Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

proxy to localhost excluding some domains

malware proxy ad security

  • Please log in to reply

#16
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello,

 

Except for the bootscan of avast (which I will post as soon as possible) I have completed all tasks :)

 

 

 

My uncle removed the proxy settings, which fixed the error messages after logging out. (The proxy was invalid)

 

#####  sfc /scannow #####

nothing reported

 
 
Following: VEW System and Application and Process Explorer.
Other log files in next reply.
 
 
##### VEW #####
##### SYSTEM #####
Vino's Event Viewer v01c run on Windows 2008 in German
Report run at 10/12/2014 13:56:22
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Kritisch Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Fehler Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/12/2014 12:42:52
Type: Fehler Category: 403
Event: 413 Source: Microsoft-Windows-TaskScheduler
Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warnung Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/12/2014 12:43:02
Type: Warnung Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
Fehler beim Laden des Treibers \Driver\WUDFRd für das Gerät WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_CANON&PROD_MX710_SERIES&REV_0201#7&2C02147&0&459886&0#.
 
##### APPLICATION #####
Vino's Event Viewer v01c run on Windows 2008 in German
Report run at 10/12/2014 13:58:04
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Kritisch Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Fehler Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warnung Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/12/2014 12:42:10
Type: Warnung Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.     DETAIL -   5 user registry handles leaked from \Registry\User\S-1-5-21-2920637412-3910169905-2197952584-1002:
Process 764 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2920637412-3910169905-2197952584-1002
Process 764 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2920637412-3910169905-2197952584-1002
Process 764 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2920637412-3910169905-2197952584-1002\Software\Microsoft\SystemCertificates\Disallowed
Process 764 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2920637412-3910169905-2197952584-1002\Software\Microsoft\SystemCertificates\My
Process 764 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2920637412-3910169905-2197952584-1002\Software\Microsoft\SystemCertificates\CA
 
 
##### procexp #####
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 98.17 0 K 24 K 0
procexp64.exe 1.10 29.556 K 47.608 K 3804 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
Interrupts 0.15 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 0.13 116.492 K 122.140 K 1080 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.12 19.872 K 15.248 K 668 Client-Server-Laufzeitprozess Microsoft Corporation (Verified) Microsoft Windows
System 0.10 196 K 1.424 K 4
chrome.exe 0.09 94.956 K 112.188 K 4588 Google Chrome Google Inc. (Verified) Google Inc
MsMpEng.exe 0.04 95.832 K 84.396 K 388 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
IAStorDataMgrSvc.exe 0.03 23.184 K 20.948 K 2392 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
PrivacyIconClient.exe 0.02 67.332 K 25.224 K 4952 Intel® Management and Security Status Intel Corporation (Verified) Intel Corporation
explorer.exe 0.02 76.472 K 78.932 K 3392 Windows-Explorer Microsoft Corporation (Verified) Microsoft Windows
MfeEpeHost.exe 0.01 14.820 K 18.352 K 2220 McAfee Endpoint Encryption Agent Host Service (Es war keine Signatur im Antragsteller vorhanden)
chrome.exe 0.01 58.184 K 92.200 K 4144 Google Chrome Google Inc. (Verified) Google Inc
IAStorIcon.exe < 0.01 26.368 K 23.832 K 3556 IAStorIcon Intel Corporation (Verified) Intel Corporation
CLMLSvc_P2G8.exe < 0.01 3.068 K 7.680 K 3960 CyberLink MediaLibray Service CyberLink (Verified) CyberLink Corp.
taskhost.exe < 0.01 8.036 K 10.596 K 3276 Hostprozess für Windows-Aufgaben Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 5.036 K 8.652 K 988 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 30.592 K 17.180 K 828 Microsoft Windows Search-Indexerstellung Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 8.696 K 9.508 K 2460 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 94.592 K 104.276 K 4252 Google Chrome Google Inc. (Verified) Google Inc
spoolsv.exe < 0.01 13.580 K 22.084 K 1620 Spoolersubsystem-Anwendung Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 21.332 K 34.980 K 1132 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 15.588 K 16.072 K 1392 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
officeclicktorun.exe < 0.01 25.808 K 36.112 K 1172 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation
VPDAgent_x64.exe < 0.01 1.836 K 4.408 K 948 Virtual Printer Driver component Two Pilots (Es war keine Signatur im Antragsteller vorhanden) Two Pilots
svchost.exe < 0.01 6.776 K 11.508 K 1108 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2.368 K 4.664 K 580 Client-Server-Laufzeitprozess Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 4.772 K 3.912 K 3548 Windows Media Player-Netzwerkfreigabedienst Microsoft Corporation (Verified) Microsoft Windows
HPSA_Service.exe < 0.01 30.092 K 21.212 K 2956 HP Support Assistant Service Hewlett-Packard Company (Es war keine Signatur im Antragsteller vorhanden) Hewlett-Packard Company
HPFSService.exe < 0.01 1.688 K 4.892 K 1676 HPFSService Application Hewlett-Packard (Verified) Softex Incorporated
WUDFHost.exe 2.140 K 6.072 K 2544 Windows Driver Foundation - Benutzermodus-Treiberframework-Hostprozess Microsoft Corporation (Verified) Microsoft Windows
wuauclt.exe 2.204 K 6.508 K 4048 Windows Update Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3.848 K 7.276 K 296 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2.976 K 6.512 K 4764 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3.336 K 8.020 K 744 Windows-Anmeldeanwendung Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1.724 K 4.564 K 648 Windows-Startanwendung Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 6.268 K 14.268 K 2748 User Notification Service Intel Corporation (Verified) Intel Corporation
svchost.exe 16.832 K 18.748 K 1048 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4.752 K 9.836 K 888 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2.580 K 5.572 K 1244 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 13.660 K 14.372 K 1724 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5.240 K 9.268 K 1472 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2.536 K 5.752 K 2320 Hostprozess für Windows-Dienste Microsoft Corporation (Verified) Microsoft Windows
smss.exe 548 K 1.200 K 372 Windows-Sitzungs-Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 5.348 K 9.232 K 704 Anwendung für Dienste und Controller Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 13.152 K 9.932 K 3680 Realtek HD Audio-Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
RTKAUDIOSERVICE64.EXE 2.068 K 5.168 K 1340 Realtek Audio Service Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
RAVBg64.exe 13.644 K 10.324 K 1368 HD Audio Background Process Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe 2.828 K 7.040 K 3868 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
pdfsvc.exe 2.164 K 6.972 K 2400 Dispatcher PDF Complete Inc (Verified) PDF Complete
notepad.exe 11.984 K 26.656 K 2584 Editor Microsoft Corporation (Verified) Microsoft Windows
NisSrv.exe 11.168 K 5.188 K 2968 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
msseces.exe 6.344 K 14.704 K 3768 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
mDNSResponder.exe 2.204 K 5.488 K 2032 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 2.640 K 4.324 K 764 Lokaler Sitzungs-Manager-Dienst Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 5.200 K 12.648 K 756 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 3.024 K 5.408 K 4944 Local Manageability Service Intel Corporation (Verified) Intel Corporation
Jhi_service.exe 1.704 K 5.064 K 2184 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation
iusb3mon.exe 1.828 K 5.220 K 3940 Intel® USB 3.0 Monitor Intel Corporation (Verified) Intel Corporation
IPROSetMonitor.exe 1.680 K 4.224 K 2156 Intel® PROSet Monitoring Service Intel Corporation (Verified) Intel Corporation
igfxtray.exe 2.996 K 6.928 K 3704 igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxpers.exe 3.752 K 9.568 K 3744 persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
hkcmd.exe 2.772 K 6.684 K 3716 hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
HeciServer.exe 1.960 K 5.488 K 2076 Intel® Capability Licensing Service Interface Intel® Corporation (Verified) Intel® Upgrade Service
DpHostW.exe 19.016 K 27.876 K 416 DigitalPersona Local Host DigitalPersona, Inc. (Verified) DigitalPersona
coreshredder.exe 1.812 K 6.052 K 3496 File Sanitizer for HP ProtectTools Hewlett-Packard (Verified) Softex Incorporated
audiodg.exe 21.252 K 22.288 K 2088 Windows Graphisolierung für Audiogeräte Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1.216 K 3.920 K 1904 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AERTSr64.exe 1.296 K 2.948 K 2004 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
 

  • 0

Advertisements


#17
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

in this reply FRST fixlog

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-12-2014
Ran by W04 at 2014-12-10 14:07:44 Run:2
Running from C:\Users\W04\Downloads
Loaded Profiles: W04 & Administrator (Available profiles: W04 & Administrator)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
ProxyServer: localhost:21320
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {8F2767F8-338A-4258-BD1C-4DE5A3D8CDB2} -  No File
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-07-04] ()
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [x]
S3 hpqwmiex; 
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
Task: {3E61AE64-0809-4D19-91FC-E89602101DDD} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-10-15] (IObit)
Task: {43906D32-72F8-4EB9-84FD-22471AA0884A} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-04] (IObit)
Task: {496F03FD-5FFF-4E1B-9D8D-DFD96131FAFE} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-11-08] (IObit)
Task: {6B026375-BCB7-498B-ACA9-EBD05EEF8CC6} - \BackgroundContainer Startup Task No Task File
Task: {77D02D23-2882-4103-A493-8B4BB916D478} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\Autoupdate.exe [2013-06-20] ()
Task: {F8781616-5534-4F40-A524-9D3E273A72BB} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-11-01] (IObit)
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
 
