0A678A9093018CFC, sha256: 0C9BD42A55E5A6EA7F1F911944D64B6E9CE43E6675508C69663A99F5B39E1A48
19:59:19.0581 0x0ddc openinglimited - detected LockedFile.Multi.Generic ( 1 )
19:59:22.0008 0x0ddc Detect turned to UDS exact due to KSN untrusted
19:59:22.0008 0x0ddc openinglimited ( UDS:DangerousObject.Multi.Generic ) - infected
19:59:22.0009 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe
19:59:24.0483 0x0ddc Object send P2P result: true
19:59:26.0875 0x0ddc [ 682A590D24524DC5EC2C96F59407A9D3, CB36F86D80FF0EA329183FD6393ECBFAB4081B6146821B8A1B5D29F46451E9B6 ] C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe
19:59:26.0875 0x0ddc Suspicious file ( Hidden ): C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe. md5: 682A590D24524DC5EC2C96F59407A9D3, sha256: CB36F86D80FF0EA329183FD6393ECBFAB4081B6146821B8A1B5D29F46451E9B6
19:59:26.0883 0x0ddc proof-reflect - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
19:59:29.0308 0x0ddc proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - infected
19:59:29.0308 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe
19:59:31.0726 0x0ddc Object send P2P result: true
19:59:34.0134 0x0ddc [ 648847084828A4E2EB16342306F04A03, 99028B19114A3081BA0E34F1ED3CB8A5F9FC87DA3186EFA445F2C2783A248063 ] C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe
19:59:34.0135 0x0ddc Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe. md5: 648847084828A4E2EB16342306F04A03, sha256: 99028B19114A3081BA0E34F1ED3CB8A5F9FC87DA3186EFA445F2C2783A248063
19:59:34.0135 0x0ddc matter-visit - detected LockedFile.Multi.Generic ( 1 )
19:59:39.0559 0x0ddc Detect turned to UDS exact due to KSN untrusted
19:59:39.0559 0x0ddc matter-visit ( UDS:DangerousObject.Multi.Generic ) - infected
19:59:39.0559 0x0ddc Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe
19:59:41.0983 0x0ddc Object send P2P result: true
19:59:44.0366 0x0ddc Win FW state via NFP2: enabled
19:59:46.0714 0x0ddc ============================================================
19:59:46.0714 0x0ddc Scan finished
19:59:46.0714 0x0ddc ============================================================
19:59:46.0727 0x0960 Detected object count: 8
19:59:46.0727 0x0960 Actual detected object count: 8
20:07:36.0058 0x0960 BF2Hub Client ( UnsignedFile.Multi.Generic ) - skipped by user
20:07:36.0058 0x0960 BF2Hub Client ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:07:36.0092 0x0960 C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe - copied to quarantine
20:07:36.0093 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:pace-egg - will be deleted on reboot
20:07:36.0093 0x0960 C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe - will be deleted on reboot
20:07:36.0093 0x0960 pace-egg ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
20:07:36.0116 0x0960 C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe - copied to quarantine
20:07:36.0116 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:hat-date - will be deleted on reboot
20:07:36.0117 0x0960 C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe - will be deleted on reboot
20:07:36.0117 0x0960 hat-date ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
20:07:36.0145 0x0960 C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe - copied to quarantine
20:07:36.0146 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:string-weekend - will be deleted on reboot
20:07:36.0147 0x0960 C:\Users\Wallace\AppData\Local\Temp\String-entrance\string-justify.exe - will be deleted on reboot
20:07:36.0147 0x0960 string-weekend ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
20:07:36.0176 0x0960 C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe - copied to quarantine
20:07:36.0176 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:contest-compare - will be deleted on reboot
20:07:36.0177 0x0960 C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe - will be deleted on reboot
20:07:36.0177 0x0960 contest-compare ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
20:07:36.0208 0x0960 C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe - copied to quarantine
20:07:36.0208 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:openinglimited - will be deleted on reboot
20:07:36.0209 0x0960 C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe - will be deleted on reboot
20:07:36.0209 0x0960 openinglimited ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
20:07:36.0245 0x0960 C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe - copied to quarantine
20:07:36.0245 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:proof-reflect - will be deleted on reboot
20:07:36.0246 0x0960 C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe - will be deleted on reboot
20:07:36.0246 0x0960 proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
20:07:36.0278 0x0960 C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe - copied to quarantine
20:07:36.0278 0x0960 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:matter-visit - will be deleted on reboot
20:07:36.0281 0x0960 C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe - will be deleted on reboot
20:07:36.0281 0x0960 matter-visit ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
20:07:36.0931 0x0960 KLMD registered as C:\Windows\system32\drivers\18745686.sys
20:07:40.0186 0x038c Deinitialize success
Geändert von DaWallace (23.02.2015 um 20:30 Uhr) |
|
23.02.2015, 20:30
| #8 |
| | Teil2 Und nach dem Reboot der zweite Scan mit Reboot: Code:
ATTFilter 20:12:57.0145 0x0e78 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:12:57.0550 0x0e78 ============================================================
20:12:57.0550 0x0e78 Current date / time: 2015/02/23 20:12:57.0550
20:12:57.0550 0x0e78 SystemInfo:
20:12:57.0550 0x0e78
20:12:57.0550 0x0e78 OS Version: 6.1.7601 ServicePack: 1.0
20:12:57.0550 0x0e78 Product type: Workstation
20:12:57.0550 0x0e78 ComputerName: DRAGON64
20:12:57.0550 0x0e78 UserName: Wallace
20:12:57.0550 0x0e78 Windows directory: C:\Windows
20:12:57.0550 0x0e78 System windows directory: C:\Windows
20:12:57.0550 0x0e78 Running under WOW64
20:12:57.0550 0x0e78 Processor architecture: Intel x64
20:12:57.0550 0x0e78 Number of processors: 4
20:12:57.0550 0x0e78 Page size: 0x1000
20:12:57.0550 0x0e78 Boot type: Normal boot
20:12:57.0550 0x0e78 ============================================================
20:12:57.0550 0x0e78 BG loaded
20:12:58.0674 0x0e78 System UUID: {16D1EC3B-9554-5EDC-4910-9ECB978DB774}
20:12:59.0984 0x0e78 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:13:00.0046 0x0e78 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:13:00.0062 0x0e78 Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:13:00.0062 0x0e78 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:13:00.0078 0x0e78 ============================================================
20:13:00.0078 0x0e78 \Device\Harddisk0\DR0:
20:13:00.0390 0x0e78 MBR partitions:
20:13:00.0390 0x0e78 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:13:00.0390 0x0e78 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55AE0800
20:13:00.0390 0x0e78 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55B13000, BlocksNum 0x1A32800
20:13:00.0390 0x0e78 \Device\Harddisk1\DR1:
20:13:00.0405 0x0e78 MBR partitions:
20:13:00.0405 0x0e78 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x61D6AB1, BlocksNum 0xC35314E
20:13:00.0421 0x0e78 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12529C3E, BlocksNum 0x124FAAB4
20:13:00.0436 0x0e78 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x24A24731, BlocksNum 0x15960510
20:13:00.0436 0x0e78 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x61D2B72
20:13:00.0436 0x0e78 \Device\Harddisk2\DR2:
20:13:00.0436 0x0e78 MBR partitions:
20:13:00.0436 0x0e78 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
20:13:00.0436 0x0e78 \Device\Harddisk3\DR3:
20:13:00.0436 0x0e78 MBR partitions:
20:13:00.0436 0x0e78 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
20:13:00.0436 0x0e78 ============================================================
20:13:00.0780 0x0e78 C: <-> \Device\Harddisk0\DR0\Partition2
20:13:00.0811 0x0e78 D: <-> \Device\Harddisk1\DR1\Partition4
20:13:00.0842 0x0e78 E: <-> \Device\Harddisk1\DR1\Partition1
20:13:00.0873 0x0e78 F: <-> \Device\Harddisk1\DR1\Partition2
20:13:00.0904 0x0e78 G: <-> \Device\Harddisk1\DR1\Partition3
20:13:01.0279 0x0e78 H: <-> \Device\Harddisk0\DR0\Partition3
20:13:01.0324 0x0e78 O: <-> \Device\Harddisk2\DR2\Partition1
20:13:01.0334 0x0e78 Q: <-> \Device\Harddisk3\DR3\Partition1
20:13:01.0334 0x0e78 ============================================================
20:13:01.0334 0x0e78 Initialize success
20:13:01.0334 0x0e78 ============================================================
20:17:15.0524 0x0cec ============================================================
20:17:15.0524 0x0cec Scan started
20:17:15.0524 0x0cec Mode: Manual; SigCheck; TDLFS;
20:17:15.0524 0x0cec ============================================================
20:17:15.0524 0x0cec KSN ping started
20:17:28.0957 0x0cec KSN ping finished: true
20:17:32.0389 0x0cec ================ Scan system memory ========================
20:17:32.0389 0x0cec System memory - ok
20:17:32.0389 0x0cec ================ Scan services =============================
20:17:32.0560 0x0cec [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:17:32.0623 0x0cec 1394ohci - ok
20:17:32.0654 0x0cec [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:17:32.0670 0x0cec ACPI - ok
20:17:32.0685 0x0cec [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:17:32.0748 0x0cec AcpiPmi - ok
20:17:32.0779 0x0cec [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:17:32.0810 0x0cec AdobeARMservice - ok
20:17:32.0888 0x0cec [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:17:32.0919 0x0cec AdobeFlashPlayerUpdateSvc - ok
20:17:32.0950 0x0cec [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:17:32.0966 0x0cec adp94xx - ok
20:17:32.0997 0x0cec [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:17:33.0013 0x0cec adpahci - ok
20:17:33.0028 0x0cec [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:17:33.0028 0x0cec adpu320 - ok
20:17:33.0060 0x0cec [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:17:33.0138 0x0cec AeLookupSvc - ok
20:17:33.0184 0x0cec [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:17:33.0216 0x0cec AFD - ok
20:17:33.0231 0x0cec [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:17:33.0247 0x0cec agp440 - ok
20:17:33.0278 0x0cec [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:17:33.0309 0x0cec ALG - ok
20:17:33.0325 0x0cec [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:17:33.0325 0x0cec aliide - ok
20:17:33.0356 0x0cec [ B3E801135E0C81733542C14D9AA8120A, 69A19C73BBB942DDEBD079EF924ED1AEFC3516867569618D2FBBD1CD831204C2 ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
20:17:33.0387 0x0cec Alpham1 - ok
20:17:33.0403 0x0cec [ 6493983FEDBC49D9112703ECE9B251FE, E5D0EEBA8C8D9C02CC4109C86ABC6375E5CF79F6549917C011238FD2DD78BF71 ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
20:17:33.0418 0x0cec Alpham2 - ok
20:17:33.0528 0x0cec [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:17:33.0543 0x0cec AMD External Events Utility - ok
20:17:33.0590 0x0cec AMD FUEL Service - ok
20:17:33.0590 0x0cec [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:17:33.0606 0x0cec amdide - ok
20:17:33.0621 0x0cec [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:17:33.0637 0x0cec AmdK8 - ok
20:17:34.0089 0x0cec [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:17:34.0495 0x0cec amdkmdag - ok
20:17:34.0557 0x0cec [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:17:34.0588 0x0cec amdkmdap - ok
20:17:34.0604 0x0cec [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:17:34.0620 0x0cec AmdPPM - ok
20:17:34.0651 0x0cec [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:17:34.0651 0x0cec amdsata - ok
20:17:34.0666 0x0cec [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:17:34.0682 0x0cec amdsbs - ok
20:17:34.0698 0x0cec [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:17:34.0698 0x0cec amdxata - ok
20:17:34.0713 0x0cec AODDriver4.2.0 - ok
20:17:34.0744 0x0cec [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:17:34.0760 0x0cec AODDriver4.3 - ok
20:17:34.0791 0x0cec [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:17:34.0885 0x0cec AppID - ok
20:17:34.0916 0x0cec [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:17:34.0947 0x0cec AppIDSvc - ok
20:17:34.0978 0x0cec [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:17:34.0994 0x0cec Appinfo - ok
20:17:35.0010 0x0cec [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:17:35.0025 0x0cec arc - ok
20:17:35.0025 0x0cec [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:17:35.0041 0x0cec arcsas - ok
20:17:35.0072 0x0cec [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
20:17:35.0072 0x0cec AsIO - ok
20:17:35.0088 0x0cec [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
20:17:35.0103 0x0cec asmthub3 - ok
20:17:35.0134 0x0cec [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
20:17:35.0150 0x0cec asmtxhci - ok
20:17:35.0212 0x0cec [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:17:35.0212 0x0cec aspnet_state - ok
20:17:35.0259 0x0cec [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
20:17:35.0259 0x0cec AsSysCtrlService - ok
20:17:35.0275 0x0cec [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
20:17:35.0275 0x0cec AsUpIO - ok
20:17:35.0290 0x0cec [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:17:35.0337 0x0cec AsyncMac - ok
20:17:35.0353 0x0cec [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:17:35.0368 0x0cec atapi - ok
20:17:35.0384 0x0cec [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:17:35.0400 0x0cec AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
20:17:37.0849 0x0cec Detect skipped due to KSN trusted
20:17:37.0849 0x0cec AtiHDAudioService - ok
20:17:38.0317 0x0cec [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:17:38.0691 0x0cec atikmdag - ok
20:17:38.0754 0x0cec [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:17:38.0754 0x0cec AtiPcie - ok
20:17:38.0785 0x0cec [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:17:38.0816 0x0cec AudioEndpointBuilder - ok
20:17:38.0832 0x0cec [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:17:38.0863 0x0cec AudioSrv - ok
20:17:38.0894 0x0cec [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
20:17:38.0910 0x0cec avmeject - ok
20:17:38.0941 0x0cec [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:17:39.0019 0x0cec AxInstSV - ok
20:17:39.0066 0x0cec [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:17:39.0112 0x0cec b06bdrv - ok
20:17:39.0128 0x0cec [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:17:39.0159 0x0cec b57nd60a - ok
20:17:39.0175 0x0cec [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:17:39.0190 0x0cec BDESVC - ok
20:17:39.0206 0x0cec [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:17:39.0222 0x0cec Beep - ok
20:17:39.0253 0x0cec [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:17:39.0268 0x0cec BFE - ok
20:17:39.0331 0x0cec [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:17:39.0362 0x0cec BITS - ok
20:17:39.0378 0x0cec [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:17:39.0393 0x0cec blbdrive - ok
20:17:39.0409 0x0cec [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:17:39.0440 0x0cec bowser - ok
20:17:39.0456 0x0cec [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:17:39.0487 0x0cec BrFiltLo - ok
20:17:39.0502 0x0cec [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:17:39.0502 0x0cec BrFiltUp - ok
20:17:39.0518 0x0cec [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:17:39.0534 0x0cec Browser - ok
20:17:39.0549 0x0cec [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:17:39.0565 0x0cec Brserid - ok
20:17:39.0580 0x0cec [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:17:39.0580 0x0cec BrSerWdm - ok
20:17:39.0596 0x0cec [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:17:39.0612 0x0cec BrUsbMdm - ok
20:17:39.0627 0x0cec [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:17:39.0627 0x0cec BrUsbSer - ok
20:17:39.0643 0x0cec [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:17:39.0658 0x0cec BTHMODEM - ok
20:17:39.0674 0x0cec [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:17:39.0705 0x0cec bthserv - ok
20:17:39.0768 0x0cec [ DC22832C7A65054129DEFE8BC0C6E2B6, 913C8FE83A1FFDC6A1EA54B910D98D9A4C8EF049D0B1D0D0AFB5BF1514AABE59 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
20:17:39.0783 0x0cec camfilt2 - ok
20:17:39.0799 0x0cec [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:17:39.0877 0x0cec cdfs - ok
