Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Plagegeister aller Art und deren Bekämpfung: Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 13.08.2015, 15:52   #1
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Hallo

ich habe jetzt nach dem ich gestern meinen Rechner platt gemacht habe wieder Windows 8, 64 Bit System. Laptop, vorinstallierte Versionen von Windows 8. Keine CD. Vor kurzem habe ich von Windows 8.1 auf Windows 10 umgestellt. Plötzlich gingen einige Programme nicht mehr und ich bin wieder zurück auf Win 8.1. Dann hatte ich auf einmal eine Eieruhr neben dem Mauszeiger und habe hier im Forum nachgelesen was es sein könnte. Hatte auch hohe Auslastungen im Bereich Arbeitsspeicher und Datenträger fast bis zu 100 %. Habe dann über das Problem von svchost gelesen. Meine Programme AVG Internetsecurity und auch Malwarebytes sowie Hitmanpro haben nichts angezeigt und Malwarebytese ließ sich später auch nicht mehr ausführen. AVG und Malwarebytes waren Probeversionen. Habe dann bei Euch im Forum svchost exe als Virus? gelesen das dort nur die kurze füffzehn hilft und den Rechner platt gemacht. Jetzt habe ich wieder Windows 8 und nur die Vorinstallation von McAffee auf dem Rechner und Modzilla Firefox installiert sonst nichts. Möchte gerne wissen ob mein System jetzt wieder in Ordnung ist oder nicht?

Vielen dank für die Hilfe!!!


Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:40 on 13/08/2015 (XXXXX)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
durchgeführt von XXXXX (Administrator) auf XXXXX (13-08-2015 08:25:00)
Gestartet von C:\Users\XXXXX\Desktop
Geladene Profile: UpdatusUser & XXXXXXX (Verfügbare Profile: UpdatusUser & Susanne)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13545032 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [454160 2012-11-30] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-01-15] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-1794304933-3207535254-2068445666-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-1794304933-3207535254-2068445666-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-1794304933-3207535254-2068445666-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-1794304933-3207535254-2068445666-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-1794304933-3207535254-2068445666-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1794304933-3207535254-2068445666-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2012-11-30] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2012-11-30] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1E5210DC-85FF-4E1C-98B0-40CB3565919B}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\y9p501c2.default
FF Homepage: hxxp://www.gmx.net/
https://www.google.de/
https://translate.google.de/?hl=de
https://www.kabeldeutschland.de/csc/abmelden
https://www.congstar.de/meincongstar/?glid=1&lpid=1&gclid=CNyBiumnpMcCFVMatAodPT4Ijg
http://www.trojaner-board.de/
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2012-11-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2012-11-30] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-04-26]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0255551439406761mcinstcleanup; C:\WINDOWS\TEMP\025555~1.EXE [833616 2013-01-30] (McAfee, Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-01-15] (CyberLink)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [388240 2012-11-23] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1007288 2012-10-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-11-09] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [177680 2012-11-09] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-04-26] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-11-09] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2012-11-09] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-11-09] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-11-09] (McAfee, Inc.)
U0 msahci; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 08:25 - 2015-08-13 08:25 - 00016226 _____ C:\Users\XXXXX\Desktop\FRST.txt
2015-08-13 08:24 - 2015-08-13 08:25 - 00000000 ____D C:\FRST
2015-08-13 08:23 - 2015-08-13 08:23 - 00000000 _____ C:\Users\XXXXX\defogger_reenable
2015-08-13 08:22 - 2015-08-13 08:23 - 00000476 _____ C:\Users\XXXXX\Desktop\defogger_disable.log
2015-08-13 08:12 - 2015-08-13 08:12 - 02173952 _____ (Farbar) C:\Users\XXXXXX\Desktop\FRST64.exe
2015-08-13 08:12 - 2015-08-13 08:12 - 00380416 _____ C:\Users\XXXXX\Desktop\Gmer-19357.exe
2015-08-13 08:12 - 2015-08-13 08:12 - 00050477 _____ C:\Users\XXXXX\Desktop\Defogger.exe
2015-08-13 08:08 - 2015-08-13 08:08 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-13 08:08 - 2015-08-13 08:08 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-08-13 08:07 - 2015-08-13 08:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-13 07:58 - 2015-08-13 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-08-13 07:53 - 2015-08-13 07:53 - 00000000 ___RD C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-12 22:03 - 2015-08-12 22:03 - 00000000 __SHD C:\Recovery
2015-08-12 21:36 - 2015-08-12 21:37 - 00000000 ____D C:\Users\XXXXX\AppData\Local\Mozilla
2015-08-12 21:36 - 2015-08-12 21:36 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-12 21:36 - 2015-08-12 21:36 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-12 21:36 - 2015-08-12 21:36 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\Mozilla
2015-08-12 21:36 - 2015-08-12 21:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-12 21:36 - 2015-08-12 21:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-12 21:28 - 2014-05-15 03:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 21:28 - 2014-05-15 00:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 21:28 - 2014-05-15 00:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 21:28 - 2014-05-15 00:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 21:28 - 2014-05-15 00:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-12 21:28 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-12 21:22 - 2015-08-12 21:22 - 00000000 _____ C:\Users\XXXXX\agent.log
2015-08-12 21:21 - 2015-08-12 21:21 - 00001085 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2015-08-12 21:19 - 2015-08-13 08:21 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1794304933-3207535254-2068445666-1002
2015-08-12 21:14 - 2015-08-12 21:14 - 00000000 ____D C:\Users\XXXXX\Documents\Bluetooth Folder
2015-08-12 21:14 - 2015-08-12 21:14 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\Macromedia
2015-08-12 21:14 - 2015-08-12 21:14 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\Atheros
2015-08-12 21:14 - 2015-08-12 21:14 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\ASUS WebStorage
2015-08-12 21:14 - 2015-08-12 21:14 - 00000000 ____D C:\Users\XXXXX\AppData\Local\BMExplorer
2015-08-12 21:13 - 2015-08-13 07:53 - 00000073 _____ C:\Users\XXXXX\AppData\Roaming\sp_data.sys
2015-08-12 21:13 - 2015-08-12 21:13 - 00001444 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-12 21:13 - 2015-08-12 21:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-12 21:13 - 2015-08-12 21:13 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\Adobe
2015-08-12 21:12 - 2015-08-13 08:23 - 00000000 ____D C:\Users\XXXXX
2015-08-12 21:12 - 2015-08-12 21:13 - 00000000 ____D C:\Users\XXXXX\AppData\Local\Packages
2015-08-12 21:12 - 2015-08-12 21:12 - 00000196 _____ C:\WINDOWS\FixPatch.log
2015-08-12 21:12 - 2015-08-12 21:12 - 00000020 ___SH C:\Users\XXXXX\ntuser.ini
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Vorlagen
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Startmenü
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Netzwerkumgebung
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Lokale Einstellungen
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Eigene Dateien
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Druckumgebung
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Documents\Eigene Musik
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Documents\Eigene Bilder
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\AppData\Local\Verlauf
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\AppData\Local\Anwendungsdaten
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 _SHDL C:\Users\XXXXX\Anwendungsdaten
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 ____D C:\Users\XXXXX\AppData\Local\VirtualStore
2015-08-12 21:12 - 2015-08-12 21:12 - 00000000 ____D C:\Users\XXXXX\AppData\Local\ASUS
2015-08-12 21:12 - 2013-04-26 09:59 - 00000000 ___RD C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 21:12 - 2013-04-26 01:16 - 00002098 _____ C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-08-12 21:12 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 21:12 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-12 21:12 - 2012-07-26 10:13 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 08:25 - 2014-03-01 12:35 - 01073214 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-13 08:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-13 08:07 - 2013-04-26 01:15 - 00000000 ____D C:\ProgramData\Adobe
2015-08-13 08:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-13 07:57 - 2013-04-26 01:18 - 00000000 ____D C:\ProgramData\McAfee
2015-08-13 07:56 - 2012-08-03 01:15 - 00785550 _____ C:\WINDOWS\system32\perfh013.dat
2015-08-13 07:56 - 2012-08-03 01:15 - 00158586 _____ C:\WINDOWS\system32\perfc013.dat
2015-08-13 07:56 - 2012-08-03 01:11 - 00780976 _____ C:\WINDOWS\system32\perfh010.dat
2015-08-13 07:56 - 2012-08-03 01:11 - 00152608 _____ C:\WINDOWS\system32\perfc010.dat
2015-08-13 07:56 - 2012-08-03 01:06 - 00790022 _____ C:\WINDOWS\system32\perfh00C.dat
2015-08-13 07:56 - 2012-08-03 01:06 - 00155084 _____ C:\WINDOWS\system32\perfc00C.dat
2015-08-13 07:56 - 2012-08-03 01:02 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-13 07:56 - 2012-08-03 01:02 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-13 07:56 - 2012-07-26 09:28 - 04568320 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-13 07:53 - 2014-03-01 12:33 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-08-12 23:07 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2015-08-12 23:04 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-12 22:03 - 2012-07-26 10:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-12 21:28 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-12 21:14 - 2014-03-01 12:44 - 00000000 ____D C:\ProgramData\Atheros
2015-08-12 21:14 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-12 21:12 - 2012-08-02 15:33 - 00000000 ____D C:\WINDOWS\Log
2015-08-12 21:12 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-12 21:12 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-12 21:13 - 2015-08-13 07:53 - 0000073 _____ () C:\Users\XXXXX\AppData\Roaming\sp_data.sys
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\SetStretch.VBS


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2012-08-02 15:24

==================== Ende von Ergebnis ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-08-2015
durchgeführt von XXXXX (2015-08-13 08:25:32)
Gestartet von C:\Users\XXXXX\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1794304933-3207535254-2068445666-500 - Administrator - Disabled)
Gast (S-1-5-21-1794304933-3207535254-2068445666-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1794304933-3207535254-2068445666-1004 - Limited - Enabled)
Susanne (S-1-5-21-1794304933-3207535254-2068445666-1002 - Administrator - Enabled) => C:\Users\Susanne
UpdatusUser (S-1-5-21-1794304933-3207535254-2068445666-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Reader XI - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.6 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.1.282 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0 (x86 de)) (Version: 40.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.66 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

12-08-2015 21:28:12 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1841F993-E296-4BE4-B0B3-53FF4C211866} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {278FB095-70F3-41AF-86E1-ACDCC3DFCD4F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {65E4B102-42C8-4272-BE24-C07ECF847106} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {7004ABEF-4FB5-4DB9-9D07-BBEE825C98A6} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {7535A508-68C4-4552-B25C-041DB8F71935} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2013-01-22] (ASUS)
Task: {937F2797-535D-4D7E-865E-DF6460A3E660} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {943F0688-B754-4612-95A9-86C4BEFD6A63} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {A143A7AF-E6A4-41CB-A24F-4682A328495A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {D65C524D-CC2D-4D37-AB73-7D79DD3F9F7E} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {E7DB6F04-0E5F-49F6-82E1-C45912A304B9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {E833CAEB-5DC4-47B3-8051-EF7AA579E8AD} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-06-13 05:33 - 2013-06-03 11:10 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-01-25 02:09 - 2013-01-25 02:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 02:05 - 2013-01-25 02:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 02:12 - 2013-01-25 02:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-01 12:32 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1794304933-3207535254-2068445666-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DC9D4B89-F821-42D0-992D-C32853327676}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{70F6F367-D16D-4E03-8917-0AF96791CE5B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5732DE92-F2E8-4EFA-8211-59D9C1216D9C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{FB4B5D1F-46F4-4EE4-A9DD-1CC5A993E8B9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{BEBD6992-F474-476F-AA99-813387C3315B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12619529-46A3-401F-8C45-41DA4469E6B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================

Systemfehler:
=============
Error: (08/12/2015 09:52:47 PM) (Source: DCOM) (EventID: 10010) (User: XXXXX)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (08/12/2015 09:14:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (08/12/2015 11:04:04 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.


Microsoft Office:
=========================

==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8069.72 MB
Verfügbarer physikalischer RAM: 4740.19 MB
Summe virtueller Speicher: 12677.72 MB
Verfügbarer virtueller Speicher: 9445.93 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:1117.37 GB) (Free:1076.28 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Data) (Fixed) (Total:1655.6 GB) (Free:1655.37 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: A523CAED)

Partition: GPT.

==================== Ende von Ergebnis ============================


Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-13 09:12:20
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000043 ST3000DM001-1CH166 rev.CC27 2794,52GB
Running: Gmer-19357.exe; Driver: C:\Users\Susanne\AppData\Local\Temp\pxdoypow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1152] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                        000007fdba601532 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1152] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                        000007fdba60153a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1152] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                      000007fdba60165a 4 bytes [60, BA, FD, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[1160] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                                  000007fdba601532 4 bytes [60, BA, FD, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[1160] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                                  000007fdba60153a 4 bytes [60, BA, FD, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[1160] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                                000007fdba60165a 4 bytes [60, BA, FD, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[1160] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                        000007fdbb3f177a 4 bytes [3F, BB, FD, 07]
.text   C:\WINDOWS\system32\nvvsvc.exe[1160] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                        000007fdbb3f1782 4 bytes [3F, BB, FD, 07]
.text   C:\windows\system32\mfevtps.exe[1548] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 306                                       000007fdbb3f177a 4 bytes [3F, BB, FD, 07]
.text   C:\windows\system32\mfevtps.exe[1548] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 314                                       000007fdbb3f1782 4 bytes [3F, BB, FD, 07]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2056] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306              000007fdbb3f177a 4 bytes [3F, BB, FD, 07]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2056] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314              000007fdbb3f1782 4 bytes [3F, BB, FD, 07]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2308] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007fdbb3f177a 4 bytes [3F, BB, FD, 07]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2308] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007fdbb3f1782 4 bytes [3F, BB, FD, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4360] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                          000007fdba601532 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4360] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                          000007fdba60153a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4360] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                        000007fdba60165a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[3992] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                             000007fdba601532 4 bytes [60, BA, FD, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[3992] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                             000007fdba60153a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[3992] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                           000007fdba60165a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[3992] C:\WINDOWS\SYSTEM32\WSOCK32.dll!recvfrom + 742                                 000007fda2061b32 4 bytes [06, A2, FD, 07]
.text   C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[3992] C:\WINDOWS\SYSTEM32\WSOCK32.dll!recvfrom + 750                                 000007fda2061b3a 4 bytes [06, A2, FD, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5056] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                                 000007fdba601532 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5056] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                                 000007fdba60153a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5056] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                               000007fdba60165a 4 bytes [60, BA, FD, 07]
.text   C:\Program Files\mcafee.com\agent\McUpdate.exe[4936] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                        000007fdbb3f177a 4 bytes [3F, BB, FD, 07]
.text   C:\Program Files\mcafee.com\agent\McUpdate.exe[4936] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                        000007fdbb3f1782 4 bytes [3F, BB, FD, 07]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [764:788]                                                                                                  fffff960009125e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                    unknown MBR code

---- EOF - GMER 2.1 ----


Code:
ATTFilter
Bekomme während GMER läuft einen Fehlerhinweis vom System C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Weiterer Fehler C\Users\XXXXX\ntuser.dat:Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Alt 13.08.2015, 16:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________
Alt 13.08.2015, 16:45   #3
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________
Alt 13.08.2015, 19:22   #4
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Hi Schrauber, die Malwarebytes Anti Rootkit Beta steht und passiert nix. Hängt an der ASUS\APRP\APRP Exe. Steht Done, beim Cancel sagt er ist noch in Arbeit. Nichts hinterlegt
weder Previous noch Next an den Cleanup komme ich nicht. Kann den Prozess nicht unterbrechen oder stoppen. Zweiter Versuch, beim ersten wurde der Prozess ebenfalls nicht beendet oder unterbrochen, musste Neustart machen trotzdem sagt er das Programm läuft?

Komme nicht weiter, wie kann ich den Prozess beenden?

Weiß nicht ob ich was falsch gemacht habe?

Soll ich nun mit dem TDSS Killer weitermachen?

Sorry
Geändert von JSM (13.08.2015 um 19:48 Uhr) Grund: Ergänzung

Alt 14.08.2015, 16:00   #5
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Ja, lass MBAR weg und mach TDSSKiller.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.08.2015, 12:37   #6
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Mbar system log txt


Ich habe nach dem Start das das Update gemacht und next und dann den Scan, an das besagte Clean Up kam ich überhaupt nicht da wieder irgendwann das Progi stand. Habe hier lediglich den system log.txt gefunden
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4282429440

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4451581952

Downloaded database version: v2015.08.13.05
Downloaded database version: v2015.08.06.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
     08/13/2015 18:26:26
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\condrv.sys
\Device\mfehidk01.sys
\Device\mfeapfk01.sys
\Device\mfeavfk01.sys
\Device\mfencbdc01.sys
\SystemRoot\system32\drivers\mfefirek.sys
\Device\mfencbdc02.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.08.13.05
  rootkit: v2015.08.06.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007f10060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007e36980, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007f10060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80076efe40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80077477f0, DeviceName: \Device\00000043\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
Scan Interrupted
Scan Interrupted
Scan Interrupted
Scan Interrupted
Scan Interrupted
Scan Interrupted
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4757270528

Downloaded database version: v2015.08.13.05
Canceled update
Downloaded database version: v2015.08.13.05
Canceled update
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4430921728

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4525940736

Downloaded database version: v2015.08.13.05
Canceled update
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4997279744

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16519

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 4988403712

Downloaded database version: v2015.08.13.05
Canceled update
Initializing...
======================
------------ Kernel report ------------
     08/13/2015 19:01:59
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\condrv.sys
\Device\mfehidk01.sys
\Device\mfeapfk01.sys
\Device\mfeavfk01.sys
\Device\mfencbdc01.sys
\SystemRoot\system32\drivers\mfefirek.sys
\Device\mfencbdc02.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\cdd.dll
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007f10060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007e36980, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007f10060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80076efe40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80077477f0, DeviceName: \Device\00000043\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17451

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 6190886912

Could not load protection driver
Downloaded database version: v2015.08.14.03
Downloaded database version: v2015.08.06.01
Downloaded database version: v2015.07.28.01
Initializing...
======================
------------ Kernel report ------------
     08/14/2015 15:24:09
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\viaide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\mfedisk.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\mfeaack.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.08.14.03
  rootkit: v2015.08.06.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009831060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800894bdf0, DeviceName: Unknown, DriverName: \Driver\mfedisk\
DevicePointer: 0xfffffa8009831b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009831060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80076ed320, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80076ec060, DeviceName: \Device\00000043\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17451

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 6651346944

Could not load protection driver
No address found
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17451

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 6623526912

Could not load protection driver
Downloaded database version: v2015.08.14.04
Downloaded database version: v2015.08.14.05
Downloaded database version: v2015.08.14.06
Downloaded database version: v2015.08.15.01
=======================================
Initializing...
------------ Kernel report ------------
     08/15/2015 07:36:32
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\viaide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\mfedisk.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\mfeaack.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.08.15.01
  rootkit: v2015.08.06.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009831060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800894bdf0, DeviceName: Unknown, DriverName: \Driver\mfedisk\
DevicePointer: 0xfffffa8009831b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009831060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80076ed320, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80076ec060, DeviceName: \Device\00000043\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17451

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 5691334656

Could not load protection driver
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17451

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461717504, free: 5700804608

Could not load protection driver
Downloaded database version: v2015.08.15.02
Downloaded database version: v2015.08.15.03