*****************
 
HKU\ProxyServer: localhost:21320\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)" => Key not found.
"HKCR\CLSID\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)" => Key not found.
"HKCR\Wow6432Node\CLSID\BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)" => Key not found.
\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value not found.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
\\{8F2767F8-338A-4258-BD1C-4DE5A3D8CDB2} => Value not found.
"HKCR\CLSID\{8F2767F8-338A-4258-BD1C-4DE5A3D8CDB2}" => Key not found.
LiveUpdateSvc => Service not found.
WinRing0_1_2_0 => Service not found.
SmartDefragDriver => Service not found.
HOSTS Anti-PUPs => Service not found.
hpqwmiex => Service deleted successfully.
"C:\ProgramData\PKP_DLeo.DAT" => File/Directory not found.
"C:\ProgramData\PKP_DLes.DAT" => File/Directory not found.
"C:\ProgramData\PKP_DLet.DAT" => File/Directory not found.
"C:\ProgramData\PKP_DLev.DAT" => File/Directory not found.
"C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E61AE64-0809-4D19-91FC-E89602101DDD}" => Key not found.
C:\Windows\System32\Tasks\SmartDefrag_Startup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_Startup" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43906D32-72F8-4EB9-84FD-22471AA0884A}" => Key not found.
C:\Windows\System32\Tasks\Driver Booster Update not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{496F03FD-5FFF-4E1B-9D8D-DFD96131FAFE}" => Key not found.
C:\Windows\System32\Tasks\Driver Booster Scan not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B026375-BCB7-498B-ACA9-EBD05EEF8CC6}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77D02D23-2882-4103-A493-8B4BB916D478}" => Key not found.
C:\Windows\System32\Tasks\Game_Booster_AutoUpdate not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8781616-5534-4F40-A524-9D3E273A72BB}" => Key not found.
C:\Windows\System32\Tasks\SmartDefragUpdate not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefragUpdate" => Key not found.
C:\Windows\Tasks\Driver Booster Update.job not found.
 
==== End of Fixlog ====

  • 0

#18
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

and the log file of another FRST scan afterwards:  (additions.txt in the next reply)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014
Ran by W04 (administrator) on W04 on 10-12-2014 14:12:04
Running from C:\Users\W04\Downloads
Loaded Profiles: W04 & Administrator (Available profiles: W04 & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-21] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-25] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [eDealPop] => "C:\Program Files (x86)\eDealPop\eDealPop.exe"
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2013-11-07] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2920637412-3910169905-2197952584-500\...\MountPoints2: {e86b64cb-fc7d-11e2-8431-806e6f6e6963} - E:\setup.exe /AUTORUN
Lsa: [Notification Packages] DPPassFilter scecli
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-2920637412-3910169905-2197952584-1002] => http=127.0.0.1:17540
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2920637412-3910169905-2197952584-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
HKU\S-1-5-21-2920637412-3910169905-2197952584-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2920637412-3910169905-2197952584-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM13/34
HKU\S-1-5-21-2920637412-3910169905-2197952584-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM13/34
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-2920637412-3910169905-2197952584-500 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{32E4E44E-C9E7-4C46-80B4-32C882D2FA99}: [NameServer] 172.17.100.100,172.17.100.200
 
FireFox:
========
FF ProfilePath: C:\Users\W04\AppData\Roaming\Mozilla\Firefox\Profiles\ii7vvgx5.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\W04\AppData\Roaming\Mozilla\Firefox\Profiles\ii7vvgx5.default\Extensions\[email protected] [2014-11-21]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-04]
CHR Extension: (Google Drive) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-04]
CHR Extension: (Splendid) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd [2013-11-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-24]
CHR Extension: (Turn Off the Lights) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-11-04]
CHR Extension: (YouTube) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-04]
CHR Extension: (FlashBlock) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie [2013-11-04]
CHR Extension: (Adblock Plus) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-04]
CHR Extension: (Google-Suche) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-04]
CHR Extension: (Google Wallet) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-04]
CHR Extension: (Google Mail) - C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Agent; C:\Windows\VPDAgent_x64.exe [109056 2011-10-20] (Two Pilots) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-04-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477088 2012-09-04] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-06-02] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-09-01] (Realtek Semiconductor)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-09-04] (Hewlett-Packard Company)
R3 FUS2BASE; C:\Windows\System32\DRIVERS\fus2base.sys [696832 2009-06-10] (AVM Berlin)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-10-09] (Intel Corporation)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x64.sys [348944 2011-06-15] (Intel® Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X64.sys [70928 2011-06-15] (Intel® Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [90736 2012-06-02] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158832 2012-06-02] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-08-03] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-10 14:05 - 2014-12-10 14:05 - 00008313 _____ () C:\Users\W04\Desktop\System Idle Process.txt
2014-12-10 14:02 - 2014-12-10 14:01 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\W04\Desktop\procexp.exe
2014-12-10 14:01 - 2014-12-10 14:01 - 02480312 ____N (Sysinternals - www.sysinternals.com) C:\Users\W04\Downloads\procexp.exe
2014-12-10 14:01 - 2014-12-10 13:41 - 132469808 ____N (AVAST Software) C:\Users\W04\Downloads\avast_free_antivirus_setup.exe
2014-12-10 13:58 - 2014-12-10 13:58 - 00001832 _____ () C:\VEW_application.txt
2014-12-10 13:56 - 2014-12-10 13:56 - 00001010 _____ () C:\VEW_system.txt
2014-12-10 13:54 - 2014-12-10 14:09 - 00000143 _____ () C:\Users\W04\Desktop\christian_status.txt
2014-12-10 13:29 - 2014-12-10 13:37 - 05198336 _____ (AVAST Software) C:\Users\W04\Downloads\aswmbr.exe
2014-12-10 13:28 - 2014-12-10 13:28 - 00061440 _____ ( ) C:\Users\W04\Desktop\VEW.exe
2014-12-04 20:12 - 2014-12-04 20:12 - 00003461 _____ () C:\Users\W04\AppData\Local\recently-used.xbel
2014-12-04 20:07 - 2014-12-04 20:07 - 00000000 ____D () C:\Users\W04\.thumbnails
2014-12-04 20:06 - 2014-12-04 20:12 - 00000000 ____D () C:\Users\W04\.gimp-2.8
2014-12-04 20:06 - 2014-12-04 20:06 - 00000000 ____D () C:\Users\W04\AppData\Local\gegl-0.2
2014-12-04 20:04 - 2014-12-04 20:04 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-12-04 20:03 - 2014-12-04 20:03 - 00000000 ____D () C:\Program Files\GIMP 2
2014-12-04 10:55 - 2014-12-10 14:07 - 00000000 ____D () C:\Users\W04\Downloads\FRST-OlderVersion
2014-12-03 14:08 - 2014-12-04 11:04 - 00022097 _____ () C:\Users\W04\Downloads\Addition.txt
2014-12-03 14:07 - 2014-12-10 14:12 - 00016431 _____ () C:\Users\W04\Downloads\FRST.txt
2014-12-03 14:07 - 2014-12-10 14:12 - 00000000 ____D () C:\FRST
2014-12-03 14:05 - 2014-12-10 14:07 - 02119680 _____ (Farbar) C:\Users\W04\Downloads\FRST64.exe
2014-12-03 13:59 - 2014-12-03 13:59 - 00000000 ____D () C:\Windows\ERUNT
2014-12-03 13:56 - 2014-12-03 13:57 - 01707646 _____ (Thisisu) C:\Users\W04\Downloads\JRT (1).exe
2014-12-03 13:41 - 2014-12-03 13:42 - 02154496 _____ () C:\Users\W04\Downloads\AdwCleaner.exe
2014-12-03 13:25 - 2014-12-03 13:25 - 00000000 ____D () C:\_OTL
2014-12-01 08:43 - 2014-12-01 08:43 - 00000000 ____D () C:\Windows\SysWOW64\FinderFolderPython
2014-11-25 10:14 - 2014-11-25 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-25 10:13 - 2014-11-25 10:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-25 10:13 - 2014-11-25 10:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-25 08:34 - 2014-11-25 08:35 - 00602112 _____ (OldTimer Tools) C:\Users\W04\Downloads\OTL (4).exe
2014-11-25 08:34 - 2014-11-25 08:34 - 00602112 _____ (OldTimer Tools) C:\Users\W04\Downloads\OTL (3).exe
2014-11-25 08:31 - 2014-11-25 08:31 - 00602112 _____ (OldTimer Tools) C:\Users\W04\Downloads\OTL (2).exe
2014-11-25 08:30 - 2014-11-25 08:31 - 00602112 _____ (OldTimer Tools) C:\Users\W04\Downloads\OTL (1).exe
2014-11-21 18:11 - 2014-11-25 08:40 - 00088552 _____ () C:\Users\W04\Downloads\OTL.Txt
2014-11-21 18:11 - 2014-11-21 18:11 - 00053670 _____ () C:\Users\W04\Downloads\Extras.Txt
2014-11-21 18:06 - 2014-11-21 18:06 - 00602112 _____ (OldTimer Tools) C:\Users\W04\Downloads\OTL(1).exe
2014-11-21 18:00 - 2014-11-21 18:01 - 00602112 _____ (OldTimer Tools) C:\Users\W04\Downloads\OTL.exe
2014-11-21 11:49 - 2014-11-21 11:49 - 00000000 ____D () C:\Users\W04\Downloads\AnaO-Patho Fragen
2014-11-21 11:41 - 2014-11-21 11:41 - 00062988 _____ () C:\Users\W04\Downloads\AnaO-Patho Fragen.zip
2014-11-21 08:48 - 2014-11-21 08:48 - 00000000 ____D () C:\Users\W04\AppData\Roaming\QuickScan
2014-11-21 08:46 - 2014-11-21 09:24 - 00000414 _____ () C:\Windows\Tasks\Re-Markable Update.job
2014-11-21 08:46 - 2014-11-21 08:46 - 00002080 _____ () C:\Windows\patsearch.bin
2014-11-21 08:46 - 2014-11-21 08:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrT_01009.Wdf
2014-11-21 08:37 - 2014-11-21 08:37 - 01224496 _____ (Zugara Investments Limited ) C:\Users\W04\Downloads\anmeldeformularpdf.exe
2014-11-19 15:10 - 2014-11-19 15:10 - 00584776 _____ () C:\Users\W04\Downloads\installer_adobe_flash_player_English.exe
2014-11-19 15:06 - 2014-11-19 15:06 - 00006648 _____ () C:\Users\W04\Downloads\Erna Huemer Starlinger (1).vcf
2014-11-19 15:05 - 2014-11-19 15:05 - 00006648 _____ () C:\Users\W04\Downloads\Erna Huemer Starlinger.vcf
2014-11-19 08:25 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 08:25 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 08:25 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 08:25 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-17 09:05 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-17 09:05 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-17 09:05 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-17 09:05 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-17 09:05 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-17 09:05 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-17 09:05 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-17 09:05 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-17 09:05 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-17 09:05 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-17 09:05 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-17 09:05 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-17 09:05 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-17 09:05 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-17 09:05 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-17 09:05 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-17 09:05 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-17 09:05 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-17 09:05 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-17 09:05 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-17 09:05 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-17 09:05 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-17 09:05 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-17 09:05 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-17 09:05 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-17 09:05 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-17 09:05 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-17 09:05 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-17 09:05 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-17 09:05 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-17 09:05 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-17 09:05 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-17 09:05 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-17 09:05 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-17 09:05 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-17 09:05 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-17 09:05 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-17 09:05 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-17 09:05 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-17 09:05 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-17 09:05 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-17 09:05 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-17 09:05 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-17 09:05 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-17 09:05 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-17 09:05 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-17 09:05 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-17 09:05 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-17 09:05 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-17 09:05 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-17 09:05 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-17 09:05 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-17 09:05 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-17 09:05 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-17 09:05 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-17 09:05 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-17 08:35 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-17 08:35 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-17 08:35 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-17 08:34 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-17 08:34 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-17 08:34 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-17 08:34 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-17 08:34 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-17 08:34 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-17 08:34 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-17 08:34 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-17 08:34 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-17 08:29 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-17 08:29 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-17 08:29 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-17 08:29 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-17 08:29 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-17 08:29 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-17 08:29 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-17 08:29 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-17 08:29 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-17 08:29 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-17 08:29 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-17 08:29 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-17 08:29 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-17 08:29 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-17 08:29 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-17 08:29 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-17 08:29 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-17 08:29 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-17 08:29 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-17 08:29 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-17 08:29 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-17 08:29 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-17 08:29 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-17 08:29 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-17 08:29 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-17 08:29 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-17 08:29 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-17 08:29 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-17 08:29 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-17 08:29 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-17 08:29 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-17 08:29 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-17 08:29 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-10 14:04 - 2013-11-06 10:05 - 00005106 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for W04-W04 W04
2014-12-10 14:01 - 2009-07-14 05:51 - 00058924 _____ () C:\Windows\setupact.log
2014-12-10 13:50 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 13:50 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 13:49 - 2013-08-03 20:33 - 00717634 _____ () C:\Windows\system32\perfh007.dat
2014-12-10 13:49 - 2013-08-03 20:33 - 00155194 _____ () C:\Windows\system32\perfc007.dat
2014-12-10 13:49 - 2009-07-14 06:13 - 01657428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-10 13:47 - 2013-10-21 14:20 - 01261704 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 13:43 - 2013-11-04 17:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 13:43 - 2013-08-03 21:11 - 00000000 ____D () C:\ProgramData\PDFC
2014-12-10 13:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-10 11:47 - 2013-11-04 12:28 - 00000000 ____D () C:\temp
2014-12-10 08:40 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-10 08:35 - 2014-07-01 07:45 - 00000590 _____ () C:\Users\W04\Desktop\Fernwartung starten.lnk
2014-12-10 08:35 - 2013-11-04 12:28 - 00000625 _____ () C:\Users\W04\Desktop\Indexdateien löschen.lnk
2014-12-09 09:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-09 09:10 - 2013-11-04 12:41 - 00000000 ____D () C:\Users\W04\Leo-ED
2014-12-05 17:56 - 2013-11-05 11:55 - 00000000 ____D () C:\Users\W04\Documents\ELDA
2014-12-05 17:56 - 2013-11-05 11:41 - 00000000 ____D () C:\gkkdfu
2014-12-05 10:57 - 2013-11-04 12:37 - 00000000 ____D () C:\Users\W04\Desktop\Thomas
2014-12-04 20:13 - 2013-11-04 12:25 - 00000000 ____D () C:\Users\W04\AppData\Local\PDFC
2014-12-04 20:07 - 2013-11-04 12:24 - 00000000 ____D () C:\Users\W04
2014-12-04 19:34 - 2010-11-21 04:47 - 00388298 _____ () C:\Windows\PFRO.log
2014-12-04 11:44 - 2013-10-23 16:19 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-03 14:38 - 2013-11-04 12:35 - 00000000 ____D () C:\Users\W04\Desktop\diverse Anwendungen
2014-12-03 13:47 - 2014-10-08 16:23 - 00000000 ____D () C:\AdwCleaner
2014-12-01 12:49 - 2013-11-04 17:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-01 08:44 - 2013-11-04 17:35 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-01 08:44 - 2013-11-04 17:35 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-21 18:13 - 2013-11-04 12:40 - 00000000 ____D () C:\Users\W04\leo
2014-11-18 11:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-17 15:23 - 2009-07-14 05:45 - 00336760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-17 15:21 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-17 14:57 - 2013-10-21 15:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-17 14:53 - 2013-10-21 15:16 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\W04\AppData\Local\Temp\avgnt.exe
C:\Users\W04\AppData\Local\Temp\C244F3E5-B585-479C-194A-9A841D3230A2.dll
C:\Users\W04\AppData\Local\Temp\C244F3E5-B585-479C-194A-9A841D3230A2.exe
C:\Users\W04\AppData\Local\Temp\ED007DFA-7F30-8BD1-83EE-707F9322745E.exe
C:\Users\W04\AppData\Local\Temp\Quarantine.exe
C:\Users\W04\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-11-11 09:29
 