20:17:39.0908 0x0cec [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:17:39.0924 0x0cec cdrom - ok
20:17:39.0939 0x0cec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:17:39.0970 0x0cec CertPropSvc - ok
20:17:39.0986 0x0cec [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:17:39.0986 0x0cec circlass - ok
20:17:40.0017 0x0cec [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:17:40.0033 0x0cec CLFS - ok
20:17:40.0080 0x0cec [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:17:40.0111 0x0cec clr_optimization_v2.0.50727_32 - ok
20:17:40.0142 0x0cec [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:17:40.0142 0x0cec clr_optimization_v2.0.50727_64 - ok
20:17:40.0204 0x0cec [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:17:40.0220 0x0cec clr_optimization_v4.0.30319_32 - ok
20:17:40.0236 0x0cec [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:17:40.0236 0x0cec clr_optimization_v4.0.30319_64 - ok
20:17:40.0267 0x0cec [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:17:40.0267 0x0cec CmBatt - ok
20:17:40.0298 0x0cec [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:17:40.0298 0x0cec cmdide - ok
20:17:40.0345 0x0cec [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
20:17:40.0360 0x0cec CNG - ok
20:17:40.0360 0x0cec [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:17:40.0376 0x0cec Compbatt - ok
20:17:40.0392 0x0cec [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:17:40.0407 0x0cec CompositeBus - ok
20:17:40.0407 0x0cec COMSysApp - ok
20:17:40.0423 0x0cec [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:17:40.0438 0x0cec crcdisk - ok
20:17:40.0454 0x0cec [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:17:40.0485 0x0cec CryptSvc - ok
20:17:40.0516 0x0cec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:17:40.0563 0x0cec DcomLaunch - ok
20:17:40.0594 0x0cec [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:17:40.0626 0x0cec defragsvc - ok
20:17:40.0626 0x0cec [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:17:40.0657 0x0cec DfsC - ok
20:17:40.0688 0x0cec [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:17:40.0719 0x0cec dg_ssudbus - ok
20:17:40.0735 0x0cec [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:17:40.0766 0x0cec Dhcp - ok
20:17:40.0782 0x0cec [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:17:40.0828 0x0cec discache - ok
20:17:40.0828 0x0cec [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:17:40.0844 0x0cec Disk - ok
20:17:40.0875 0x0cec [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:17:40.0875 0x0cec Dnscache - ok
20:17:40.0891 0x0cec [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:17:40.0938 0x0cec dot3svc - ok
20:17:40.0969 0x0cec [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:17:40.0984 0x0cec DPS - ok
20:17:41.0016 0x0cec [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:17:41.0047 0x0cec drmkaud - ok
20:17:41.0094 0x0cec [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:17:41.0109 0x0cec DXGKrnl - ok
20:17:41.0140 0x0cec [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:17:41.0187 0x0cec EapHost - ok
20:17:41.0296 0x0cec [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:17:41.0374 0x0cec ebdrv - ok
20:17:41.0421 0x0cec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
20:17:41.0437 0x0cec EFS - ok
20:17:41.0499 0x0cec [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:17:41.0530 0x0cec ehRecvr - ok
20:17:41.0546 0x0cec [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:17:41.0562 0x0cec ehSched - ok
20:17:41.0577 0x0cec [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:17:41.0593 0x0cec elxstor - ok
20:17:41.0608 0x0cec [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:17:41.0624 0x0cec ErrDev - ok
20:17:41.0655 0x0cec [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:17:41.0702 0x0cec EventSystem - ok
20:17:41.0733 0x0cec [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:17:41.0780 0x0cec exfat - ok
20:17:41.0796 0x0cec [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:17:41.0827 0x0cec fastfat - ok
20:17:41.0842 0x0cec [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:17:41.0874 0x0cec Fax - ok
20:17:41.0889 0x0cec [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:17:41.0905 0x0cec fdc - ok
20:17:41.0920 0x0cec [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:17:41.0936 0x0cec fdPHost - ok
20:17:41.0936 0x0cec [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:17:41.0967 0x0cec FDResPub - ok
20:17:41.0983 0x0cec [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:17:41.0998 0x0cec FileInfo - ok
20:17:41.0998 0x0cec [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:17:42.0030 0x0cec Filetrace - ok
20:17:42.0045 0x0cec [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:17:42.0061 0x0cec flpydisk - ok
20:17:42.0076 0x0cec [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:17:42.0092 0x0cec FltMgr - ok
20:17:42.0170 0x0cec [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:17:42.0201 0x0cec FontCache - ok
20:17:42.0232 0x0cec [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:17:42.0248 0x0cec FontCache3.0.0.0 - ok
20:17:42.0264 0x0cec [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:17:42.0264 0x0cec FsDepends - ok
20:17:42.0279 0x0cec [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:17:42.0295 0x0cec Fs_Rec - ok
20:17:42.0310 0x0cec [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:17:42.0326 0x0cec fvevol - ok
20:17:42.0357 0x0cec [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
20:17:42.0388 0x0cec FWLANUSB - ok
20:17:42.0404 0x0cec [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:17:42.0404 0x0cec gagp30kx - ok
20:17:42.0451 0x0cec [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:17:42.0482 0x0cec gpsvc - ok
20:17:42.0544 0x0cec [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:17:42.0560 0x0cec gupdate - ok
20:17:42.0576 0x0cec [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:17:42.0591 0x0cec gupdatem - ok
20:17:42.0607 0x0cec [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:17:42.0622 0x0cec hcw85cir - ok
20:17:42.0654 0x0cec [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:17:42.0685 0x0cec HdAudAddService - ok
20:17:42.0700 0x0cec [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:17:42.0732 0x0cec HDAudBus - ok
20:17:42.0763 0x0cec [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:17:42.0778 0x0cec HidBatt - ok
20:17:42.0794 0x0cec [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:17:42.0825 0x0cec HidBth - ok
20:17:42.0841 0x0cec [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:17:42.0856 0x0cec HidIr - ok
20:17:42.0872 0x0cec [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:17:42.0903 0x0cec hidserv - ok
20:17:42.0919 0x0cec [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:17:42.0950 0x0cec HidUsb - ok
20:17:42.0981 0x0cec [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:17:43.0044 0x0cec hkmsvc - ok
20:17:43.0059 0x0cec [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:17:43.0075 0x0cec HomeGroupListener - ok
20:17:43.0090 0x0cec [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:17:43.0106 0x0cec HomeGroupProvider - ok
20:17:43.0122 0x0cec [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:17:43.0122 0x0cec HpSAMD - ok
20:17:43.0153 0x0cec [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:17:43.0200 0x0cec HTTP - ok
20:17:43.0215 0x0cec [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:17:43.0215 0x0cec hwpolicy - ok
20:17:43.0231 0x0cec [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:17:43.0246 0x0cec i8042prt - ok
20:17:43.0278 0x0cec [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:17:43.0293 0x0cec iaStorV - ok
20:17:43.0356 0x0cec [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:17:43.0371 0x0cec IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
20:17:45.0836 0x0cec Detect skipped due to KSN trusted
20:17:45.0836 0x0cec IDriverT - ok
20:17:45.0914 0x0cec [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:17:45.0945 0x0cec idsvc - ok
20:17:45.0945 0x0cec IEEtwCollectorService - ok
20:17:45.0961 0x0cec [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:17:45.0976 0x0cec iirsp - ok
20:17:46.0023 0x0cec [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:17:46.0039 0x0cec IKEEXT - ok
20:17:46.0054 0x0cec [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:17:46.0070 0x0cec intelide - ok
20:17:46.0086 0x0cec [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:17:46.0101 0x0cec intelppm - ok
20:17:46.0132 0x0cec [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:17:46.0164 0x0cec IPBusEnum - ok
20:17:46.0179 0x0cec [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:17:46.0226 0x0cec IpFilterDriver - ok
20:17:46.0273 0x0cec [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:17:46.0320 0x0cec iphlpsvc - ok
20:17:46.0335 0x0cec [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:17:46.0351 0x0cec IPMIDRV - ok
20:17:46.0382 0x0cec [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:17:46.0413 0x0cec IPNAT - ok
20:17:46.0429 0x0cec [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:17:46.0429 0x0cec IRENUM - ok
20:17:46.0444 0x0cec [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:17:46.0460 0x0cec isapnp - ok
20:17:46.0476 0x0cec [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:17:46.0491 0x0cec iScsiPrt - ok
20:17:46.0507 0x0cec [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:17:46.0522 0x0cec kbdclass - ok
20:17:46.0522 0x0cec [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:17:46.0554 0x0cec kbdhid - ok
20:17:46.0569 0x0cec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
20:17:46.0585 0x0cec KeyIso - ok
20:17:46.0600 0x0cec [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:17:46.0600 0x0cec KSecDD - ok
20:17:46.0616 0x0cec [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:17:46.0632 0x0cec KSecPkg - ok
20:17:46.0632 0x0cec [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:17:46.0663 0x0cec ksthunk - ok
20:17:46.0694 0x0cec [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:17:46.0725 0x0cec KtmRm - ok
20:17:46.0756 0x0cec [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:17:46.0788 0x0cec LanmanServer - ok
20:17:46.0803 0x0cec [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:17:46.0850 0x0cec LanmanWorkstation - ok
20:17:46.0866 0x0cec [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:17:46.0897 0x0cec lltdio - ok
20:17:46.0928 0x0cec [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:17:46.0959 0x0cec lltdsvc - ok
20:17:46.0975 0x0cec [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:17:47.0006 0x0cec lmhosts - ok
20:17:47.0037 0x0cec [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:17:47.0037 0x0cec LSI_FC - ok
20:17:47.0053 0x0cec [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:17:47.0053 0x0cec LSI_SAS - ok
20:17:47.0068 0x0cec [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:17:47.0084 0x0cec LSI_SAS2 - ok
20:17:47.0084 0x0cec [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:17:47.0100 0x0cec LSI_SCSI - ok
20:17:47.0100 0x0cec [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:17:47.0131 0x0cec luafv - ok
20:17:47.0162 0x0cec [ F0DCD0FD9D79668E34A660F49C8C00BC, 1A57E0E6528AD21F983577E3945B3B72A3A3614E6245313330A4351D9FD3F207 ] MADFULEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard_DFU.sys
20:17:47.0162 0x0cec MADFULEGACYKEYBOARD - ok
20:17:47.0178 0x0cec [ FAEDBEE189A877E302B023BD24FAEBF8, C6E77B90D5D53E539A3AE35D42DD17E90AC1F90B3698C4600BC537E58EA867E4 ] MAUSBLEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard.sys
20:17:47.0193 0x0cec MAUSBLEGACYKEYBOARD - ok
20:17:47.0224 0x0cec [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:17:47.0240 0x0cec Mcx2Svc - ok
20:17:47.0240 0x0cec [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
20:17:47.0256 0x0cec megasas - ok
20:17:47.0271 0x0cec [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:17:47.0287 0x0cec MegaSR - ok
20:17:47.0302 0x0cec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:17:47.0334 0x0cec MMCSS - ok
20:17:47.0349 0x0cec [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:17:47.0380 0x0cec Modem - ok
20:17:47.0396 0x0cec [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:17:47.0412 0x0cec monitor - ok
20:17:47.0427 0x0cec [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:17:47.0443 0x0cec mouclass - ok
20:17:47.0458 0x0cec [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:17:47.0474 0x0cec mouhid - ok
20:17:47.0474 0x0cec [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:17:47.0490 0x0cec mountmgr - ok
20:17:47.0521 0x0cec [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:17:47.0521 0x0cec MozillaMaintenance - ok
20:17:47.0536 0x0cec [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:17:47.0552 0x0cec mpio - ok
20:17:47.0568 0x0cec [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:17:47.0599 0x0cec mpsdrv - ok
20:17:47.0661 0x0cec [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:17:47.0708 0x0cec MpsSvc - ok
20:17:47.0739 0x0cec [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:17:47.0770 0x0cec MRxDAV - ok
20:17:47.0802 0x0cec [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:17:47.0833 0x0cec mrxsmb - ok
20:17:47.0864 0x0cec [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:17:47.0880 0x0cec mrxsmb10 - ok
20:17:47.0895 0x0cec [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:17:47.0911 0x0cec mrxsmb20 - ok
20:17:47.0926 0x0cec [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:17:47.0942 0x0cec msahci - ok
20:17:47.0942 0x0cec [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:17:47.0958 0x0cec msdsm - ok
20:17:47.0973 0x0cec [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:17:47.0989 0x0cec MSDTC - ok
20:17:47.0989 0x0cec [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:17:48.0020 0x0cec Msfs - ok
20:17:48.0036 0x0cec [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:17:48.0067 0x0cec mshidkmdf - ok
20:17:48.0067 0x0cec [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:17:48.0067 0x0cec msisadrv - ok
20:17:48.0098 0x0cec [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:17:48.0129 0x0cec MSiSCSI - ok
20:17:48.0129 0x0cec msiserver - ok
20:17:48.0145 0x0cec [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:17:48.0176 0x0cec MSKSSRV - ok
20:17:48.0192 0x0cec [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:17:48.0207 0x0cec MSPCLOCK - ok
20:17:48.0223 0x0cec [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:17:48.0254 0x0cec MSPQM - ok
20:17:48.0270 0x0cec [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:17:48.0285 0x0cec MsRPC - ok
20:17:48.0301 0x0cec [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:17:48.0316 0x0cec mssmbios - ok
20:17:48.0316 0x0cec [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:17:48.0348 0x0cec MSTEE - ok
20:17:48.0363 0x0cec [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:17:48.0379 0x0cec MTConfig - ok
20:17:48.0394 0x0cec [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:17:48.0410 0x0cec MTsensor - ok
20:17:48.0426 0x0cec [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:17:48.0426 0x0cec Mup - ok
20:17:48.0457 0x0cec [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:17:48.0488 0x0cec napagent - ok
20:17:48.0519 0x0cec [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:17:48.0550 0x0cec NativeWifiP - ok
20:17:48.0597 0x0cec [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:17:48.0628 0x0cec NDIS - ok
20:17:48.0628 0x0cec [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:17:48.0660 0x0cec NdisCap - ok
20:17:48.0675 0x0cec [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:17:48.0691 0x0cec NdisTapi - ok
20:17:48.0706 0x0cec [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:17:48.0738 0x0cec Ndisuio - ok
20:17:48.0738 0x0cec [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:17:48.0784 0x0cec NdisWan - ok
20:17:48.0800 0x0cec [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:17:48.0831 0x0cec NDProxy - ok
20:17:48.0831 0x0cec [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:17:48.0862 0x0cec NetBIOS - ok
20:17:48.0878 0x0cec [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:17:48.0909 0x0cec NetBT - ok
20:17:48.0925 0x0cec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
20:17:48.0925 0x0cec Netlogon - ok
20:17:48.0956 0x0cec [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:17:48.0987 0x0cec Netman - ok
20:17:49.0018 0x0cec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:49.0034 0x0cec NetMsmqActivator - ok
20:17:49.0034 0x0cec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:49.0050 0x0cec NetPipeActivator - ok