Alt 15.08.2015, 12:47   #7
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

TDSS Killer


So das wars, anscheinend nichts gefunden?! Gruß JSM

Code:
ATTFilter
13:40:55.0599 0x1350  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:40:55.0599 0x1350  UEFI system
13:41:03.0060 0x1350  ============================================================
13:41:03.0060 0x1350  Current date / time: 2015/08/15 13:41:03.0060
13:41:03.0060 0x1350  SystemInfo:
13:41:03.0060 0x1350  
13:41:03.0060 0x1350  OS Version: 6.2.9200 ServicePack: 0.0
13:41:03.0060 0x1350  Product type: Workstation
13:41:03.0060 0x1350  ComputerName: SUSANNE
13:41:03.0060 0x1350  UserName: Susanne
13:41:03.0060 0x1350  Windows directory: C:\WINDOWS
13:41:03.0060 0x1350  System windows directory: C:\WINDOWS
13:41:03.0060 0x1350  Running under WOW64
13:41:03.0060 0x1350  Processor architecture: Intel x64
13:41:03.0060 0x1350  Number of processors: 8
13:41:03.0060 0x1350  Page size: 0x1000
13:41:03.0060 0x1350  Boot type: Normal boot
13:41:03.0060 0x1350  ============================================================
13:41:03.0705 0x1350  KLMD registered as C:\WINDOWS\system32\drivers\47195141.sys
13:41:06.0322 0x1350  System UUID: {9B4EE4C3-D917-FF12-E428-D41CAB5C8A6B}
13:41:07.0010 0x1350  Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:41:07.0013 0x1350  ============================================================
13:41:07.0013 0x1350  \Device\Harddisk0\DR0:
13:41:07.0013 0x1350  GPT partitions:
13:41:07.0013 0x1350  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F23DC752-9E5B-4386-BC50-029C2AF28C7F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:41:07.0014 0x1350  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DA6F32CD-1CEA-4831-8E52-AE6454DB5D25}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
13:41:07.0014 0x1350  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9C3C4DAE-EEA8-4BE4-8E49-C8F4D98D5E41}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
13:41:07.0014 0x1350  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0C60FA7D-B919-4CD0-BC82-CBF734165513}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x8BABC800
13:41:07.0014 0x1350  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5869F0C6-F15F-48A5-997E-1DC47C25F173}, Name: , StartLBA 0x8BCF1000, BlocksNum 0xE1000
13:41:07.0014 0x1350  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FADD7EF0-39EB-4646-80E9-F9862F03B9D1}, Name: Basic data partition, StartLBA 0x8BDD2000, BlocksNum 0xCEF3338F
13:41:07.0014 0x1350  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {76CBD40C-4A38-4A8E-8B73-E0222B5C2C36}, Name: Basic data partition, StartLBA 0x15AD0538F, BlocksNum 0x2805000
13:41:07.0014 0x1350  MBR partitions:
13:41:07.0014 0x1350  ============================================================
13:41:07.0025 0x1350  C: <-> \Device\Harddisk0\DR0\Partition4
13:41:07.0027 0x1350  D: <-> \Device\Harddisk0\DR0\Partition6
13:41:07.0027 0x1350  ============================================================
13:41:07.0027 0x1350  Initialize success
13:41:07.0027 0x1350  ============================================================
13:42:07.0019 0x0ff8  ============================================================
13:42:07.0019 0x0ff8  Scan started
13:42:07.0019 0x0ff8  Mode: Manual; SigCheck; TDLFS; 
13:42:07.0019 0x0ff8  ============================================================
13:42:07.0019 0x0ff8  KSN ping started
13:42:09.0408 0x0ff8  KSN ping finished: true
13:42:10.0540 0x0ff8  ================ Scan system memory ========================
13:42:10.0540 0x0ff8  System memory - ok
13:42:10.0540 0x0ff8  ================ Scan services =============================
13:42:10.0622 0x0ff8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:42:10.0672 0x0ff8  1394ohci - ok
13:42:10.0680 0x0ff8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:42:10.0707 0x0ff8  3ware - ok
13:42:10.0716 0x0ff8  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:42:10.0735 0x0ff8  ACPI - ok
13:42:10.0739 0x0ff8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:42:10.0754 0x0ff8  acpiex - ok
13:42:10.0762 0x0ff8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:42:10.0784 0x0ff8  acpipagr - ok
13:42:10.0787 0x0ff8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:42:10.0811 0x0ff8  AcpiPmi - ok
13:42:10.0814 0x0ff8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:42:10.0838 0x0ff8  acpitime - ok
13:42:10.0904 0x0ff8  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:42:10.0914 0x0ff8  AdobeARMservice - ok
13:42:10.0925 0x0ff8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
13:42:10.0958 0x0ff8  adp94xx - ok
13:42:10.0966 0x0ff8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
13:42:10.0995 0x0ff8  adpahci - ok
13:42:11.0000 0x0ff8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
13:42:11.0025 0x0ff8  adpu320 - ok
13:42:11.0060 0x0ff8  [ 480C020D9B58E881A5349F5F1189A418, 8AE8ED9CD8F239DF47853FBCE45DB34652CE94E3FD296FDF3897AC6DD5F9B143 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
13:42:11.0076 0x0ff8  AeLookupSvc - ok
13:42:11.0108 0x0ff8  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:42:11.0136 0x0ff8  AFD - ok
13:42:11.0181 0x0ff8  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\agrsm64.sys
13:42:11.0226 0x0ff8  AgereSoftModem - ok
13:42:11.0232 0x0ff8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:42:11.0253 0x0ff8  agp440 - ok
13:42:11.0274 0x0ff8  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
13:42:11.0288 0x0ff8  AiCharger - ok
13:42:11.0304 0x0ff8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\WINDOWS\System32\alg.exe
13:42:11.0334 0x0ff8  ALG - ok
13:42:11.0358 0x0ff8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
13:42:11.0386 0x0ff8  AllUserInstallAgent - ok
13:42:11.0390 0x0ff8  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:42:11.0425 0x0ff8  AmdK8 - ok
13:42:11.0429 0x0ff8  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:42:11.0452 0x0ff8  AmdPPM - ok
13:42:11.0456 0x0ff8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:42:11.0478 0x0ff8  amdsata - ok
13:42:11.0485 0x0ff8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:42:11.0510 0x0ff8  amdsbs - ok
13:42:11.0514 0x0ff8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:42:11.0534 0x0ff8  amdxata - ok
13:42:11.0538 0x0ff8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:42:11.0572 0x0ff8  AppID - ok
13:42:11.0586 0x0ff8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:42:11.0615 0x0ff8  AppIDSvc - ok
13:42:11.0651 0x0ff8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:42:11.0665 0x0ff8  Appinfo - ok
13:42:11.0669 0x0ff8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\WINDOWS\system32\drivers\arc.sys
13:42:11.0692 0x0ff8  arc - ok
13:42:11.0696 0x0ff8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:42:11.0720 0x0ff8  arcsas - ok
13:42:11.0772 0x0ff8  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:42:11.0783 0x0ff8  ASLDRService - ok
13:42:11.0789 0x0ff8  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:42:11.0797 0x0ff8  ASMMAP64 - ok
13:42:11.0829 0x0ff8  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
13:42:11.0844 0x0ff8  ASUS InstantOn - ok
13:42:11.0875 0x0ff8  [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
13:42:11.0882 0x0ff8  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
13:42:14.0200 0x0ff8  Detect skipped due to KSN trusted
13:42:14.0200 0x0ff8  Asus WebStorage Windows Service - ok
13:42:14.0204 0x0ff8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:42:14.0231 0x0ff8  AsyncMac - ok
13:42:14.0265 0x0ff8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:42:14.0275 0x0ff8  atapi - ok
13:42:14.0285 0x0ff8  [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
13:42:14.0298 0x0ff8  AthBTPort - ok
13:42:14.0315 0x0ff8  [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:42:14.0330 0x0ff8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:42:16.0678 0x0ff8  Detect skipped due to KSN trusted
13:42:16.0678 0x0ff8  AtherosSvc - ok
13:42:16.0785 0x0ff8  [ 8A869761F8A024DD2EA77E155BFAABFF, D6D6E66945055F280006421D4160A373236DE4B87405C5D628B46B8D162E5117 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
13:42:16.0860 0x0ff8  athr - ok
13:42:16.0868 0x0ff8  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:42:16.0878 0x0ff8  ATKGFNEXSrv - ok
13:42:16.0881 0x0ff8  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:42:16.0891 0x0ff8  ATKWMIACPIIO - ok
13:42:16.0894 0x0ff8  [ 3903D1056E778BAEFA310B9B6EA6053E, 863977B4166A04557E154C41AC3B194A9F5C56C6090E8DE47C0D9D0E8CBD648E ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
13:42:16.0908 0x0ff8  ATP - ok
13:42:16.0962 0x0ff8  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:42:16.0979 0x0ff8  AudioEndpointBuilder - ok
13:42:17.0005 0x0ff8  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:42:17.0036 0x0ff8  Audiosrv - ok
13:42:17.0064 0x0ff8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:42:17.0091 0x0ff8  AxInstSV - ok
13:42:17.0121 0x0ff8  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:42:17.0156 0x0ff8  b06bdrv - ok
13:42:17.0167 0x0ff8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:42:17.0181 0x0ff8  BasicDisplay - ok
13:42:17.0184 0x0ff8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:42:17.0196 0x0ff8  BasicRender - ok
13:42:17.0212 0x0ff8  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:42:17.0239 0x0ff8  BDESVC - ok
13:42:17.0248 0x0ff8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:42:17.0273 0x0ff8  Beep - ok
13:42:17.0315 0x0ff8  [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE             C:\WINDOWS\System32\bfe.dll
13:42:17.0340 0x0ff8  BFE - ok
13:42:17.0387 0x0ff8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:42:17.0414 0x0ff8  BITS - ok
13:42:17.0419 0x0ff8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:42:17.0440 0x0ff8  bowser - ok
13:42:17.0489 0x0ff8  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:42:17.0504 0x0ff8  BrokerInfrastructure - ok
13:42:17.0527 0x0ff8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\WINDOWS\System32\browser.dll
13:42:17.0544 0x0ff8  Browser - ok
13:42:17.0579 0x0ff8  [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
13:42:17.0595 0x0ff8  BTATH_A2DP - ok
13:42:17.0600 0x0ff8  [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
13:42:17.0610 0x0ff8  btath_avdt - ok
13:42:17.0614 0x0ff8  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
13:42:17.0626 0x0ff8  BTATH_BUS - ok
13:42:17.0631 0x0ff8  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
13:42:17.0643 0x0ff8  BTATH_HCRP - ok
13:42:17.0647 0x0ff8  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
13:42:17.0656 0x0ff8  BTATH_LWFLT - ok
13:42:17.0661 0x0ff8  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
13:42:17.0670 0x0ff8  BTATH_RCP - ok
13:42:17.0683 0x0ff8  [ 7A38787D2CF43FA2812E2BF86F636BB9, 1A22D38B8CA091E8E8D794FC316DE52E949102EB779A38A1FAE2F72DD3DD5945 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
13:42:17.0700 0x0ff8  BtFilter - ok
13:42:17.0725 0x0ff8  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:42:17.0748 0x0ff8  BthAvrcpTg - ok
13:42:17.0771 0x0ff8  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
13:42:17.0802 0x0ff8  BthEnum - ok
13:42:17.0806 0x0ff8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:42:17.0854 0x0ff8  BthHFEnum - ok
13:42:17.0857 0x0ff8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:42:17.0879 0x0ff8  bthhfhid - ok
13:42:17.0890 0x0ff8  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
13:42:17.0911 0x0ff8  BthLEEnum - ok
13:42:17.0915 0x0ff8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:42:17.0951 0x0ff8  BTHMODEM - ok
13:42:17.0956 0x0ff8  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
13:42:17.0972 0x0ff8  BthPan - ok
13:42:18.0014 0x0ff8  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
13:42:18.0045 0x0ff8  BTHPORT - ok
13:42:18.0051 0x0ff8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:42:18.0085 0x0ff8  bthserv - ok
13:42:18.0091 0x0ff8  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
13:42:18.0105 0x0ff8  BTHUSB - ok
13:42:18.0109 0x0ff8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:42:18.0133 0x0ff8  cdfs - ok
13:42:18.0139 0x0ff8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:42:18.0162 0x0ff8  cdrom - ok
13:42:18.0177 0x0ff8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:42:18.0192 0x0ff8  CertPropSvc - ok
13:42:18.0220 0x0ff8  [ 71BC80BF1B93EB7C8B58E706A9B486F4, 7C1B67A2E71EB4016015F70CC0A2EE0802EED2B7337FBC1C9140626210D84A9F ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
13:42:18.0229 0x0ff8  cfwids - ok
13:42:18.0233 0x0ff8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:42:18.0268 0x0ff8  circlass - ok
13:42:18.0291 0x0ff8  [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:42:18.0308 0x0ff8  CLFS - ok
13:42:18.0350 0x0ff8  [ 43A76111BFF11559CA1E6D13FFABF646, 4EDB91FF313AD94A284DE04446B13964916A9FE5496A9FF294F94DA140337150 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
13:42:18.0362 0x0ff8  CLKMSVC10_38F51D56 - ok
13:42:18.0370 0x0ff8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:42:18.0399 0x0ff8  CmBatt - ok
13:42:18.0424 0x0ff8  [ 45845AF69F92DEA0347168DFC6FA917B, AD31DFF99CA91A75F2636BBB4908103AE0C60727B3D1495E3EDF3A28EC7990EE ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:42:18.0447 0x0ff8  CNG - ok
13:42:18.0453 0x0ff8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
13:42:18.0472 0x0ff8  CompositeBus - ok
13:42:18.0474 0x0ff8  COMSysApp - ok
13:42:18.0479 0x0ff8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:42:18.0490 0x0ff8  condrv - ok
13:42:18.0543 0x0ff8  [ 203F5BDAD8EA2CEB3DFA5975AAB341F1, B1357243403634687B861F83443FA10FC32CFD3E911705EFA7165AF020F95BE6 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:42:18.0569 0x0ff8  cphs - ok
13:42:18.0598 0x0ff8  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:42:18.0615 0x0ff8  CryptSvc - ok
13:42:18.0627 0x0ff8  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:42:18.0638 0x0ff8  dam - ok
13:42:18.0689 0x0ff8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:42:18.0715 0x0ff8  DcomLaunch - ok
13:42:18.0738 0x0ff8  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:42:18.0775 0x0ff8  defragsvc - ok
13:42:18.0788 0x0ff8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:42:18.0808 0x0ff8  DeviceAssociationService - ok
13:42:18.0820 0x0ff8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:42:18.0835 0x0ff8  DeviceInstall - ok
13:42:18.0865 0x0ff8  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:42:18.0879 0x0ff8  Dfsc - ok
13:42:18.0904 0x0ff8  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:42:18.0922 0x0ff8  Dhcp - ok
13:42:18.0935 0x0ff8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\WINDOWS\system32\drivers\discache.sys
13:42:18.0951 0x0ff8  discache - ok
13:42:18.0984 0x0ff8  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:42:18.0996 0x0ff8  disk - ok
13:42:19.0038 0x0ff8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:42:19.0068 0x0ff8  dmvsc - ok
13:42:19.0103 0x0ff8  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:42:19.0120 0x0ff8  Dnscache - ok
13:42:19.0146 0x0ff8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:42:19.0186 0x0ff8  dot3svc - ok
13:42:19.0206 0x0ff8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\WINDOWS\system32\dps.dll
13:42:19.0225 0x0ff8  DPS - ok
13:42:19.0235 0x0ff8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:42:19.0247 0x0ff8  drmkaud - ok
13:42:19.0290 0x0ff8  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:42:19.0309 0x0ff8  DsmSvc - ok
13:42:19.0374 0x0ff8  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:42:19.0412 0x0ff8  DXGKrnl - ok
13:42:19.0443 0x0ff8  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
13:42:19.0484 0x0ff8  e1iexpress - ok
13:42:19.0502 0x0ff8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:42:19.0531 0x0ff8  Eaphost - ok
13:42:19.0597 0x0ff8  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:42:19.0702 0x0ff8  ebdrv - ok
13:42:19.0724 0x0ff8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\WINDOWS\System32\lsass.exe
13:42:19.0738 0x0ff8  EFS - ok
13:42:19.0758 0x0ff8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:42:19.0769 0x0ff8  EhStorClass - ok
13:42:19.0773 0x0ff8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:42:19.0796 0x0ff8  EhStorTcgDrv - ok
13:42:19.0807 0x0ff8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:42:19.0827 0x0ff8  ErrDev - ok
13:42:19.0853 0x0ff8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\WINDOWS\system32\es.dll
13:42:19.0875 0x0ff8  EventSystem - ok
13:42:19.0881 0x0ff8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:42:19.0913 0x0ff8  exfat - ok
13:42:19.0919 0x0ff8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:42:19.0933 0x0ff8  fastfat - ok
13:42:19.0956 0x0ff8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:42:19.0993 0x0ff8  Fax - ok
13:42:19.0997 0x0ff8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:42:20.0018 0x0ff8  fdc - ok
13:42:20.0045 0x0ff8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:42:20.0083 0x0ff8  fdPHost - ok
13:42:20.0093 0x0ff8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:42:20.0110 0x0ff8  FDResPub - ok
13:42:20.0122 0x0ff8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:42:20.0147 0x0ff8  fhsvc - ok
13:42:20.0150 0x0ff8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:42:20.0161 0x0ff8  FileInfo - ok
13:42:20.0164 0x0ff8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:42:20.0195 0x0ff8  Filetrace - ok
13:42:20.0198 0x0ff8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:42:20.0223 0x0ff8  flpydisk - ok
13:42:20.0231 0x0ff8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:42:20.0248 0x0ff8  FltMgr - ok
13:42:20.0294 0x0ff8  [ AD61E8B66750B9C921F52FF6287C9B30, 6C284E7DC99D2A7DEE269FBCBF2FA97B035268F37633EE667DEEBAE627D51F83 ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:42:20.0327 0x0ff8  FontCache - ok
13:42:20.0390 0x0ff8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:20.0414 0x0ff8  FontCache3.0.0.0 - ok
13:42:20.0418 0x0ff8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:42:20.0439 0x0ff8  FsDepends - ok
13:42:20.0442 0x0ff8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:42:20.0452 0x0ff8  Fs_Rec - ok
13:42:20.0488 0x0ff8  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:42:20.0506 0x0ff8  fvevol - ok
13:42:20.0510 0x0ff8  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
13:42:20.0532 0x0ff8  FxPPM - ok
13:42:20.0535 0x0ff8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:42:20.0558 0x0ff8  gagp30kx - ok
13:42:20.0595 0x0ff8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:42:20.0619 0x0ff8  GamesAppService - ok
13:42:20.0630 0x0ff8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:42:20.0652 0x0ff8  gencounter - ok
13:42:20.0684 0x0ff8  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:42:20.0707 0x0ff8  GPIOClx0101 - ok
13:42:20.0755 0x0ff8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:42:20.0791 0x0ff8  gpsvc - ok
13:42:20.0825 0x0ff8  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
13:42:20.0853 0x0ff8  HdAudAddService - ok
13:42:20.0876 0x0ff8  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:42:20.0889 0x0ff8  HDAudBus - ok
13:42:20.0915 0x0ff8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:42:20.0937 0x0ff8  HidBatt - ok
13:42:20.0964 0x0ff8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:42:20.0988 0x0ff8  HidBth - ok
13:42:20.0991 0x0ff8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:42:21.0029 0x0ff8  hidi2c - ok
13:42:21.0033 0x0ff8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:42:21.0072 0x0ff8  HidIr - ok
13:42:21.0095 0x0ff8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:42:21.0108 0x0ff8  hidserv - ok
13:42:21.0122 0x0ff8  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
13:42:21.0129 0x0ff8  HIDSwitch - ok
13:42:21.0169 0x0ff8  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:42:21.0199 0x0ff8  HidUsb - ok
13:42:21.0269 0x0ff8  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
13:42:21.0292 0x0ff8  HipShieldK - ok
13:42:21.0319 0x0ff8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
13:42:21.0348 0x0ff8  hkmsvc - ok
13:42:21.0361 0x0ff8  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:42:21.0389 0x0ff8  HomeGroupListener - ok
13:42:21.0418 0x0ff8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:42:21.0438 0x0ff8  HomeGroupProvider - ok
13:42:21.0534 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:42:21.0547 0x0ff8  HomeNetSvc - ok
13:42:21.0569 0x0ff8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:42:21.0591 0x0ff8  HpSAMD - ok
13:42:21.0630 0x0ff8  [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:42:21.0656 0x0ff8  HTTP - ok
13:42:21.0660 0x0ff8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:42:21.0671 0x0ff8  hwpolicy - ok
13:42:21.0695 0x0ff8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:42:21.0733 0x0ff8  hyperkbd - ok
13:42:21.0737 0x0ff8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:42:21.0759 0x0ff8  HyperVideo - ok
13:42:21.0764 0x0ff8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:42:21.0777 0x0ff8  i8042prt - ok
13:42:21.0809 0x0ff8  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:42:21.0831 0x0ff8  iaStorA - ok
13:42:21.0841 0x0ff8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:42:21.0870 0x0ff8  iaStorV - ok
13:42:21.0891 0x0ff8  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
13:42:21.0902 0x0ff8  ICCS - ok
13:42:22.0008 0x0ff8  [ 5268F385C889BB942E0F9596DE83373F, 011280191EEF8053CD413734A0B08F5DF88CD8408CD8354AABF2216F4C59F921 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:42:22.0090 0x0ff8  igfx - ok
13:42:22.0097 0x0ff8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
13:42:22.0118 0x0ff8  iirsp - ok
13:42:22.0171 0x0ff8  [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:42:22.0203 0x0ff8  IKEEXT - ok
13:42:22.0287 0x0ff8  [ 12628A1A2495D202A813B7743F799257, 7480098E35B2B8C6BE8A289225EB9E8201D8D58E5F19E25927A828552FB47477 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:42:22.0349 0x0ff8  IntcAzAudAddService - ok
13:42:22.0366 0x0ff8  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:42:22.0384 0x0ff8  IntcDAud - ok
13:42:22.0424 0x0ff8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:42:22.0443 0x0ff8  Intel(R) Capability Licensing Service Interface - ok
13:42:22.0465 0x0ff8  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:42:22.0475 0x0ff8  Intel(R) ME Service - ok
13:42:22.0478 0x0ff8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:42:22.0488 0x0ff8  intelide - ok
13:42:22.0492 0x0ff8  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:42:22.0503 0x0ff8  intelppm - ok
13:42:22.0507 0x0ff8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:42:22.0534 0x0ff8  IpFilterDriver - ok
13:42:22.0565 0x0ff8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:42:22.0594 0x0ff8  iphlpsvc - ok
13:42:22.0625 0x0ff8  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:42:22.0649 0x0ff8  IPMIDRV - ok
13:42:22.0654 0x0ff8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:42:22.0683 0x0ff8  IPNAT - ok
13:42:22.0686 0x0ff8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:42:22.0728 0x0ff8  IRENUM - ok
13:42:22.0731 0x0ff8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:42:22.0751 0x0ff8  isapnp - ok
13:42:22.0789 0x0ff8  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:42:22.0816 0x0ff8  iScsiPrt - ok
13:42:22.0849 0x0ff8  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:42:22.0859 0x0ff8  jhi_service - ok
13:42:22.0863 0x0ff8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:42:22.0875 0x0ff8  kbdclass - ok
13:42:22.0878 0x0ff8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:42:22.0914 0x0ff8  kbdhid - ok
13:42:22.0934 0x0ff8  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys
13:42:22.0959 0x0ff8  kbfiltr - ok
13:42:22.0962 0x0ff8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
13:42:22.0975 0x0ff8  kdnic - ok
13:42:22.0990 0x0ff8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:42:23.0003 0x0ff8  KeyIso - ok
13:42:23.0021 0x0ff8  [ 559A933F5647A7A2783C8A0C6CB0514C, B4CF12D409F14E21DE081A5D7FC935719582FADA1505D03301B444B6B027F1EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:42:23.0033 0x0ff8  KSecDD - ok
13:42:23.0059 0x0ff8  [ A01C9741FD25D87D9E2609A9B1C914C4, FA805767301C2EF1C451C86D0ED27C6A5D2417C3BAD66CB55F8F9682653AFD45 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:42:23.0071 0x0ff8  KSecPkg - ok
13:42:23.0075 0x0ff8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:42:23.0086 0x0ff8  ksthunk - ok
13:42:23.0137 0x0ff8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:42:23.0186 0x0ff8  KtmRm - ok
13:42:23.0231 0x0ff8  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:42:23.0250 0x0ff8  LanmanServer - ok
13:42:23.0277 0x0ff8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:42:23.0293 0x0ff8  LanmanWorkstation - ok
13:42:23.0298 0x0ff8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
13:42:23.0312 0x0ff8  lltdio - ok
13:42:23.0331 0x0ff8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:42:23.0371 0x0ff8  lltdsvc - ok
13:42:23.0385 0x0ff8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:42:23.0399 0x0ff8  lmhosts - ok
13:42:23.0427 0x0ff8  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:42:23.0440 0x0ff8  LMS - ok
13:42:23.0445 0x0ff8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:42:23.0473 0x0ff8  LSI_SAS - ok
13:42:23.0477 0x0ff8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
13:42:23.0503 0x0ff8  LSI_SAS2 - ok
13:42:23.0508 0x0ff8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
13:42:23.0530 0x0ff8  LSI_SCSI - ok
13:42:23.0534 0x0ff8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:42:23.0556 0x0ff8  LSI_SSS - ok
13:42:23.0588 0x0ff8  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\WINDOWS\System32\lsm.dll
13:42:23.0610 0x0ff8  LSM - ok
13:42:23.0615 0x0ff8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:42:23.0633 0x0ff8  luafv - ok
13:42:23.0709 0x0ff8  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
13:42:23.0730 0x0ff8  mbamchameleon - ok
13:42:23.0804 0x0ff8  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:42:23.0830 0x0ff8  MBAMSwissArmy - ok
13:42:23.0945 0x0ff8  [ 37D933470CA4BA9CDA7238CCBAA21AEE, 38E2E0E937F00374B7ACD9C7258579724A16A0B33C438CEAE183A6B5C9DB1F3E ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
13:42:23.0957 0x0ff8  McAfee SiteAdvisor Service - ok
13:42:24.0040 0x0ff8  [ A85ABA4547E99D7FF985D564763D9E20, D32F539F0B2643A8EF86AD3F3A15A17A817698E971860E90549712FC14BCF9F2 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
13:42:24.0061 0x0ff8  McAPExe - ok
13:42:24.0103 0x0ff8  [ 7E6A605BF5211D1A065698FEF9894B7F, 7AF0427E47678A428BDB2FB05787D43EB11F731481173260F2B8D265783C1587 ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
13:42:24.0132 0x0ff8  McAWFwk - ok
13:42:24.0237 0x0ff8  [ 794E2A657BD4EC51771893346F6B9431, AE979FE1E0BF333A1E2DC49FD3F0B52045C5E639D95996F5F354E3582EA27811 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
13:42:24.0253 0x0ff8  mccspsvc - ok
13:42:24.0276 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:42:24.0290 0x0ff8  McMPFSvc - ok
13:42:24.0298 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
13:42:24.0317 0x0ff8  McNaiAnn - ok
13:42:24.0355 0x0ff8  [ 51C241A6AE000AFEE17E26F64EE8012E, 11A44E27C5BFCD302D21960B6F423A66185F4F4A8E650275FDE529A0D5EFE935 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
13:42:24.0374 0x0ff8  McODS - ok
13:42:24.0384 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
13:42:24.0398 0x0ff8  McOobeSv2 - ok
13:42:24.0405 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
13:42:24.0420 0x0ff8  mcpltsvc - ok
13:42:24.0428 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
13:42:24.0444 0x0ff8  McProxy - ok
13:42:24.0479 0x0ff8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:42:24.0504 0x0ff8  megasas - ok
13:42:24.0512 0x0ff8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
13:42:24.0541 0x0ff8  MegaSR - ok
13:42:24.0556 0x0ff8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
13:42:24.0565 0x0ff8  MEIx64 - ok
13:42:24.0648 0x0ff8  [ B069A1B8072AC23CA31638CAF6E1CC90, 726E3B744F39E265C9B8FDDCD7EBD1B87327A92719EEB1924820BC90FE67B277 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
13:42:24.0663 0x0ff8  mfeaack - ok
13:42:24.0695 0x0ff8  [ B540EED782123308F865ACAF0F1C2E64, D1F163AA2E37A72958E78B5F96D1E087AF3B9AA33ABB89ADCEBF6CA5A44C8DFA ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
13:42:24.0709 0x0ff8  mfeavfk - ok
13:42:24.0772 0x0ff8  [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk         C:\WINDOWS\system32\DRIVERS\mfedisk.sys
13:42:24.0782 0x0ff8  mfedisk - ok
13:42:24.0804 0x0ff8  [ 5F4CABAFF1858C54DD5AFB33BD76926E, 06BDEE2B5325E605774C095D9DADFF5E6E124259482C4B7D9E74F1CEDC5A194E ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
13:42:24.0816 0x0ff8  mfeelamk - ok
13:42:24.0860 0x0ff8  [ B080F4161DFC8B4555ADE5AEF8BEA10C, AEB88FACB90981BF5A9B532D83A0792F78D30F6CCCA107FBDC4EECD6D29AD124 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
13:42:24.0872 0x0ff8  mfefire - ok
13:42:24.0923 0x0ff8  [ 7E44DEBA7851496841C7D4849668B4E9, 6B5E42BB81B3F841D7C1B312A309542969D6FECEAD9379BD88213809AA2DEC5B ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
13:42:24.0939 0x0ff8  mfefirek - ok
13:42:24.0975 0x0ff8  [ E66C388028FC6D4B837504BB350FF368, 517B03CC0F622EE7027923051696326472924F43513C1E6201FBB3F29D7F6DD1 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
13:42:24.0997 0x0ff8  mfehidk - ok
13:42:25.0015 0x0ff8  [ 63B1C0B982EC1A91C82F53CD22F21B91, F242E2E9E4F5893E63879A4D9FDCC13B3FF571F7108A6E9B98F4DEEB2C01BA3A ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
13:42:25.0029 0x0ff8  mfemms - ok
13:42:25.0054 0x0ff8  [ D870D25906294B259D81894009A596E9, 8E259BA5356F82546E264A7F6BCAEBBA2A9A0D0335EAB0FE420BCA684B9EB31E ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
13:42:25.0069 0x0ff8  mfencbdc - ok
13:42:25.0093 0x0ff8  [ 51E636C4F93CC48F9B4B6C774C41B2C8, 97FB15DFA04EE4CCC6AA0C556AA84EC813D4362AC9906D3D932132C737F27B4A ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
13:42:25.0113 0x0ff8  mfencrk - ok
13:42:25.0152 0x0ff8  [ C4BF34A9C33832F9A23E849883D8D88D, 4DB4C025AE514A568E09943463E16B51C2A711C7567F3E7F34C8D266DACD87D4 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
13:42:25.0161 0x0ff8  mfesapsn - ok
13:42:25.0186 0x0ff8  [ F9881B099DD511A9A53B0B9DB668EA9D, 3E57AC8137F893760C7C3DD06D47CCAE9F3EA419E698E5A08925120F3186E11F ] mfevtp          C:\windows\system32\mfevtps.exe
13:42:25.0200 0x0ff8  mfevtp - ok
13:42:25.0218 0x0ff8  [ 06E22CD1696D37862CFB154E008C7921, 3994F3749716CC956E35AE699027FC2BEFA5F5402E0774323C9C9EA4FBBBC5BD ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
13:42:25.0232 0x0ff8  mfewfpk - ok
13:42:25.0275 0x0ff8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
13:42:25.0289 0x0ff8  MMCSS - ok
13:42:25.0298 0x0ff8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:42:25.0347 0x0ff8  Modem - ok
13:42:25.0371 0x0ff8  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:42:25.0383 0x0ff8  monitor - ok
13:42:25.0409 0x0ff8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:42:25.0420 0x0ff8  mouclass - ok
13:42:25.0447 0x0ff8  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:42:25.0459 0x0ff8  mouhid - ok
13:42:25.0479 0x0ff8  [ A1825437F11C4FD9778F293A08DE65F3, 8AD337363F6BDEB816770EFDA7C3F1AAFA88BA7E265ED168ACBC03001669B902 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:42:25.0490 0x0ff8  mountmgr - ok
13:42:25.0527 0x0ff8  [ 906DD5FE29BC912A87F66C9ACD87C720, 599CEE2D3AF0E52607C6984CE7F745C52BBBE6AE407E817AC25AD4D742098035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:42:25.0549 0x0ff8  MozillaMaintenance - ok
13:42:25.0593 0x0ff8  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:42:25.0607 0x0ff8  mpsdrv - ok
13:42:25.0649 0x0ff8  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:42:25.0695 0x0ff8  MpsSvc - ok
13:42:25.0717 0x0ff8  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:42:25.0743 0x0ff8  MRxDAV - ok
13:42:25.0761 0x0ff8  [ 6BA2A5D1C74E7CB3AFAF301A7E5D9E44, 92CACD154D3D7E738C6D2492186270762B1888E89F505EE00C3CAE58F71650ED ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:42:25.0780 0x0ff8  mrxsmb - ok
13:42:25.0794 0x0ff8  [ 7E86B45D5F84E0F96AE18BEAC7A51EE4, 2B4DC0B017FD90D7D2F6A35342F5A17B20E79D077D3DFC4AD2455C0D814B7B5E ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:42:25.0819 0x0ff8  mrxsmb10 - ok
13:42:25.0832 0x0ff8  [ 1BB4582396718EDEFF8A4493AEF67D66, 62AA83190CA041131E43B2031175D9F0F8ACD9A0EB0EC8B8F66C2951F15420E4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:42:25.0849 0x0ff8  mrxsmb20 - ok
13:42:25.0879 0x0ff8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
13:42:25.0929 0x0ff8  MsBridge - ok
13:42:25.0940 0x0ff8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:42:25.0967 0x0ff8  MSDTC - ok
13:42:25.0989 0x0ff8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:42:26.0004 0x0ff8  Msfs - ok