==================== End Of Log ============================

  • 0

#19
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

and here the FRST addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014
Ran by W04 at 2014-12-10 14:12:49
Running from C:\Users\W04\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MX710 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX710_series) (Version:  - Canon Inc.)
CGM Archive-Printer (HKLM-x32\...\{AD4D9A4D-F00A-4DCC-AF2C-E57A11A2FF91}) (Version: 1.0.7 - CGM)
CGM Archive-Printer 4.8 (HKLM\...\CGM Archive-Printer_is1) (Version: 4.8 - )
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3418 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2713 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2725 - CyberLink Corp.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.1.0 - Hewlett-Packard Company)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.38.31665 - Hewlett-Packard Company)
eDeals version 1.0 (HKLM-x32\...\eDeals_is1) (Version: 1.0 - eDeals)
ELDA Software (HKLM-x32\...\ELDA Software) (Version: 4.0.0 - OÖ GKK)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.2.2 - Hewlett-Packard Company)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.1.1199 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® Network Connections 16.8.45.1 (HKLM\...\PROSetDX) (Version: 16.8.45.1 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.27 - Irfan Skiljan)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2920637412-3910169905-2197952584-500\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.33 - PDF Complete, Inc)
PeaZip 5.4.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
PraxisArchiv (HKLM-x32\...\{DFEC8B3B-6465-4CE4-93E8-958DB6A96805}) (Version: 4.10.2500.6525 - CompuGroup Medical Deutschland AG)
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.862 - Hewlett-Packard Company)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6730 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5223 - CyberLink Corp.) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.9 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.9 - Hewlett-Packard Company) Hidden
VIP Access SDK (1.1.0.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.1.0.2 - Symantec Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
20-10-2014 12:38:02 Windows Update
20-10-2014 13:29:15 WinZip 18.5 wird entfernt
27-10-2014 07:50:58 Windows Update
31-10-2014 17:01:07 Windows Update
16-11-2014 07:09:05 Windows Update
17-11-2014 13:53:04 Windows Update
19-11-2014 12:19:19 Windows Update
25-11-2014 07:40:25 Windows Update
25-11-2014 09:12:53 Windows Update
01-12-2014 14:43:19 Windows Update
09-12-2014 07:47:25 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2014-10-08 16:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {16A0811D-FA91-4754-B623-13D384E705C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1FD74ABB-DC48-4515-B402-61A7C80E09F0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {257AD64F-01B8-4904-93E7-2291AB343E62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {2E0626A4-DAF3-4D9C-B984-E3315EF63753} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {34FA1BB1-16B0-4B49-ACB2-FBF05ACDD3AF} - System32\Tasks\HPCeeScheduleForW04 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {380B2B86-6450-4FCA-8534-927ED2CEFF93} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4F356A9C-1DBE-4110-91D0-CF260C5D033D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {6BE39943-2051-404F-BF4F-EA20F3A3893E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-14] (Adobe Systems Incorporated)
Task: {6DB65C61-B3AF-443E-91B1-417423412064} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04] (Google Inc.)
Task: {96AE6B34-86A0-43CD-A1C6-6DB677C59497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {990F208F-B758-42ED-85F7-BCF55E0E72C1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {9DEC51E9-97B9-450F-A885-934CD980E79B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for W04-W04 W04 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-23] (Microsoft Corporation)
Task: {C9408584-3D0D-4CAE-9806-1EDFBAE85779} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFfix => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe [2013-08-05] (Hewlett-Packard Company)
Task: {CBC61276-EBDD-496F-8C72-CE7F790A1533} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdater => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {CE9510B8-629A-4A4D-942E-4AE8F14572BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW04.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Re-Markable Update.job => C:\Program Files (x86)\ver8Re-Markable\H8Re-MarkableM34.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-06-02 00:55 - 2012-06-02 00:55 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-11-04 13:15 - 2011-10-20 14:06 - 00052224 _____ () C:\Windows\System32\cgmappm.dll
2014-03-21 08:35 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-06-02 00:16 - 2012-06-02 00:16 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2012-03-20 00:09 - 2012-03-20 00:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-02 00:41 - 2012-06-02 00:41 - 02854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2012-06-02 00:13 - 2012-06-02 00:13 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2012-06-02 00:40 - 2012-06-02 00:40 - 03031040 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2012-06-02 00:45 - 2012-06-02 00:45 - 02867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2012-06-02 00:43 - 2012-06-02 00:43 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2012-06-02 00:17 - 2012-06-02 00:17 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2012-06-02 00:18 - 2012-06-02 00:18 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-08-03 21:10 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-17 13:29 - 2014-10-17 13:29 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2013-11-12 08:26 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-08-03 21:00 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-12-01 08:53 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-01 08:53 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-01 08:53 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-01 08:53 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-12-01 08:53 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2920637412-3910169905-2197952584-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2920637412-3910169905-2197952584-501 - Limited - Disabled)
W04 (S-1-5-21-2920637412-3910169905-2197952584-1002 - Administrator - Enabled) => C:\Users\W04
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (12/10/2014 01:42:52 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-08 17:52:34.645
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
  Date: 2014-10-08 17:52:34.610
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 3970.04 MB
Available physical RAM: 2238.61 MB
Total Pagefile: 7938.27 MB
Available Pagefile: 6065.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:455.72 GB) (Free:401.07 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:9.84 GB) (Free:1.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3E201C18)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=455.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=27)
 