20:17:49.0081 0x0cec [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:17:49.0112 0x0cec netprofm - ok
20:17:49.0128 0x0cec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:49.0143 0x0cec NetTcpActivator - ok
20:17:49.0143 0x0cec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:17:49.0159 0x0cec NetTcpPortSharing - ok
20:17:49.0174 0x0cec [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:17:49.0174 0x0cec nfrd960 - ok
20:17:49.0206 0x0cec [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:17:49.0221 0x0cec NlaSvc - ok
20:17:49.0221 0x0cec [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:17:49.0252 0x0cec Npfs - ok
20:17:49.0268 0x0cec [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:17:49.0315 0x0cec nsi - ok
20:17:49.0315 0x0cec [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:17:49.0346 0x0cec nsiproxy - ok
20:17:49.0408 0x0cec [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:17:49.0455 0x0cec Ntfs - ok
20:17:49.0471 0x0cec [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:17:49.0502 0x0cec Null - ok
20:17:49.0518 0x0cec [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:17:49.0533 0x0cec nvraid - ok
20:17:49.0549 0x0cec [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:17:49.0564 0x0cec nvstor - ok
20:17:49.0580 0x0cec [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:17:49.0596 0x0cec nv_agp - ok
20:17:49.0611 0x0cec [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:17:49.0611 0x0cec ohci1394 - ok
20:17:49.0642 0x0cec [ FA5D730CE3F3A3BD21C1040E212230D4, 74C4C5DD79D60D7A5821F514614861FC7EE0C7160F7F8A96683087DEDE67C2C6 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
20:17:49.0658 0x0cec OM0530 - ok
20:17:49.0783 0x0cec [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:17:49.0830 0x0cec Origin Client Service - ok
20:17:49.0876 0x0cec [ 2B7D360154E5324F9BA181AF0DBFB2AA, DD53FEDAEC6CB8243142561A946B7A372C320A2C69F8896D33DB504B78707D35 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
20:17:49.0876 0x0cec OverwolfUpdaterService - ok
20:17:49.0939 0x0cec [ E357862CA46F2C3E98E5E8007A317363, 0A3ADF2F6A8800EA1A76BBA58D5CB1B22A70DF895EF5D4C7169456B0C44061ED ] OxygenAudioDevMon C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
20:17:49.0970 0x0cec OxygenAudioDevMon - ok
20:17:50.0001 0x0cec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:17:50.0017 0x0cec p2pimsvc - ok
20:17:50.0032 0x0cec [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:17:50.0048 0x0cec p2psvc - ok
20:17:50.0064 0x0cec [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:17:50.0110 0x0cec Parport - ok
20:17:50.0126 0x0cec [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:17:50.0142 0x0cec partmgr - ok
20:17:50.0157 0x0cec [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:17:50.0188 0x0cec PcaSvc - ok
20:17:50.0188 0x0cec [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:17:50.0204 0x0cec pci - ok
20:17:50.0220 0x0cec [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:17:50.0220 0x0cec pciide - ok
20:17:50.0251 0x0cec [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:17:50.0251 0x0cec pcmcia - ok
20:17:50.0266 0x0cec [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:17:50.0266 0x0cec pcw - ok
20:17:50.0313 0x0cec [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:17:50.0376 0x0cec PEAUTH - ok
20:17:50.0438 0x0cec [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:17:50.0485 0x0cec PerfHost - ok
20:17:50.0547 0x0cec [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:17:50.0610 0x0cec pla - ok
20:17:50.0641 0x0cec [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:17:50.0672 0x0cec PlugPlay - ok
20:17:50.0703 0x0cec [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:17:50.0719 0x0cec PnkBstrA - ok
20:17:50.0719 0x0cec [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:17:50.0734 0x0cec PNRPAutoReg - ok
20:17:50.0750 0x0cec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:17:50.0766 0x0cec PNRPsvc - ok
20:17:50.0797 0x0cec [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:17:50.0828 0x0cec PolicyAgent - ok
20:17:50.0859 0x0cec [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:17:50.0890 0x0cec Power - ok
20:17:50.0922 0x0cec [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:17:50.0953 0x0cec PptpMiniport - ok
20:17:50.0968 0x0cec [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
20:17:51.0000 0x0cec Processor - ok
20:17:51.0015 0x0cec [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:17:51.0046 0x0cec ProfSvc - ok
20:17:51.0062 0x0cec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:17:51.0062 0x0cec ProtectedStorage - ok
20:17:51.0078 0x0cec [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:17:51.0093 0x0cec Psched - ok
20:17:51.0124 0x0cec [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:17:51.0124 0x0cec PxHlpa64 - ok
20:17:51.0171 0x0cec [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:17:51.0218 0x0cec ql2300 - ok
20:17:51.0234 0x0cec [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:17:51.0234 0x0cec ql40xx - ok
20:17:51.0249 0x0cec [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:17:51.0280 0x0cec QWAVE - ok
20:17:51.0280 0x0cec [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:17:51.0312 0x0cec QWAVEdrv - ok
20:17:51.0327 0x0cec [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:17:51.0358 0x0cec RasAcd - ok
20:17:51.0358 0x0cec [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:17:51.0390 0x0cec RasAgileVpn - ok
20:17:51.0405 0x0cec [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:17:51.0436 0x0cec RasAuto - ok
20:17:51.0436 0x0cec [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:17:51.0468 0x0cec Rasl2tp - ok
20:17:51.0483 0x0cec [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:17:51.0530 0x0cec RasMan - ok
20:17:51.0546 0x0cec [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:17:51.0561 0x0cec RasPppoe - ok
20:17:51.0577 0x0cec [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:17:51.0592 0x0cec RasSstp - ok
20:17:51.0624 0x0cec [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:17:51.0655 0x0cec rdbss - ok
20:17:51.0670 0x0cec [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:17:51.0686 0x0cec rdpbus - ok
20:17:51.0702 0x0cec [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:17:51.0733 0x0cec RDPCDD - ok
20:17:51.0733 0x0cec [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:17:51.0780 0x0cec RDPENCDD - ok
20:17:51.0811 0x0cec [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:17:51.0842 0x0cec RDPREFMP - ok
20:17:51.0873 0x0cec [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:17:51.0889 0x0cec RdpVideoMiniport - ok
20:17:51.0904 0x0cec [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:17:51.0920 0x0cec RDPWD - ok
20:17:51.0936 0x0cec [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:17:51.0936 0x0cec rdyboost - ok
20:17:51.0967 0x0cec [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:17:52.0014 0x0cec RemoteAccess - ok
20:17:52.0045 0x0cec [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:17:52.0092 0x0cec RemoteRegistry - ok
20:17:52.0092 0x0cec [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:17:52.0123 0x0cec RpcEptMapper - ok
20:17:52.0138 0x0cec [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:17:52.0154 0x0cec RpcLocator - ok
20:17:52.0216 0x0cec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:17:52.0263 0x0cec RpcSs - ok
20:17:52.0263 0x0cec [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:17:52.0310 0x0cec rspndr - ok
20:17:52.0341 0x0cec [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:17:52.0357 0x0cec RTL8167 - ok
20:17:52.0357 0x0cec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
20:17:52.0372 0x0cec SamSs - ok
20:17:52.0388 0x0cec [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:17:52.0388 0x0cec sbp2port - ok
20:17:52.0404 0x0cec [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:17:52.0450 0x0cec SCardSvr - ok
20:17:52.0450 0x0cec [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:17:52.0482 0x0cec scfilter - ok
20:17:52.0528 0x0cec [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:17:52.0575 0x0cec Schedule - ok
20:17:52.0591 0x0cec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:17:52.0622 0x0cec SCPolicySvc - ok
20:17:52.0638 0x0cec [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
20:17:52.0653 0x0cec ScreamBAudioSvc - ok
20:17:52.0669 0x0cec [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:17:52.0700 0x0cec SDRSVC - ok
20:17:52.0825 0x0cec [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:17:52.0872 0x0cec SDScannerService - ok
20:17:52.0934 0x0cec [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:17:52.0996 0x0cec SDUpdateService - ok
20:17:53.0012 0x0cec [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:17:53.0012 0x0cec SDWSCService - ok
20:17:53.0028 0x0cec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:17:53.0059 0x0cec secdrv - ok
20:17:53.0074 0x0cec [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:17:53.0090 0x0cec seclogon - ok
20:17:53.0106 0x0cec [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:17:53.0137 0x0cec SENS - ok
20:17:53.0137 0x0cec [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:17:53.0152 0x0cec SensrSvc - ok
20:17:53.0168 0x0cec [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:17:53.0168 0x0cec Serenum - ok
20:17:53.0184 0x0cec [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:17:53.0184 0x0cec Serial - ok
20:17:53.0215 0x0cec [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:17:53.0215 0x0cec sermouse - ok
20:17:53.0246 0x0cec [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:17:53.0277 0x0cec SessionEnv - ok
20:17:53.0293 0x0cec [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:17:53.0324 0x0cec sffdisk - ok
20:17:53.0324 0x0cec [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:17:53.0340 0x0cec sffp_mmc - ok
20:17:53.0355 0x0cec [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:17:53.0371 0x0cec sffp_sd - ok
20:17:53.0371 0x0cec [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:17:53.0386 0x0cec sfloppy - ok
20:17:53.0449 0x0cec [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:17:53.0496 0x0cec SharedAccess - ok
20:17:53.0527 0x0cec [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:17:53.0574 0x0cec ShellHWDetection - ok
20:17:53.0589 0x0cec [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:17:53.0589 0x0cec SiSRaid2 - ok
20:17:53.0605 0x0cec [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:17:53.0620 0x0cec SiSRaid4 - ok
20:17:53.0636 0x0cec [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:17:53.0667 0x0cec Smb - ok
20:17:53.0683 0x0cec [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:17:53.0698 0x0cec SNMPTRAP - ok
20:17:53.0698 0x0cec [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:17:53.0714 0x0cec spldr - ok
20:17:53.0745 0x0cec [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:17:53.0776 0x0cec Spooler - ok
20:17:53.0917 0x0cec [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:17:54.0010 0x0cec sppsvc - ok
20:17:54.0026 0x0cec [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:17:54.0042 0x0cec sppuinotify - ok
20:17:54.0120 0x0cec [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\System32\Drivers\sptd.sys
20:17:54.0135 0x0cec sptd - ok
20:17:54.0182 0x0cec [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:17:54.0213 0x0cec srv - ok
20:17:54.0213 0x0cec [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:17:54.0276 0x0cec srv2 - ok
20:17:54.0291 0x0cec [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:17:54.0322 0x0cec srvnet - ok
20:17:54.0354 0x0cec [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:17:54.0416 0x0cec SSDPSRV - ok
20:17:54.0432 0x0cec [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:17:54.0447 0x0cec SstpSvc - ok
20:17:54.0478 0x0cec [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:17:54.0494 0x0cec ssudmdm - ok
20:17:54.0525 0x0cec [ F7093A27C4AF6D9EEA0ACAC1C4FF6828, 40E1A8FB08D3063711E87C15B24009B397CAD279905AA72FADBB4A8B611474CD ] ssudserd C:\Windows\system32\DRIVERS\ssudserd.sys
20:17:54.0525 0x0cec ssudserd - ok
20:17:54.0603 0x0cec [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:17:54.0619 0x0cec Steam Client Service - ok
20:17:54.0650 0x0cec [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:17:54.0650 0x0cec stexstor - ok
20:17:54.0681 0x0cec [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:17:54.0712 0x0cec stisvc - ok
20:17:54.0712 0x0cec [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:17:54.0728 0x0cec swenum - ok
20:17:54.0775 0x0cec [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:17:54.0790 0x0cec SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:17:57.0255 0x0cec Detect skipped due to KSN trusted
20:17:57.0255 0x0cec SwitchBoard - ok
20:17:57.0286 0x0cec [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:17:57.0349 0x0cec swprv - ok
20:17:57.0427 0x0cec [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:17:57.0474 0x0cec SysMain - ok
20:17:57.0474 0x0cec [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:17:57.0505 0x0cec TabletInputService - ok
20:17:57.0536 0x0cec [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:17:57.0583 0x0cec TapiSrv - ok
20:17:57.0598 0x0cec [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:17:57.0645 0x0cec TBS - ok
20:17:57.0708 0x0cec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:17:57.0754 0x0cec Tcpip - ok
20:17:57.0848 0x0cec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:17:57.0895 0x0cec TCPIP6 - ok
20:17:57.0910 0x0cec [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:17:57.0926 0x0cec tcpipreg - ok
20:17:57.0942 0x0cec [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:17:57.0957 0x0cec TDPIPE - ok
20:17:57.0988 0x0cec [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:17:58.0004 0x0cec TDTCP - ok
20:17:58.0035 0x0cec [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:17:58.0051 0x0cec tdx - ok
20:17:58.0066 0x0cec [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:17:58.0082 0x0cec TermDD - ok
20:17:58.0113 0x0cec [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:17:58.0129 0x0cec TermService - ok
20:17:58.0144 0x0cec [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:17:58.0160 0x0cec Themes - ok
20:17:58.0176 0x0cec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:17:58.0207 0x0cec THREADORDER - ok
20:17:58.0222 0x0cec [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:17:58.0254 0x0cec TrkWks - ok
20:17:58.0300 0x0cec [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:17:58.0332 0x0cec TrustedInstaller - ok
20:17:58.0347 0x0cec [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:17:58.0363 0x0cec tssecsrv - ok
20:17:58.0378 0x0cec [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:17:58.0394 0x0cec TsUsbFlt - ok
20:17:58.0425 0x0cec [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:17:58.0425 0x0cec TsUsbGD - ok
20:17:58.0550 0x0cec [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
20:17:58.0597 0x0cec TuneUp.UtilitiesSvc - ok
20:17:58.0628 0x0cec [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
20:17:58.0628 0x0cec TuneUpUtilitiesDrv - ok
20:17:58.0659 0x0cec [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:17:58.0675 0x0cec tunnel - ok
20:17:58.0706 0x0cec [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:17:58.0706 0x0cec uagp35 - ok
20:17:58.0737 0x0cec [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:17:58.0768 0x0cec udfs - ok
20:17:58.0784 0x0cec [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:17:58.0815 0x0cec UI0Detect - ok
20:17:58.0831 0x0cec [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:17:58.0831 0x0cec uliagpkx - ok
20:17:58.0862 0x0cec [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:17:58.0862 0x0cec umbus - ok
20:17:58.0878 0x0cec [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
20:17:58.0893 0x0cec UmPass - ok
20:17:58.0924 0x0cec [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:17:58.0956 0x0cec upnphost - ok
20:17:58.0971 0x0cec [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:17:58.0987 0x0cec usbaudio - ok
20:17:59.0002 0x0cec [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:17:59.0002 0x0cec usbccgp - ok
20:17:59.0034 0x0cec [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:17:59.0034 0x0cec usbcir - ok
20:17:59.0049 0x0cec [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:17:59.0065 0x0cec usbehci - ok
20:17:59.0096 0x0cec [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:17:59.0112 0x0cec usbhub - ok