13:42:26.0015 0x0ff8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:42:26.0035 0x0ff8  msgpiowin32 - ok
13:42:26.0046 0x0ff8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:42:26.0067 0x0ff8  mshidkmdf - ok
13:42:26.0070 0x0ff8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:42:26.0097 0x0ff8  mshidumdf - ok
13:42:26.0100 0x0ff8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:42:26.0110 0x0ff8  msisadrv - ok
13:42:26.0129 0x0ff8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:42:26.0155 0x0ff8  MSiSCSI - ok
13:42:26.0158 0x0ff8  msiserver - ok
13:42:26.0176 0x0ff8  [ 0E5107F7558414409BF027E3A09475C7, BEBC89DC9CA49462344AC74307B35CDAA9C4E5547ABA8584267E92B7411499B8 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:42:26.0191 0x0ff8  MSK80Service - ok
13:42:26.0194 0x0ff8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:42:26.0207 0x0ff8  MSKSSRV - ok
13:42:26.0210 0x0ff8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
13:42:26.0238 0x0ff8  MsLldp - ok
13:42:26.0250 0x0ff8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:42:26.0261 0x0ff8  MSPCLOCK - ok
13:42:26.0264 0x0ff8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:42:26.0277 0x0ff8  MSPQM - ok
13:42:26.0287 0x0ff8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:42:26.0305 0x0ff8  MsRPC - ok
13:42:26.0309 0x0ff8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:42:26.0320 0x0ff8  mssmbios - ok
13:42:26.0324 0x0ff8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:42:26.0335 0x0ff8  MSTEE - ok
13:42:26.0338 0x0ff8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:42:26.0367 0x0ff8  MTConfig - ok
13:42:26.0372 0x0ff8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:42:26.0383 0x0ff8  Mup - ok
13:42:26.0388 0x0ff8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:42:26.0412 0x0ff8  mvumis - ok
13:42:26.0442 0x0ff8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\WINDOWS\system32\qagentRT.dll
13:42:26.0463 0x0ff8  napagent - ok
13:42:26.0483 0x0ff8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:42:26.0505 0x0ff8  NativeWifiP - ok
13:42:26.0526 0x0ff8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:42:26.0566 0x0ff8  NcaSvc - ok
13:42:26.0578 0x0ff8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:42:26.0603 0x0ff8  NcdAutoSetup - ok
13:42:26.0643 0x0ff8  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:42:26.0672 0x0ff8  NDIS - ok
13:42:26.0676 0x0ff8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
13:42:26.0706 0x0ff8  NdisCap - ok
13:42:26.0736 0x0ff8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
13:42:26.0761 0x0ff8  NdisImPlatform - ok
13:42:26.0764 0x0ff8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:42:26.0786 0x0ff8  NdisTapi - ok
13:42:26.0790 0x0ff8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:42:26.0802 0x0ff8  Ndisuio - ok
13:42:26.0807 0x0ff8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:42:26.0829 0x0ff8  NdisWan - ok
13:42:26.0834 0x0ff8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:42:26.0849 0x0ff8  NDISWANLEGACY - ok
13:42:26.0866 0x0ff8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
13:42:26.0890 0x0ff8  NDProxy - ok
13:42:26.0894 0x0ff8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:42:26.0911 0x0ff8  Ndu - ok
13:42:26.0914 0x0ff8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
13:42:26.0928 0x0ff8  NetBIOS - ok
13:42:26.0935 0x0ff8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:42:26.0952 0x0ff8  NetBT - ok
13:42:26.0965 0x0ff8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:42:26.0978 0x0ff8  Netlogon - ok
13:42:27.0009 0x0ff8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\WINDOWS\System32\netman.dll
13:42:27.0027 0x0ff8  Netman - ok
13:42:27.0071 0x0ff8  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:42:27.0092 0x0ff8  netprofm - ok
13:42:27.0138 0x0ff8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:27.0191 0x0ff8  NetTcpPortSharing - ok
13:42:27.0355 0x0ff8  [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64        C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
13:42:27.0583 0x0ff8  NETwNs64 - ok
13:42:27.0594 0x0ff8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
13:42:27.0617 0x0ff8  nfrd960 - ok
13:42:27.0636 0x0ff8  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:42:27.0656 0x0ff8  NlaSvc - ok
13:42:27.0659 0x0ff8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:42:27.0677 0x0ff8  Npfs - ok
13:42:27.0680 0x0ff8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:42:27.0696 0x0ff8  npsvctrig - ok
13:42:27.0730 0x0ff8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:42:27.0744 0x0ff8  nsi - ok
13:42:27.0747 0x0ff8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:42:27.0766 0x0ff8  nsiproxy - ok
13:42:27.0830 0x0ff8  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
13:42:27.0876 0x0ff8  Ntfs - ok
13:42:27.0901 0x0ff8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:42:27.0913 0x0ff8  Null - ok
13:42:28.0125 0x0ff8  [ 858262F04D4E4396B7D2B29E444B6690, 4636E78A9432C4FC18F054D95811EB452C147890C8C30E2E501EBFD353170FD6 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:42:28.0305 0x0ff8  nvlddmkm - ok
13:42:28.0346 0x0ff8  [ 4925D3981E4A985F96EE5894DE61DD25, D6E8FF1B34AFABF370DFAFB60F6D8881888D99BE3E517414CC618D8E0D6B1B02 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
13:42:28.0355 0x0ff8  nvpciflt - ok
13:42:28.0367 0x0ff8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:42:28.0395 0x0ff8  nvraid - ok
13:42:28.0400 0x0ff8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:42:28.0424 0x0ff8  nvstor - ok
13:42:28.0460 0x0ff8  [ F37F612016CC2A6DFD8ADE79842E85DB, A4C013119F6DB6B04FF86051FFDFFB9E238E145F86CEF25978B239C1D4CD03EB ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:42:28.0484 0x0ff8  nvsvc - ok
13:42:28.0531 0x0ff8  [ 2A75EF9CF0B886E7127023456FF0E7B8, BD3391C2EB3CBCF06F9422743E06F7C3A09D11EC852D0D52B791B7AF467CF25A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:42:28.0560 0x0ff8  nvUpdatusService - ok
13:42:28.0566 0x0ff8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:42:28.0588 0x0ff8  nv_agp - ok
13:42:28.0608 0x0ff8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:42:28.0637 0x0ff8  p2pimsvc - ok
13:42:28.0653 0x0ff8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:42:28.0684 0x0ff8  p2psvc - ok
13:42:28.0689 0x0ff8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:42:28.0712 0x0ff8  Parport - ok
13:42:28.0716 0x0ff8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:42:28.0728 0x0ff8  partmgr - ok
13:42:28.0750 0x0ff8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:42:28.0785 0x0ff8  PcaSvc - ok
13:42:28.0791 0x0ff8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:42:28.0805 0x0ff8  pci - ok
13:42:28.0808 0x0ff8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:42:28.0818 0x0ff8  pciide - ok
13:42:28.0824 0x0ff8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:42:28.0851 0x0ff8  pcmcia - ok
13:42:28.0854 0x0ff8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:42:28.0866 0x0ff8  pcw - ok
13:42:28.0892 0x0ff8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:42:28.0903 0x0ff8  pdc - ok
13:42:28.0934 0x0ff8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:42:28.0971 0x0ff8  PEAUTH - ok
13:42:29.0028 0x0ff8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:42:29.0054 0x0ff8  PerfHost - ok
13:42:29.0096 0x0ff8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\WINDOWS\system32\pla.dll
13:42:29.0168 0x0ff8  pla - ok
13:42:29.0188 0x0ff8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:42:29.0202 0x0ff8  PlugPlay - ok
13:42:29.0206 0x0ff8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:42:29.0228 0x0ff8  PNRPAutoReg - ok
13:42:29.0250 0x0ff8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:42:29.0270 0x0ff8  PNRPsvc - ok
13:42:29.0297 0x0ff8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:42:29.0319 0x0ff8  PolicyAgent - ok
13:42:29.0325 0x0ff8  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\WINDOWS\system32\umpo.dll
13:42:29.0339 0x0ff8  Power - ok
13:42:29.0363 0x0ff8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:42:29.0381 0x0ff8  PptpMiniport - ok
13:42:29.0488 0x0ff8  [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:42:29.0573 0x0ff8  PrintNotify - ok
13:42:29.0585 0x0ff8  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:42:29.0614 0x0ff8  Processor - ok
13:42:29.0642 0x0ff8  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:42:29.0661 0x0ff8  ProfSvc - ok
13:42:29.0689 0x0ff8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
13:42:29.0708 0x0ff8  Psched - ok
13:42:29.0730 0x0ff8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:42:29.0759 0x0ff8  QWAVE - ok
13:42:29.0768 0x0ff8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:42:29.0791 0x0ff8  QWAVEdrv - ok
13:42:29.0794 0x0ff8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:42:29.0831 0x0ff8  RasAcd - ok
13:42:29.0844 0x0ff8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
13:42:29.0870 0x0ff8  RasAgileVpn - ok
13:42:29.0885 0x0ff8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:42:29.0915 0x0ff8  RasAuto - ok
13:42:29.0919 0x0ff8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:42:29.0940 0x0ff8  Rasl2tp - ok
13:42:29.0954 0x0ff8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:42:29.0991 0x0ff8  RasMan - ok
13:42:29.0995 0x0ff8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:42:30.0009 0x0ff8  RasPppoe - ok
13:42:30.0013 0x0ff8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
13:42:30.0027 0x0ff8  RasSstp - ok
13:42:30.0071 0x0ff8  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:42:30.0090 0x0ff8  rdbss - ok
13:42:30.0095 0x0ff8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:42:30.0106 0x0ff8  rdpbus - ok
13:42:30.0112 0x0ff8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:42:30.0136 0x0ff8  RDPDR - ok
13:42:30.0154 0x0ff8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:42:30.0175 0x0ff8  RdpVideoMiniport - ok
13:42:30.0182 0x0ff8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
13:42:30.0207 0x0ff8  RDPWD - ok
13:42:30.0218 0x0ff8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:42:30.0232 0x0ff8  rdyboost - ok
13:42:30.0254 0x0ff8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:42:30.0287 0x0ff8  RemoteAccess - ok
13:42:30.0296 0x0ff8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:42:30.0342 0x0ff8  RemoteRegistry - ok
13:42:30.0374 0x0ff8  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
13:42:30.0387 0x0ff8  RFCOMM - ok
13:42:30.0410 0x0ff8  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:42:30.0428 0x0ff8  RpcEptMapper - ok
13:42:30.0443 0x0ff8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:42:30.0467 0x0ff8  RpcLocator - ok
13:42:30.0491 0x0ff8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:42:30.0516 0x0ff8  RpcSs - ok
13:42:30.0521 0x0ff8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:42:30.0538 0x0ff8  rspndr - ok
13:42:30.0563 0x0ff8  [ 55E66BAE5B30E09FDE217FBF0CDAA579, 4B2C28FD809ADE784567A238F2A7AC57C2C9131728BF3E8FE88F6E8EC0A31C8B ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
13:42:30.0586 0x0ff8  RSUSBVSTOR - ok
13:42:30.0621 0x0ff8  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
13:42:30.0643 0x0ff8  RTL8168 - ok
13:42:30.0653 0x0ff8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:42:30.0688 0x0ff8  s3cap - ok
13:42:30.0708 0x0ff8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\WINDOWS\system32\lsass.exe
13:42:30.0726 0x0ff8  SamSs - ok
13:42:30.0732 0x0ff8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:42:30.0756 0x0ff8  sbp2port - ok
13:42:30.0763 0x0ff8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:42:30.0781 0x0ff8  SCardSvr - ok
13:42:30.0784 0x0ff8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:42:30.0812 0x0ff8  scfilter - ok
13:42:30.0870 0x0ff8  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:42:30.0904 0x0ff8  Schedule - ok
13:42:30.0936 0x0ff8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:42:30.0951 0x0ff8  SCPolicySvc - ok
13:42:30.0991 0x0ff8  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:42:31.0016 0x0ff8  sdbus - ok
13:42:31.0042 0x0ff8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
13:42:31.0070 0x0ff8  SDRSVC - ok
13:42:31.0082 0x0ff8  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:42:31.0103 0x0ff8  sdstor - ok
13:42:31.0108 0x0ff8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
13:42:31.0120 0x0ff8  secdrv - ok
13:42:31.0133 0x0ff8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:42:31.0163 0x0ff8  seclogon - ok
13:42:31.0174 0x0ff8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\WINDOWS\System32\sens.dll
13:42:31.0191 0x0ff8  SENS - ok
13:42:31.0202 0x0ff8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:42:31.0228 0x0ff8  SensrSvc - ok
13:42:31.0232 0x0ff8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:42:31.0254 0x0ff8  SerCx - ok
13:42:31.0289 0x0ff8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:42:31.0310 0x0ff8  Serenum - ok
13:42:31.0314 0x0ff8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:42:31.0337 0x0ff8  Serial - ok
13:42:31.0340 0x0ff8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:42:31.0362 0x0ff8  sermouse - ok
13:42:31.0374 0x0ff8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:42:31.0403 0x0ff8  SessionEnv - ok
13:42:31.0406 0x0ff8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:42:31.0428 0x0ff8  sfloppy - ok
13:42:31.0444 0x0ff8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:42:31.0479 0x0ff8  SharedAccess - ok
13:42:31.0500 0x0ff8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:42:31.0528 0x0ff8  ShellHWDetection - ok
13:42:31.0533 0x0ff8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:42:31.0555 0x0ff8  SiSRaid2 - ok
13:42:31.0560 0x0ff8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:42:31.0582 0x0ff8  SiSRaid4 - ok
13:42:31.0591 0x0ff8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:42:31.0605 0x0ff8  SNMPTRAP - ok
13:42:31.0638 0x0ff8  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:42:31.0653 0x0ff8  spaceport - ok
13:42:31.0657 0x0ff8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:42:31.0680 0x0ff8  SpbCx - ok
13:42:31.0714 0x0ff8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:42:31.0741 0x0ff8  Spooler - ok
13:42:31.0857 0x0ff8  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:42:31.0947 0x0ff8  sppsvc - ok
13:42:31.0961 0x0ff8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:42:31.0978 0x0ff8  srv - ok
13:42:32.0031 0x0ff8  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:42:32.0054 0x0ff8  srv2 - ok
13:42:32.0072 0x0ff8  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:42:32.0088 0x0ff8  srvnet - ok
13:42:32.0108 0x0ff8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:42:32.0126 0x0ff8  SSDPSRV - ok
13:42:32.0141 0x0ff8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:42:32.0156 0x0ff8  SstpSvc - ok
13:42:32.0160 0x0ff8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:42:32.0180 0x0ff8  stexstor - ok
13:42:32.0209 0x0ff8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:42:32.0232 0x0ff8  stisvc - ok
13:42:32.0266 0x0ff8  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:42:32.0278 0x0ff8  storahci - ok
13:42:32.0304 0x0ff8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
13:42:32.0327 0x0ff8  storflt - ok
13:42:32.0345 0x0ff8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:42:32.0375 0x0ff8  StorSvc - ok
13:42:32.0390 0x0ff8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:42:32.0410 0x0ff8  storvsc - ok
13:42:32.0420 0x0ff8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:42:32.0451 0x0ff8  svsvc - ok
13:42:32.0454 0x0ff8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:42:32.0464 0x0ff8  swenum - ok
13:42:32.0475 0x0ff8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\WINDOWS\System32\swprv.dll
13:42:32.0518 0x0ff8  swprv - ok
13:42:32.0567 0x0ff8  [ DC695DCF6C9A4A2B23C2FA284BBF19F8, 0D0357874CCC3AA9E76340ACFDB8FCF79DD79A3B333CC36A836B40ECFC61E4A1 ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:42:32.0601 0x0ff8  SysMain - ok
13:42:32.0622 0x0ff8  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:42:32.0638 0x0ff8  SystemEventsBroker - ok
13:42:32.0662 0x0ff8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:42:32.0688 0x0ff8  TabletInputService - ok
13:42:32.0708 0x0ff8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:42:32.0747 0x0ff8  TapiSrv - ok
13:42:32.0807 0x0ff8  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:42:32.0858 0x0ff8  Tcpip - ok
13:42:32.0915 0x0ff8  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:42:32.0966 0x0ff8  TCPIP6 - ok
13:42:32.0996 0x0ff8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:42:33.0009 0x0ff8  tcpipreg - ok
13:42:33.0015 0x0ff8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:42:33.0029 0x0ff8  tdx - ok
13:42:33.0032 0x0ff8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:42:33.0053 0x0ff8  terminpt - ok
13:42:33.0095 0x0ff8  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\WINDOWS\System32\termsrv.dll
13:42:33.0141 0x0ff8  TermService - ok
13:42:33.0162 0x0ff8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\WINDOWS\system32\themeservice.dll
13:42:33.0180 0x0ff8  Themes - ok
13:42:33.0201 0x0ff8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
13:42:33.0214 0x0ff8  THREADORDER - ok
13:42:33.0241 0x0ff8  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:42:33.0256 0x0ff8  TimeBroker - ok
13:42:33.0298 0x0ff8  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
13:42:33.0331 0x0ff8  TPM - ok
13:42:33.0356 0x0ff8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:42:33.0371 0x0ff8  TrkWks - ok
13:42:33.0401 0x0ff8  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:42:33.0415 0x0ff8  TrustedInstaller - ok
13:42:33.0421 0x0ff8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
13:42:33.0443 0x0ff8  TsUsbFlt - ok
13:42:33.0446 0x0ff8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:42:33.0467 0x0ff8  TsUsbGD - ok
13:42:33.0473 0x0ff8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
13:42:33.0507 0x0ff8  tunnel - ok
13:42:33.0511 0x0ff8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:42:33.0532 0x0ff8  uagp35 - ok
13:42:33.0536 0x0ff8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:42:33.0560 0x0ff8  UASPStor - ok
13:42:33.0598 0x0ff8  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
13:42:33.0611 0x0ff8  UCX01000 - ok
13:42:33.0645 0x0ff8  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:42:33.0674 0x0ff8  udfs - ok
13:42:33.0693 0x0ff8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:42:33.0724 0x0ff8  UI0Detect - ok
13:42:33.0728 0x0ff8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:42:33.0753 0x0ff8  uliagpkx - ok
13:42:33.0756 0x0ff8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:42:33.0768 0x0ff8  umbus - ok
13:42:33.0779 0x0ff8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:42:33.0800 0x0ff8  UmPass - ok
13:42:33.0825 0x0ff8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:42:33.0853 0x0ff8  UmRdpService - ok
13:42:33.0900 0x0ff8  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:42:33.0914 0x0ff8  UNS - ok
13:42:33.0936 0x0ff8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:42:33.0959 0x0ff8  upnphost - ok
13:42:33.0990 0x0ff8  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:42:34.0020 0x0ff8  usbccgp - ok
13:42:34.0050 0x0ff8  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:42:34.0074 0x0ff8  usbcir - ok
13:42:34.0089 0x0ff8  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:42:34.0100 0x0ff8  usbehci - ok
13:42:34.0150 0x0ff8  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:42:34.0172 0x0ff8  usbhub - ok
13:42:34.0189 0x0ff8  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:42:34.0207 0x0ff8  USBHUB3 - ok
13:42:34.0231 0x0ff8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:42:34.0253 0x0ff8  usbohci - ok
13:42:34.0279 0x0ff8  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:42:34.0303 0x0ff8  usbprint - ok
13:42:34.0322 0x0ff8  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:42:34.0345 0x0ff8  USBSTOR - ok
13:42:34.0371 0x0ff8  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:42:34.0393 0x0ff8  usbuhci - ok
13:42:34.0400 0x0ff8  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
13:42:34.0421 0x0ff8  usbvideo - ok
13:42:34.0451 0x0ff8  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:42:34.0467 0x0ff8  USBXHCI - ok
13:42:34.0491 0x0ff8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:42:34.0503 0x0ff8  VaultSvc - ok
13:42:34.0507 0x0ff8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:42:34.0517 0x0ff8  vdrvroot - ok
13:42:34.0546 0x0ff8  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\WINDOWS\System32\vds.exe
13:42:34.0583 0x0ff8  vds - ok
13:42:34.0588 0x0ff8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:42:34.0611 0x0ff8  VerifierExt - ok
13:42:34.0628 0x0ff8  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:42:34.0660 0x0ff8  vhdmp - ok
13:42:34.0664 0x0ff8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
13:42:34.0675 0x0ff8  viaide - ok
13:42:34.0680 0x0ff8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:42:34.0703 0x0ff8  vmbus - ok
13:42:34.0706 0x0ff8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:42:34.0727 0x0ff8  VMBusHID - ok
13:42:34.0781 0x0ff8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:42:34.0810 0x0ff8  vmicheartbeat - ok
13:42:34.0817 0x0ff8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:42:34.0833 0x0ff8  vmickvpexchange - ok
13:42:34.0840 0x0ff8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:42:34.0857 0x0ff8  vmicrdv - ok
13:42:34.0864 0x0ff8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:42:34.0881 0x0ff8  vmicshutdown - ok
13:42:34.0888 0x0ff8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:42:34.0907 0x0ff8  vmictimesync - ok
13:42:34.0915 0x0ff8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:42:34.0931 0x0ff8  vmicvss - ok
13:42:34.0947 0x0ff8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:42:34.0958 0x0ff8  volmgr - ok
13:42:35.0019 0x0ff8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:42:35.0036 0x0ff8  volmgrx - ok
13:42:35.0045 0x0ff8  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:42:35.0061 0x0ff8  volsnap - ok
13:42:35.0065 0x0ff8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:42:35.0089 0x0ff8  vpci - ok
13:42:35.0095 0x0ff8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:42:35.0119 0x0ff8  vsmraid - ok
13:42:35.0173 0x0ff8  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS             C:\WINDOWS\system32\vssvc.exe
13:42:35.0227 0x0ff8  VSS - ok
13:42:35.0237 0x0ff8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:42:35.0264 0x0ff8  VSTXRAID - ok
13:42:35.0268 0x0ff8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:42:35.0297 0x0ff8  vwifibus - ok
13:42:35.0301 0x0ff8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
13:42:35.0316 0x0ff8  vwififlt - ok
13:42:35.0319 0x0ff8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
13:42:35.0339 0x0ff8  vwifimp - ok
13:42:35.0373 0x0ff8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\WINDOWS\system32\w32time.dll
13:42:35.0406 0x0ff8  W32Time - ok
13:42:35.0410 0x0ff8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:42:35.0434 0x0ff8  WacomPen - ok
13:42:35.0462 0x0ff8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:42:35.0481 0x0ff8  Wanarp - ok
13:42:35.0484 0x0ff8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:42:35.0496 0x0ff8  Wanarpv6 - ok
13:42:35.0540 0x0ff8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:42:35.0590 0x0ff8  wbengine - ok
13:42:35.0612 0x0ff8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:42:35.0645 0x0ff8  WbioSrvc - ok
13:42:35.0679 0x0ff8  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:42:35.0697 0x0ff8  Wcmsvc - ok
13:42:35.0708 0x0ff8  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:42:35.0742 0x0ff8  wcncsvc - ok
13:42:35.0754 0x0ff8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:42:35.0778 0x0ff8  WcsPlugInService - ok
13:42:35.0781 0x0ff8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\WINDOWS\system32\drivers\wd.sys
13:42:35.0802 0x0ff8  Wd - ok
13:42:35.0865 0x0ff8  [ 413935CA0DB07EB40002B4384187821F, 223B26B233B308CA311E970EBF6E159268EB93D61DD0D863CE11A7F54D746A18 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:42:35.0887 0x0ff8  WdBoot - ok
13:42:35.0944 0x0ff8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:42:35.0967 0x0ff8  Wdf01000 - ok
13:42:35.0992 0x0ff8  [ 4E69BE2A5DB2B01B3D6F6A07C62953B2, D2C9FCE14EF4E333101623D8C2E27A292880FB8F2F7EDFC6481E6E88E2C7A845 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:42:36.0019 0x0ff8  WdFilter - ok
13:42:36.0025 0x0ff8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:42:36.0048 0x0ff8  WdiServiceHost - ok
13:42:36.0051 0x0ff8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:42:36.0069 0x0ff8  WdiSystemHost - ok
13:42:36.0092 0x0ff8  [ E8CC1297B90D9DB8288200EB29A96021, CE097E703D1C41A84F582F9FE356A9EF0DAB4705A1209649E5A4772FC9553116 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:42:36.0121 0x0ff8  WebClient - ok
13:42:36.0147 0x0ff8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:42:36.0176 0x0ff8  Wecsvc - ok
13:42:36.0193 0x0ff8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:42:36.0215 0x0ff8  wercplsupport - ok
13:42:36.0228 0x0ff8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:42:36.0245 0x0ff8  WerSvc - ok
13:42:36.0270 0x0ff8  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
13:42:36.0282 0x0ff8  WFPLWFS - ok
13:42:36.0304 0x0ff8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:42:36.0333 0x0ff8  WiaRpc - ok
13:42:36.0348 0x0ff8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:42:36.0369 0x0ff8  WIMMount - ok
13:42:36.0388 0x0ff8  WinDefend - ok
13:42:36.0410 0x0ff8  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:42:36.0435 0x0ff8  WinHttpAutoProxySvc - ok
13:42:36.0458 0x0ff8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:42:36.0474 0x0ff8  Winmgmt - ok
13:42:36.0552 0x0ff8  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:42:36.0645 0x0ff8  WinRM - ok
13:42:36.0675 0x0ff8  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
13:42:36.0715 0x0ff8  WinUsb - ok
13:42:36.0745 0x0ff8  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:42:36.0779 0x0ff8  WlanSvc - ok
13:42:36.0818 0x0ff8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:42:36.0862 0x0ff8  wlidsvc - ok
13:42:36.0867 0x0ff8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:42:36.0878 0x0ff8  WmiAcpi - ok
13:42:36.0903 0x0ff8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:42:36.0931 0x0ff8  wmiApSrv - ok
13:42:36.0934 0x0ff8  WMPNetworkSvc - ok
13:42:36.0939 0x0ff8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:42:36.0964 0x0ff8  wpcfltr - ok
13:42:36.0974 0x0ff8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
13:42:36.0998 0x0ff8  WPCSvc - ok
13:42:37.0024 0x0ff8  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:42:37.0040 0x0ff8  WPDBusEnum - ok
13:42:37.0043 0x0ff8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:42:37.0066 0x0ff8  WpdUpFltr - ok
13:42:37.0069 0x0ff8  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:42:37.0093 0x0ff8  ws2ifsl - ok
13:42:37.0111 0x0ff8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:42:37.0131 0x0ff8  wscsvc - ok
13:42:37.0133 0x0ff8  WSearch - ok
13:42:37.0192 0x0ff8  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\WINDOWS\System32\WSService.dll
13:42:37.0249 0x0ff8  WSService - ok
13:42:37.0322 0x0ff8  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:42:37.0406 0x0ff8  wuauserv - ok
13:42:37.0413 0x0ff8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:42:37.0438 0x0ff8  WudfPf - ok
13:42:37.0444 0x0ff8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
13:42:37.0473 0x0ff8  WUDFRd - ok
13:42:37.0489 0x0ff8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:42:37.0502 0x0ff8  wudfsvc - ok
13:42:37.0508 0x0ff8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
13:42:37.0522 0x0ff8  WUDFWpdMtp - ok
13:42:37.0554 0x0ff8  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:42:37.0587 0x0ff8  WwanSvc - ok
13:42:37.0636 0x0ff8  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:42:37.0647 0x0ff8  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:42:40.0187 0x0ff8  Detect skipped due to KSN trusted
13:42:40.0187 0x0ff8  ZAtheros Bt and Wlan Coex Agent - ok
13:42:40.0193 0x0ff8  ================ Scan global ===============================
13:42:40.0250 0x0ff8  [ B31E908A78791A4B61DF39F4271CAF2F, 663F940E68A8C1839AD0133DEB13FCF9F45041EA0DCF9E91B67288CA0E0D3326 ] C:\WINDOWS\system32\basesrv.dll
13:42:40.0283 0x0ff8  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll
13:42:40.0295 0x0ff8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
13:42:40.0342 0x0ff8  [ 590A2B4198DD35AA42893BA04F66FD3F, BDD9609F43275E895AE3A685DF921B19F11E4D8617F7BD3D4BA21A230EB9A060 ] C:\WINDOWS\system32\services.exe
13:42:40.0349 0x0ff8  [ Global ] - ok
13:42:40.0349 0x0ff8  ================ Scan MBR ==================================
13:42:40.0368 0x0ff8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:42:40.0473 0x0ff8  \Device\Harddisk0\DR0 - ok
13:42:40.0474 0x0ff8  ================ Scan VBR ==================================
13:42:40.0506 0x0ff8  [ C438B16CF628EC9E633AFBB339FAB415 ] \Device\Harddisk0\DR0\Partition1
13:42:40.0560 0x0ff8  \Device\Harddisk0\DR0\Partition1 - ok
13:42:40.0574 0x0ff8  [ 36C27AF3A717F8EF40361317E3E0837D ] \Device\Harddisk0\DR0\Partition2
13:42:40.0631 0x0ff8  \Device\Harddisk0\DR0\Partition2 - ok
13:42:40.0641 0x0ff8  [ DF1F4D958314FB74711C60A79F8AABBF ] \Device\Harddisk0\DR0\Partition3
13:42:40.0642 0x0ff8  \Device\Harddisk0\DR0\Partition3 - ok
13:42:40.0647 0x0ff8  [ 12FDA8B659E87784731646DA5BCD7B77 ] \Device\Harddisk0\DR0\Partition4
13:42:40.0716 0x0ff8  \Device\Harddisk0\DR0\Partition4 - ok
13:42:40.0742 0x0ff8  [ 6E35234BAE3E8B90E5CB5C674D73E1F1 ] \Device\Harddisk0\DR0\Partition5
13:42:40.0783 0x0ff8  \Device\Harddisk0\DR0\Partition5 - ok
13:42:40.0795 0x0ff8  [ 627588F55C9940EAEC6CC5A223A60017 ] \Device\Harddisk0\DR0\Partition6
13:42:40.0845 0x0ff8  \Device\Harddisk0\DR0\Partition6 - ok
13:42:40.0872 0x0ff8  [ 2A156BC3E4A5AD7CC3635F57F9BE51E5 ] \Device\Harddisk0\DR0\Partition7
13:42:40.0882 0x0ff8  \Device\Harddisk0\DR0\Partition7 - ok
13:42:40.0882 0x0ff8  ================ Scan generic autorun ======================
13:42:40.0920 0x0ff8  [ 1BF864E71C3945A6DCCFA33389C04311, CA72AB93F3B023934172EE7058F8CD1DFDD5D5BA48B942464CB593C11B4B40BC ] C:\Windows\system32\igfxtray.exe
13:42:40.0931 0x0ff8  IgfxTray - ok
13:42:40.0943 0x0ff8  [ CD8E2E512ABF8FC99BE7276C67FAB57C, 55DA7338DE6041722A7C71A4B81DBB800629C856F19855D7919172B814DC1C93 ] C:\Windows\system32\hkcmd.exe
13:42:40.0958 0x0ff8  HotKeysCmds - ok
13:42:41.0220 0x0ff8  [ 8E1D24F6C43477BCD869A0AC76FA7B97, 5B88413EBAFDAD03B9A745076DC413DDB380425FDF0F7140FC45CA87120D079F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:42:41.0432 0x0ff8  RTHDVCPL - ok
13:42:41.0464 0x0ff8  [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] C:\Windows\system32\rundll32.exe
13:42:41.0480 0x0ff8  Logitech Download Assistant - ok
13:42:41.0563 0x0ff8  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
13:42:41.0628 0x0ff8  ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
13:42:44.0167 0x0ff8  Detect skipped due to KSN trusted
13:42:44.0167 0x0ff8  ASUSPRP - ok
13:42:44.0254 0x0ff8  [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
13:42:44.0327 0x0ff8  ASUSWebStorage - ok
13:42:44.0396 0x0ff8  [ B29819926AD9A9F991E5927095262D1B, 4035412786398CF4C36453BB2919FCC328ED4C8F5CB730A89DCE7A2B16FFF287 ] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
13:42:44.0415 0x0ff8  mcpltui_exe - ok
13:42:44.0432 0x0ff8  [ A2221900B57AEC20577996744FA4A56A, AFEF9176DBA86CDB16A7E84AD0DF6433D4F5865948774FB6B619CBEBEC004592 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:42:44.0442 0x0ff8  RemoteControl10 - ok
13:42:44.0464 0x0ff8  [ 62B3275EF6852544924A7AB4D474F4BC, 48F46145C0F59438C6A837B4AC6CE7EF8D8BE0FF65C6F7455EA3F0C6F011D495 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
13:42:44.0475 0x0ff8  BDRegion - ok
13:42:44.0536 0x0ff8  [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:42:44.0560 0x0ff8  Adobe ARM - ok
13:42:44.0561 0x0ff8  Waiting for KSN requests completion. In queue: 9
13:42:45.0563 0x0ff8  Waiting for KSN requests completion. In queue: 9
13:42:46.0563 0x0ff8  Waiting for KSN requests completion. In queue: 9
13:42:47.0645 0x0ff8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
13:42:47.0645 0x0ff8  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
13:42:47.0646 0x0ff8  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
13:42:50.0023 0x0ff8  ============================================================
13:42:50.0023 0x0ff8  Scan finished
13:42:50.0023 0x0ff8  ============================================================
13:42:50.0028 0x0af8  Detected object count: 0
13:42:50.0028 0x0af8  Actual detected object count: 0
Geändert von JSM (15.08.2015 um 12:53 Uhr) Grund: Ergänzung