==================== End Of Log ============================

  • 0

#20
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

aswMBR and combofix are next:

 

 

##### aswMBR #####

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-10 14:15:07
-----------------------------
14:15:07.518    OS Version: Windows x64 6.1.7601 Service Pack 1
14:15:07.518    Number of processors: 4 586 0x3A09
14:15:07.518    ComputerName: W04  UserName: W04
14:15:08.966    Initialize success
14:15:09.059    VM: initialized successfully
14:15:09.059    VM: Intel CPU BiosDisabled 
14:40:44.972    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:40:44.976    Disk 0 Vendor: WDC_WD50 18.0 Size: 476940MB BusType: 3
14:40:45.083    Disk 0 MBR read successfully
14:40:45.086    Disk 0 MBR scan
14:40:45.089    Disk 0 Windows 7 default MBR code
14:40:45.092    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
14:40:45.095    Disk 0 default boot code
14:40:45.098    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       466656 MB offset 206848
14:40:45.130    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        10078 MB offset 955918336
14:40:45.147    Disk 0 Partition 4 00     27 Hidden NTFS WinRE MSDOS5.0      100 MB offset 976558080
14:40:45.184    Disk 0 scanning C:\Windows\system32\drivers
14:40:50.319    Service scanning
14:41:02.033    Modules scanning
14:41:02.042    Disk 0 statistics 103848/0/0 @ 10,63 MB/s
14:41:02.047    Scan finished successfully
14:41:19.954    Disk 0 MBR has been saved successfully to "C:\Users\W04\Desktop\MBR.dat"
14:41:19.983    The log file has been saved successfully to "C:\Users\W04\Desktop\aswMBR.txt"
 
 
##### Combofix #####
ComboFix 14-12-10.01 - W04 10.12.2014  14:47:25.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.3970.2652 [GMT 1:00]
ausgeführt von:: c:\users\W04\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-10 bis 2014-12-10  ))))))))))))))))))))))))))))))
.
.
2014-12-10 13:50 . 2014-12-10 13:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-10 13:50 . 2014-12-10 13:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-10 13:50 . 2014-12-10 13:50 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-12-10 13:50 . 2014-12-10 13:50 -------- d-----w- c:\users\Admin\AppData\Local\temp
2014-12-10 09:03 . 2014-09-22 06:13 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{735681D9-5F2A-425F-9127-2B1245AC7261}\gapaengine.dll
2014-12-10 09:03 . 2014-11-01 19:21 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E63D33AA-F5DE-4504-A0BA-F9A14F48D53A}\mpengine.dll
2014-12-09 07:47 . 2014-11-01 19:21 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-04 19:07 . 2014-12-04 19:07 -------- d-----w- c:\users\W04\.thumbnails
2014-12-04 19:06 . 2014-12-04 19:06 -------- d-----w- c:\users\W04\AppData\Local\fontconfig
2014-12-04 19:06 . 2014-12-04 19:12 -------- d-----w- c:\users\W04\.gimp-2.8
2014-12-04 19:06 . 2014-12-04 19:06 -------- d-----w- c:\users\W04\AppData\Local\gegl-0.2
2014-12-04 19:03 . 2014-12-04 19:03 -------- d-----w- c:\program files\GIMP 2
2014-12-03 13:07 . 2014-12-10 13:13 -------- d-----w- C:\FRST
2014-12-03 12:59 . 2014-12-03 12:59 -------- d-----w- c:\windows\ERUNT
2014-12-03 12:25 . 2014-12-03 12:25 -------- d-----w- C:\_OTL
2014-12-01 07:43 . 2014-12-01 07:43 -------- d-----w- c:\windows\SysWow64\FinderFolderPython
2014-11-25 09:13 . 2014-11-25 09:13 -------- d-----w- c:\program files\Microsoft Silverlight
2014-11-25 09:13 . 2014-11-25 09:13 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-11-21 07:48 . 2014-11-21 07:48 -------- d-----w- c:\users\W04\AppData\Roaming\QuickScan
2014-11-21 07:46 . 2014-11-21 07:46 2080 ----a-w- c:\windows\patsearch.bin
2014-11-19 07:25 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 07:25 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 07:25 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 07:25 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-17 07:35 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-17 07:35 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-17 07:35 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-17 07:34 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-17 07:34 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-17 07:34 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-17 07:34 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-17 07:34 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-17 07:34 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-17 07:34 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-17 07:34 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-17 07:34 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-17 13:53 . 2013-10-21 14:16 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-30 11:25 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-07 09:06 . 2013-10-23 15:20 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-25 02:08 . 2014-10-01 06:39 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 06:39 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-22 06:13 . 2013-11-06 07:30 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-02-21 133400]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-10-25 290688]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-11-21 111136]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-11-21 493088]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-02-07 683656]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ   DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 Agent;VPDAgent;c:\windows\VPDAgent_x64.exe;c:\windows\VPDAgent_x64.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys;c:\windows\SYSNATIVE\DRIVERS\AVMCOWAN.sys [x]
S3 FUS2BASE;AVM FRITZ!Card USB;c:\windows\system32\DRIVERS\fus2base.sys;c:\windows\SYSNATIVE\DRIVERS\fus2base.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - ASWVMM
*NewlyCreated* - PROCEXP152
*Deregistered* - aswMBR
*Deregistered* - aswVmm
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-01 07:53 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-03 07:50]
.
2014-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04 16:35]
.
2014-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04 16:35]
.
2013-11-13 c:\windows\Tasks\HPCeeScheduleForW04.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-09-13 6839952]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-11-07 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = *origin.com;*ea.com;*akamaihd.net;<local>
uInternet Settings,ProxyServer = http=127.0.0.1:17540
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: Interfaces\{32E4E44E-C9E7-4C46-80B4-32C882D2FA99}: NameServer = 172.17.100.100,172.17.100.200
FF - ProfilePath - c:\users\W04\AppData\Roaming\Mozilla\Firefox\Profiles\ii7vvgx5.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2014-09-22 13:32; [email protected]; c:\users\W04\AppData\Roaming\Mozilla\Firefox\Profiles\ii7vvgx5.default\extensions\[email protected]
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-eDealPop - c:\program files (x86)\eDealPop\eDealPop.exe
AddRemove-eDeals_is1 - c:\program files (x86)\eDealPop\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2920637412-3910169905-2197952584-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{3134413B-49B4-425C-98A5-893C1F195601}"=hex:51,66,7a,6c,4c,1d,3b,1b,2b,5d,2f,
   2a,83,1c,30,08,80,af,c9,7c,1c,53,12,1d
"{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}"=hex:51,66,7a,6c,4c,1d,3b,1b,45,cb,74,
   fc,8d,94,a7,07,87,19,d9,fd,92,68,7e,c2
.
[HKEY_USERS\S-1-5-21-2920637412-3910169905-2197952584-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:47,b4,b8,e3,0a,cf,ce,01
.
[HKEY_USERS\S-1-5-21-2920637412-3910169905-2197952584-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,8e,12,1c,07,c3,18,47,bb,b1,b3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,8e,12,1c,07,c3,18,47,bb,b1,b3,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-10  14:52:08
ComboFix-quarantined-files.txt  2014-12-10 13:52
ComboFix2.txt  2014-10-08 15:54
.
Vor Suchlauf: 23 Verzeichnis(se), 430.538.330.112 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 430.640.656.384 Bytes frei
.
- - End Of File - - 46676355C57D2D10C64E24734FDD3131
 

  • 0

#21
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

next task was tdsskiller:

(both times no threat found)

 

 