20:17:59.0112 0x0cec [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:17:59.0174 0x0cec usbohci - ok
20:17:59.0205 0x0cec [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:17:59.0252 0x0cec usbprint - ok
20:17:59.0268 0x0cec [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:17:59.0299 0x0cec USBSTOR - ok
20:17:59.0314 0x0440 Object required for P2P: [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject
20:17:59.0314 0x0cec [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:17:59.0346 0x0cec usbuhci - ok
20:17:59.0377 0x0cec [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:17:59.0392 0x0cec usbvideo - ok
20:17:59.0408 0x0cec [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:17:59.0455 0x0cec UxSms - ok
20:17:59.0470 0x0cec [ 97BCD40E27C46B398524DF9B4DC88A6F, D1466C414B6044B65D63138B3C42B54B3B6E54AD40613E171F980D0E0D9627B5 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
20:17:59.0486 0x0cec UxTuneUp - ok
20:17:59.0486 0x0cec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
20:17:59.0502 0x0cec VaultSvc - ok
20:17:59.0517 0x0cec [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:17:59.0517 0x0cec vdrvroot - ok
20:17:59.0548 0x0cec [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:17:59.0595 0x0cec vds - ok
20:17:59.0611 0x0cec [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:17:59.0626 0x0cec vga - ok
20:17:59.0642 0x0cec [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:17:59.0689 0x0cec VgaSave - ok
20:17:59.0704 0x0cec [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:17:59.0704 0x0cec vhdmp - ok
20:17:59.0782 0x0cec [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
20:17:59.0829 0x0cec VIAHdAudAddService - ok
20:17:59.0860 0x0cec [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:17:59.0876 0x0cec viaide - ok
20:17:59.0876 0x0cec [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
20:17:59.0892 0x0cec VIAKaraokeService - ok
20:17:59.0892 0x0cec [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:17:59.0907 0x0cec volmgr - ok
20:17:59.0907 0x0cec [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:17:59.0923 0x0cec volmgrx - ok
20:17:59.0938 0x0cec [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:17:59.0954 0x0cec volsnap - ok
20:17:59.0970 0x0cec [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:17:59.0970 0x0cec vsmraid - ok
20:18:00.0016 0x0cec [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:18:00.0094 0x0cec VSS - ok
20:18:00.0110 0x0cec [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:18:00.0126 0x0cec vwifibus - ok
20:18:00.0157 0x0cec [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:18:00.0188 0x0cec W32Time - ok
20:18:00.0219 0x0cec [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:18:00.0250 0x0cec WacomPen - ok
20:18:00.0282 0x0cec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:18:00.0313 0x0cec WANARP - ok
20:18:00.0328 0x0cec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:18:00.0344 0x0cec Wanarpv6 - ok
20:18:00.0391 0x0cec [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:18:00.0438 0x0cec wbengine - ok
20:18:00.0453 0x0cec [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:18:00.0469 0x0cec WbioSrvc - ok
20:18:00.0484 0x0cec [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:18:00.0500 0x0cec wcncsvc - ok
20:18:00.0516 0x0cec [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:18:00.0531 0x0cec WcsPlugInService - ok
20:18:00.0531 0x0cec [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
20:18:00.0547 0x0cec Wd - ok
20:18:00.0578 0x0cec [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:18:00.0594 0x0cec WDC_SAM - ok
20:18:00.0656 0x0cec [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:18:00.0703 0x0cec Wdf01000 - ok
20:18:00.0703 0x0cec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:18:00.0734 0x0cec WdiServiceHost - ok
20:18:00.0750 0x0cec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:18:00.0750 0x0cec WdiSystemHost - ok
20:18:00.0781 0x0cec [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:18:00.0796 0x0cec WebClient - ok
20:18:00.0812 0x0cec [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:18:00.0859 0x0cec Wecsvc - ok
20:18:00.0859 0x0cec [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:18:00.0890 0x0cec wercplsupport - ok
20:18:00.0906 0x0cec [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:18:00.0937 0x0cec WerSvc - ok
20:18:00.0937 0x0cec [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:18:00.0968 0x0cec WfpLwf - ok
20:18:00.0984 0x0cec [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:18:00.0999 0x0cec WIMMount - ok
20:18:01.0015 0x0cec WinDefend - ok
20:18:01.0030 0x0cec WinHttpAutoProxySvc - ok
20:18:01.0062 0x0cec [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:18:01.0093 0x0cec Winmgmt - ok
20:18:01.0155 0x0cec [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:18:01.0202 0x0cec WinRM - ok
20:18:01.0233 0x0cec [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:18:01.0249 0x0cec WinUsb - ok
20:18:01.0296 0x0cec [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:18:01.0342 0x0cec Wlansvc - ok
20:18:01.0514 0x0cec [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:18:01.0576 0x0cec wlidsvc - ok
20:18:01.0592 0x0cec [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:18:01.0592 0x0cec WmiAcpi - ok
20:18:01.0608 0x0cec [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:18:01.0623 0x0cec wmiApSrv - ok
20:18:01.0639 0x0cec WMPNetworkSvc - ok
20:18:01.0654 0x0cec [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:18:01.0670 0x0cec WPCSvc - ok
20:18:01.0670 0x0cec [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:18:01.0686 0x0cec WPDBusEnum - ok
20:18:01.0701 0x0cec [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:18:01.0732 0x0cec ws2ifsl - ok
20:18:01.0748 0x0cec [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:18:01.0764 0x0cec wscsvc - ok
20:18:01.0764 0x0cec WSearch - ok
20:18:01.0779 0x0440 Object send P2P result: true
20:18:01.0842 0x0cec [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
20:18:01.0904 0x0cec wuauserv - ok
20:18:01.0920 0x0cec [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:18:01.0935 0x0cec WudfPf - ok
20:18:01.0951 0x0cec [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:18:01.0966 0x0cec WUDFRd - ok
20:18:01.0982 0x0cec [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:18:01.0998 0x0cec wudfsvc - ok
20:18:02.0013 0x0cec [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:18:02.0044 0x0cec WwanSvc - ok
20:18:02.0044 0x0cec ================ Scan global ===============================
20:18:02.0091 0x0cec [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:18:02.0122 0x0cec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:18:02.0154 0x0cec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:18:02.0154 0x0cec [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:18:02.0185 0x0cec [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:18:02.0185 0x0cec [ Global ] - ok
20:18:02.0185 0x0cec ================ Scan MBR ==================================
20:18:02.0200 0x0cec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:18:02.0450 0x0cec \Device\Harddisk0\DR0 - ok
20:18:02.0466 0x0cec [ 205060F860AA1EC25B607A1B5B40A40C ] \Device\Harddisk1\DR1
20:18:02.0559 0x0cec \Device\Harddisk1\DR1 - ok
20:18:02.0559 0x0cec [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
20:18:03.0105 0x0cec \Device\Harddisk2\DR2 - ok
20:18:03.0121 0x0cec [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk3\DR3
20:18:03.0558 0x0cec \Device\Harddisk3\DR3 - ok
20:18:03.0558 0x0cec ================ Scan VBR ==================================
20:18:03.0589 0x0cec [ C07BC3BE82CA91B4832947491A4E6E31 ] \Device\Harddisk0\DR0\Partition1
20:18:03.0589 0x0cec \Device\Harddisk0\DR0\Partition1 - ok
20:18:03.0589 0x0cec [ EDB793810F8BAECAE2F9D3C0C5311652 ] \Device\Harddisk0\DR0\Partition2
20:18:03.0636 0x0cec \Device\Harddisk0\DR0\Partition2 - ok
20:18:03.0636 0x0cec [ ED28D0D8202823080428C72EEA85B213 ] \Device\Harddisk0\DR0\Partition3
20:18:03.0636 0x0cec \Device\Harddisk0\DR0\Partition3 - ok
20:18:03.0667 0x0cec [ 7604813F6EDB7C5C5A77592F1C163FE0 ] \Device\Harddisk1\DR1\Partition1
20:18:03.0667 0x0cec \Device\Harddisk1\DR1\Partition1 - ok
20:18:03.0682 0x0cec [ 887DD3C8B480381118BB555328DFF85E ] \Device\Harddisk1\DR1\Partition2
20:18:03.0682 0x0cec \Device\Harddisk1\DR1\Partition2 - ok
20:18:03.0698 0x0cec [ 81023E46A17A1940216BCDC3921122DC ] \Device\Harddisk1\DR1\Partition3
20:18:03.0698 0x0cec \Device\Harddisk1\DR1\Partition3 - ok
20:18:03.0698 0x0cec [ 60B4F8F9D84337FFBADD364A2E6A3988 ] \Device\Harddisk1\DR1\Partition4
20:18:03.0714 0x0cec \Device\Harddisk1\DR1\Partition4 - ok
20:18:03.0714 0x0cec [ 97793C6EBE782489632BE676E2C9BE30 ] \Device\Harddisk2\DR2\Partition1
20:18:03.0714 0x0cec \Device\Harddisk2\DR2\Partition1 - ok
20:18:03.0714 0x0cec [ EFB00E60BB2055492290E549E5A4574A ] \Device\Harddisk3\DR3\Partition1
20:18:03.0729 0x0cec \Device\Harddisk3\DR3\Partition1 - ok
20:18:03.0729 0x0cec ================ Scan generic autorun ======================
20:18:03.0807 0x0cec [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:18:03.0823 0x0cec AdobeAAMUpdater-1.0 - ok
20:18:04.0010 0x0cec [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
20:18:04.0135 0x0cec HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
20:18:06.0600 0x0cec Detect skipped due to KSN trusted
20:18:06.0600 0x0cec HDAudDeck - ok
20:18:06.0662 0x0cec [ 94D247679E0862C7FA8C5AD712E03948, B6579E5675DDEE338D5248B6A1769CFCEC72DF127A5A367980F388FE782C4748 ] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
20:18:06.0678 0x0cec Cpu Level Up help - ok
20:18:06.0771 0x0cec [ 80F72159E0EB98A9B32FF61132C2E60D, 7F9AD5AE0C23EC5AB7DD63020897646A57CD275D325D399C35001C3DAC0B147F ] C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
20:18:06.0802 0x0cec Turbo Key - detected UnsignedFile.Multi.Generic ( 1 )
20:18:09.0267 0x0cec Detect skipped due to KSN trusted
20:18:09.0267 0x0cec Turbo Key - ok
20:18:09.0314 0x0cec [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:18:09.0345 0x0cec SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:18:09.0345 0x0cec Detect skipped due to KSN trusted
20:18:09.0345 0x0cec SwitchBoard - ok
20:18:09.0392 0x0cec [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
20:18:09.0423 0x0cec AdobeCS6ServiceManager - ok
20:18:09.0439 0x0cec [ C5239F47944FA3036A256DE9BDB94EB6, 3464B8B5036FA954553850A590D765D30E805818049FBF2E6C444B5FB0147BD4 ] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
20:18:09.0454 0x0cec Zboard - detected UnsignedFile.Multi.Generic ( 1 )
20:18:11.0342 0x16e0 Object required for P2P: [ 320681DF28D82CDCA7E3EED0846625DB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:18:11.0904 0x0cec Detect skipped due to KSN trusted
20:18:11.0904 0x0cec Zboard - ok
20:18:11.0966 0x0cec [ DB3682851D0218AEC5911CD0D1D7AABE, E3186E075F788131C7E6746D035DED5E3056E20784D635D5CAEC00EF3D27CC72 ] C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
20:18:12.0013 0x0cec BF2Hub Client - detected UnsignedFile.Multi.Generic ( 1 )
20:18:13.0791 0x16e0 Object send P2P result: true
20:18:14.0556 0x0cec BF2Hub Client ( UnsignedFile.Multi.Generic ) - warning
20:18:17.0005 0x0cec [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
20:18:17.0036 0x0cec KiesTrayAgent - ok
20:18:17.0083 0x0cec [ ACFE2A5FBB735E6463B51D19A84B5C1E, ECCA84BD6E56C2370BBCF1EFE88F92649DF040C53D73711C5BBEF19962214119 ] C:\Program Files (x86)\Raptr\raptrstub.exe
20:18:17.0099 0x0cec Raptr - ok
20:18:17.0208 0x0cec [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:18:17.0239 0x0cec StartCCC - ok
20:18:17.0395 0x0cec [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
20:18:17.0473 0x0cec SDTray - ok
20:18:17.0551 0x0cec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:18:17.0598 0x0cec Sidebar - ok
20:18:17.0629 0x0cec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:18:17.0629 0x0cec mctadmin - ok
20:18:17.0707 0x0cec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:18:17.0738 0x0cec Sidebar - ok
20:18:17.0754 0x0cec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:18:17.0769 0x0cec mctadmin - ok
20:18:17.0801 0x0cec [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
20:18:17.0832 0x0cec NextLive - ok
20:18:17.0957 0x0cec [ 3255867AE34EDD5346C750677EE63354, 3FC8E1EFF33EE83717C285D0CD388886135C5BF977B69CF6ADCFD4196139D483 ] C:\Program Files (x86)\Steam\Steam.exe
20:18:18.0019 0x0cec Steam - ok
20:18:18.0175 0x0cec [ 1BFCA8EBFBDC43B5C7C3BCF92A47DD77, EA4A4B5E4BFB31451A472A3E5F23CA163EB53B7D08C892454D6905B034ABBBF6 ] C:\Program Files (x86)\Origin\Origin.exe
20:18:18.0253 0x0cec EADM - ok
20:18:18.0315 0x0cec [ 2F85D5E63A1ECE08085D32C1B615BBFD, 7263F4E0CC7D375CBAA44406F90F427E6EC9382184B3CD62A90C0DD6B7D88372 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
20:18:18.0347 0x0cec KiesPreload - ok
20:18:18.0409 0x0cec [ 50FAF9CD04F26878FE2CDF63BA70971C, F4E725994F0E81E155750F16E9C60504DC70B82A78432B93412BB4024EC99275 ] C:\Users\Wallace\AppData\Local\Temp\Proof-distribute\proof-collect.exe
20:18:18.0409 0x0cec Suspicious file ( NoAccess ): C:\Users\Wallace\AppData\Local\Temp\Proof-distribute\proof-collect.exe. md5: 50FAF9CD04F26878FE2CDF63BA70971C, sha256: F4E725994F0E81E155750F16E9C60504DC70B82A78432B93412BB4024EC99275
20:18:18.0425 0x0cec proof-reflect - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
20:18:20.0889 0x0cec proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - infected
20:18:20.0889 0x0cec Force sending object to P2P due to detect: C:\Users\Wallace\AppData\Local\Temp\Proof-distribute\proof-collect.exe
20:18:23.0354 0x0cec Object send P2P result: true
20:18:25.0772 0x0cec Win FW state via NFP2: enabled
20:18:28.0175 0x0cec ============================================================
20:18:28.0175 0x0cec Scan finished
20:18:28.0175 0x0cec ============================================================
20:18:28.0190 0x1420 Detected object count: 2
20:18:28.0190 0x1420 Actual detected object count: 2
20:18:36.0021 0x1420 BF2Hub Client ( UnsignedFile.Multi.Generic ) - skipped by user
20:18:36.0021 0x1420 BF2Hub Client ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:18:36.0037 0x1420 C:\Users\Wallace\AppData\Local\Temp\Proof-distribute\proof-collect.exe - copied to quarantine
20:18:36.0037 0x1420 HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:proof-reflect - will be deleted on reboot
20:18:36.0037 0x1420 C:\Users\Wallace\AppData\Local\Temp\Proof-distribute\proof-collect.exe - will be deleted on reboot
20:18:36.0037 0x1420 proof-reflect ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
20:18:36.0583 0x1420 KLMD registered as C:\Windows\system32\drivers\08702800.sys
20:18:41.0076 0x0e44 Deinitialize success
|
|
24.02.2015, 07:18
| #9 |
| /// the machine /// TB-Ausbilder | Angeblich nymaim Trojaner eingefangen Hast Du Cure oder Delete gemacht? Bitte nochmal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.02.2015, 16:45
| #10 |
| | Angeblich nymaim Trojaner eingefangen Delete. Also dass was er mir empfohlen hat. Cure kann ich nicht auswählen. Hab nur die Wahl zwischen Delete, Skip und quarantine.  |
|
25.02.2015, 06:43
| #11 |
| /// the machine /// TB-Ausbilder | Angeblich nymaim Trojaner eingefangen Dan nochmal delete bitte, dann nochmal nen Scan machen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.02.2015, 18:10
| #12 |
| | Angeblich nymaim Trojaner eingefangen Ok, hab ich getan. Code:
ATTFilter 18:04:44.0334 0x14a8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:04:46.0050 0x14a8 ============================================================
18:04:46.0050 0x14a8 Current date / time: 2015/02/25 18:04:46.0050
18:04:46.0050 0x14a8 SystemInfo:
18:04:46.0050 0x14a8
18:04:46.0050 0x14a8 OS Version: 6.1.7601 ServicePack: 1.0
18:04:46.0050 0x14a8 Product type: Workstation
18:04:46.0050 0x14a8 ComputerName: DRAGON64
18:04:46.0050 0x14a8 UserName: Wallace
18:04:46.0050 0x14a8 Windows directory: C:\Windows
18:04:46.0050 0x14a8 System windows directory: C:\Windows
18:04:46.0050 0x14a8 Running under WOW64
18:04:46.0050 0x14a8 Processor architecture: Intel x64
18:04:46.0050 0x14a8 Number of processors: 4
18:04:46.0050 0x14a8 Page size: 0x1000
18:04:46.0050 0x14a8 Boot type: Normal boot
18:04:46.0050 0x14a8 ============================================================
18:04:48.0265 0x14a8 KLMD registered as C:\Windows\system32\drivers\49526201.sys
18:04:48.0452 0x14a8 System UUID: {16D1EC3B-9554-5EDC-4910-9ECB978DB774}