Alt 16.08.2015, 06:26   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.08.2015, 17:37   #9
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Windows Repair


Hallo Schrauber, brauchst Du die LogFiles? Und welche? Leider habe ich bei der Einstellung des Programmes nicht darauf geachtet, dass nach dem Open Repair, die Log Datei oben links angeklickt war, bei mir war es die Repair Info. Ist es trotzdem OK? Vielen dank für Deine Hilfe!!!Gruß JSM

Alt 17.08.2015, 07:47   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Nö, Logs brauch ich davon keine. Bestehen nach dem Tool noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.08.2015, 11:07   #11
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

chkdsk


Hallo Schrauber, habe Dir trotzdem mal den log text von Windows repair reingepackt.

Wie ich lesen konnte gibt es ja öfter Fehlermeldungen mit chkdsk.

Probleme gibt es bei mir keine mehr.

Danke für Deine Hilfe und wenn Ihr wieder jemanden braucht, als Unterstützung, würde ich gerne mitmachen. Das einzigste Problem meine Englishkenntnisse sind nicht so berauschend.

LG JSM

Code:
ATTFilter
Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. Alle Rechte vorbehalten.

C:\Users\Susanne\Desktop\Trojaner Board\tweaking.com_windows_repair_aio\Tweaking.com - Windows Repair>CD /D C:\

C:\>set path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

C:\>chkdsk C:
Der Typ des Dateisystems ist NTFS.
Das Volume wird von einem anderen Prozess benutzt. Chkdsk 
meldet m”glicherweise Fehler wenn keine Besch„digung vorliegt.
Die Volumebezeichnung lautet OS.

WARNUNG! Der Parameter F wurde nicht angegeben.
CHKDSK wird im schreibgeschtzten Modus ausgefhrt.

CHKDSK berprft Dateien (Phase 1 von 3)...
 0 Prozent abgeschlossen. (0 von 403712 Datens„tzen verarbeitet)        
0 Prozent abgeschlossen. (11009 von 403712 Datens„tzen verarbeitet)        
1 Prozent abgeschlossen. (40372 von 403712 Datens„tzen verarbeitet)        
1 Prozent abgeschlossen. (65422 von 403712 Datens„tzen verarbeitet)        
1 Prozent abgeschlossen. (77130 von 403712 Datens„tzen verarbeitet)        
2 Prozent abgeschlossen. (80743 von 403712 Datens„tzen verarbeitet)        
2 Prozent abgeschlossen. (85237 von 403712 Datens„tzen verarbeitet)        
2 Prozent abgeschlossen. (97537 von 403712 Datens„tzen verarbeitet)        
2 Prozent abgeschlossen. (105737 von 403712 Datens„tzen verarbeitet)        
2 Prozent abgeschlossen. (119542 von 403712 Datens„tzen verarbeitet)        
3 Prozent abgeschlossen. (121114 von 403712 Datens„tzen verarbeitet)        
4 Prozent abgeschlossen. (161485 von 403712 Datens„tzen verarbeitet)        
5 Prozent abgeschlossen. (201856 von 403712 Datens„tzen verarbeitet)        
6 Prozent abgeschlossen. (242228 von 403712 Datens„tzen verarbeitet)        
7 Prozent abgeschlossen. (282599 von 403712 Datens„tzen verarbeitet)        
8 Prozent abgeschlossen. (322970 von 403712 Datens„tzen verarbeitet)        
9 Prozent abgeschlossen. (363341 von 403712 Datens„tzen verarbeitet)        
403712 Datens„tze verarbeitet.                                         

Dateiberprfung beendet.
  3526 groáe Datens„tze verarbeitet.                                   

  0 ungltige Datens„tze verarbeitet.                               


CHKDSK berprft Indizes (Phase 2 von 3)...
11 Prozent abgeschlossen. (6888 von 505648 Indexeintr„gen verarbeitet)     
12 Prozent abgeschlossen. (14950 von 505648 Indexeintr„gen verarbeitet)     
13 Prozent abgeschlossen. (23013 von 505648 Indexeintr„gen verarbeitet)     
14 Prozent abgeschlossen. (31076 von 505648 Indexeintr„gen verarbeitet)     
15 Prozent abgeschlossen. (39138 von 505648 Indexeintr„gen verarbeitet)     
16 Prozent abgeschlossen. (47201 von 505648 Indexeintr„gen verarbeitet)     
17 Prozent abgeschlossen. (55263 von 505648 Indexeintr„gen verarbeitet)     
18 Prozent abgeschlossen. (63326 von 505648 Indexeintr„gen verarbeitet)     
19 Prozent abgeschlossen. (71389 von 505648 Indexeintr„gen verarbeitet)     
20 Prozent abgeschlossen. (79451 von 505648 Indexeintr„gen verarbeitet)     
21 Prozent abgeschlossen. (87514 von 505648 Indexeintr„gen verarbeitet)     
22 Prozent abgeschlossen. (95576 von 505648 Indexeintr„gen verarbeitet)     
23 Prozent abgeschlossen. (103639 von 505648 Indexeintr„gen verarbeitet)     
24 Prozent abgeschlossen. (111702 von 505648 Indexeintr„gen verarbeitet)     
25 Prozent abgeschlossen. (119764 von 505648 Indexeintr„gen verarbeitet)     
26 Prozent abgeschlossen. (127827 von 505648 Indexeintr„gen verarbeitet)     
27 Prozent abgeschlossen. (135889 von 505648 Indexeintr„gen verarbeitet)     
28 Prozent abgeschlossen. (143952 von 505648 Indexeintr„gen verarbeitet)     
29 Prozent abgeschlossen. (152014 von 505648 Indexeintr„gen verarbeitet)     
30 Prozent abgeschlossen. (160077 von 505648 Indexeintr„gen verarbeitet)     
31 Prozent abgeschlossen. (168140 von 505648 Indexeintr„gen verarbeitet)     
32 Prozent abgeschlossen. (176202 von 505648 Indexeintr„gen verarbeitet)     
33 Prozent abgeschlossen. (184265 von 505648 Indexeintr„gen verarbeitet)     
34 Prozent abgeschlossen. (192327 von 505648 Indexeintr„gen verarbeitet)     
35 Prozent abgeschlossen. (200390 von 505648 Indexeintr„gen verarbeitet)     
36 Prozent abgeschlossen. (208453 von 505648 Indexeintr„gen verarbeitet)     
37 Prozent abgeschlossen. (216515 von 505648 Indexeintr„gen verarbeitet)     
38 Prozent abgeschlossen. (224578 von 505648 Indexeintr„gen verarbeitet)     
39 Prozent abgeschlossen. (232640 von 505648 Indexeintr„gen verarbeitet)     
40 Prozent abgeschlossen. (240703 von 505648 Indexeintr„gen verarbeitet)     
41 Prozent abgeschlossen. (248766 von 505648 Indexeintr„gen verarbeitet)     
42 Prozent abgeschlossen. (256828 von 505648 Indexeintr„gen verarbeitet)     
43 Prozent abgeschlossen. (264891 von 505648 Indexeintr„gen verarbeitet)     
44 Prozent abgeschlossen. (272953 von 505648 Indexeintr„gen verarbeitet)     
45 Prozent abgeschlossen. (281016 von 505648 Indexeintr„gen verarbeitet)     
46 Prozent abgeschlossen. (289079 von 505648 Indexeintr„gen verarbeitet)     
47 Prozent abgeschlossen. (297141 von 505648 Indexeintr„gen verarbeitet)     
48 Prozent abgeschlossen. (305204 von 505648 Indexeintr„gen verarbeitet)     
49 Prozent abgeschlossen. (313266 von 505648 Indexeintr„gen verarbeitet)     
50 Prozent abgeschlossen. (321329 von 505648 Indexeintr„gen verarbeitet)     
51 Prozent abgeschlossen. (329392 von 505648 Indexeintr„gen verarbeitet)     
52 Prozent abgeschlossen. (337454 von 505648 Indexeintr„gen verarbeitet)     
53 Prozent abgeschlossen. (345517 von 505648 Indexeintr„gen verarbeitet)     
54 Prozent abgeschlossen. (353579 von 505648 Indexeintr„gen verarbeitet)     
55 Prozent abgeschlossen. (361642 von 505648 Indexeintr„gen verarbeitet)     
56 Prozent abgeschlossen. (369705 von 505648 Indexeintr„gen verarbeitet)     
57 Prozent abgeschlossen. (377767 von 505648 Indexeintr„gen verarbeitet)     
58 Prozent abgeschlossen. (385830 von 505648 Indexeintr„gen verarbeitet)     
59 Prozent abgeschlossen. (393892 von 505648 Indexeintr„gen verarbeitet)     
60 Prozent abgeschlossen. (401955 von 505648 Indexeintr„gen verarbeitet)     
60 Prozent abgeschlossen. (403928 von 505648 Indexeintr„gen verarbeitet)     
60 Prozent abgeschlossen. (404896 von 505648 Indexeintr„gen verarbeitet)     
60 Prozent abgeschlossen. (408637 von 505648 Indexeintr„gen verarbeitet)     
60 Prozent abgeschlossen. (409550 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (410018 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (410861 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (412895 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (413187 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (414273 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (414941 von 505648 Indexeintr„gen verarbeitet)     
61 Prozent abgeschlossen. (417098 von 505648 Indexeintr„gen verarbeitet)     
62 Prozent abgeschlossen. (418080 von 505648 Indexeintr„gen verarbeitet)     
62 Prozent abgeschlossen. (419956 von 505648 Indexeintr„gen verarbeitet)     
62 Prozent abgeschlossen. (422165 von 505648 Indexeintr„gen verarbeitet)     
62 Prozent abgeschlossen. (423555 von 505648 Indexeintr„gen verarbeitet)     
62 Prozent abgeschlossen. (424869 von 505648 Indexeintr„gen verarbeitet)     
63 Prozent abgeschlossen. (426143 von 505648 Indexeintr„gen verarbeitet)     
63 Prozent abgeschlossen. (427221 von 505648 Indexeintr„gen verarbeitet)     
63 Prozent abgeschlossen. (429073 von 505648 Indexeintr„gen verarbeitet)     
63 Prozent abgeschlossen. (430340 von 505648 Indexeintr„gen verarbeitet)     
63 Prozent abgeschlossen. (432738 von 505648 Indexeintr„gen verarbeitet)     
63 Prozent abgeschlossen. (432810 von 505648 Indexeintr„gen verarbeitet)     
64 Prozent abgeschlossen. (434205 von 505648 Indexeintr„gen verarbeitet)     
64 Prozent abgeschlossen. (437109 von 505648 Indexeintr„gen verarbeitet)     
64 Prozent abgeschlossen. (438999 von 505648 Indexeintr„gen verarbeitet)     
64 Prozent abgeschlossen. (441564 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (442268 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (444850 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (445397 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (445655 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (445846 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (446129 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (446275 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (446548 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (446612 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (446677 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (446851 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (447243 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (448067 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (448413 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (448800 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (449148 von 505648 Indexeintr„gen verarbeitet)     
65 Prozent abgeschlossen. (449827 von 505648 Indexeintr„gen verarbeitet)     
66 Prozent abgeschlossen. (450331 von 505648 Indexeintr„gen verarbeitet)     
66 Prozent abgeschlossen. (452763 von 505648 Indexeintr„gen verarbeitet)     
66 Prozent abgeschlossen. (453395 von 505648 Indexeintr„gen verarbeitet)     
66 Prozent abgeschlossen. (454677 von 505648 Indexeintr„gen verarbeitet)     
505648 Indexeintr„ge verarbeitet.                                      

Indexberprfung beendet.
0 nicht indizierte Dateien berprft.                             

  0 nicht indizierte Dateien wiederhergestellt.                     


CHKDSK berprft Sicherheitsbeschreibungen (Phase 3 von 3)...
šberprfung der Sicherheitsbeschreibungen beendet.
50969 Datendateien verarbeitet.                                       

CHKDSK berprft USN-Journal...
81 Prozent abgeschlossen. (0 von 37568688 USN-Bytes verarbeitet)          
37568688 USN-Bytes verarbeitet.                                          

Die šberprfung von USN-Journal ist abgeschlossen.
Die Volumebitmap ist falsch.
Bei der šberprfung des Dateisystems wurden Probleme erkannt.
Fhren Sie "chkdsk /scan" aus, um die Probleme zu suchen, und legen Sie sie dann zur Reparatur in der Warteschlange ab.

1171645439 KB Speicherplatz auf dem Datentr„ger insgesamt
  57067484 KB in 169706 Dateien
    167908 KB in 50970 Indizes
         0 KB in fehlerhaften Sektoren
544383 KB vom System benutzt
     65536 KB von der Protokolldatei belegt
1113865664 KB auf dem Datentr„ger verfgbar

      4096 Bytes in jeder Zuordnungseinheit
 292911359 Zuordnungseinheiten auf dem Datentr„ger insgesamt
 278466416 Zuordnungseinheiten auf dem Datentr„ger verfgbar

Alt 18.08.2015, 06:19   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Also bestehen nun keinerlei Probleme mehr mit dem system?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.08.2015, 07:51   #13
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

System


Hello Schrauber,

teilweise ist im Taskmanager die Auslastung der Datenträger ziemlich hoch, gestern wurde ein Programm Realtek HD Audio Driver installiert, keine Ahnung ob es sich um ein normales Programm oder ggf um einen Virus handel? Habe gestern das Update auf Windows 8.1 gemacht.

Danach wurde mir von McAfee plötzlich angezeigt das ich ein Programm Artemis installiert habe, es handelt sich dabei aber anscheinend um mehrere Programme? mein Firefox war auch plötzlich nicht mehr der Standardbrowser. Habe die Programme alle in der Systemsteuerung deinstalliert und den Adware Cleaner laufen lassen. Mehrmals!! Firefox ist wieder Standartbrowser, weiß allerdings nicht was mit dem Programm Artemis ist? Es sollte sich lt McAffe in AppData befinden.




Gruß JSM




PS Schicke Dir morgenfrüh die Scans von Mbar und TDSSKiller, sieht aus als wenn nach mehreren Scans jetzt wieder alles ok ist? Sollte ich noch weitere oder andere Scans machen?



Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.2.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17937

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461721600, free: 6564810752

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.2.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17937

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461721600, free: 6559698944

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.2.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17937

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461721600, free: 6558789632

Downloaded database version: v2015.08.18.07
Downloaded database version: v2015.08.16.01
Downloaded database version: v2015.08.18.01
Initializing...
======================
Driver version: 0.3.0.4
------------ Kernel report ------------
     08/18/2015 20:38:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\system32\drivers\07592503.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\mfeaack.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.08.18.07
  rootkit: v2015.08.16.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe001ee776060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001ee776b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ee776060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001ed746280, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe001ec7fb060, DeviceName: \Device\0000003a\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Infected: C:\ProgramData\vXcQvCvi\dat\WCHHrxbStn.dll --> [Adware.PullUpdate]
Infected: C:\Program Files (x86)\88AF1429-1439913800-E311-993D-BCEE7B96E21F\jnse4EA7.tmp --> [Adware.ConvertAd]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.2.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17937

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461721600, free: 6498066432

=======================================
Driver version: 0.3.0.4
------------ Kernel report ------------
     08/18/2015 20:53:04
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\mfeaack.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.08.18.07
  rootkit: v2015.08.16.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe0002e3e6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0002e3e7570, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0002e3e6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0002b58ec40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe0002c304060, DeviceName: \Device\0000003a\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Infected: C:\ProgramData\vXcQvCvi\dat\GsbJKSoXwEk.dll --> [Adware.PullUpdate]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.2.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17937

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 8461721600, free: 6955024384

Downloaded database version: v2015.08.18.08
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     08/18/2015 21:10:36
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\mfeaack.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.08.18.08
  rootkit: v2015.08.16.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe000cdf12640, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe000cdf11040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe000cdf12640, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe000cce26c20, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe000cce23060, DeviceName: \Device\0000003a\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: A523CAED

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2117733786
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2117733786
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 97f9a550-3c3a-45f6-8991-f48d76b9b6ef
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f23dc752-9e5b-4386-bc50-29c2af28c7f
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID da6f32cd-1cea-4831-8e52-ae6454db5d25
    FirstLBA 206848  Last LBA 2050047
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9c3c4dae-eea8-4be4-8e49-c8f4d98d5e41
    FirstLBA 2050048  Last LBA 2312191
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID c60fa7d-b919-4cd0-bc82-cbf734165513
    FirstLBA 2312192  Last LBA 2345603071
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5869f0c6-f15f-48a5-997e-1dc47c25f173
    FirstLBA 2345603072  Last LBA 2346524671
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fadd7ef0-39eb-4646-80e9-f9862f3b9d1
    FirstLBA 2346524672  Last LBA 5818569614
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 76cbd40c-4a38-4a8e-8b73-e0222b5c2c36
    FirstLBA 5818569615  Last LBA 5860533134
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
Geändert von JSM (19.08.2015 um 07:56 Uhr)

Alt 19.08.2015, 07:52   #14
JSM
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

TDSSKiller


Code:
ATTFilter

	
Code: 

 
ATTFilter


  