14:56:49.0991 0x16dc  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
14:56:55.0997 0x16dc  ============================================================
14:56:55.0997 0x16dc  Current date / time: 2014/12/10 14:56:55.0997
14:56:55.0997 0x16dc  SystemInfo:
14:56:55.0997 0x16dc  
14:56:55.0997 0x16dc  OS Version: 6.1.7601 ServicePack: 1.0
14:56:55.0997 0x16dc  Product type: Workstation
14:56:55.0997 0x16dc  ComputerName: W04
14:56:55.0997 0x16dc  UserName: W04
14:56:55.0997 0x16dc  Windows directory: C:\Windows
14:56:55.0997 0x16dc  System windows directory: C:\Windows
14:56:55.0997 0x16dc  Running under WOW64
14:56:55.0997 0x16dc  Processor architecture: Intel x64
14:56:55.0997 0x16dc  Number of processors: 4
14:56:55.0997 0x16dc  Page size: 0x1000
14:56:55.0997 0x16dc  Boot type: Normal boot
14:56:55.0997 0x16dc  ============================================================
14:56:56.0091 0x16dc  KLMD registered as C:\Windows\system32\drivers\28705893.sys
14:56:56.0387 0x16dc  System UUID: {49ADB66B-A90E-6070-7B2F-72BB486E5788}
14:56:56.0637 0x16dc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:56.0684 0x16dc  ============================================================
14:56:56.0684 0x16dc  \Device\Harddisk0\DR0:
14:56:56.0684 0x16dc  MBR partitions:
14:56:56.0684 0x16dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:56:56.0684 0x16dc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38F70000
14:56:56.0684 0x16dc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38FA2800, BlocksNum 0x13AF000
14:56:56.0684 0x16dc  ============================================================
14:56:56.0715 0x16dc  C: <-> \Device\Harddisk0\DR0\Partition2
14:56:56.0762 0x16dc  D: <-> \Device\Harddisk0\DR0\Partition3
14:56:56.0762 0x16dc  ============================================================
14:56:56.0762 0x16dc  Initialize success
14:56:56.0762 0x16dc  ============================================================
14:57:17.0307 0x0c88  ============================================================
14:57:17.0307 0x0c88  Scan started
14:57:17.0307 0x0c88  Mode: Manual; 
14:57:17.0307 0x0c88  ============================================================
14:57:17.0307 0x0c88  KSN ping started
14:57:20.0006 0x0c88  KSN ping finished: true
14:57:20.0739 0x0c88  ================ Scan system memory ========================
14:57:20.0754 0x0c88  System memory - ok
14:57:20.0754 0x0c88  ================ Scan services =============================
14:57:20.0895 0x0c88  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:57:20.0910 0x0c88  1394ohci - ok
14:57:20.0942 0x0c88  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:57:20.0957 0x0c88  ACPI - ok
14:57:20.0957 0x0c88  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:57:20.0957 0x0c88  AcpiPmi - ok
14:57:21.0020 0x0c88  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:57:21.0035 0x0c88  AdobeARMservice - ok
14:57:21.0176 0x0c88  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:57:21.0176 0x0c88  AdobeFlashPlayerUpdateSvc - ok
14:57:21.0222 0x0c88  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:57:21.0238 0x0c88  adp94xx - ok
14:57:21.0285 0x0c88  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:57:21.0285 0x0c88  adpahci - ok
14:57:21.0316 0x0c88  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:57:21.0332 0x0c88  adpu320 - ok
14:57:21.0363 0x0c88  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:57:21.0363 0x0c88  AeLookupSvc - ok
14:57:21.0425 0x0c88  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
14:57:21.0425 0x0c88  AERTFilters - ok
14:57:21.0472 0x0c88  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:57:21.0488 0x0c88  AFD - ok
14:57:21.0519 0x0c88  [ 03EC463722B53F3A24B67FB5B51CFC40, 88707AA126BAD9C86969919901678D70D71820DAE6581CC759D662CE12872027 ] Agent           C:\Windows\VPDAgent_x64.exe
14:57:21.0519 0x0c88  Agent - ok
14:57:21.0550 0x0c88  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:57:21.0550 0x0c88  agp440 - ok
14:57:21.0566 0x0c88  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:57:21.0566 0x0c88  ALG - ok
14:57:21.0597 0x0c88  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:57:21.0597 0x0c88  aliide - ok
14:57:21.0612 0x0c88  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:57:21.0612 0x0c88  amdide - ok
14:57:21.0644 0x0c88  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:57:21.0644 0x0c88  AmdK8 - ok
14:57:21.0659 0x0c88  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:57:21.0659 0x0c88  AmdPPM - ok
14:57:21.0690 0x0c88  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:57:21.0690 0x0c88  amdsata - ok
14:57:21.0722 0x0c88  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:57:21.0722 0x0c88  amdsbs - ok
14:57:21.0737 0x0c88  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:57:21.0737 0x0c88  amdxata - ok
14:57:21.0768 0x0c88  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:57:21.0768 0x0c88  AppID - ok
14:57:21.0800 0x0c88  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:57:21.0800 0x0c88  AppIDSvc - ok
14:57:21.0815 0x0c88  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:57:21.0831 0x0c88  Appinfo - ok
14:57:21.0862 0x0c88  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:57:21.0862 0x0c88  AppMgmt - ok
14:57:21.0893 0x0c88  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:57:21.0893 0x0c88  arc - ok
14:57:21.0893 0x0c88  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:57:21.0909 0x0c88  arcsas - ok
14:57:22.0002 0x0c88  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:57:22.0002 0x0c88  aspnet_state - ok
14:57:22.0034 0x0c88  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:22.0034 0x0c88  AsyncMac - ok
14:57:22.0080 0x0c88  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:57:22.0080 0x0c88  atapi - ok
14:57:22.0127 0x0c88  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:57:22.0143 0x0c88  AudioEndpointBuilder - ok
14:57:22.0174 0x0c88  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:57:22.0174 0x0c88  AudioSrv - ok
14:57:22.0205 0x0c88  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
14:57:22.0221 0x0c88  AVMCOWAN - ok
14:57:22.0236 0x0c88  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:57:22.0252 0x0c88  AxInstSV - ok
14:57:22.0299 0x0c88  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:57:22.0314 0x0c88  b06bdrv - ok
14:57:22.0330 0x0c88  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:22.0346 0x0c88  b57nd60a - ok
14:57:22.0361 0x0c88  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:57:22.0361 0x0c88  BDESVC - ok
14:57:22.0392 0x0c88  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:57:22.0392 0x0c88  Beep - ok
14:57:22.0439 0x0c88  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:57:22.0455 0x0c88  BFE - ok
14:57:22.0502 0x0c88  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:57:22.0517 0x0c88  BITS - ok
14:57:22.0564 0x0c88  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:57:22.0564 0x0c88  blbdrive - ok
14:57:22.0611 0x0c88  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:57:22.0626 0x0c88  Bonjour Service - ok
14:57:22.0658 0x0c88  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:57:22.0658 0x0c88  bowser - ok
14:57:22.0689 0x0c88  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:57:22.0689 0x0c88  BrFiltLo - ok
14:57:22.0704 0x0c88  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:57:22.0704 0x0c88  BrFiltUp - ok
14:57:22.0736 0x0c88  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:57:22.0736 0x0c88  BridgeMP - ok
14:57:22.0767 0x0c88  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:57:22.0782 0x0c88  Browser - ok
14:57:22.0814 0x0c88  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:57:22.0814 0x0c88  Brserid - ok
14:57:22.0829 0x0c88  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:22.0829 0x0c88  BrSerWdm - ok
14:57:22.0845 0x0c88  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:22.0845 0x0c88  BrUsbMdm - ok
14:57:22.0876 0x0c88  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:22.0876 0x0c88  BrUsbSer - ok
14:57:22.0892 0x0c88  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:57:22.0892 0x0c88  BTHMODEM - ok
14:57:22.0923 0x0c88  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:57:22.0923 0x0c88  bthserv - ok
14:57:22.0970 0x0c88  catchme - ok
14:57:22.0970 0x0c88  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:57:22.0985 0x0c88  cdfs - ok
14:57:23.0016 0x0c88  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:57:23.0016 0x0c88  cdrom - ok
14:57:23.0048 0x0c88  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:57:23.0048 0x0c88  CertPropSvc - ok
14:57:23.0063 0x0c88  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:57:23.0063 0x0c88  circlass - ok
14:57:23.0094 0x0c88  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:57:23.0094 0x0c88  CLFS - ok
14:57:23.0266 0x0c88  [ E9C4FE59345E50CFCC544B051FBDDE0D, 0C5FA27C08A382028D8C78E3ECF86DF6AF9C488A671A9C080BC489C7B6073548 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:57:23.0282 0x0c88  ClickToRunSvc - ok
14:57:23.0344 0x0c88  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:23.0344 0x0c88  clr_optimization_v2.0.50727_32 - ok
14:57:23.0391 0x0c88  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:23.0406 0x0c88  clr_optimization_v2.0.50727_64 - ok
14:57:23.0484 0x0c88  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:23.0484 0x0c88  clr_optimization_v4.0.30319_32 - ok
14:57:23.0500 0x0c88  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:23.0500 0x0c88  clr_optimization_v4.0.30319_64 - ok
14:57:23.0531 0x0c88  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
14:57:23.0547 0x0c88  CLVirtualDrive - ok
14:57:23.0578 0x0c88  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:57:23.0578 0x0c88  CmBatt - ok
14:57:23.0594 0x0c88  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:57:23.0594 0x0c88  cmdide - ok