18:04:48.0842 0x14a8 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:04:48.0858 0x14a8 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:04:48.0858 0x14a8 Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:04:49.0248 0x14a8 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:04:54.0552 0x14a8 ============================================================
18:04:54.0552 0x14a8 \Device\Harddisk0\DR0:
18:04:54.0552 0x14a8 MBR partitions:
18:04:54.0552 0x14a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:04:54.0552 0x14a8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55AE0800
18:04:54.0552 0x14a8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55B13000, BlocksNum 0x1A32800
18:04:54.0552 0x14a8 \Device\Harddisk1\DR1:
18:04:54.0567 0x14a8 MBR partitions:
18:04:54.0567 0x14a8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x61D6AB1, BlocksNum 0xC35314E
18:04:54.0583 0x14a8 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12529C3E, BlocksNum 0x124FAAB4
18:04:54.0598 0x14a8 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x24A24731, BlocksNum 0x15960510
18:04:54.0598 0x14a8 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x61D2B72
18:04:54.0598 0x14a8 \Device\Harddisk2\DR2:
18:04:54.0598 0x14a8 MBR partitions:
18:04:54.0598 0x14a8 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
18:04:54.0598 0x14a8 \Device\Harddisk3\DR3:
18:04:54.0598 0x14a8 MBR partitions:
18:04:54.0598 0x14a8 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
18:04:54.0598 0x14a8 ============================================================
18:04:54.0630 0x14a8 C: <-> \Device\Harddisk0\DR0\Partition2
18:04:54.0661 0x14a8 D: <-> \Device\Harddisk1\DR1\Partition4
18:04:54.0692 0x14a8 E: <-> \Device\Harddisk1\DR1\Partition1
18:04:54.0723 0x14a8 F: <-> \Device\Harddisk1\DR1\Partition2
18:04:54.0739 0x14a8 G: <-> \Device\Harddisk1\DR1\Partition3
18:04:54.0770 0x14a8 H: <-> \Device\Harddisk0\DR0\Partition3
18:04:54.0801 0x14a8 O: <-> \Device\Harddisk2\DR2\Partition1
18:04:54.0801 0x14a8 Q: <-> \Device\Harddisk3\DR3\Partition1
18:04:54.0801 0x14a8 ============================================================
18:04:54.0801 0x14a8 Initialize success
18:04:54.0801 0x14a8 ============================================================
18:05:01.0104 0x1648 ============================================================
18:05:01.0104 0x1648 Scan started
18:05:01.0104 0x1648 Mode: Manual; SigCheck; TDLFS;
18:05:01.0104 0x1648 ============================================================
18:05:01.0104 0x1648 KSN ping started
18:05:14.0879 0x1648 KSN ping finished: true
18:05:18.0108 0x1648 ================ Scan system memory ========================
18:05:18.0108 0x1648 System memory - ok
18:05:18.0108 0x1648 ================ Scan services =============================
18:05:18.0233 0x1648 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:05:18.0311 0x1648 1394ohci - ok
18:05:18.0326 0x1648 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:05:18.0357 0x1648 ACPI - ok
18:05:18.0373 0x1648 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:05:18.0420 0x1648 AcpiPmi - ok
18:05:18.0482 0x1648 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:05:18.0498 0x1648 AdobeARMservice - ok
18:05:18.0591 0x1648 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:05:18.0607 0x1648 AdobeFlashPlayerUpdateSvc - ok
18:05:18.0638 0x1648 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:05:18.0669 0x1648 adp94xx - ok
18:05:18.0685 0x1648 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:05:18.0701 0x1648 adpahci - ok
18:05:18.0701 0x1648 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:05:18.0716 0x1648 adpu320 - ok
18:05:18.0747 0x1648 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:05:18.0872 0x1648 AeLookupSvc - ok
18:05:18.0935 0x1648 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:05:19.0013 0x1648 AFD - ok
18:05:19.0028 0x1648 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:05:19.0044 0x1648 agp440 - ok
18:05:19.0059 0x1648 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:05:19.0106 0x1648 ALG - ok
18:05:19.0122 0x1648 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:05:19.0122 0x1648 aliide - ok
18:05:19.0153 0x1648 [ B3E801135E0C81733542C14D9AA8120A, 69A19C73BBB942DDEBD079EF924ED1AEFC3516867569618D2FBBD1CD831204C2 ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
18:05:19.0184 0x1648 Alpham1 - ok
18:05:19.0200 0x1648 [ 6493983FEDBC49D9112703ECE9B251FE, E5D0EEBA8C8D9C02CC4109C86ABC6375E5CF79F6549917C011238FD2DD78BF71 ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
18:05:19.0231 0x1648 Alpham2 - ok
18:05:19.0293 0x1648 [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:05:19.0340 0x1648 AMD External Events Utility - ok
18:05:19.0418 0x1648 AMD FUEL Service - ok
18:05:19.0512 0x1648 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:05:19.0559 0x1648 amdide - ok
18:05:19.0621 0x1648 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:05:19.0637 0x1648 AmdK8 - ok
18:05:20.0323 0x1648 [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:05:20.0885 0x1648 amdkmdag - ok
18:05:20.0947 0x1648 [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:05:20.0978 0x1648 amdkmdap - ok
18:05:21.0009 0x1648 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:05:21.0025 0x1648 AmdPPM - ok
18:05:21.0041 0x1648 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:05:21.0056 0x1648 amdsata - ok
18:05:21.0072 0x1648 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:05:21.0087 0x1648 amdsbs - ok
18:05:21.0103 0x1648 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:05:21.0119 0x1648 amdxata - ok
18:05:21.0119 0x1648 AODDriver4.2.0 - ok
18:05:21.0150 0x1648 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
18:05:21.0181 0x1648 AODDriver4.3 - ok
18:05:21.0197 0x1648 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:05:21.0321 0x1648 AppID - ok
18:05:21.0321 0x1648 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:05:21.0368 0x1648 AppIDSvc - ok
18:05:21.0399 0x1648 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:05:21.0462 0x1648 Appinfo - ok
18:05:21.0477 0x1648 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:05:21.0493 0x1648 arc - ok
18:05:21.0493 0x1648 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:05:21.0509 0x1648 arcsas - ok
18:05:21.0540 0x1648 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
18:05:21.0555 0x1648 AsIO - ok
18:05:21.0555 0x1648 [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
18:05:21.0602 0x1648 asmthub3 - ok
18:05:21.0649 0x1648 [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
18:05:21.0711 0x1648 asmtxhci - ok
18:05:21.0758 0x1648 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:05:21.0821 0x1648 aspnet_state - ok
18:05:21.0867 0x1648 [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
18:05:21.0883 0x1648 AsSysCtrlService - ok
18:05:21.0899 0x1648 [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
18:05:21.0914 0x1648 AsUpIO - ok
18:05:21.0914 0x1648 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:05:21.0961 0x1648 AsyncMac - ok
18:05:22.0008 0x1648 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:05:22.0008 0x1648 atapi - ok
18:05:22.0070 0x1648 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:05:22.0086 0x1648 AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
18:05:24.0473 0x1648 Detect skipped due to KSN trusted
18:05:24.0473 0x1648 AtiHDAudioService - ok
18:05:24.0972 0x1648 [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:05:25.0331 0x1648 atikmdag - ok
18:05:25.0409 0x1648 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
18:05:25.0424 0x1648 AtiPcie - ok
18:05:25.0455 0x1648 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:05:25.0518 0x1648 AudioEndpointBuilder - ok
18:05:25.0533 0x1648 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:05:25.0549 0x1648 AudioSrv - ok
18:05:25.0596 0x1648 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
18:05:25.0611 0x1648 avmeject - ok
18:05:25.0643 0x1648 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:05:25.0721 0x1648 AxInstSV - ok
18:05:25.0783 0x1648 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:05:25.0845 0x1648 b06bdrv - ok
18:05:25.0877 0x1648 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:05:25.0939 0x1648 b57nd60a - ok
18:05:25.0955 0x1648 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:05:26.0001 0x1648 BDESVC - ok
18:05:26.0001 0x1648 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:05:26.0048 0x1648 Beep - ok
18:05:26.0142 0x1648 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:05:26.0204 0x1648 BFE - ok
18:05:26.0282 0x1648 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:05:26.0345 0x1648 BITS - ok
18:05:26.0360 0x1648 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:05:26.0376 0x1648 blbdrive - ok
18:05:26.0391 0x1648 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:05:26.0454 0x1648 bowser - ok
18:05:26.0469 0x1648 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:05:26.0501 0x1648 BrFiltLo - ok
18:05:26.0516 0x1648 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:05:26.0532 0x1648 BrFiltUp - ok
18:05:26.0563 0x1648 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:05:26.0579 0x1648 Browser - ok
18:05:26.0625 0x1648 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:05:26.0657 0x1648 Brserid - ok
18:05:26.0688 0x1648 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:05:26.0703 0x1648 BrSerWdm - ok
18:05:26.0719 0x1648 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:05:26.0735 0x1648 BrUsbMdm - ok
18:05:26.0750 0x1648 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:05:26.0766 0x1648 BrUsbSer - ok
18:05:26.0781 0x1648 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:05:26.0797 0x1648 BTHMODEM - ok
18:05:26.0828 0x1648 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:05:26.0859 0x1648 bthserv - ok
18:05:26.0891 0x1648 [ DC22832C7A65054129DEFE8BC0C6E2B6, 913C8FE83A1FFDC6A1EA54B910D98D9A4C8EF049D0B1D0D0AFB5BF1514AABE59 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
18:05:26.0906 0x1648 camfilt2 - ok
18:05:26.0937 0x1648 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:05:26.0984 0x1648 cdfs - ok
18:05:27.0000 0x1648 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:05:27.0015 0x1648 cdrom - ok
18:05:27.0031 0x1648 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:05:27.0062 0x1648 CertPropSvc - ok
18:05:27.0078 0x1648 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:05:27.0093 0x1648 circlass - ok
18:05:27.0125 0x1648 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:05:27.0140 0x1648 CLFS - ok
18:05:27.0187 0x1648 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:05:27.0218 0x1648 clr_optimization_v2.0.50727_32 - ok
18:05:27.0249 0x1648 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:05:27.0249 0x1648 clr_optimization_v2.0.50727_64 - ok
18:05:27.0312 0x1648 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:05:27.0374 0x1648 clr_optimization_v4.0.30319_32 - ok
18:05:27.0390 0x1648 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:05:27.0421 0x1648 clr_optimization_v4.0.30319_64 - ok
18:05:27.0437 0x1648 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:05:27.0452 0x1648 CmBatt - ok
18:05:27.0483 0x1648 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:05:27.0483 0x1648 cmdide - ok
18:05:27.0515 0x1648 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
18:05:27.0546 0x1648 CNG - ok
18:05:27.0561 0x1648 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:05:27.0561 0x1648 Compbatt - ok
18:05:27.0577 0x1648 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:05:27.0608 0x1648 CompositeBus - ok
18:05:27.0608 0x1648 COMSysApp - ok
18:05:27.0608 0x1648 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:05:27.0624 0x1648 crcdisk - ok
18:05:27.0655 0x1648 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:05:27.0686 0x1648 CryptSvc - ok
18:05:27.0733 0x1648 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:05:27.0795 0x1648 DcomLaunch - ok
18:05:27.0827 0x1648 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:05:27.0858 0x1648 defragsvc - ok
18:05:27.0858 0x1648 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:05:27.0905 0x1648 DfsC - ok
18:05:27.0936 0x1648 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:05:27.0951 0x1648 dg_ssudbus - ok
18:05:27.0983 0x1648 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:05:28.0014 0x1648 Dhcp - ok
18:05:28.0045 0x1648 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:05:28.0092 0x1648 discache - ok
18:05:28.0092 0x1648 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:05:28.0107 0x1648 Disk - ok
18:05:28.0139 0x1648 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:05:28.0154 0x1648 Dnscache - ok
18:05:28.0170 0x1648 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:05:28.0217 0x1648 dot3svc - ok
18:05:28.0232 0x1648 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:05:28.0263 0x1648 DPS - ok
18:05:28.0279 0x1648 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:05:28.0341 0x1648 drmkaud - ok
18:05:28.0388 0x1648 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:05:28.0435 0x1648 DXGKrnl - ok
18:05:28.0466 0x1648 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:05:28.0513 0x1648 EapHost - ok
18:05:28.0622 0x1648 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:05:28.0747 0x1648 ebdrv - ok
18:05:28.0778 0x1648 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
18:05:28.0825 0x1648 EFS - ok
18:05:28.0903 0x1648 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:05:28.0965 0x1648 ehRecvr - ok
18:05:28.0981 0x1648 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:05:28.0997 0x1648 ehSched - ok
18:05:29.0043 0x1648 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:05:29.0075 0x1648 elxstor - ok
18:05:29.0090 0x1648 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:05:29.0153 0x1648 ErrDev - ok
18:05:29.0262 0x1648 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:05:29.0324 0x1648 EventSystem - ok
18:05:29.0355 0x1648 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:05:29.0387 0x1648 exfat - ok
18:05:29.0402 0x1648 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:05:29.0433 0x1648 fastfat - ok
18:05:29.0449 0x1648 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:05:29.0574 0x1648 Fax - ok
18:05:29.0589 0x1648 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:05:29.0605 0x1648 fdc - ok
18:05:29.0621 0x1648 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:05:29.0652 0x1648 fdPHost - ok
18:05:29.0667 0x1648 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:05:29.0699 0x1648 FDResPub - ok
18:05:29.0699 0x1648 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:05:29.0714 0x1648 FileInfo - ok
18:05:29.0714 0x1648 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:05:29.0745 0x1648 Filetrace - ok
18:05:29.0761 0x1648 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:05:29.0777 0x1648 flpydisk - ok
18:05:29.0792 0x1648 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:05:29.0808 0x1648 FltMgr - ok
18:05:29.0839 0x1648 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:05:29.0917 0x1648 FontCache - ok
18:05:29.0964 0x1648 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:05:29.0979 0x1648 FontCache3.0.0.0 - ok
18:05:29.0995 0x1648 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:05:30.0026 0x1648 FsDepends - ok
18:05:30.0026 0x1648 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:05:30.0042 0x1648 Fs_Rec - ok
18:05:30.0057 0x1648 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:05:30.0073 0x1648 fvevol - ok
18:05:30.0104 0x1648 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
18:05:30.0151 0x1648 FWLANUSB - ok
18:05:30.0167 0x1648 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:05:30.0182 0x1648 gagp30kx - ok
18:05:30.0229 0x1648 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:05:30.0276 0x1648 gpsvc - ok
18:05:30.0338 0x1648 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:05:30.0354 0x1648 gupdate - ok
18:05:30.0369 0x1648 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:05:30.0369 0x1648 gupdatem - ok
18:05:30.0385 0x1648 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:05:30.0416 0x1648 hcw85cir - ok
18:05:30.0432 0x1648 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:05:30.0463 0x1648 HdAudAddService - ok
18:05:30.0479 0x1648 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:05:30.0494 0x1648 HDAudBus - ok
18:05:30.0510 0x1648 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:05:30.0525 0x1648 HidBatt - ok
18:05:30.0541 0x1648 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:05:30.0572 0x1648 HidBth - ok
18:05:30.0588 0x1648 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:05:30.0603 0x1648 HidIr - ok
18:05:30.0619 0x1648 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:05:30.0650 0x1648 hidserv - ok