	
20:27:29.0561 0x12fc  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:27:29.0561 0x12fc  UEFI system
20:27:29.0686 0x12fc  ============================================================
20:27:29.0686 0x12fc  Current date / time: 2015/08/18 20:27:29.0686
20:27:29.0686 0x12fc  SystemInfo:
20:27:29.0686 0x12fc  
20:27:29.0686 0x12fc  OS Version: 6.3.9600 ServicePack: 0.0
20:27:29.0686 0x12fc  Product type: Workstation
20:27:29.0686 0x12fc  ComputerName: SUSANNE
20:27:29.0686 0x12fc  UserName: Susanne
20:27:29.0686 0x12fc  Windows directory: C:\WINDOWS
20:27:29.0686 0x12fc  System windows directory: C:\WINDOWS
20:27:29.0686 0x12fc  Running under WOW64
20:27:29.0686 0x12fc  Processor architecture: Intel x64
20:27:29.0686 0x12fc  Number of processors: 8
20:27:29.0686 0x12fc  Page size: 0x1000
20:27:29.0686 0x12fc  Boot type: Normal boot
20:27:29.0686 0x12fc  ============================================================
20:27:29.0842 0x12fc  BG loaded
20:27:33.0919 0x12fc  System UUID: {9B4EE4C3-D917-FF12-E428-D41CAB5C8A6B}
20:27:35.0829 0x12fc  Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:27:35.0844 0x12fc  ============================================================
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0:
20:27:35.0844 0x12fc  GPT partitions:
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F23DC752-9E5B-4386-BC50-029C2AF28C7F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DA6F32CD-1CEA-4831-8E52-AE6454DB5D25}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9C3C4DAE-EEA8-4BE4-8E49-C8F4D98D5E41}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0C60FA7D-B919-4CD0-BC82-CBF734165513}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x8BABC800
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5869F0C6-F15F-48A5-997E-1DC47C25F173}, Name: , StartLBA 0x8BCF1000, BlocksNum 0xE1000
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FADD7EF0-39EB-4646-80E9-F9862F03B9D1}, Name: Basic data partition, StartLBA 0x8BDD2000, BlocksNum 0xCEF3338F
20:27:35.0844 0x12fc  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {76CBD40C-4A38-4A8E-8B73-E0222B5C2C36}, Name: Basic data partition, StartLBA 0x15AD0538F, BlocksNum 0x2805000
20:27:35.0844 0x12fc  MBR partitions:
20:27:35.0844 0x12fc  ============================================================
20:27:35.0891 0x12fc  C: <-> \Device\Harddisk0\DR0\Partition4
20:27:36.0016 0x12fc  D: <-> \Device\Harddisk0\DR0\Partition6
20:27:36.0016 0x12fc  ============================================================
20:27:36.0016 0x12fc  Initialize success
20:27:36.0016 0x12fc  ============================================================
20:27:50.0815 0x1920  ============================================================
20:27:50.0815 0x1920  Scan started
20:27:50.0815 0x1920  Mode: Manual; 
20:27:50.0815 0x1920  ============================================================
20:27:50.0815 0x1920  KSN ping started
20:27:53.0190 0x1920  KSN ping finished: true
20:27:55.0143 0x1920  ================ Scan system memory ========================
20:27:55.0143 0x1920  System memory - ok
20:27:55.0143 0x1920  ================ Scan services =============================
20:27:55.0237 0x1920  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:27:55.0253 0x1920  1394ohci - ok
20:27:55.0268 0x1920  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:27:55.0268 0x1920  3ware - ok
20:27:55.0300 0x1920  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:27:55.0315 0x1920  ACPI - ok
20:27:55.0331 0x1920  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:27:55.0331 0x1920  acpiex - ok
20:27:55.0331 0x1920  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:27:55.0331 0x1920  acpipagr - ok
20:27:55.0347 0x1920  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:27:55.0362 0x1920  AcpiPmi - ok
20:27:55.0362 0x1920  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:27:55.0378 0x1920  acpitime - ok
20:27:55.0440 0x1920  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:27:55.0440 0x1920  AdobeARMservice - ok
20:27:55.0487 0x1920  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:27:55.0487 0x1920  AdobeFlashPlayerUpdateSvc - ok
20:27:55.0534 0x1920  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:27:55.0534 0x1920  ADP80XX - ok
20:27:55.0581 0x1920  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
20:27:55.0597 0x1920  AeLookupSvc - ok
20:27:55.0612 0x1920  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:27:55.0612 0x1920  AFD - ok
20:27:55.0628 0x1920  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
20:27:55.0643 0x1920  agp440 - ok
20:27:55.0659 0x1920  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:27:55.0659 0x1920  ahcache - ok
20:27:55.0675 0x1920  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
20:27:55.0675 0x1920  AiCharger - ok
20:27:55.0690 0x1920  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
20:27:55.0690 0x1920  ALG - ok
20:27:55.0706 0x1920  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:27:55.0722 0x1920  AmdK8 - ok
20:27:55.0722 0x1920  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:27:55.0737 0x1920  AmdPPM - ok
20:27:55.0753 0x1920  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:27:55.0753 0x1920  amdsata - ok
20:27:55.0768 0x1920  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:27:55.0784 0x1920  amdsbs - ok
20:27:55.0784 0x1920  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:27:55.0784 0x1920  amdxata - ok
20:27:55.0815 0x1920  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:27:55.0815 0x1920  AppID - ok
20:27:55.0815 0x1920  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:27:55.0815 0x1920  AppIDSvc - ok
20:27:55.0815 0x1920  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:27:55.0831 0x1920  Appinfo - ok
20:27:55.0847 0x1920  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:27:55.0862 0x1920  AppReadiness - ok
20:27:55.0893 0x1920  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:27:55.0909 0x1920  AppXSvc - ok
20:27:55.0925 0x1920  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:27:55.0925 0x1920  arcsas - ok
20:27:55.0987 0x1920  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:27:55.0987 0x1920  ASLDRService - ok
20:27:55.0987 0x1920  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:27:55.0987 0x1920  ASMMAP64 - ok
20:27:56.0018 0x1920  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
20:27:56.0034 0x1920  ASUS InstantOn - ok
20:27:56.0050 0x1920  [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
20:27:56.0050 0x1920  Asus WebStorage Windows Service - ok
20:27:56.0050 0x1920  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:27:56.0065 0x1920  atapi - ok
20:27:56.0081 0x1920  [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
20:27:56.0081 0x1920  AthBTPort - ok
20:27:56.0097 0x1920  [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:27:56.0112 0x1920  AtherosSvc - ok
20:27:56.0190 0x1920  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:27:56.0237 0x1920  athr - ok
20:27:56.0253 0x1920  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:27:56.0253 0x1920  ATKGFNEXSrv - ok
20:27:56.0268 0x1920  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:27:56.0268 0x1920  ATKWMIACPIIO - ok
20:27:56.0284 0x1920  [ 3903D1056E778BAEFA310B9B6EA6053E, 863977B4166A04557E154C41AC3B194A9F5C56C6090E8DE47C0D9D0E8CBD648E ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
20:27:56.0300 0x1920  ATP - ok
20:27:56.0300 0x1920  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:27:56.0315 0x1920  AudioEndpointBuilder - ok
20:27:56.0347 0x1920  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:27:56.0362 0x1920  Audiosrv - ok
20:27:56.0378 0x1920  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:27:56.0378 0x1920  AxInstSV - ok
20:27:56.0456 0x1920  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:27:56.0472 0x1920  b06bdrv - ok
20:27:56.0487 0x1920  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:27:56.0487 0x1920  BasicDisplay - ok
20:27:56.0487 0x1920  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:27:56.0503 0x1920  BasicRender - ok
20:27:56.0518 0x1920  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:27:56.0518 0x1920  bcmfn2 - ok
20:27:56.0550 0x1920  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:27:56.0550 0x1920  BDESVC - ok
20:27:56.0581 0x1920  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:27:56.0581 0x1920  Beep - ok
20:27:56.0628 0x1920  [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE             C:\WINDOWS\System32\bfe.dll
20:27:56.0628 0x1920  BFE - ok
20:27:56.0675 0x1920  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
20:27:56.0737 0x1920  BITS - ok
20:27:56.0737 0x1920  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:27:56.0737 0x1920  bowser - ok
20:27:56.0753 0x1920  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:27:56.0768 0x1920  BrokerInfrastructure - ok
20:27:56.0768 0x1920  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
20:27:56.0768 0x1920  Browser - ok
20:27:56.0784 0x1920  [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
20:27:56.0784 0x1920  BTATH_A2DP - ok
20:27:56.0800 0x1920  [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
20:27:56.0800 0x1920  btath_avdt - ok
20:27:56.0815 0x1920  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
20:27:56.0815 0x1920  BTATH_HCRP - ok
20:27:56.0831 0x1920  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
20:27:56.0831 0x1920  BTATH_LWFLT - ok
20:27:56.0831 0x1920  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
20:27:56.0831 0x1920  BTATH_RCP - ok
20:27:56.0862 0x1920  [ 7A38787D2CF43FA2812E2BF86F636BB9, 1A22D38B8CA091E8E8D794FC316DE52E949102EB779A38A1FAE2F72DD3DD5945 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:27:56.0862 0x1920  BtFilter - ok
20:27:56.0893 0x1920  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:27:56.0893 0x1920  BthAvrcpTg - ok
20:27:56.0893 0x1920  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:27:56.0909 0x1920  BthEnum - ok
20:27:56.0940 0x1920  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:27:56.0940 0x1920  BthHFEnum - ok
20:27:56.0956 0x1920  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:27:56.0956 0x1920  bthhfhid - ok
20:27:56.0972 0x1920  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:27:56.0987 0x1920  BthHFSrv - ok
20:27:57.0003 0x1920  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
20:27:57.0003 0x1920  BthLEEnum - ok
20:27:57.0003 0x1920  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:27:57.0003 0x1920  BTHMODEM - ok
20:27:57.0018 0x1920  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:27:57.0018 0x1920  BthPan - ok
20:27:57.0050 0x1920  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
20:27:57.0065 0x1920  BTHPORT - ok
20:27:57.0081 0x1920  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:27:57.0081 0x1920  bthserv - ok
20:27:57.0081 0x1920  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
20:27:57.0081 0x1920  BTHUSB - ok
20:27:57.0112 0x1920  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:27:57.0112 0x1920  cdfs - ok
20:27:57.0143 0x1920  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:27:57.0143 0x1920  cdrom - ok
20:27:57.0159 0x1920  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:27:57.0159 0x1920  CertPropSvc - ok
20:27:57.0190 0x1920  [ 4ECA59628D074CF45633EC7A3D7954D3, 054B4AE94920A06ECF8C65A66DC949B65665679B15733D021120159F6E2460DA ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
20:27:57.0190 0x1920  cfwids - ok
20:27:57.0206 0x1920  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:27:57.0222 0x1920  circlass - ok
20:27:57.0253 0x1920  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:27:57.0253 0x1920  CLFS - ok
20:27:57.0284 0x1920  [ 43A76111BFF11559CA1E6D13FFABF646, 4EDB91FF313AD94A284DE04446B13964916A9FE5496A9FF294F94DA140337150 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
20:27:57.0284 0x1920  CLKMSVC10_38F51D56 - ok
20:27:57.0300 0x1920  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:27:57.0300 0x1920  CmBatt - ok
20:27:57.0331 0x1920  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:27:57.0347 0x1920  CNG - ok
20:27:57.0362 0x1920  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
20:27:57.0362 0x1920  CompositeBus - ok
20:27:57.0362 0x1920  COMSysApp - ok
20:27:57.0362 0x1920  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:27:57.0362 0x1920  condrv - ok
20:27:57.0425 0x1920  [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:27:57.0425 0x1920  cphs - ok
20:27:57.0456 0x1920  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:27:57.0456 0x1920  CryptSvc - ok
20:27:57.0487 0x1920  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:27:57.0487 0x1920  dam - ok
20:27:57.0534 0x1920  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:27:57.0550 0x1920  DcomLaunch - ok
20:27:57.0565 0x1920  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:27:57.0565 0x1920  defragsvc - ok
20:27:57.0612 0x1920  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:27:57.0612 0x1920  DeviceAssociationService - ok
20:27:57.0628 0x1920  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:27:57.0628 0x1920  DeviceInstall - ok
20:27:57.0659 0x1920  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:27:57.0659 0x1920  Dfsc - ok
20:27:57.0659 0x1920  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:27:57.0675 0x1920  Dhcp - ok
20:27:57.0675 0x1920  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:27:57.0690 0x1920  disk - ok
20:27:57.0706 0x1920  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:27:57.0706 0x1920  dmvsc - ok
20:27:57.0737 0x1920  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:27:57.0737 0x1920  Dnscache - ok
20:27:57.0753 0x1920  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:27:57.0753 0x1920  dot3svc - ok
20:27:57.0769 0x1920  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
20:27:57.0769 0x1920  DPS - ok
20:27:57.0784 0x1920  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:27:57.0784 0x1920  drmkaud - ok
20:27:57.0800 0x1920  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:27:57.0815 0x1920  DsmSvc - ok
20:27:57.0847 0x1920  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:27:57.0862 0x1920  DXGKrnl - ok
20:27:57.0878 0x1920  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
20:27:57.0878 0x1920  Eaphost - ok
20:27:57.0956 0x1920  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:27:58.0003 0x1920  ebdrv - ok
20:27:58.0034 0x1920  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
20:27:58.0050 0x1920  EFS - ok
20:27:58.0050 0x1920  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:27:58.0050 0x1920  EhStorClass - ok
20:27:58.0065 0x1920  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:27:58.0065 0x1920  EhStorTcgDrv - ok
20:27:58.0081 0x1920  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:27:58.0081 0x1920  ErrDev - ok
20:27:58.0128 0x1920  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
20:27:58.0128 0x1920  EventSystem - ok
20:27:58.0144 0x1920  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:27:58.0159 0x1920  exfat - ok
20:27:58.0175 0x1920  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:27:58.0190 0x1920  fastfat - ok
20:27:58.0222 0x1920  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:27:58.0237 0x1920  Fax - ok
20:27:58.0253 0x1920  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:27:58.0253 0x1920  fdc - ok
20:27:58.0284 0x1920  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:27:58.0284 0x1920  fdPHost - ok
20:27:58.0284 0x1920  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:27:58.0284 0x1920  FDResPub - ok
20:27:58.0300 0x1920  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:27:58.0300 0x1920  fhsvc - ok
20:27:58.0300 0x1920  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:27:58.0300 0x1920  FileInfo - ok
20:27:58.0315 0x1920  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:27:58.0315 0x1920  Filetrace - ok
20:27:58.0331 0x1920  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:27:58.0347 0x1920  flpydisk - ok
20:27:58.0362 0x1920  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:27:58.0378 0x1920  FltMgr - ok
20:27:58.0409 0x1920  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:27:58.0425 0x1920  FontCache - ok
20:27:58.0519 0x1920  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:27:58.0519 0x1920  FontCache3.0.0.0 - ok
20:27:58.0519 0x1920  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:27:58.0519 0x1920  FsDepends - ok
20:27:58.0550 0x1920  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:27:58.0550 0x1920  Fs_Rec - ok
20:27:58.0565 0x1920  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:27:58.0581 0x1920  fvevol - ok
20:27:58.0597 0x1920  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
20:27:58.0612 0x1920  FxPPM - ok
20:27:58.0612 0x1920  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
20:27:58.0628 0x1920  gagp30kx - ok
20:27:58.0675 0x1920  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:27:58.0675 0x1920  GamesAppService - ok
20:27:58.0706 0x1920  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:27:58.0706 0x1920  gencounter - ok
20:27:58.0722 0x1920  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:27:58.0722 0x1920  GPIOClx0101 - ok
20:27:58.0769 0x1920  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:27:58.0784 0x1920  gpsvc - ok
20:27:58.0800 0x1920  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:27:58.0800 0x1920  HDAudBus - ok
20:27:58.0831 0x1920  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:27:58.0831 0x1920  HidBatt - ok
20:27:58.0847 0x1920  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:27:58.0862 0x1920  HidBth - ok
20:27:58.0862 0x1920  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:27:58.0862 0x1920  hidi2c - ok
20:27:58.0909 0x1920  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:27:58.0909 0x1920  HidIr - ok
20:27:58.0940 0x1920  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:27:58.0940 0x1920  hidserv - ok
20:27:58.0956 0x1920  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
20:27:58.0956 0x1920  HIDSwitch - ok
20:27:58.0972 0x1920  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:27:58.0972 0x1920  HidUsb - ok
20:27:58.0987 0x1920  [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
20:27:58.0987 0x1920  HipShieldK - ok
20:27:59.0019 0x1920  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
20:27:59.0019 0x1920  hkmsvc - ok
20:27:59.0034 0x1920  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:27:59.0034 0x1920  HomeGroupListener - ok
20:27:59.0065 0x1920  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:27:59.0081 0x1920  HomeGroupProvider - ok
20:27:59.0159 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:27:59.0175 0x1920  HomeNetSvc - ok
20:27:59.0175 0x1920  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:27:59.0175 0x1920  HpSAMD - ok
20:27:59.0222 0x1920  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:27:59.0237 0x1920  HTTP - ok
20:27:59.0269 0x1920  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:27:59.0284 0x1920  hwpolicy - ok
20:27:59.0300 0x1920  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:27:59.0300 0x1920  hyperkbd - ok
20:27:59.0347 0x1920  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:27:59.0347 0x1920  HyperVideo - ok
20:27:59.0394 0x1920  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:27:59.0394 0x1920  i8042prt - ok
20:27:59.0425 0x1920  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:27:59.0425 0x1920  iaLPSSi_GPIO - ok
20:27:59.0456 0x1920  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:27:59.0456 0x1920  iaLPSSi_I2C - ok
20:27:59.0503 0x1920  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:27:59.0503 0x1920  iaStorA - ok
20:27:59.0534 0x1920  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:27:59.0550 0x1920  iaStorAV - ok
20:27:59.0581 0x1920  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:27:59.0597 0x1920  iaStorV - ok
20:27:59.0644 0x1920  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:27:59.0659 0x1920  ICCS - ok
20:27:59.0659 0x1920  IEEtwCollectorService - ok
20:27:59.0815 0x1920  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:27:59.0909 0x1920  igfx - ok
20:28:00.0081 0x1920  [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:28:00.0081 0x1920  IKEEXT - ok
20:28:00.0097 0x1920  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
20:28:00.0097 0x1920  intaud_WaveExtensible - ok
20:28:00.0175 0x1920  [ 12628A1A2495D202A813B7743F799257, 7480098E35B2B8C6BE8A289225EB9E8201D8D58E5F19E25927A828552FB47477 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:28:00.0222 0x1920  IntcAzAudAddService - ok
20:28:00.0269 0x1920  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:28:00.0284 0x1920  IntcDAud - ok
20:28:00.0316 0x1920  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:28:00.0331 0x1920  Intel(R) Capability Licensing Service Interface - ok
20:28:00.0362 0x1920  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:28:00.0362 0x1920  Intel(R) ME Service - ok
20:28:00.0378 0x1920  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:28:00.0378 0x1920  intelide - ok
20:28:00.0409 0x1920  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:28:00.0409 0x1920  intelpep - ok
20:28:00.0425 0x1920  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:28:00.0441 0x1920  intelppm - ok
20:28:00.0456 0x1920  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:28:00.0456 0x1920  IpFilterDriver - ok
20:28:00.0503 0x1920  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:28:00.0519 0x1920  iphlpsvc - ok
20:28:00.0534 0x1920  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:28:00.0534 0x1920  IPMIDRV - ok
20:28:00.0550 0x1920  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:28:00.0550 0x1920  IPNAT - ok
20:28:00.0566 0x1920  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:28:00.0566 0x1920  IRENUM - ok
20:28:00.0597 0x1920  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:28:00.0597 0x1920  isapnp - ok
20:28:00.0612 0x1920  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:28:00.0628 0x1920  iScsiPrt - ok
20:28:00.0659 0x1920  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
20:28:00.0659 0x1920  iwdbus - ok
20:28:00.0675 0x1920  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:28:00.0675 0x1920  jhi_service - ok
20:28:00.0691 0x1920  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:28:00.0691 0x1920  kbdclass - ok
20:28:00.0706 0x1920  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:28:00.0706 0x1920  kbdhid - ok
20:28:00.0722 0x1920  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys
20:28:00.0722 0x1920  kbfiltr - ok
20:28:00.0737 0x1920  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:28:00.0737 0x1920  kdnic - ok
20:28:00.0753 0x1920  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:28:00.0753 0x1920  KeyIso - ok
20:28:00.0769 0x1920  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:28:00.0769 0x1920  KSecDD - ok
20:28:00.0816 0x1920  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:28:00.0816 0x1920  KSecPkg - ok
20:28:00.0816 0x1920  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:28:00.0831 0x1920  ksthunk - ok
20:28:00.0894 0x1920  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:28:00.0909 0x1920  KtmRm - ok
20:28:00.0956 0x1920  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:28:00.0972 0x1920  LanmanServer - ok
20:28:01.0003 0x1920  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:28:01.0003 0x1920  LanmanWorkstation - ok
20:28:01.0050 0x1920  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
20:28:01.0066 0x1920  lfsvc - ok
20:28:01.0097 0x1920  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:28:01.0097 0x1920  lltdio - ok
20:28:01.0206 0x1920  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:28:01.0222 0x1920  lltdsvc - ok
20:28:01.0284 0x1920  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:28:01.0284 0x1920  lmhosts - ok
20:28:01.0394 0x1920  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:28:01.0394 0x1920  LMS - ok
20:28:01.0441 0x1920  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:28:01.0441 0x1920  LSI_SAS - ok
20:28:01.0487 0x1920  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:28:01.0487 0x1920  LSI_SAS2 - ok
20:28:01.0503 0x1920  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:28:01.0519 0x1920  LSI_SAS3 - ok
20:28:01.0550 0x1920  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:28:01.0550 0x1920  LSI_SSS - ok
20:28:01.0659 0x1920  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
20:28:01.0675 0x1920  LSM - ok
20:28:01.0691 0x1920  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:28:01.0691 0x1920  luafv - ok
20:28:01.0722 0x1920  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
20:28:01.0722 0x1920  mbamchameleon - ok
20:28:01.0753 0x1920  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:28:01.0753 0x1920  MBAMSwissArmy - ok
20:28:01.0831 0x1920  [ 37D933470CA4BA9CDA7238CCBAA21AEE, 38E2E0E937F00374B7ACD9C7258579724A16A0B33C438CEAE183A6B5C9DB1F3E ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
20:28:01.0831 0x1920  McAfee SiteAdvisor Service - ok
20:28:01.0941 0x1920  [ D0916171BE2F9B55BB2B064DE1CCF6F5, 774DA9635103754C1CDA851036904799A88FB65139AFAB72BEA7142589E7AEB1 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
20:28:01.0956 0x1920  McAPExe - ok
20:28:01.0987 0x1920  [ 7E6A605BF5211D1A065698FEF9894B7F, 7AF0427E47678A428BDB2FB05787D43EB11F731481173260F2B8D265783C1587 ] McAWFwk         C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
20:28:02.0003 0x1920  McAWFwk - ok
20:28:02.0066 0x1920  [ 998D0AAC182C536C258F7EDF0DCABCB5, 983DE1F52B232369EDAC0E0852815D74A05871A090B49FC16E24FF21B1779F10 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
20:28:02.0081 0x1920  mccspsvc - ok
20:28:02.0097 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:28:02.0097 0x1920  McMPFSvc - ok
20:28:02.0112 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:28:02.0112 0x1920  McNaiAnn - ok
20:28:02.0144 0x1920  [ C32F9DAFD27557A53ED44915075B5658, 3C14A497021BA51AD8200D94B898ABA039666ED971C3AE4EB4859A35BDFFD564 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
20:28:02.0144 0x1920  McODS - ok
20:28:02.0159 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:28:02.0159 0x1920  McOobeSv2 - ok
20:28:02.0175 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:28:02.0175 0x1920  mcpltsvc - ok
20:28:02.0175 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
20:28:02.0191 0x1920  McProxy - ok
20:28:02.0206 0x1920  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:28:02.0222 0x1920  megasas - ok
20:28:02.0237 0x1920  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:28:02.0237 0x1920  megasr - ok
20:28:02.0284 0x1920  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
20:28:02.0284 0x1920  MEIx64 - ok
20:28:02.0316 0x1920  [ B57322E3BC44A1F0A9C97B68A9EFF495, 2C967B0E965DF834BDC92E3D12E372CB47BA88CB02B0B12FA2AE7B94C2AD80A1 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
20:28:02.0331 0x1920  mfeaack - ok
20:28:02.0347 0x1920  [ 2BD453B97EF1B1DB5AA195A261F926F8, 47582D78B3ADD1D77F98C5D4EC89B1EC1EE7A79677691FAE543DECA2EE5ACF79 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
20:28:02.0363 0x1920  mfeavfk - ok
20:28:02.0363 0x1920  [ D1780DF54D9DB0DF6801F8657D5F0A14, 4B695A7165BB11521E602D93E73770D4181E170AA010CE5F91F95031BF4865C9 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
20:28:02.0363 0x1920  mfeelamk - ok
20:28:02.0394 0x1920  [ B58B438EE841934F0425AC91560D13F4, 3D6FAFB2E7EB3616E2A4827D713DB95795AFA0D50140F8DDF08C102838776277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:28:02.0394 0x1920  mfefire - ok
20:28:02.0409 0x1920  [ 9F9BC4DBB610F1AD600F619416A6144D, DE957B0CEF45A4DFD5280DFF8EC4D3EDFBE00E1CB920262D2F6B86E19DDAD7C6 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
20:28:02.0409 0x1920  mfefirek - ok
20:28:02.0441 0x1920  [ B98911F49EA2F83A9079315846BE1E53, 2335ED3F166D5B10F2DBECE330C1FE8D50E1DEE4EA7D523AB6AC79E99A26C206 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
20:28:02.0441 0x1920  mfehidk - ok
20:28:02.0456 0x1920  [ 7C1F1E613FC396D464A2E3387E49E4F3, 447350362628E726A648B41C8C559DE931262AE459CBDABA7F14F50CDB369C3F ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
20:28:02.0472 0x1920  mfemms - ok
20:28:02.0503 0x1920  [ 759ABC713BCA60F5508FC1455046670D, 1E8E903982B04D66ACBA0251B5256189F1BA4BD024A1C5F2E37E24D6CD1F96F3 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
20:28:02.0503 0x1920  mfencbdc - ok
20:28:02.0519 0x1920  [ 3924A68351C527CCB1AEF2DF486F0C35, C308C472DCB370D10935B1B00368C27F9F66B650F64D9B454495CD1CC5ABF3B6 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
20:28:02.0519 0x1920  mfencrk - ok
20:28:02.0566 0x1920  [ C4BF34A9C33832F9A23E849883D8D88D, 4DB4C025AE514A568E09943463E16B51C2A711C7567F3E7F34C8D266DACD87D4 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
20:28:02.0566 0x1920  mfesapsn - ok
20:28:02.0581 0x1920  [ E2082E1EF67506041CAD66D905494B43, B577E1D37D16A9FDA9818317D4A8DB0FF49F1099D983F014FFDB697A3FC889F7 ] mfevtp          C:\windows\system32\mfevtps.exe
20:28:02.0581 0x1920  mfevtp - ok
20:28:02.0597 0x1920  [ 34CA0FA858BC45FA83247AAD4976CCE7, 676ED2E7EE58D2316F2DC05AB4BD9F9CFE75570E9919D568ACC992B4F9152514 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
20:28:02.0597 0x1920  mfewfpk - ok
20:28:02.0628 0x1920  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
20:28:02.0628 0x1920  MMCSS - ok
20:28:02.0659 0x1920  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:28:02.0675 0x1920  Modem - ok
20:28:02.0691 0x1920  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:28:02.0691 0x1920  monitor - ok
20:28:02.0706 0x1920  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:28:02.0706 0x1920  mouclass - ok
20:28:02.0722 0x1920  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:28:02.0722 0x1920  mouhid - ok
20:28:02.0753 0x1920  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:28:02.0753 0x1920  mountmgr - ok
20:28:02.0769 0x1920  [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:28:02.0784 0x1920  MozillaMaintenance - ok
20:28:02.0816 0x1920  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:28:02.0816 0x1920  mpsdrv - ok
20:28:02.0847 0x1920  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:28:02.0863 0x1920  MpsSvc - ok
20:28:02.0894 0x1920  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:28:02.0894 0x1920  MRxDAV - ok
20:28:02.0925 0x1920  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:28:02.0941 0x1920  mrxsmb - ok
20:28:02.0972 0x1920  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:28:02.0972 0x1920  mrxsmb10 - ok
20:28:02.0988 0x1920  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:28:02.0988 0x1920  mrxsmb20 - ok
20:28:03.0034 0x1920  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
20:28:03.0034 0x1920  MsBridge - ok
20:28:03.0066 0x1920  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:28:03.0066 0x1920  MSDTC - ok
20:28:03.0066 0x1920  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:28:03.0066 0x1920  Msfs - ok
20:28:03.0097 0x1920  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:28:03.0097 0x1920  msgpiowin32 - ok
20:28:03.0113 0x1920  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:28:03.0113 0x1920  mshidkmdf - ok
20:28:03.0128 0x1920  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:28:03.0128 0x1920  mshidumdf - ok
20:28:03.0128 0x1920  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:28:03.0144 0x1920  msisadrv - ok
20:28:03.0159 0x1920  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:28:03.0175 0x1920  MSiSCSI - ok
20:28:03.0175 0x1920  msiserver - ok
20:28:03.0191 0x1920  [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
20:28:03.0206 0x1920  MSK80Service - ok