14:57:23.0640 0x0c88  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:57:23.0656 0x0c88  CNG - ok
14:57:23.0656 0x0c88  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:57:23.0656 0x0c88  Compbatt - ok
14:57:23.0672 0x0c88  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:57:23.0672 0x0c88  CompositeBus - ok
14:57:23.0687 0x0c88  COMSysApp - ok
14:57:23.0734 0x0c88  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:57:23.0734 0x0c88  cphs - ok
14:57:23.0765 0x0c88  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:57:23.0765 0x0c88  crcdisk - ok
14:57:23.0812 0x0c88  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:57:23.0812 0x0c88  CryptSvc - ok
14:57:23.0843 0x0c88  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:57:23.0859 0x0c88  CSC - ok
14:57:23.0890 0x0c88  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:57:23.0890 0x0c88  CscService - ok
14:57:23.0937 0x0c88  [ D3FAC3926974F22F91E4C9E053DAD07F, 3FC6BA1ADAD70E914A32B2D0EA14D9EE125863F0375BC55B675C474786A90726 ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv64.sys
14:57:23.0937 0x0c88  DAMDrv - ok
14:57:23.0999 0x0c88  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:57:23.0999 0x0c88  DcomLaunch - ok
14:57:24.0030 0x0c88  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:57:24.0046 0x0c88  defragsvc - ok
14:57:24.0062 0x0c88  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:57:24.0062 0x0c88  DfsC - ok
14:57:24.0093 0x0c88  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:57:24.0093 0x0c88  Dhcp - ok
14:57:24.0124 0x0c88  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:57:24.0124 0x0c88  discache - ok
14:57:24.0171 0x0c88  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:57:24.0171 0x0c88  Disk - ok
14:57:24.0218 0x0c88  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:57:24.0218 0x0c88  dmvsc - ok
14:57:24.0264 0x0c88  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:57:24.0264 0x0c88  Dnscache - ok
14:57:24.0296 0x0c88  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:57:24.0296 0x0c88  dot3svc - ok
14:57:24.0374 0x0c88  [ 47BA566049A337A81ACBFA566EF9E795, 2066E6A0BF5B012F82FE74D21BD712C428BF33175F5E08AAD17B1A6DF53262BF ] DpHost          c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
14:57:24.0389 0x0c88  DpHost - ok
14:57:24.0405 0x0c88  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:57:24.0405 0x0c88  DPS - ok
14:57:24.0452 0x0c88  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:57:24.0452 0x0c88  drmkaud - ok
14:57:24.0514 0x0c88  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:57:24.0530 0x0c88  DXGKrnl - ok
14:57:24.0576 0x0c88  [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
14:57:24.0576 0x0c88  e1cexpress - ok
14:57:24.0592 0x0c88  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:57:24.0592 0x0c88  EapHost - ok
14:57:24.0686 0x0c88  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:57:24.0717 0x0c88  ebdrv - ok
14:57:24.0764 0x0c88  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
14:57:24.0764 0x0c88  EFS - ok
14:57:24.0810 0x0c88  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:57:24.0826 0x0c88  ehRecvr - ok
14:57:24.0857 0x0c88  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:57:24.0857 0x0c88  ehSched - ok
14:57:24.0904 0x0c88  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:57:24.0920 0x0c88  elxstor - ok
14:57:24.0935 0x0c88  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:57:24.0935 0x0c88  ErrDev - ok
14:57:24.0982 0x0c88  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:57:24.0982 0x0c88  EventSystem - ok
14:57:25.0013 0x0c88  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:57:25.0013 0x0c88  exfat - ok
14:57:25.0044 0x0c88  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:57:25.0044 0x0c88  fastfat - ok
14:57:25.0091 0x0c88  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:57:25.0107 0x0c88  Fax - ok
14:57:25.0138 0x0c88  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:57:25.0138 0x0c88  fdc - ok
14:57:25.0154 0x0c88  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:57:25.0169 0x0c88  fdPHost - ok
14:57:25.0169 0x0c88  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:57:25.0169 0x0c88  FDResPub - ok
14:57:25.0200 0x0c88  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:57:25.0200 0x0c88  FileInfo - ok
14:57:25.0216 0x0c88  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:57:25.0216 0x0c88  Filetrace - ok
14:57:25.0278 0x0c88  [ 84E05C54DE5EECC3C6A549A2863D0FBE, E5BA5E3BEF76EC129A956A3C9F6EC0592440128D424CAF79A9A933E91A141D05 ] FLCDLOCK        c:\Windows\SysWOW64\flcdlock.exe
14:57:25.0278 0x0c88  FLCDLOCK - ok
14:57:25.0294 0x0c88  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:57:25.0294 0x0c88  flpydisk - ok
14:57:25.0325 0x0c88  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:57:25.0325 0x0c88  FltMgr - ok
14:57:25.0372 0x0c88  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:57:25.0403 0x0c88  FontCache - ok
14:57:25.0450 0x0c88  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:25.0450 0x0c88  FontCache3.0.0.0 - ok
14:57:25.0466 0x0c88  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:57:25.0466 0x0c88  FsDepends - ok
14:57:25.0497 0x0c88  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:57:25.0497 0x0c88  Fs_Rec - ok
14:57:25.0559 0x0c88  [ 3D0F2C8B86BCAB9A2BC5D5A725F45DCC, 45ABA7D6B08803D59D6F56698223E1B8A6365471EDAA041FA6434BE9FE140260 ] FUS2BASE        C:\Windows\system32\DRIVERS\fus2base.sys
14:57:25.0575 0x0c88  FUS2BASE - ok
14:57:25.0606 0x0c88  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:57:25.0622 0x0c88  fvevol - ok
14:57:25.0637 0x0c88  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:57:25.0637 0x0c88  gagp30kx - ok
14:57:25.0684 0x0c88  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:57:25.0700 0x0c88  gpsvc - ok
14:57:25.0746 0x0c88  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:25.0746 0x0c88  gupdate - ok
14:57:25.0746 0x0c88  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:25.0746 0x0c88  gupdatem - ok
14:57:25.0762 0x0c88  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:57:25.0762 0x0c88  hcw85cir - ok
14:57:25.0778 0x0c88  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:57:25.0778 0x0c88  HdAudAddService - ok
14:57:25.0809 0x0c88  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:57:25.0824 0x0c88  HDAudBus - ok
14:57:25.0824 0x0c88  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:57:25.0824 0x0c88  HidBatt - ok
14:57:25.0840 0x0c88  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:57:25.0840 0x0c88  HidBth - ok
14:57:25.0871 0x0c88  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:57:25.0871 0x0c88  HidIr - ok
14:57:25.0887 0x0c88  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:57:25.0887 0x0c88  hidserv - ok
14:57:25.0902 0x0c88  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:57:25.0902 0x0c88  HidUsb - ok
14:57:25.0934 0x0c88  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:57:25.0934 0x0c88  hkmsvc - ok
14:57:25.0965 0x0c88  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:57:25.0965 0x0c88  HomeGroupListener - ok
14:57:25.0996 0x0c88  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:57:26.0012 0x0c88  HomeGroupProvider - ok
14:57:26.0074 0x0c88  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:57:26.0090 0x0c88  HP Support Assistant Service - ok
14:57:26.0136 0x0c88  [ F8951E83F125D6765E815444AA303035, 2BB0C974D4A8A718DED8A7F90992E77C937F6174BD29453A9014F87C031B2AD1 ] HPFSService     c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
14:57:26.0136 0x0c88  HPFSService - ok
14:57:26.0168 0x0c88  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:57:26.0168 0x0c88  HpSAMD - ok
14:57:26.0230 0x0c88  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:57:26.0246 0x0c88  HTTP - ok
14:57:26.0246 0x0c88  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:57:26.0246 0x0c88  hwpolicy - ok
14:57:26.0292 0x0c88  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:57:26.0292 0x0c88  i8042prt - ok
14:57:26.0339 0x0c88  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:57:26.0355 0x0c88  iaStor - ok
14:57:26.0402 0x0c88  [ DF2C0EDDE78973653219483435EA25E6, 6FA6F7C5808174BF68073307231F3160F8AC36F4E2619A1F3FBFC49985E6BD14 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
14:57:26.0417 0x0c88  iaStorA - ok
14:57:26.0464 0x0c88  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:57:26.0464 0x0c88  IAStorDataMgrSvc - ok
14:57:26.0480 0x0c88  [ 5B62CE979C2FB35A0DF81D6E3B3E6187, 98ECBBB19E58781663AD4CCA82F36EBAE015EE8D59A0DCDD8B1FC16DF4FF8A7B ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
14:57:26.0480 0x0c88  iaStorF - ok
14:57:26.0511 0x0c88  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:57:26.0526 0x0c88  iaStorV - ok
14:57:26.0589 0x0c88  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:26.0604 0x0c88  idsvc - ok
14:57:26.0651 0x0c88  IEEtwCollectorService - ok
14:57:26.0651 0x0c88  [ 02251659F056A161DF7A1D134DA86C6B, 8574774F59F89B4352AA7A6F1EC576E8400CFF8E8B932C52B9916C6C5028D37D ] IFCoEMP         C:\Windows\system32\drivers\ifM60x64.sys
14:57:26.0667 0x0c88  IFCoEMP - ok
14:57:26.0682 0x0c88  [ CBC96ADFEED64EB3BC264AAC409DA6BC, B8FE5E1B9782311B37FF646AF12496A1799C38471CF314409E83FE4CCD9CD9FC ] IFCoEVB         C:\Windows\system32\drivers\ifP60X64.sys
14:57:26.0682 0x0c88  IFCoEVB - ok
14:57:26.0823 0x0c88  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:57:26.0885 0x0c88  igfx - ok
14:57:26.0901 0x0c88  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:57:26.0901 0x0c88  iirsp - ok
14:57:26.0948 0x0c88  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:57:26.0963 0x0c88  IKEEXT - ok
14:57:27.0104 0x0c88  [ 5C4F44779B1836990B82DA02CFBD94A6, 1778BFAF2A0FBC51069D3163DA8DACED3BBBA7A422332FF9DE6A68DBEDECDBE3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:57:27.0150 0x0c88  IntcAzAudAddService - ok