18:05:30.0666 0x1648 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:05:30.0713 0x1648 HidUsb - ok
18:05:30.0744 0x1648 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:05:30.0822 0x1648 hkmsvc - ok
18:05:30.0837 0x1648 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:05:30.0869 0x1648 HomeGroupListener - ok
18:05:30.0900 0x1648 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:05:30.0900 0x1648 HomeGroupProvider - ok
18:05:30.0915 0x1648 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:05:30.0931 0x1648 HpSAMD - ok
18:05:30.0962 0x1648 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:05:30.0993 0x1648 HTTP - ok
18:05:31.0009 0x1648 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:05:31.0025 0x1648 hwpolicy - ok
18:05:31.0040 0x1648 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:05:31.0056 0x1648 i8042prt - ok
18:05:31.0087 0x1648 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:05:31.0103 0x1648 iaStorV - ok
18:05:31.0165 0x1648 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:05:31.0181 0x1648 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:05:33.0583 0x1648 Detect skipped due to KSN trusted
18:05:33.0583 0x1648 IDriverT - ok
18:05:33.0661 0x1648 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:05:33.0692 0x1648 idsvc - ok
18:05:33.0708 0x1648 IEEtwCollectorService - ok
18:05:33.0708 0x1648 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:05:33.0723 0x1648 iirsp - ok
18:05:33.0770 0x1648 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:05:33.0801 0x1648 IKEEXT - ok
18:05:33.0817 0x1648 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:05:33.0833 0x1648 intelide - ok
18:05:33.0848 0x1648 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:05:33.0864 0x1648 intelppm - ok
18:05:33.0895 0x1648 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:05:33.0926 0x1648 IPBusEnum - ok
18:05:33.0942 0x1648 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:05:34.0004 0x1648 IpFilterDriver - ok
18:05:34.0035 0x1648 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:05:34.0082 0x1648 iphlpsvc - ok
18:05:34.0098 0x1648 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:05:34.0129 0x1648 IPMIDRV - ok
18:05:34.0145 0x1648 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:05:34.0176 0x1648 IPNAT - ok
18:05:34.0191 0x1648 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:05:34.0207 0x1648 IRENUM - ok
18:05:34.0207 0x1648 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:05:34.0223 0x1648 isapnp - ok
18:05:34.0238 0x1648 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:05:34.0285 0x1648 iScsiPrt - ok
18:05:34.0301 0x1648 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:05:34.0347 0x1648 kbdclass - ok
18:05:34.0363 0x1648 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:05:34.0441 0x1648 kbdhid - ok
18:05:34.0472 0x1648 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
18:05:34.0503 0x1648 KeyIso - ok
18:05:34.0519 0x1648 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:05:34.0535 0x1648 KSecDD - ok
18:05:34.0535 0x1648 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:05:34.0550 0x1648 KSecPkg - ok
18:05:34.0566 0x1648 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:05:34.0581 0x1648 ksthunk - ok
18:05:34.0613 0x1648 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:05:34.0644 0x1648 KtmRm - ok
18:05:34.0675 0x1648 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:05:34.0722 0x1648 LanmanServer - ok
18:05:34.0737 0x1648 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:05:34.0784 0x1648 LanmanWorkstation - ok
18:05:34.0800 0x1648 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:05:34.0831 0x1648 lltdio - ok
18:05:34.0862 0x1648 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:05:34.0909 0x1648 lltdsvc - ok
18:05:34.0909 0x1648 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:05:34.0956 0x1648 lmhosts - ok
18:05:34.0971 0x1648 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:05:34.0987 0x1648 LSI_FC - ok
18:05:34.0987 0x1648 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:05:35.0003 0x1648 LSI_SAS - ok
18:05:35.0003 0x1648 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:05:35.0018 0x1648 LSI_SAS2 - ok
18:05:35.0018 0x1648 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:05:35.0034 0x1648 LSI_SCSI - ok
18:05:35.0034 0x1648 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:05:35.0081 0x1648 luafv - ok
18:05:35.0112 0x1648 [ F0DCD0FD9D79668E34A660F49C8C00BC, 1A57E0E6528AD21F983577E3945B3B72A3A3614E6245313330A4351D9FD3F207 ] MADFULEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard_DFU.sys
18:05:35.0127 0x1648 MADFULEGACYKEYBOARD - ok
18:05:35.0143 0x1648 [ FAEDBEE189A877E302B023BD24FAEBF8, C6E77B90D5D53E539A3AE35D42DD17E90AC1F90B3698C4600BC537E58EA867E4 ] MAUSBLEGACYKEYBOARD C:\Windows\system32\DRIVERS\MAudioLegacyKeyboard.sys
18:05:35.0174 0x1648 MAUSBLEGACYKEYBOARD - ok
18:05:35.0205 0x1648 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:05:35.0205 0x1648 Mcx2Svc - ok
18:05:35.0221 0x1648 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:05:35.0237 0x1648 megasas - ok
18:05:35.0252 0x1648 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:05:35.0268 0x1648 MegaSR - ok
18:05:35.0283 0x1648 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:05:35.0315 0x1648 MMCSS - ok
18:05:35.0346 0x1648 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:05:35.0361 0x1648 Modem - ok
18:05:35.0377 0x1648 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:05:35.0408 0x1648 monitor - ok
18:05:35.0424 0x1648 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:05:35.0424 0x1648 mouclass - ok
18:05:35.0439 0x1648 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:05:35.0455 0x1648 mouhid - ok
18:05:35.0471 0x1648 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:05:35.0471 0x1648 mountmgr - ok
18:05:35.0502 0x1648 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:05:35.0517 0x1648 MozillaMaintenance - ok
18:05:35.0533 0x1648 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:05:35.0549 0x1648 mpio - ok
18:05:35.0549 0x1648 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:05:35.0611 0x1648 mpsdrv - ok
18:05:35.0642 0x1648 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:05:35.0705 0x1648 MpsSvc - ok
18:05:35.0720 0x1648 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:05:35.0767 0x1648 MRxDAV - ok
18:05:35.0798 0x1648 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:05:35.0845 0x1648 mrxsmb - ok
18:05:35.0876 0x1648 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:05:35.0892 0x1648 mrxsmb10 - ok
18:05:35.0907 0x1648 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:05:35.0939 0x1648 mrxsmb20 - ok
18:05:35.0954 0x1648 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:05:35.0970 0x1648 msahci - ok
18:05:35.0970 0x1648 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:05:35.0985 0x1648 msdsm - ok
18:05:36.0001 0x1648 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:05:36.0017 0x1648 MSDTC - ok
18:05:36.0017 0x1648 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:05:36.0048 0x1648 Msfs - ok
18:05:36.0063 0x1648 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:05:36.0079 0x1648 mshidkmdf - ok
18:05:36.0079 0x1648 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:05:36.0095 0x1648 msisadrv - ok
18:05:36.0110 0x1648 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:05:36.0141 0x1648 MSiSCSI - ok
18:05:36.0141 0x1648 msiserver - ok
18:05:36.0157 0x1648 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:05:36.0188 0x1648 MSKSSRV - ok
18:05:36.0204 0x1648 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:05:36.0235 0x1648 MSPCLOCK - ok
18:05:36.0235 0x1648 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:05:36.0266 0x1648 MSPQM - ok
18:05:36.0282 0x1648 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:05:36.0297 0x1648 MsRPC - ok
18:05:36.0313 0x1648 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:05:36.0329 0x1648 mssmbios - ok
18:05:36.0344 0x1648 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:05:36.0360 0x1648 MSTEE - ok
18:05:36.0375 0x1648 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:05:36.0391 0x1648 MTConfig - ok
18:05:36.0407 0x1648 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:05:36.0422 0x1648 MTsensor - ok
18:05:36.0422 0x1648 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:05:36.0438 0x1648 Mup - ok
18:05:36.0453 0x1648 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:05:36.0500 0x1648 napagent - ok
18:05:36.0531 0x1648 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:05:36.0563 0x1648 NativeWifiP - ok
18:05:36.0625 0x1648 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:05:36.0672 0x1648 NDIS - ok
18:05:36.0672 0x1648 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:05:36.0703 0x1648 NdisCap - ok
18:05:36.0703 0x1648 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:05:36.0734 0x1648 NdisTapi - ok
18:05:36.0750 0x1648 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:05:36.0781 0x1648 Ndisuio - ok
18:05:36.0797 0x1648 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:05:36.0843 0x1648 NdisWan - ok
18:05:36.0843 0x1648 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:05:36.0875 0x1648 NDProxy - ok
18:05:36.0890 0x1648 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:05:36.0921 0x1648 NetBIOS - ok
18:05:36.0937 0x1648 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:05:36.0968 0x1648 NetBT - ok
18:05:36.0984 0x1648 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
18:05:36.0984 0x1648 Netlogon - ok
18:05:36.0999 0x1648 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:05:37.0046 0x1648 Netman - ok
18:05:37.0062 0x1648 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:37.0077 0x1648 NetMsmqActivator - ok
18:05:37.0077 0x1648 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:37.0093 0x1648 NetPipeActivator - ok
18:05:37.0124 0x1648 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:05:37.0171 0x1648 netprofm - ok
18:05:37.0171 0x1648 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:37.0187 0x1648 NetTcpActivator - ok
18:05:37.0202 0x1648 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:37.0202 0x1648 NetTcpPortSharing - ok
18:05:37.0218 0x1648 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:05:37.0218 0x1648 nfrd960 - ok
18:05:37.0249 0x1648 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:05:37.0296 0x1648 NlaSvc - ok
18:05:37.0296 0x1648 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:05:37.0327 0x1648 Npfs - ok
18:05:37.0343 0x1648 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:05:37.0374 0x1648 nsi - ok
18:05:37.0374 0x1648 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:05:37.0405 0x1648 nsiproxy - ok
18:05:37.0514 0x1648 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:05:37.0577 0x1648 Ntfs - ok
18:05:37.0592 0x1648 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:05:37.0639 0x1648 Null - ok
18:05:37.0670 0x1648 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:05:37.0670 0x1648 nvraid - ok
18:05:37.0701 0x1648 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:05:37.0701 0x1648 nvstor - ok
18:05:37.0733 0x1648 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:05:37.0748 0x1648 nv_agp - ok
18:05:37.0748 0x1648 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:05:37.0764 0x1648 ohci1394 - ok
18:05:37.0795 0x1648 [ FA5D730CE3F3A3BD21C1040E212230D4, 74C4C5DD79D60D7A5821F514614861FC7EE0C7160F7F8A96683087DEDE67C2C6 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
18:05:37.0795 0x1648 OM0530 - ok
18:05:37.0920 0x1648 [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:05:37.0982 0x1648 Origin Client Service - ok
18:05:38.0029 0x1648 [ 2B7D360154E5324F9BA181AF0DBFB2AA, DD53FEDAEC6CB8243142561A946B7A372C320A2C69F8896D33DB504B78707D35 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
18:05:38.0029 0x1648 OverwolfUpdaterService - ok
18:05:38.0107 0x1648 [ E357862CA46F2C3E98E5E8007A317363, 0A3ADF2F6A8800EA1A76BBA58D5CB1B22A70DF895EF5D4C7169456B0C44061ED ] OxygenAudioDevMon C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
18:05:38.0169 0x1648 OxygenAudioDevMon - ok
18:05:38.0201 0x1648 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:05:38.0247 0x1648 p2pimsvc - ok
18:05:38.0279 0x1648 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:05:38.0294 0x1648 p2psvc - ok
18:05:38.0310 0x1648 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:05:38.0325 0x1648 Parport - ok
18:05:38.0357 0x1648 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:05:38.0357 0x1648 partmgr - ok
18:05:38.0372 0x1648 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:05:38.0403 0x1648 PcaSvc - ok
18:05:38.0403 0x1648 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:05:38.0419 0x1648 pci - ok
18:05:38.0435 0x1648 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:05:38.0450 0x1648 pciide - ok
18:05:38.0466 0x1648 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:05:38.0481 0x1648 pcmcia - ok
18:05:38.0481 0x1648 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:05:38.0497 0x1648 pcw - ok
18:05:38.0528 0x1648 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:05:38.0591 0x1648 PEAUTH - ok
18:05:38.0653 0x1648 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:05:38.0669 0x1648 PerfHost - ok
18:05:38.0731 0x1648 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:05:38.0809 0x1648 pla - ok
18:05:38.0840 0x1648 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:05:38.0903 0x1648 PlugPlay - ok
18:05:38.0949 0x1648 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
18:05:38.0965 0x1648 PnkBstrA - ok
18:05:38.0981 0x1648 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:05:38.0996 0x1648 PNRPAutoReg - ok
18:05:39.0027 0x1648 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:05:39.0043 0x1648 PNRPsvc - ok
18:05:39.0059 0x1648 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:05:39.0090 0x1648 PolicyAgent - ok
18:05:39.0121 0x1648 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:05:39.0168 0x1648 Power - ok
18:05:39.0183 0x1648 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:05:39.0199 0x1648 PptpMiniport - ok
18:05:39.0215 0x1648 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:05:39.0261 0x1648 Processor - ok
18:05:39.0293 0x1648 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:05:39.0371 0x1648 ProfSvc - ok
18:05:39.0386 0x1648 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:05:39.0402 0x1648 ProtectedStorage - ok
18:05:39.0402 0x1648 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:05:39.0433 0x1648 Psched - ok
18:05:39.0464 0x1648 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:05:39.0464 0x1648 PxHlpa64 - ok
18:05:39.0573 0x1648 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:05:39.0620 0x1648 ql2300 - ok
18:05:39.0636 0x1648 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:05:39.0651 0x1648 ql40xx - ok
18:05:39.0667 0x1648 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:05:39.0683 0x1648 QWAVE - ok
18:05:39.0698 0x1648 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:05:39.0729 0x1648 QWAVEdrv - ok
18:05:39.0745 0x1648 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:05:39.0761 0x1648 RasAcd - ok
18:05:39.0792 0x1648 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:05:39.0823 0x1648 RasAgileVpn - ok
18:05:39.0839 0x1648 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:05:39.0870 0x1648 RasAuto - ok
18:05:39.0870 0x1648 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:05:39.0901 0x1648 Rasl2tp - ok
18:05:39.0917 0x1648 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:05:39.0963 0x1648 RasMan - ok
18:05:39.0979 0x1648 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:05:40.0026 0x1648 RasPppoe - ok
18:05:40.0026 0x1648 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:05:40.0057 0x1648 RasSstp - ok
18:05:40.0088 0x1648 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:05:40.0119 0x1648 rdbss - ok
18:05:40.0135 0x1648 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:05:40.0151 0x1648 rdpbus - ok
18:05:40.0166 0x1648 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:05:40.0197 0x1648 RDPCDD - ok
18:05:40.0197 0x1648 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:05:40.0244 0x1648 RDPENCDD - ok
18:05:40.0244 0x1648 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:05:40.0275 0x1648 RDPREFMP - ok
18:05:40.0291 0x1648 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:05:40.0353 0x1648 RdpVideoMiniport - ok
18:05:40.0385 0x1648 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:05:40.0431 0x1648 RDPWD - ok