20:28:03.0206 0x1920  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:28:03.0206 0x1920  MSKSSRV - ok
20:28:03.0222 0x1920  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:28:03.0222 0x1920  MsLldp - ok
20:28:03.0238 0x1920  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:28:03.0238 0x1920  MSPCLOCK - ok
20:28:03.0253 0x1920  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:28:03.0253 0x1920  MSPQM - ok
20:28:03.0284 0x1920  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:28:03.0284 0x1920  MsRPC - ok
20:28:03.0284 0x1920  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:28:03.0284 0x1920  mssmbios - ok
20:28:03.0300 0x1920  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:28:03.0300 0x1920  MSTEE - ok
20:28:03.0316 0x1920  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:28:03.0316 0x1920  MTConfig - ok
20:28:03.0331 0x1920  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:28:03.0331 0x1920  Mup - ok
20:28:03.0347 0x1920  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:28:03.0347 0x1920  mvumis - ok
20:28:03.0378 0x1920  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
20:28:03.0378 0x1920  napagent - ok
20:28:03.0394 0x1920  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:28:03.0409 0x1920  NativeWifiP - ok
20:28:03.0425 0x1920  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:28:03.0441 0x1920  NcaSvc - ok
20:28:03.0441 0x1920  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:28:03.0441 0x1920  NcbService - ok
20:28:03.0441 0x1920  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:28:03.0456 0x1920  NcdAutoSetup - ok
20:28:03.0488 0x1920  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:28:03.0503 0x1920  NDIS - ok
20:28:03.0503 0x1920  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:28:03.0519 0x1920  NdisCap - ok
20:28:03.0519 0x1920  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:28:03.0519 0x1920  NdisImPlatform - ok
20:28:03.0550 0x1920  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:28:03.0550 0x1920  NdisTapi - ok
20:28:03.0550 0x1920  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:28:03.0550 0x1920  Ndisuio - ok
20:28:03.0581 0x1920  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:28:03.0581 0x1920  NdisVirtualBus - ok
20:28:03.0597 0x1920  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:28:03.0613 0x1920  NdisWan - ok
20:28:03.0613 0x1920  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:28:03.0613 0x1920  NdisWanLegacy - ok
20:28:03.0644 0x1920  [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:28:03.0644 0x1920  NDProxy - ok
20:28:03.0644 0x1920  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:28:03.0644 0x1920  Ndu - ok
20:28:03.0644 0x1920  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:28:03.0644 0x1920  NetBIOS - ok
20:28:03.0675 0x1920  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:28:03.0691 0x1920  NetBT - ok
20:28:03.0706 0x1920  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:28:03.0706 0x1920  Netlogon - ok
20:28:03.0722 0x1920  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
20:28:03.0738 0x1920  Netman - ok
20:28:03.0753 0x1920  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:28:03.0753 0x1920  netprofm - ok
20:28:03.0800 0x1920  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:03.0847 0x1920  NetTcpPortSharing - ok
20:28:03.0863 0x1920  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
20:28:03.0863 0x1920  netvsc - ok
20:28:03.0909 0x1920  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:28:03.0909 0x1920  NlaSvc - ok
20:28:03.0925 0x1920  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:28:03.0925 0x1920  Npfs - ok
20:28:03.0925 0x1920  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:28:03.0925 0x1920  npsvctrig - ok
20:28:03.0941 0x1920  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:28:03.0941 0x1920  nsi - ok
20:28:03.0941 0x1920  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:28:03.0941 0x1920  nsiproxy - ok
20:28:03.0988 0x1920  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:28:04.0019 0x1920  Ntfs - ok
20:28:04.0034 0x1920  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:28:04.0034 0x1920  Null - ok
20:28:04.0238 0x1920  [ 858262F04D4E4396B7D2B29E444B6690, 4636E78A9432C4FC18F054D95811EB452C147890C8C30E2E501EBFD353170FD6 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:28:04.0378 0x1920  nvlddmkm - ok
20:28:04.0394 0x1920  [ 4925D3981E4A985F96EE5894DE61DD25, D6E8FF1B34AFABF370DFAFB60F6D8881888D99BE3E517414CC618D8E0D6B1B02 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
20:28:04.0394 0x1920  nvpciflt - ok
20:28:04.0409 0x1920  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:28:04.0409 0x1920  nvraid - ok
20:28:04.0425 0x1920  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:28:04.0425 0x1920  nvstor - ok
20:28:04.0472 0x1920  [ F37F612016CC2A6DFD8ADE79842E85DB, A4C013119F6DB6B04FF86051FFDFFB9E238E145F86CEF25978B239C1D4CD03EB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:28:04.0488 0x1920  nvsvc - ok
20:28:04.0550 0x1920  [ 2A75EF9CF0B886E7127023456FF0E7B8, BD3391C2EB3CBCF06F9422743E06F7C3A09D11EC852D0D52B791B7AF467CF25A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:28:04.0566 0x1920  nvUpdatusService - ok
20:28:04.0581 0x1920  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
20:28:04.0581 0x1920  nv_agp - ok
20:28:04.0613 0x1920  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:28:04.0613 0x1920  p2pimsvc - ok
20:28:04.0644 0x1920  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:28:04.0644 0x1920  p2psvc - ok
20:28:04.0660 0x1920  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:28:04.0675 0x1920  Parport - ok
20:28:04.0691 0x1920  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:28:04.0691 0x1920  partmgr - ok
20:28:04.0691 0x1920  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:28:04.0706 0x1920  PcaSvc - ok
20:28:04.0722 0x1920  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:28:04.0722 0x1920  pci - ok
20:28:04.0722 0x1920  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:28:04.0738 0x1920  pciide - ok
20:28:04.0738 0x1920  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:28:04.0738 0x1920  pcmcia - ok
20:28:04.0753 0x1920  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:28:04.0753 0x1920  pcw - ok
20:28:04.0785 0x1920  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:28:04.0785 0x1920  pdc - ok
20:28:04.0816 0x1920  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:28:04.0831 0x1920  PEAUTH - ok
20:28:04.0878 0x1920  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:28:04.0894 0x1920  PerfHost - ok
20:28:04.0925 0x1920  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
20:28:04.0956 0x1920  pla - ok
20:28:04.0972 0x1920  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:28:04.0972 0x1920  PlugPlay - ok
20:28:04.0988 0x1920  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:28:04.0988 0x1920  PNRPAutoReg - ok
20:28:05.0003 0x1920  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:28:05.0003 0x1920  PNRPsvc - ok
20:28:05.0035 0x1920  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:28:05.0035 0x1920  PolicyAgent - ok
20:28:05.0050 0x1920  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
20:28:05.0050 0x1920  Power - ok
20:28:05.0128 0x1920  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:28:05.0191 0x1920  PrintNotify - ok
20:28:05.0206 0x1920  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:28:05.0222 0x1920  Processor - ok
20:28:05.0253 0x1920  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:28:05.0253 0x1920  ProfSvc - ok
20:28:05.0269 0x1920  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
20:28:05.0269 0x1920  Psched - ok
20:28:05.0285 0x1920  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:28:05.0285 0x1920  QWAVE - ok
20:28:05.0300 0x1920  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:28:05.0300 0x1920  QWAVEdrv - ok
20:28:05.0316 0x1920  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:28:05.0316 0x1920  RasAcd - ok
20:28:05.0363 0x1920  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:28:05.0363 0x1920  RasAuto - ok
20:28:05.0378 0x1920  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:28:05.0394 0x1920  RasMan - ok
20:28:05.0425 0x1920  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:28:05.0425 0x1920  RasPppoe - ok
20:28:05.0441 0x1920  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:28:05.0456 0x1920  rdbss - ok
20:28:05.0456 0x1920  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:28:05.0456 0x1920  rdpbus - ok
20:28:05.0456 0x1920  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:28:05.0472 0x1920  RDPDR - ok
20:28:05.0488 0x1920  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:28:05.0503 0x1920  RdpVideoMiniport - ok
20:28:05.0503 0x1920  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:28:05.0503 0x1920  rdyboost - ok
20:28:05.0535 0x1920  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
20:28:05.0550 0x1920  ReFS - ok
20:28:05.0597 0x1920  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:28:05.0597 0x1920  RemoteAccess - ok
20:28:05.0628 0x1920  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:28:05.0628 0x1920  RemoteRegistry - ok
20:28:05.0660 0x1920  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:28:05.0660 0x1920  RFCOMM - ok
20:28:05.0660 0x1920  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:28:05.0660 0x1920  RpcEptMapper - ok
20:28:05.0691 0x1920  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:28:05.0691 0x1920  RpcLocator - ok
20:28:05.0706 0x1920  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:28:05.0722 0x1920  RpcSs - ok
20:28:05.0722 0x1920  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:28:05.0722 0x1920  rspndr - ok
20:28:05.0753 0x1920  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:28:05.0769 0x1920  RTL8168 - ok
20:28:05.0769 0x1920  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:28:05.0769 0x1920  s3cap - ok
20:28:05.0800 0x1920  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
20:28:05.0800 0x1920  SamSs - ok
20:28:05.0831 0x1920  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:28:05.0831 0x1920  sbp2port - ok
20:28:05.0863 0x1920  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:28:05.0863 0x1920  SCardSvr - ok
20:28:05.0863 0x1920  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:28:05.0878 0x1920  ScDeviceEnum - ok
20:28:05.0878 0x1920  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:28:05.0878 0x1920  scfilter - ok
20:28:05.0910 0x1920  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:28:05.0925 0x1920  Schedule - ok
20:28:05.0956 0x1920  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:28:05.0972 0x1920  SCPolicySvc - ok
20:28:06.0003 0x1920  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:28:06.0003 0x1920  sdbus - ok
20:28:06.0019 0x1920  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:28:06.0035 0x1920  sdstor - ok
20:28:06.0050 0x1920  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
20:28:06.0050 0x1920  secdrv - ok
20:28:06.0066 0x1920  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:28:06.0066 0x1920  seclogon - ok
20:28:06.0081 0x1920  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
20:28:06.0081 0x1920  SENS - ok
20:28:06.0081 0x1920  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:28:06.0097 0x1920  SensrSvc - ok
20:28:06.0113 0x1920  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:28:06.0113 0x1920  SerCx - ok
20:28:06.0128 0x1920  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:28:06.0128 0x1920  SerCx2 - ok
20:28:06.0144 0x1920  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:28:06.0160 0x1920  Serenum - ok
20:28:06.0160 0x1920  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:28:06.0175 0x1920  Serial - ok
20:28:06.0206 0x1920  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:28:06.0206 0x1920  sermouse - ok
20:28:06.0300 0x1920  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:28:06.0316 0x1920  SessionEnv - ok
20:28:06.0331 0x1920  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:28:06.0331 0x1920  sfloppy - ok
20:28:06.0378 0x1920  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:28:06.0378 0x1920  SharedAccess - ok
20:28:06.0410 0x1920  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:28:06.0425 0x1920  ShellHWDetection - ok
20:28:06.0535 0x1920  [ C5E942153BA4D9D4B89C66498F2925A4, A82028D56867E5C2CC7ADCB3862D05EE41A79E4C88B6BFDFFB1A868B391C9128 ] ShoppXr         C:\ProgramData\vXcQvCvi\ShoppXr.exe
20:28:06.0566 0x1920  ShoppXr - ok
20:28:06.0581 0x1920  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:28:06.0581 0x1920  SiSRaid2 - ok
20:28:06.0597 0x1920  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:28:06.0597 0x1920  SiSRaid4 - ok
20:28:06.0613 0x1920  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
20:28:06.0628 0x1920  smphost - ok
20:28:06.0644 0x1920  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:28:06.0644 0x1920  SNMPTRAP - ok
20:28:06.0660 0x1920  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:28:06.0675 0x1920  spaceport - ok
20:28:06.0691 0x1920  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:28:06.0691 0x1920  SpbCx - ok
20:28:06.0722 0x1920  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:28:06.0738 0x1920  Spooler - ok
20:28:06.0863 0x1920  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:28:06.0941 0x1920  sppsvc - ok
20:28:06.0957 0x1920  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:28:06.0972 0x1920  srv - ok
20:28:06.0988 0x1920  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:28:06.0988 0x1920  srv2 - ok
20:28:07.0003 0x1920  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:28:07.0003 0x1920  srvnet - ok
20:28:07.0035 0x1920  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:28:07.0035 0x1920  SSDPSRV - ok
20:28:07.0066 0x1920  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:28:07.0066 0x1920  SstpSvc - ok
20:28:07.0082 0x1920  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:28:07.0082 0x1920  stexstor - ok
20:28:07.0144 0x1920  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:28:07.0160 0x1920  stisvc - ok
20:28:07.0175 0x1920  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:28:07.0175 0x1920  storahci - ok
20:28:07.0191 0x1920  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:28:07.0191 0x1920  storflt - ok
20:28:07.0207 0x1920  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:28:07.0207 0x1920  stornvme - ok
20:28:07.0222 0x1920  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:28:07.0222 0x1920  StorSvc - ok
20:28:07.0238 0x1920  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:28:07.0238 0x1920  storvsc - ok
20:28:07.0253 0x1920  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:28:07.0253 0x1920  svsvc - ok
20:28:07.0269 0x1920  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:28:07.0269 0x1920  swenum - ok
20:28:07.0300 0x1920  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
20:28:07.0316 0x1920  swprv - ok
20:28:07.0363 0x1920  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:28:07.0378 0x1920  SysMain - ok
20:28:07.0394 0x1920  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:28:07.0394 0x1920  SystemEventsBroker - ok
20:28:07.0425 0x1920  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:28:07.0425 0x1920  TabletInputService - ok
20:28:07.0441 0x1920  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:28:07.0441 0x1920  TapiSrv - ok
20:28:07.0503 0x1920  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:28:07.0566 0x1920  Tcpip - ok
20:28:07.0613 0x1920  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:28:07.0644 0x1920  TCPIP6 - ok
20:28:07.0691 0x1920  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:28:07.0691 0x1920  tcpipreg - ok
20:28:07.0707 0x1920  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:28:07.0707 0x1920  tdx - ok
20:28:07.0722 0x1920  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:28:07.0722 0x1920  terminpt - ok
20:28:07.0769 0x1920  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:28:07.0785 0x1920  TermService - ok
20:28:07.0800 0x1920  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
20:28:07.0800 0x1920  Themes - ok
20:28:07.0832 0x1920  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
20:28:07.0832 0x1920  THREADORDER - ok
20:28:07.0847 0x1920  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
20:28:07.0847 0x1920  TimeBroker - ok
20:28:07.0863 0x1920  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
20:28:07.0878 0x1920  TPM - ok
20:28:07.0894 0x1920  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:28:07.0894 0x1920  TrkWks - ok
20:28:07.0925 0x1920  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:28:07.0941 0x1920  TrustedInstaller - ok
20:28:07.0941 0x1920  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:28:07.0941 0x1920  TsUsbFlt - ok
20:28:07.0941 0x1920  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:28:07.0941 0x1920  TsUsbGD - ok
20:28:07.0957 0x1920  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:28:07.0957 0x1920  tunnel - ok
20:28:07.0972 0x1920  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
20:28:07.0972 0x1920  uagp35 - ok
20:28:07.0988 0x1920  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:28:07.0988 0x1920  UASPStor - ok
20:28:07.0988 0x1920  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
20:28:07.0988 0x1920  UCX01000 - ok
20:28:08.0035 0x1920  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:28:08.0050 0x1920  udfs - ok
20:28:08.0066 0x1920  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:28:08.0066 0x1920  UEFI - ok
20:28:08.0097 0x1920  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:28:08.0097 0x1920  UI0Detect - ok
20:28:08.0113 0x1920  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
20:28:08.0128 0x1920  uliagpkx - ok
20:28:08.0144 0x1920  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:28:08.0144 0x1920  umbus - ok
20:28:08.0160 0x1920  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:28:08.0160 0x1920  UmPass - ok
20:28:08.0175 0x1920  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:28:08.0175 0x1920  UmRdpService - ok
20:28:08.0253 0x1920  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:28:08.0253 0x1920  UNS - ok
20:28:08.0269 0x1920  Update Coupon Time - ok
20:28:08.0285 0x1920  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:28:08.0300 0x1920  upnphost - ok
20:28:08.0316 0x1920  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:28:08.0316 0x1920  usbccgp - ok
20:28:08.0347 0x1920  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:28:08.0347 0x1920  usbcir - ok
20:28:08.0363 0x1920  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:28:08.0378 0x1920  usbehci - ok
20:28:08.0378 0x1920  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:28:08.0394 0x1920  usbhub - ok
20:28:08.0425 0x1920  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:28:08.0425 0x1920  USBHUB3 - ok
20:28:08.0441 0x1920  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:28:08.0441 0x1920  usbohci - ok
20:28:08.0441 0x1920  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:28:08.0457 0x1920  usbprint - ok
20:28:08.0457 0x1920  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:28:08.0472 0x1920  USBSTOR - ok
20:28:08.0472 0x1920  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:28:08.0488 0x1920  usbuhci - ok
20:28:08.0488 0x1920  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
20:28:08.0503 0x1920  usbvideo - ok
20:28:08.0519 0x1920  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:28:08.0535 0x1920  USBXHCI - ok
20:28:08.0535 0x1920  Util Coupon Time - ok
20:28:08.0550 0x1920  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:28:08.0550 0x1920  VaultSvc - ok
20:28:08.0550 0x1920  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:28:08.0550 0x1920  vdrvroot - ok
20:28:08.0597 0x1920  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
20:28:08.0613 0x1920  vds - ok
20:28:08.0628 0x1920  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:28:08.0628 0x1920  VerifierExt - ok
20:28:08.0660 0x1920  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:28:08.0675 0x1920  vhdmp - ok
20:28:08.0675 0x1920  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
20:28:08.0691 0x1920  viaide - ok
20:28:08.0707 0x1920  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:28:08.0707 0x1920  vmbus - ok
20:28:08.0722 0x1920  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:28:08.0722 0x1920  VMBusHID - ok
20:28:08.0769 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:28:08.0769 0x1920  vmicguestinterface - ok
20:28:08.0785 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
20:28:08.0785 0x1920  vmicheartbeat - ok
20:28:08.0800 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:28:08.0816 0x1920  vmickvpexchange - ok
20:28:08.0816 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
20:28:08.0832 0x1920  vmicrdv - ok
20:28:08.0832 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
20:28:08.0847 0x1920  vmicshutdown - ok
20:28:08.0863 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
20:28:08.0863 0x1920  vmictimesync - ok
20:28:08.0878 0x1920  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
20:28:08.0878 0x1920  vmicvss - ok
20:28:08.0910 0x1920  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:28:08.0910 0x1920  volmgr - ok
20:28:08.0910 0x1920  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:28:08.0925 0x1920  volmgrx - ok
20:28:08.0925 0x1920  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:28:08.0941 0x1920  volsnap - ok
20:28:08.0972 0x1920  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:28:08.0972 0x1920  vpci - ok
20:28:08.0988 0x1920  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:28:08.0988 0x1920  vsmraid - ok
20:28:09.0035 0x1920  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\WINDOWS\system32\vssvc.exe
20:28:09.0050 0x1920  VSS - ok
20:28:09.0082 0x1920  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:28:09.0082 0x1920  VSTXRAID - ok
20:28:09.0097 0x1920  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:28:09.0097 0x1920  vwifibus - ok
20:28:09.0097 0x1920  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:28:09.0097 0x1920  vwififlt - ok
20:28:09.0113 0x1920  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:28:09.0113 0x1920  vwifimp - ok
20:28:09.0144 0x1920  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
20:28:09.0144 0x1920  W32Time - ok
20:28:09.0160 0x1920  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:28:09.0160 0x1920  WacomPen - ok
20:28:09.0207 0x1920  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:28:09.0238 0x1920  wbengine - ok
20:28:09.0254 0x1920  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:28:09.0269 0x1920  WbioSrvc - ok
20:28:09.0285 0x1920  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:28:09.0285 0x1920  Wcmsvc - ok
20:28:09.0300 0x1920  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:28:09.0300 0x1920  wcncsvc - ok
20:28:09.0300 0x1920  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:28:09.0316 0x1920  WcsPlugInService - ok
20:28:09.0347 0x1920  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:28:09.0347 0x1920  WdBoot - ok
20:28:09.0379 0x1920  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:28:09.0394 0x1920  Wdf01000 - ok
20:28:09.0425 0x1920  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:28:09.0425 0x1920  WdFilter - ok
20:28:09.0425 0x1920  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:28:09.0441 0x1920  WdiServiceHost - ok
20:28:09.0441 0x1920  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:28:09.0441 0x1920  WdiSystemHost - ok
20:28:09.0488 0x1920  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:28:09.0488 0x1920  WdNisDrv - ok
20:28:09.0519 0x1920  WdNisSvc - ok
20:28:09.0550 0x1920  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:28:09.0550 0x1920  WebClient - ok
20:28:09.0550 0x1920  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:28:09.0566 0x1920  Wecsvc - ok
20:28:09.0566 0x1920  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:28:09.0566 0x1920  WEPHOSTSVC - ok
20:28:09.0582 0x1920  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:28:09.0582 0x1920  wercplsupport - ok
20:28:09.0597 0x1920  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:28:09.0597 0x1920  WerSvc - ok
20:28:09.0629 0x1920  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:28:09.0629 0x1920  WFPLWFS - ok
20:28:09.0644 0x1920  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:28:09.0644 0x1920  WiaRpc - ok
20:28:09.0660 0x1920  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:28:09.0660 0x1920  WIMMount - ok
20:28:09.0660 0x1920  WinDefend - ok
20:28:09.0691 0x1920  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:28:09.0707 0x1920  WinHttpAutoProxySvc - ok
20:28:09.0738 0x1920  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:28:09.0738 0x1920  Winmgmt - ok
20:28:09.0816 0x1920  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:28:09.0863 0x1920  WinRM - ok
20:28:09.0894 0x1920  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
20:28:09.0894 0x1920  WinUsb - ok
20:28:09.0941 0x1920  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:28:09.0972 0x1920  WlanSvc - ok
20:28:10.0004 0x1920  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:28:10.0019 0x1920  wlidsvc - ok
20:28:10.0035 0x1920  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:28:10.0035 0x1920  WmiAcpi - ok
20:28:10.0050 0x1920  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:28:10.0066 0x1920  wmiApSrv - ok
20:28:10.0097 0x1920  WMPNetworkSvc - ok
20:28:10.0113 0x1920  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:28:10.0113 0x1920  Wof - ok
20:28:10.0160 0x1920  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:28:10.0191 0x1920  workfolderssvc - ok
20:28:10.0207 0x1920  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:28:10.0207 0x1920  wpcfltr - ok
20:28:10.0222 0x1920  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
20:28:10.0238 0x1920  WPCSvc - ok
20:28:10.0238 0x1920  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:28:10.0254 0x1920  WPDBusEnum - ok
20:28:10.0254 0x1920  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:28:10.0254 0x1920  WpdUpFltr - ok
20:28:10.0254 0x1920  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:28:10.0254 0x1920  ws2ifsl - ok
20:28:10.0269 0x1920  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:28:10.0269 0x1920  wscsvc - ok
20:28:10.0269 0x1920  WSearch - ok
20:28:10.0332 0x1920  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
20:28:10.0410 0x1920  WSService - ok
20:28:10.0488 0x1920  [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:28:10.0566 0x1920  wuauserv - ok
20:28:10.0582 0x1920  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:28:10.0582 0x1920  WudfPf - ok
20:28:10.0582 0x1920  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:28:10.0582 0x1920  WUDFRd - ok
20:28:10.0597 0x1920  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:28:10.0613 0x1920  WUDFSensorLP - ok
20:28:10.0613 0x1920  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:28:10.0629 0x1920  wudfsvc - ok
20:28:10.0629 0x1920  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:28:10.0629 0x1920  WUDFWpdMtp - ok
20:28:10.0660 0x1920  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:28:10.0660 0x1920  WwanSvc - ok
20:28:10.0691 0x1920  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:28:10.0707 0x1920  ZAtheros Bt and Wlan Coex Agent - ok
20:28:10.0707 0x1920  ================ Scan global ===============================
20:28:10.0738 0x1920  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
20:28:10.0769 0x1920  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
20:28:10.0785 0x1920  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
20:28:10.0816 0x1920  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
20:28:10.0832 0x1920  [ Global ] - ok
20:28:10.0832 0x1920  ================ Scan MBR ==================================
20:28:10.0832 0x1920  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:28:10.0847 0x1920  \Device\Harddisk0\DR0 - ok
20:28:10.0847 0x1920  ================ Scan VBR ==================================
20:28:10.0847 0x1920  [ C438B16CF628EC9E633AFBB339FAB415 ] \Device\Harddisk0\DR0\Partition1
20:28:10.0910 0x1920  \Device\Harddisk0\DR0\Partition1 - ok
20:28:10.0910 0x1920  [ 36C27AF3A717F8EF40361317E3E0837D ] \Device\Harddisk0\DR0\Partition2
20:28:10.0972 0x1920  \Device\Harddisk0\DR0\Partition2 - ok
20:28:10.0988 0x1920  [ DF1F4D958314FB74711C60A79F8AABBF ] \Device\Harddisk0\DR0\Partition3
20:28:10.0988 0x1920  \Device\Harddisk0\DR0\Partition3 - ok
20:28:10.0988 0x1920  [ 12FDA8B659E87784731646DA5BCD7B77 ] \Device\Harddisk0\DR0\Partition4
20:28:11.0050 0x1920  \Device\Harddisk0\DR0\Partition4 - ok
20:28:11.0082 0x1920  [ 6E35234BAE3E8B90E5CB5C674D73E1F1 ] \Device\Harddisk0\DR0\Partition5
20:28:11.0191 0x1920  \Device\Harddisk0\DR0\Partition5 - ok
20:28:11.0222 0x1920  [ 627588F55C9940EAEC6CC5A223A60017 ] \Device\Harddisk0\DR0\Partition6
20:28:11.0347 0x1920  \Device\Harddisk0\DR0\Partition6 - ok
20:28:11.0379 0x1920  [ 2A156BC3E4A5AD7CC3635F57F9BE51E5 ] \Device\Harddisk0\DR0\Partition7
20:28:11.0441 0x1920  \Device\Harddisk0\DR0\Partition7 - ok
20:28:11.0441 0x1920  ================ Scan generic autorun ======================
20:28:11.0926 0x1920  [ 8E1D24F6C43477BCD869A0AC76FA7B97, 5B88413EBAFDAD03B9A745076DC413DDB380425FDF0F7140FC45CA87120D079F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:28:12.0082 0x1920  RTHDVCPL - ok
20:28:12.0144 0x1920  [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe
20:28:12.0160 0x1920  IgfxTray - ok
20:28:12.0222 0x1920  [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe
20:28:12.0222 0x1920  HotKeysCmds - ok
20:28:12.0254 0x1920  [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe
20:28:12.0269 0x1920  Persistence - ok
20:28:12.0301 0x1920  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
20:28:12.0301 0x1920  Logitech Download Assistant - ok
20:28:12.0347 0x1920  gpuminer - ok
20:28:12.0347 0x1920  SpaceSoundPro - ok
20:28:12.0535 0x1920  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
20:28:12.0582 0x1920  ASUSPRP - ok
20:28:12.0722 0x1920  [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
20:28:12.0769 0x1920  ASUSWebStorage - ok
20:28:12.0816 0x1920  [ A2221900B57AEC20577996744FA4A56A, AFEF9176DBA86CDB16A7E84AD0DF6433D4F5865948774FB6B619CBEBEC004592 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
20:28:12.0816 0x1920  RemoteControl10 - ok
20:28:12.0863 0x1920  [ 62B3275EF6852544924A7AB4D474F4BC, 48F46145C0F59438C6A837B4AC6CE7EF8D8BE0FF65C6F7455EA3F0C6F011D495 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
20:28:12.0863 0x1920  BDRegion - ok
20:28:12.0988 0x1920  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:28:13.0004 0x1920  Adobe ARM - ok
20:28:13.0144 0x1920  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
20:28:13.0176 0x1920  WAB Migrate - ok
20:28:13.0207 0x1920  CrashService - ok
20:28:13.0207 0x1920  Waiting for KSN requests completion. In queue: 77
20:28:14.0223 0x1920  Waiting for KSN requests completion. In queue: 77
20:28:15.0238 0x1920  Waiting for KSN requests completion. In queue: 77
20:28:16.0316 0x1920  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
20:28:16.0379 0x1920  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
20:28:16.0379 0x1920  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
20:28:18.0754 0x1920  ============================================================
20:28:18.0754 0x1920  Scan finished
20:28:18.0754 0x1920  ============================================================
20:28:18.0754 0x1918  Detected object count: 0
20:28:18.0754 0x1918  Actual detected object count: 0
20:33:32.0763 0x1250  Deinitialize success