14:57:27.0166 0x0c88  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:57:27.0166 0x0c88  IntcDAud - ok
14:57:27.0213 0x0c88  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
14:57:27.0228 0x0c88  Intel® Capability Licensing Service Interface - ok
14:57:27.0260 0x0c88  [ 4A9EB8AC8959C580ADCADDBDBBEBE033, F7386FB51D4A2138A3BA0B76FE0FB6D0F6DF8AC4837345FCBD51308863D46D01 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
14:57:27.0275 0x0c88  Intel® PROSet Monitoring Service - ok
14:57:27.0306 0x0c88  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:57:27.0306 0x0c88  intelide - ok
14:57:27.0338 0x0c88  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:57:27.0338 0x0c88  intelppm - ok
14:57:27.0369 0x0c88  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:57:27.0369 0x0c88  IPBusEnum - ok
14:57:27.0384 0x0c88  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:27.0384 0x0c88  IpFilterDriver - ok
14:57:27.0431 0x0c88  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:57:27.0447 0x0c88  iphlpsvc - ok
14:57:27.0462 0x0c88  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:57:27.0462 0x0c88  IPMIDRV - ok
14:57:27.0478 0x0c88  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:57:27.0478 0x0c88  IPNAT - ok
14:57:27.0509 0x0c88  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:57:27.0509 0x0c88  IRENUM - ok
14:57:27.0556 0x0c88  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:57:27.0556 0x0c88  isapnp - ok
14:57:27.0587 0x0c88  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:57:27.0603 0x0c88  iScsiPrt - ok
14:57:27.0618 0x0c88  [ C8A3C909F0EFF13CAE0C17503B1F5DB2, 48B83C625AD4FFF4B8D92C70FEFDE70354C18193A8DDFE6D716776228FF691D5 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
14:57:27.0618 0x0c88  iusb3hcs - ok
14:57:27.0665 0x0c88  [ BB47E889BA2ADB7D1A438F9824F5899B, CE074B540154501C2B77A11BD27996D652BA3C81B7CBD2E8DF2E57B3DF770517 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
14:57:27.0665 0x0c88  iusb3hub - ok
14:57:27.0743 0x0c88  [ 7971B368F36042A0EC31FEA15945187B, E5EDD32316549644708DFD84ECC899C12C5095A16A607ACE0E23A9F49DCCC0BC ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
14:57:27.0759 0x0c88  iusb3xhc - ok
14:57:27.0806 0x0c88  [ 46FFD238D2FBA90186CE064D7B9FD58A, 1FF7170181FA5EC80D8AF5B72A844F2E38CE002C1DB0AB656FE8A47250C684CD ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
14:57:27.0806 0x0c88  jhi_service - ok
14:57:27.0837 0x0c88  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:27.0837 0x0c88  kbdclass - ok
14:57:27.0868 0x0c88  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:57:27.0868 0x0c88  kbdhid - ok
14:57:27.0884 0x0c88  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
14:57:27.0884 0x0c88  KeyIso - ok
14:57:27.0899 0x0c88  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:57:27.0899 0x0c88  KSecDD - ok
14:57:27.0930 0x0c88  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:57:27.0946 0x0c88  KSecPkg - ok
14:57:27.0962 0x0c88  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:57:27.0962 0x0c88  ksthunk - ok
14:57:28.0008 0x0c88  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:57:28.0008 0x0c88  KtmRm - ok
14:57:28.0055 0x0c88  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:57:28.0055 0x0c88  LanmanServer - ok
14:57:28.0086 0x0c88  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:57:28.0102 0x0c88  LanmanWorkstation - ok
14:57:28.0118 0x0c88  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:57:28.0118 0x0c88  lltdio - ok
14:57:28.0149 0x0c88  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:57:28.0164 0x0c88  lltdsvc - ok
14:57:28.0180 0x0c88  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:57:28.0180 0x0c88  lmhosts - ok
14:57:28.0211 0x0c88  [ 8142C947D6CC909A448AF95F4221B314, EF725E80C9E74A8FCC8323B222A77CD5CDE8BC1B6ADC89FF8AFDD12ADD0FB59A ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:57:28.0227 0x0c88  LMS - ok
14:57:28.0258 0x0c88  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:57:28.0274 0x0c88  LSI_FC - ok
14:57:28.0289 0x0c88  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:57:28.0289 0x0c88  LSI_SAS - ok
14:57:28.0305 0x0c88  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:57:28.0305 0x0c88  LSI_SAS2 - ok
14:57:28.0320 0x0c88  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:57:28.0320 0x0c88  LSI_SCSI - ok
14:57:28.0336 0x0c88  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:57:28.0336 0x0c88  luafv - ok
14:57:28.0430 0x0c88  [ 4CC02A07141B157DD72E580D8FBBBBBB, E3C269D843A4CC67F4951961FB053E69A89D88C7607B68A91EE0E833DE0E6804 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
14:57:28.0445 0x0c88  McAfee Endpoint Encryption Agent - ok
14:57:28.0476 0x0c88  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:57:28.0476 0x0c88  Mcx2Svc - ok
14:57:28.0476 0x0c88  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:57:28.0476 0x0c88  megasas - ok
14:57:28.0508 0x0c88  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:57:28.0508 0x0c88  MegaSR - ok
14:57:28.0539 0x0c88  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:57:28.0554 0x0c88  MEIx64 - ok
14:57:28.0554 0x0c88  [ 2BD2D5D1BD5EDB084D87E6B07A1B12E4, 83A580C2ACB804182ED985E713CFC7573B0B2435A6156F33B574B029A2559718 ] MfeEpeOpal      C:\Windows\system32\drivers\MfeEpeOpal.sys
14:57:28.0554 0x0c88  MfeEpeOpal - ok
14:57:28.0570 0x0c88  [ 72672BAFCAB0214D9A4A17BC8D9DA64A, CEB8D52108701C7A5465F557A585420F17E1F72F168C4D24BDA484497D06B6DD ] MfeEpePc        C:\Windows\system32\drivers\MfeEpePc.sys
14:57:28.0570 0x0c88  MfeEpePc - ok
14:57:28.0586 0x0c88  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:57:28.0586 0x0c88  MMCSS - ok
14:57:28.0601 0x0c88  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:57:28.0601 0x0c88  Modem - ok
14:57:28.0617 0x0c88  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:57:28.0617 0x0c88  monitor - ok
14:57:28.0648 0x0c88  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:57:28.0648 0x0c88  mouclass - ok
14:57:28.0664 0x0c88  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:57:28.0664 0x0c88  mouhid - ok
14:57:28.0695 0x0c88  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:57:28.0695 0x0c88  mountmgr - ok
14:57:28.0757 0x0c88  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:57:28.0757 0x0c88  MozillaMaintenance - ok
14:57:28.0804 0x0c88  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:57:28.0804 0x0c88  MpFilter - ok
14:57:28.0820 0x0c88  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:57:28.0835 0x0c88  mpio - ok
14:57:28.0851 0x0c88  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:57:28.0851 0x0c88  mpsdrv - ok
14:57:28.0898 0x0c88  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:57:28.0913 0x0c88  MpsSvc - ok
14:57:28.0944 0x0c88  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:57:28.0944 0x0c88  MRxDAV - ok
14:57:28.0960 0x0c88  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:28.0960 0x0c88  mrxsmb - ok
14:57:28.0976 0x0c88  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:28.0976 0x0c88  mrxsmb10 - ok
14:57:28.0991 0x0c88  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:28.0991 0x0c88  mrxsmb20 - ok
14:57:29.0007 0x0c88  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:57:29.0023 0x0c88  msahci - ok
14:57:29.0038 0x0c88  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:57:29.0038 0x0c88  msdsm - ok
14:57:29.0069 0x0c88  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:57:29.0069 0x0c88  MSDTC - ok
14:57:29.0101 0x0c88  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:57:29.0101 0x0c88  Msfs - ok
14:57:29.0101 0x0c88  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:57:29.0101 0x0c88  mshidkmdf - ok
14:57:29.0116 0x0c88  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:57:29.0116 0x0c88  msisadrv - ok
14:57:29.0163 0x0c88  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:57:29.0163 0x0c88  MSiSCSI - ok
14:57:29.0163 0x0c88  msiserver - ok
14:57:29.0194 0x0c88  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:57:29.0194 0x0c88  MSKSSRV - ok
14:57:29.0241 0x0c88  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:57:29.0241 0x0c88  MsMpSvc - ok
14:57:29.0241 0x0c88  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:29.0241 0x0c88  MSPCLOCK - ok
14:57:29.0257 0x0c88  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:57:29.0257 0x0c88  MSPQM - ok
14:57:29.0272 0x0c88  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:57:29.0272 0x0c88  MsRPC - ok
14:57:29.0303 0x0c88  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:57:29.0303 0x0c88  mssmbios - ok
14:57:29.0319 0x0c88  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:57:29.0319 0x0c88  MSTEE - ok
14:57:29.0335 0x0c88  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:57:29.0335 0x0c88  MTConfig - ok
14:57:29.0350 0x0c88  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:57:29.0350 0x0c88  Mup - ok
14:57:29.0381 0x0c88  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:57:29.0397 0x0c88  napagent - ok
14:57:29.0413 0x0c88  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:57:29.0413 0x0c88  NativeWifiP - ok
14:57:29.0459 0x0c88  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:57:29.0475 0x0c88  NDIS - ok
14:57:29.0475 0x0c88  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:29.0475 0x0c88  NdisCap - ok
14:57:29.0491 0x0c88  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:29.0491 0x0c88  NdisTapi - ok
14:57:29.0506 0x0c88  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:29.0522 0x0c88  Ndisuio - ok
14:57:29.0537 0x0c88  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:29.0537 0x0c88  NdisWan - ok
14:57:29.0553 0x0c88  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:57:29.0553 0x0c88  NDProxy - ok
14:57:29.0569 0x0c88  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:57:29.0569 0x0c88  NetBIOS - ok