18:05:40.0447 0x1648 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:05:40.0463 0x1648 rdyboost - ok
18:05:40.0494 0x1648 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:05:40.0572 0x1648 RemoteAccess - ok
18:05:40.0587 0x1648 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:05:40.0619 0x1648 RemoteRegistry - ok
18:05:40.0619 0x1648 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:05:40.0681 0x1648 RpcEptMapper - ok
18:05:40.0697 0x1648 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:05:40.0712 0x1648 RpcLocator - ok
18:05:40.0728 0x1648 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:05:40.0775 0x1648 RpcSs - ok
18:05:40.0775 0x1648 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:05:40.0821 0x1648 rspndr - ok
18:05:40.0853 0x1648 [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:05:40.0884 0x1648 RTL8167 - ok
18:05:40.0899 0x1648 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
18:05:40.0899 0x1648 SamSs - ok
18:05:40.0915 0x1648 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:05:40.0915 0x1648 sbp2port - ok
18:05:40.0946 0x1648 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:05:40.0977 0x1648 SCardSvr - ok
18:05:40.0977 0x1648 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:05:41.0009 0x1648 scfilter - ok
18:05:41.0040 0x1648 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:05:41.0102 0x1648 Schedule - ok
18:05:41.0133 0x1648 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:05:41.0165 0x1648 SCPolicySvc - ok
18:05:41.0180 0x1648 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:05:41.0196 0x1648 ScreamBAudioSvc - ok
18:05:41.0211 0x1648 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:05:41.0243 0x1648 SDRSVC - ok
18:05:41.0336 0x1648 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
18:05:41.0414 0x1648 SDScannerService - ok
18:05:41.0477 0x1648 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:05:41.0555 0x1648 SDUpdateService - ok
18:05:41.0570 0x1648 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:05:41.0586 0x1648 SDWSCService - ok
18:05:41.0601 0x1648 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:05:41.0617 0x1648 secdrv - ok
18:05:41.0633 0x1648 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:05:41.0679 0x1648 seclogon - ok
18:05:41.0679 0x1648 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:05:41.0711 0x1648 SENS - ok
18:05:41.0726 0x1648 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:05:41.0757 0x1648 SensrSvc - ok
18:05:41.0773 0x1648 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:05:41.0773 0x1648 Serenum - ok
18:05:41.0789 0x1648 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:05:41.0804 0x1648 Serial - ok
18:05:41.0820 0x1648 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:05:41.0835 0x1648 sermouse - ok
18:05:41.0851 0x1648 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:05:41.0898 0x1648 SessionEnv - ok
18:05:41.0913 0x1648 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:05:41.0945 0x1648 sffdisk - ok
18:05:41.0960 0x1648 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:05:41.0991 0x1648 sffp_mmc - ok
18:05:42.0007 0x1648 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:05:42.0023 0x1648 sffp_sd - ok
18:05:42.0038 0x1648 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:05:42.0054 0x1648 sfloppy - ok
18:05:42.0101 0x1648 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:05:42.0225 0x1648 SharedAccess - ok
18:05:42.0257 0x1648 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:05:42.0303 0x1648 ShellHWDetection - ok
18:05:42.0319 0x1648 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:05:42.0335 0x1648 SiSRaid2 - ok
18:05:42.0350 0x1648 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:05:42.0366 0x1648 SiSRaid4 - ok
18:05:42.0381 0x1648 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:05:42.0413 0x1648 Smb - ok
18:05:42.0428 0x1648 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:05:42.0444 0x1648 SNMPTRAP - ok
18:05:42.0459 0x1648 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:05:42.0459 0x1648 spldr - ok
18:05:42.0506 0x1648 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:05:42.0569 0x1648 Spooler - ok
18:05:42.0693 0x1648 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:05:42.0834 0x1648 sppsvc - ok
18:05:42.0849 0x1648 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:05:42.0881 0x1648 sppuinotify - ok
18:05:42.0927 0x1648 [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\System32\Drivers\sptd.sys
18:05:42.0943 0x1648 sptd - ok
18:05:43.0005 0x1648 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:05:43.0037 0x1648 srv - ok
18:05:43.0052 0x1648 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:05:43.0083 0x1648 srv2 - ok
18:05:43.0099 0x1648 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:05:43.0115 0x1648 srvnet - ok
18:05:43.0130 0x1648 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:05:43.0177 0x1648 SSDPSRV - ok
18:05:43.0177 0x1648 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:05:43.0208 0x1648 SstpSvc - ok
18:05:43.0239 0x1648 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:05:43.0255 0x1648 ssudmdm - ok
18:05:43.0271 0x1648 [ F7093A27C4AF6D9EEA0ACAC1C4FF6828, 40E1A8FB08D3063711E87C15B24009B397CAD279905AA72FADBB4A8B611474CD ] ssudserd C:\Windows\system32\DRIVERS\ssudserd.sys
18:05:43.0286 0x1648 ssudserd - ok
18:05:43.0364 0x1648 [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:05:43.0395 0x1648 Steam Client Service - ok
18:05:43.0411 0x1648 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:05:43.0411 0x1648 stexstor - ok
18:05:43.0442 0x1648 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:05:43.0473 0x1648 stisvc - ok
18:05:43.0473 0x1648 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:05:43.0489 0x1648 swenum - ok
18:05:43.0536 0x1648 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:05:43.0583 0x1648 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:05:48.0949 0x0c64 Object required for P2P: [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject
18:05:49.0401 0x1648 Detect skipped due to KSN trusted
18:05:49.0401 0x1648 SwitchBoard - ok
18:05:49.0448 0x1648 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:05:49.0511 0x1648 swprv - ok
18:05:49.0557 0x1648 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:05:49.0635 0x1648 SysMain - ok
18:05:49.0635 0x1648 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:05:49.0667 0x1648 TabletInputService - ok
18:05:49.0698 0x1648 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:05:49.0807 0x1648 TapiSrv - ok
18:05:49.0854 0x1648 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:05:49.0916 0x1648 TBS - ok
18:05:49.0979 0x1648 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:05:50.0041 0x1648 Tcpip - ok
18:05:50.0103 0x1648 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:05:50.0150 0x1648 TCPIP6 - ok
18:05:50.0166 0x1648 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:05:50.0181 0x1648 tcpipreg - ok
18:05:50.0197 0x1648 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:05:50.0228 0x1648 TDPIPE - ok
18:05:50.0275 0x1648 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:05:50.0291 0x1648 TDTCP - ok
18:05:50.0322 0x1648 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:05:50.0353 0x1648 tdx - ok
18:05:50.0369 0x1648 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:05:50.0384 0x1648 TermDD - ok
18:05:50.0431 0x1648 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:05:50.0478 0x1648 TermService - ok
18:05:50.0493 0x1648 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:05:50.0493 0x1648 Themes - ok
18:05:50.0525 0x1648 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:05:50.0540 0x1648 THREADORDER - ok
18:05:50.0556 0x1648 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:05:50.0587 0x1648 TrkWks - ok
18:05:50.0634 0x1648 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:05:50.0665 0x1648 TrustedInstaller - ok
18:05:50.0681 0x1648 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:05:50.0696 0x1648 tssecsrv - ok
18:05:50.0712 0x1648 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:05:50.0759 0x1648 TsUsbFlt - ok
18:05:50.0790 0x1648 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:05:50.0805 0x1648 TsUsbGD - ok
18:05:50.0930 0x1648 [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
18:05:51.0008 0x1648 TuneUp.UtilitiesSvc - ok
18:05:51.0039 0x1648 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
18:05:51.0055 0x1648 TuneUpUtilitiesDrv - ok
18:05:51.0071 0x1648 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:05:51.0102 0x1648 tunnel - ok
18:05:51.0117 0x1648 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:05:51.0133 0x1648 uagp35 - ok
18:05:51.0164 0x1648 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:05:51.0195 0x1648 udfs - ok
18:05:51.0211 0x1648 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:05:51.0227 0x1648 UI0Detect - ok
18:05:51.0242 0x1648 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:05:51.0258 0x1648 uliagpkx - ok
18:05:51.0273 0x1648 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:05:51.0289 0x1648 umbus - ok
18:05:51.0305 0x1648 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:05:51.0320 0x1648 UmPass - ok
18:05:51.0351 0x1648 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:05:51.0383 0x1648 upnphost - ok
18:05:51.0414 0x1648 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:05:51.0429 0x1648 usbaudio - ok
18:05:51.0445 0x1648 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:05:51.0476 0x1648 usbccgp - ok
18:05:51.0507 0x1648 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:05:51.0523 0x1648 usbcir - ok
18:05:51.0539 0x1648 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:05:51.0554 0x1648 usbehci - ok
18:05:51.0570 0x1648 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:05:51.0585 0x1648 usbhub - ok
18:05:51.0601 0x1648 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:05:51.0617 0x1648 usbohci - ok
18:05:51.0632 0x1648 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:05:51.0663 0x1648 usbprint - ok
18:05:51.0695 0x1648 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:05:51.0741 0x1648 USBSTOR - ok
18:05:51.0773 0x1648 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:05:51.0819 0x1648 usbuhci - ok
18:05:51.0851 0x1648 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:05:51.0882 0x1648 usbvideo - ok
18:05:51.0897 0x1648 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:05:51.0929 0x1648 UxSms - ok
18:05:51.0960 0x1648 [ 97BCD40E27C46B398524DF9B4DC88A6F, D1466C414B6044B65D63138B3C42B54B3B6E54AD40613E171F980D0E0D9627B5 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
18:05:51.0960 0x1648 UxTuneUp - ok
18:05:51.0975 0x1648 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
18:05:51.0975 0x1648 VaultSvc - ok
18:05:51.0991 0x1648 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:05:52.0007 0x1648 vdrvroot - ok
18:05:52.0022 0x1648 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:05:52.0069 0x1648 vds - ok
18:05:52.0100 0x1648 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:05:52.0116 0x1648 vga - ok
18:05:52.0131 0x1648 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:05:52.0163 0x1648 VgaSave - ok
18:05:52.0178 0x1648 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:05:52.0194 0x1648 vhdmp - ok
18:05:52.0303 0x1648 [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:05:52.0381 0x1648 VIAHdAudAddService - ok
18:05:52.0412 0x1648 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:05:52.0412 0x1648 viaide - ok
18:05:52.0428 0x1648 [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:05:52.0428 0x1648 VIAKaraokeService - ok
18:05:52.0443 0x1648 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:05:52.0443 0x1648 volmgr - ok
18:05:52.0459 0x1648 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:05:52.0475 0x1648 volmgrx - ok
18:05:52.0490 0x1648 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:05:52.0506 0x1648 volsnap - ok
18:05:52.0521 0x1648 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:05:52.0521 0x1648 vsmraid - ok
18:05:52.0568 0x1648 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:05:52.0662 0x1648 VSS - ok
18:05:52.0677 0x1648 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:05:52.0709 0x1648 vwifibus - ok
18:05:52.0724 0x1648 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:05:52.0771 0x1648 W32Time - ok
18:05:52.0787 0x1648 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:05:52.0818 0x1648 WacomPen - ok
18:05:52.0833 0x1648 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:05:52.0865 0x1648 WANARP - ok
18:05:52.0865 0x1648 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:05:52.0896 0x1648 Wanarpv6 - ok
18:05:52.0927 0x1648 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:05:52.0989 0x1648 wbengine - ok
18:05:53.0021 0x1648 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:05:53.0036 0x1648 WbioSrvc - ok
18:05:53.0067 0x1648 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:05:53.0083 0x1648 wcncsvc - ok
18:05:53.0099 0x1648 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:05:53.0130 0x1648 WcsPlugInService - ok
18:05:53.0130 0x1648 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:05:53.0145 0x1648 Wd - ok
18:05:53.0161 0x1648 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
18:05:53.0177 0x1648 WDC_SAM - ok
18:05:53.0223 0x1648 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:05:53.0255 0x1648 Wdf01000 - ok
18:05:53.0255 0x1648 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:05:53.0348 0x1648 WdiServiceHost - ok
18:05:53.0364 0x1648 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:05:53.0395 0x1648 WdiSystemHost - ok
18:05:53.0411 0x1648 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:05:53.0457 0x1648 WebClient - ok
18:05:53.0473 0x1648 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:05:53.0520 0x1648 Wecsvc - ok
18:05:53.0535 0x1648 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:05:53.0567 0x1648 wercplsupport - ok
18:05:53.0567 0x1648 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:05:53.0598 0x1648 WerSvc - ok
18:05:53.0613 0x1648 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:05:53.0645 0x1648 WfpLwf - ok
18:05:53.0660 0x1648 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:05:53.0660 0x1648 WIMMount - ok
18:05:53.0691 0x1648 WinDefend - ok
18:05:53.0691 0x1648 WinHttpAutoProxySvc - ok
18:05:53.0723 0x1648 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:05:53.0754 0x1648 Winmgmt - ok
18:05:53.0847 0x1648 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:05:53.0925 0x1648 WinRM - ok
18:05:53.0957 0x1648 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:05:53.0972 0x1648 WinUsb - ok
18:05:54.0003 0x1648 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:05:54.0050 0x1648 Wlansvc - ok
18:05:54.0206 0x1648 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:05:54.0284 0x1648 wlidsvc - ok
18:05:54.0300 0x1648 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:05:54.0300 0x1648 WmiAcpi - ok
18:05:54.0315 0x1648 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:05:54.0331 0x1648 wmiApSrv - ok
18:05:54.0347 0x1648 WMPNetworkSvc - ok
18:05:54.0362 0x1648 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:05:54.0393 0x1648 WPCSvc - ok
18:05:54.0409 0x1648 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:05:54.0440 0x1648 WPDBusEnum - ok
18:05:54.0456 0x1648 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:05:54.0487 0x1648 ws2ifsl - ok
18:05:54.0503 0x1648 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:05:54.0518 0x1648 wscsvc - ok
18:05:54.0518 0x1648 WSearch - ok
18:05:54.0596 0x1648 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:05:54.0690 0x1648 wuauserv - ok
18:05:54.0705 0x1648 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:05:54.0737 0x1648 WudfPf - ok
18:05:54.0752 0x1648 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:05:54.0768 0x1648 WUDFRd - ok
18:05:54.0768 0x1648 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:05:54.0783 0x1648 wudfsvc - ok
18:05:54.0799 0x1648 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:05:54.0861 0x1648 WwanSvc - ok
18:05:54.0877 0x1648 ================ Scan global ===============================
18:05:54.0924 0x1648 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:05:54.0971 0x1648 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:05:54.0986 0x1648 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:05:55.0017 0x1648 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:05:55.0049 0x1648 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:05:55.0064 0x1648 [ Global ] - ok