Alt 19.08.2015, 17:08   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Standard

Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


Poste mal bitte frische FRST logs.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 1 von 2 1 2

Themen zu Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung
auslastung, computer, cpu, dnsapi.dll, entfernen, exe, firefox, homepage, mozilla, problem, prozesse, realtek, registry, rundll, scan, security, software, svchost, svchost.exe, system, system 32, taskmanager, viren, virus, windows, windows 10, windowsapps, wlan


« Lüfter spielen verrückt | Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe »


Ähnliche Themen: Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung


  1. Windows 7: svchost netsvcs verursacht hohe CPU auslastung
    Log-Analyse und Auswertung - 10.09.2015 (21)
  2. hohe CPU-Auslastung durch svchost.exe
    Log-Analyse und Auswertung - 30.08.2015 (1)
  3. Hohe CPU-Auslastung, svchost.exe Schuld?
    Netzwerk und Hardware - 12.08.2015 (2)
  4. Problem svchost.exe erzeugt hohe RAM-Auslastung
    Plagegeister aller Art und deren Bekämpfung - 06.05.2015 (26)
  5. Win7 System sehr träge, svchost.exe hohe Auslastung
    Log-Analyse und Auswertung - 12.01.2015 (13)
  6. Hohe CPU Auslastung durch svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (1)
  7. Hohe CPU-Auslastung durch svchost.exe und weitere Plagegeister
    Plagegeister aller Art und deren Bekämpfung - 16.10.2014 (9)
  8. Sehr hohe CPU Auslastung aufgrund von svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 03.10.2014 (30)
  9. Habe ein Problem mit svchost. (Hohe auslastung des Arbeitsspeichers)
    Log-Analyse und Auswertung - 03.05.2014 (17)
  10. Windows7: Hohe CPU-Auslastung- svchost.exe
    Log-Analyse und Auswertung - 27.12.2013 (7)
  11. Hohe Auslastung durch svchost.exe
    Log-Analyse und Auswertung - 08.12.2013 (25)
  12. svchost.exe verursacht hohe Auslastung + Internet lahmt
    Log-Analyse und Auswertung - 11.04.2013 (8)
  13. svchost.exe und unerklärlich hohe RAM-Auslastung (99%)
    Log-Analyse und Auswertung - 05.04.2012 (7)
  14. Hohe CPU Auslastung durch svchost.exe
    Log-Analyse und Auswertung - 17.02.2012 (24)
  15. Prozess "System" im Taskmanager Win7 ohne Dateipfad
    Plagegeister aller Art und deren Bekämpfung - 26.04.2011 (2)
  16. svchost.exe und explorer.exe haben hohe cpu auslastung
    Log-Analyse und Auswertung - 19.10.2007 (6)
  17. svchost: Hohe CPU-Auslastung + Speicherfraß
    Plagegeister aller Art und deren Bekämpfung - 22.01.2006 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung - Hallo ich habe jetzt nach dem ich gestern meinen Rechner platt gemacht habe wieder Windows 8, 64 Bit System. Laptop, vorinstallierte Versionen von Windows 8. Keine CD. Vor kurzem habe - Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung...
Archiv
Du betrachtest: Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58