18:05:55.0064 0x1648 ================ Scan MBR ==================================
18:05:55.0080 0x1648 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:05:55.0298 0x1648 \Device\Harddisk0\DR0 - ok
18:05:55.0329 0x1648 [ 205060F860AA1EC25B607A1B5B40A40C ] \Device\Harddisk1\DR1
18:05:55.0407 0x1648 \Device\Harddisk1\DR1 - ok
18:05:55.0407 0x1648 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
18:05:55.0875 0x1648 \Device\Harddisk2\DR2 - ok
18:05:55.0875 0x1648 [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk3\DR3
18:05:56.0328 0x1648 \Device\Harddisk3\DR3 - ok
18:05:56.0328 0x1648 ================ Scan VBR ==================================
18:05:56.0359 0x1648 [ C07BC3BE82CA91B4832947491A4E6E31 ] \Device\Harddisk0\DR0\Partition1
18:05:56.0375 0x1648 \Device\Harddisk0\DR0\Partition1 - ok
18:05:56.0375 0x1648 [ EDB793810F8BAECAE2F9D3C0C5311652 ] \Device\Harddisk0\DR0\Partition2
18:05:56.0406 0x1648 \Device\Harddisk0\DR0\Partition2 - ok
18:05:56.0421 0x1648 [ ED28D0D8202823080428C72EEA85B213 ] \Device\Harddisk0\DR0\Partition3
18:05:56.0421 0x1648 \Device\Harddisk0\DR0\Partition3 - ok
18:05:56.0437 0x1648 [ 7604813F6EDB7C5C5A77592F1C163FE0 ] \Device\Harddisk1\DR1\Partition1
18:05:56.0437 0x1648 \Device\Harddisk1\DR1\Partition1 - ok
18:05:56.0468 0x1648 [ 887DD3C8B480381118BB555328DFF85E ] \Device\Harddisk1\DR1\Partition2
18:05:56.0468 0x1648 \Device\Harddisk1\DR1\Partition2 - ok
18:05:56.0484 0x1648 [ 81023E46A17A1940216BCDC3921122DC ] \Device\Harddisk1\DR1\Partition3
18:05:56.0484 0x1648 \Device\Harddisk1\DR1\Partition3 - ok
18:05:56.0484 0x1648 [ 60B4F8F9D84337FFBADD364A2E6A3988 ] \Device\Harddisk1\DR1\Partition4
18:05:56.0484 0x1648 \Device\Harddisk1\DR1\Partition4 - ok
18:05:56.0499 0x1648 [ 97793C6EBE782489632BE676E2C9BE30 ] \Device\Harddisk2\DR2\Partition1
18:05:56.0546 0x1648 \Device\Harddisk2\DR2\Partition1 - ok
18:05:56.0546 0x1648 [ EFB00E60BB2055492290E549E5A4574A ] \Device\Harddisk3\DR3\Partition1
18:05:56.0577 0x1648 \Device\Harddisk3\DR3\Partition1 - ok
18:05:56.0577 0x1648 ================ Scan generic autorun ======================
18:05:56.0655 0x1648 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:05:56.0671 0x1648 AdobeAAMUpdater-1.0 - ok
18:05:56.0843 0x1648 [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
18:05:57.0030 0x1648 HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
18:05:59.0417 0x1648 Detect skipped due to KSN trusted
18:05:59.0417 0x1648 HDAudDeck - ok
18:05:59.0479 0x1648 [ 94D247679E0862C7FA8C5AD712E03948, B6579E5675DDEE338D5248B6A1769CFCEC72DF127A5A367980F388FE782C4748 ] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
18:05:59.0510 0x1648 Cpu Level Up help - ok
18:05:59.0604 0x1648 [ 80F72159E0EB98A9B32FF61132C2E60D, 7F9AD5AE0C23EC5AB7DD63020897646A57CD275D325D399C35001C3DAC0B147F ] C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
18:05:59.0666 0x1648 Turbo Key - detected UnsignedFile.Multi.Generic ( 1 )
18:06:02.0069 0x1648 Detect skipped due to KSN trusted
18:06:02.0069 0x1648 Turbo Key - ok
18:06:02.0115 0x1648 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:06:02.0162 0x1648 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:06:02.0162 0x1648 Detect skipped due to KSN trusted
18:06:02.0162 0x1648 SwitchBoard - ok
18:06:02.0209 0x1648 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
18:06:02.0256 0x1648 AdobeCS6ServiceManager - ok
18:06:02.0271 0x1648 [ C5239F47944FA3036A256DE9BDB94EB6, 3464B8B5036FA954553850A590D765D30E805818049FBF2E6C444B5FB0147BD4 ] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
18:06:02.0303 0x1648 Zboard - detected UnsignedFile.Multi.Generic ( 1 )
18:06:04.0721 0x1648 Detect skipped due to KSN trusted
18:06:04.0721 0x1648 Zboard - ok
18:06:04.0814 0x1648 [ DB3682851D0218AEC5911CD0D1D7AABE, E3186E075F788131C7E6746D035DED5E3056E20784D635D5CAEC00EF3D27CC72 ] C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
18:06:04.0877 0x1648 BF2Hub Client - detected UnsignedFile.Multi.Generic ( 1 )
18:06:07.0045 0x1560 Object required for P2P: [ 320681DF28D82CDCA7E3EED0846625DB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:06:07.0373 0x1648 BF2Hub Client ( UnsignedFile.Multi.Generic ) - warning
18:06:08.0964 0x0c64 Object send P2P result: false
18:06:09.0853 0x1648 [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
18:06:09.0869 0x1648 KiesTrayAgent - ok
18:06:09.0900 0x1648 [ ACFE2A5FBB735E6463B51D19A84B5C1E, ECCA84BD6E56C2370BBCF1EFE88F92649DF040C53D73711C5BBEF19962214119 ] C:\Program Files (x86)\Raptr\raptrstub.exe
18:06:09.0915 0x1648 Raptr - ok
18:06:10.0009 0x1648 [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
18:06:10.0040 0x1648 StartCCC - ok
18:06:10.0181 0x1648 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
18:06:10.0305 0x1648 SDTray - ok
18:06:10.0415 0x1648 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:06:10.0493 0x1648 Sidebar - ok
18:06:10.0508 0x1648 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:06:10.0524 0x1648 mctadmin - ok
18:06:10.0571 0x1648 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:06:10.0602 0x1648 Sidebar - ok
18:06:10.0617 0x1648 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:06:10.0633 0x1648 mctadmin - ok
18:06:10.0680 0x1648 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
18:06:10.0695 0x1648 NextLive - ok
18:06:10.0820 0x1648 [ 3255867AE34EDD5346C750677EE63354, 3FC8E1EFF33EE83717C285D0CD388886135C5BF977B69CF6ADCFD4196139D483 ] C:\Program Files (x86)\Steam\Steam.exe
18:06:10.0898 0x1648 Steam - ok
18:06:11.0054 0x1648 [ 1BFCA8EBFBDC43B5C7C3BCF92A47DD77, EA4A4B5E4BFB31451A472A3E5F23CA163EB53B7D08C892454D6905B034ABBBF6 ] C:\Program Files (x86)\Origin\Origin.exe
18:06:11.0195 0x1648 EADM - ok
18:06:11.0257 0x1648 [ 2F85D5E63A1ECE08085D32C1B615BBFD, 7263F4E0CC7D375CBAA44406F90F427E6EC9382184B3CD62A90C0DD6B7D88372 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
18:06:11.0304 0x1648 KiesPreload - ok
18:06:11.0304 0x1648 Waiting for KSN requests completion. In queue: 15
18:06:12.0318 0x1648 Waiting for KSN requests completion. In queue: 15
18:06:13.0332 0x1648 Waiting for KSN requests completion. In queue: 15
18:06:14.0346 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:15.0360 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:16.0374 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:17.0388 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:18.0402 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:19.0416 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:20.0430 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:21.0444 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:22.0458 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:23.0472 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:24.0486 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:25.0500 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:26.0514 0x1648 Waiting for KSN requests completion. In queue: 3
18:06:27.0060 0x1560 Object send P2P result: false
18:06:27.0543 0x1648 Win FW state via NFP2: enabled
18:06:40.0975 0x1648 ============================================================
18:06:40.0975 0x1648 Scan finished
18:06:40.0975 0x1648 ============================================================
18:06:40.0991 0x1570 Detected object count: 1
18:06:40.0991 0x1570 Actual detected object count: 1
18:06:53.0408 0x1570 BF2Hub Client ( UnsignedFile.Multi.Generic ) - skipped by user
18:06:53.0408 0x1570 BF2Hub Client ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:06:58.0010 0x08c8 Deinitialize success
Der BF2Hub Client ist bekanntes Tool um einen alternativen Masterserver für Battlefield2 zu kontaktieren, da die Masterserver von Electronic Arts für Battlefield 2 abgeschaltet wurden. Das Tool ist also unbedenklich. |
|
26.02.2015, 08:02
| #13 |
| /// the machine /// TB-Ausbilder | Angeblich nymaim Trojaner eingefangen Ja, der HUB intressiert mich auch nit  Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.02.2015, 17:26
| #14 |
| | Angeblich nymaim Trojaner eingefangen Danke! Wurde ausgeführt: Code:
ATTFilter ComboFix 15-02-16.01 - Wallace 27.02.2015 17:07:17.1.4 - x64
ausgeführt von:: c:\users\Wallace\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Wallace\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll
c:\users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\searchplugins\trovi-search.xml
c:\users\Wallace\AppData\Roaming\QmVucXSdon.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-01-27 bis 2015-02-27 ))))))))))))))))))))))))))))))
.
.
2015-02-23 18:56 . 2015-02-23 19:18 -------- d-----w- C:\TDSSKiller_Quarantine
2015-02-22 18:42 . 2015-02-22 18:42 -------- d-----w- c:\programdata\Malwarebytes
2015-02-22 18:42 . 2015-02-23 17:40 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-02-22 18:42 . 2015-02-22 18:57 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-22 18:41 . 2015-02-22 18:57 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-02-21 21:24 . 2015-02-21 21:49 -------- d-----w- C:\FRST
2015-02-21 20:40 . 2015-02-23 19:08 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Contest_team
2015-02-20 23:38 . 2015-02-23 19:08 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Matter-suffer
2015-02-20 09:18 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2015-02-20 09:18 . 2015-02-20 09:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-02-20 09:18 . 2015-02-20 09:20 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2015-02-20 09:16 . 2015-02-20 09:16 -------- d-----w- c:\users\Wallace\AppData\Local\Steam
2015-02-18 06:54 . 2015-02-20 10:53 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Gpwzdqjjza
2015-02-16 17:48 . 2015-02-18 06:54 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Knkwzygm
2015-02-16 17:20 . 2015-02-23 19:08 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Pace-worried
2015-02-15 23:30 . 2015-02-23 19:08 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Opening-speed
2015-02-15 12:06 . 2015-02-23 19:08 -------- d--h--w- c:\users\Wallace\AppData\Roaming\Hatinvite
2015-02-14 16:23 . 2015-02-16 17:48 -------- d--h--w- c:\users\Wallace\AppData\Local\Hvxphis
2015-02-13 18:55 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-13 18:55 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-13 18:55 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-13 18:55 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 18:57 . 2015-02-04 03:16 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-11 18:56 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 18:55 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 18:55 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 18:55 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 18:55 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 18:55 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 18:55 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 18:55 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 18:55 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 18:55 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 18:54 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-11 17:13 . 2015-02-22 18:36 -------- d-----w- c:\programdata\rnx
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-11 19:00 . 2013-12-15 00:27 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-07 09:45 . 2013-12-15 01:02 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-07 09:45 . 2013-12-15 01:02 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 18:44 . 2013-12-15 20:30 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-02-04 17:08 . 2013-12-15 20:30 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-02-04 16:42 . 2013-12-15 20:30 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-12-31 14:37 . 2012-07-17 13:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-12-22 23:41 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 14:46 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 14:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 14:46 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 14:46 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 14:46 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 14:46 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2014-02-12 19:22 . 2014-02-12 19:22 682266 ----a-w- c:\program files (x86)\unins000.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NextLive"="c:\users\Wallace\AppData\Roaming\newnext.me\nengine.dll" [2013-12-15 1283584]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2015-02-27 3631448]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-07-25 1562264]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"Cpu Level Up help"="c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2009-12-28 887936]
"Turbo Key"="c:\program files (x86)\ASUS\Turbo Key\TurboKey.exe" [2009-11-24 1874432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Zboard"="c:\program files (x86)\Ideazon\ZEngine\Zboard.exe" [2011-02-22 182784]
"BF2Hub Client"="c:\program files (x86)\BF2Hub Client\bf2hub.exe" [2014-07-17 1521664]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-07-25 311616]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-01-30 55568]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
c:\users\Wallace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ASUS Update Checker"=c:\program files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys;c:\windows\SYSNATIVE\DRIVERS\camfilt2.sys [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MADFULEGACYKEYBOARD;Service for M-Audio Legacy Keyboard DFU;c:\windows\system32\DRIVERS\MAudioLegacyKeyboard_DFU.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioLegacyKeyboard_DFU.sys [x]
R3 MAUSBLEGACYKEYBOARD;Service for M-Audio Legacy Keyboard;c:\windows\system32\DRIVERS\MAudioLegacyKeyboard.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioLegacyKeyboard.sys [x]
R3 OM0530;EyeToy USB Camera (for PlayStation 2);c:\windows\system32\Drivers\ov530vx.sys;c:\windows\SYSNATIVE\Drivers\ov530vx.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\programdata\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe;c:\programdata\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [x]
S2 OxygenAudioDevMon;Oxygen Audio Device Monitor;c:\program files (x86)\M-Audio\Oxygen\AudioDevMon.exe;c:\program files (x86)\M-Audio\Oxygen\AudioDevMon.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-15 09:45]
.
2015-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 11:14]
.
2015-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 11:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.ftp - 182.239.95.137
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 182.239.95.137
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 182.239.95.137
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 182.239.95.137
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-openinglimited - c:\users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe
Wow6432Node-HKCU-Run-pace-egg - c:\users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe
Wow6432Node-HKCU-Run-matter-visit - c:\users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe
Wow6432Node-HKCU-Run-hat-date - c:\users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe
Wow6432Node-HKCU-Run-contest-compare - c:\users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-13839963.sys
SafeBoot-46463773.sys
SafeBoot-78707057.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-5513-1208-7298-9440 - c:\program files (x86)\JDownloader\JDUninstall.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\BFH Beta 2\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
@DACL=(02 0000)
"ExcludeProfileDirs"="AppData\\Local;AppData\\LocalLow;$Recycle.Bin"
"BuildNumber"=dword:00001db1
"FirstLogon"=dword:00000000
"ParseAutoexec"="1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-02-27 17:22:17 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-02-27 16:22
.
Vor Suchlauf: 10 Verzeichnis(se), 38.703.734.784 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 38.302.113.792 Bytes frei
.
- - End Of File - - DBB344F2579D40B7AF83C5CC0D6752C1
A36C5E4F47E84449FF07ED3517B43A31
|
|
28.02.2015, 10:34
| #15 |
| /// the machine /// TB-Ausbilder | Angeblich nymaim Trojaner eingefangen Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Angeblich nymaim Trojaner eingefangen |
| angeblich, checken, eingefangen, feedback, fehlermeldungen, fenster, freundlich, gefangen, gefunde, gelöscht, gesperrt, neustart, programm, refresh, safer networking, schaden, spybot, systems, trojan-spy.win32.zbot.gen, trojaner, trojaner eingefangen, uds:dangerousobject.multi.generic, uplay, öffnet |
angerousObject.Multi.Generic ) - skipped by user
WARNUNG an die MITLESER: 
Linear-Darstellung