14:57:29.0584 0x0c88  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:57:29.0600 0x0c88  NetBT - ok
14:57:29.0615 0x0c88  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
14:57:29.0615 0x0c88  Netlogon - ok
14:57:29.0647 0x0c88  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:57:29.0647 0x0c88  Netman - ok
14:57:29.0693 0x0c88  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:29.0709 0x0c88  NetMsmqActivator - ok
14:57:29.0725 0x0c88  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:29.0725 0x0c88  NetPipeActivator - ok
14:57:29.0756 0x0c88  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:57:29.0771 0x0c88  netprofm - ok
14:57:29.0771 0x0c88  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:29.0771 0x0c88  NetTcpActivator - ok
14:57:29.0787 0x0c88  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:29.0787 0x0c88  NetTcpPortSharing - ok
14:57:29.0818 0x0c88  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:57:29.0818 0x0c88  nfrd960 - ok
14:57:29.0849 0x0c88  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:57:29.0865 0x0c88  NisDrv - ok
14:57:29.0896 0x0c88  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:57:29.0912 0x0c88  NisSrv - ok
14:57:29.0943 0x0c88  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:57:29.0943 0x0c88  NlaSvc - ok
14:57:29.0959 0x0c88  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:57:29.0959 0x0c88  Npfs - ok
14:57:29.0990 0x0c88  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:57:29.0990 0x0c88  nsi - ok
14:57:29.0990 0x0c88  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:57:29.0990 0x0c88  nsiproxy - ok
14:57:30.0068 0x0c88  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:57:30.0083 0x0c88  Ntfs - ok
14:57:30.0099 0x0c88  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:57:30.0099 0x0c88  Null - ok
14:57:30.0130 0x0c88  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:57:30.0130 0x0c88  nvraid - ok
14:57:30.0130 0x0c88  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:57:30.0146 0x0c88  nvstor - ok
14:57:30.0177 0x0c88  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:57:30.0177 0x0c88  nv_agp - ok
14:57:30.0193 0x0c88  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:57:30.0193 0x0c88  ohci1394 - ok
14:57:30.0255 0x0c88  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:30.0255 0x0c88  ose - ok
14:57:30.0411 0x0c88  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:57:30.0473 0x0c88  osppsvc - ok
14:57:30.0505 0x0c88  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:57:30.0505 0x0c88  p2pimsvc - ok
14:57:30.0536 0x0c88  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:57:30.0551 0x0c88  p2psvc - ok
14:57:30.0583 0x0c88  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:57:30.0583 0x0c88  Parport - ok
14:57:30.0614 0x0c88  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:57:30.0614 0x0c88  partmgr - ok
14:57:30.0629 0x0c88  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:57:30.0629 0x0c88  PcaSvc - ok
14:57:30.0645 0x0c88  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:57:30.0645 0x0c88  pci - ok
14:57:30.0676 0x0c88  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:57:30.0676 0x0c88  pciide - ok
14:57:30.0707 0x0c88  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:57:30.0723 0x0c88  pcmcia - ok
14:57:30.0739 0x0c88  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:57:30.0739 0x0c88  pcw - ok
14:57:30.0770 0x0c88  pdfcDispatcher - ok
14:57:30.0801 0x0c88  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:57:30.0817 0x0c88  PEAUTH - ok
14:57:30.0863 0x0c88  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:57:30.0879 0x0c88  PeerDistSvc - ok
14:57:30.0941 0x0c88  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:57:30.0941 0x0c88  PerfHost - ok
14:57:31.0004 0x0c88  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:57:31.0019 0x0c88  pla - ok
14:57:31.0066 0x0c88  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:57:31.0082 0x0c88  PlugPlay - ok
14:57:31.0113 0x0c88  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
14:57:31.0113 0x0c88  pmxdrv - ok
14:57:31.0113 0x0c88  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:57:31.0113 0x0c88  PNRPAutoReg - ok
14:57:31.0144 0x0c88  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:57:31.0160 0x0c88  PNRPsvc - ok
14:57:31.0191 0x0c88  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:57:31.0207 0x0c88  PolicyAgent - ok
14:57:31.0222 0x0c88  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:57:31.0222 0x0c88  Power - ok
14:57:31.0253 0x0c88  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:57:31.0253 0x0c88  PptpMiniport - ok
14:57:31.0269 0x0c88  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:57:31.0269 0x0c88  Processor - ok
14:57:31.0300 0x0c88  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:57:31.0300 0x0c88  ProfSvc - ok
14:57:31.0300 0x0c88  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:57:31.0300 0x0c88  ProtectedStorage - ok
14:57:31.0331 0x0c88  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:57:31.0331 0x0c88  Psched - ok
14:57:31.0409 0x0c88  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:57:31.0425 0x0c88  ql2300 - ok
14:57:31.0441 0x0c88  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:57:31.0441 0x0c88  ql40xx - ok
14:57:31.0456 0x0c88  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:57:31.0456 0x0c88  QWAVE - ok
14:57:31.0472 0x0c88  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:57:31.0472 0x0c88  QWAVEdrv - ok
14:57:31.0472 0x0c88  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:57:31.0472 0x0c88  RasAcd - ok
14:57:31.0519 0x0c88  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:31.0519 0x0c88  RasAgileVpn - ok
14:57:31.0534 0x0c88  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:57:31.0534 0x0c88  RasAuto - ok
14:57:31.0550 0x0c88  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:31.0550 0x0c88  Rasl2tp - ok
14:57:31.0565 0x0c88  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:57:31.0581 0x0c88  RasMan - ok
14:57:31.0581 0x0c88  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:31.0581 0x0c88  RasPppoe - ok
14:57:31.0597 0x0c88  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:57:31.0597 0x0c88  RasSstp - ok
14:57:31.0628 0x0c88  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:57:31.0628 0x0c88  rdbss - ok
14:57:31.0643 0x0c88  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:57:31.0643 0x0c88  rdpbus - ok
14:57:31.0659 0x0c88  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:31.0659 0x0c88  RDPCDD - ok
14:57:31.0675 0x0c88  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:57:31.0675 0x0c88  RDPDR - ok
14:57:31.0675 0x0c88  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:57:31.0675 0x0c88  RDPENCDD - ok
14:57:31.0690 0x0c88  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:57:31.0690 0x0c88  RDPREFMP - ok
14:57:31.0721 0x0c88  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:57:31.0737 0x0c88  RdpVideoMiniport - ok
14:57:31.0753 0x0c88  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:57:31.0768 0x0c88  RDPWD - ok
14:57:31.0784 0x0c88  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:57:31.0799 0x0c88  rdyboost - ok
14:57:31.0815 0x0c88  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:57:31.0831 0x0c88  RemoteAccess - ok
14:57:31.0846 0x0c88  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:57:31.0862 0x0c88  RemoteRegistry - ok
14:57:31.0862 0x0c88  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:57:31.0877 0x0c88  RpcEptMapper - ok
14:57:31.0893 0x0c88  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:57:31.0893 0x0c88  RpcLocator - ok
14:57:31.0924 0x0c88  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:57:31.0940 0x0c88  RpcSs - ok
14:57:31.0955 0x0c88  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:57:31.0955 0x0c88  rspndr - ok
14:57:32.0002 0x0c88  [ 3BDBB0CBFB27FEF51B7574676D1C9F6A, 80C1F54A01C4567EF0B8452C0394D82B7F141E60E5BE19778992286B3FD5D466 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
14:57:32.0002 0x0c88  RtkAudioService - ok
14:57:32.0018 0x0c88  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:57:32.0018 0x0c88  s3cap - ok
14:57:32.0018 0x0c88  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
14:57:32.0018 0x0c88  SamSs - ok
14:57:32.0049 0x0c88  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:57:32.0049 0x0c88  sbp2port - ok
14:57:32.0080 0x0c88  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:57:32.0080 0x0c88  SCardSvr - ok
14:57:32.0111 0x0c88  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:57:32.0111 0x0c88  scfilter - ok
14:57:32.0158 0x0c88  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:57:32.0174 0x0c88  Schedule - ok
14:57:32.0189 0x0c88  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:57:32.0189 0x0c88  SCPolicySvc - ok
14:57:32.0205 0x0c88  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:57:32.0205 0x0c88  SDRSVC - ok
14:57:32.0221 0x0c88  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:57:32.0221 0x0c88  secdrv - ok
14:57:32.0221 0x0c88  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:57:32.0221 0x0c88  seclogon - ok
14:57:32.0236 0x0c88  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:57:32.0236 0x0c88  SENS - ok
14:57:32.0252 0x0c88  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:57:32.0252 0x0c88  SensrSvc - ok
14:57:32.0283 0x0c88  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:57:32.0283 0x0c88  Serenum - ok
14:57:32.0314 0x0c88  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:57:32.0314 0x0c88  Serial - ok
14:57:32.0330 0x0c88  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:57:32.0345 0x0c88  sermouse - ok
14:57:32.0361 0x0c88  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:57:32.0361 0x0c88  SessionEnv - ok
14:57:32.0377 0x0c88  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:57:32.0377 0x0c88  sffdisk - ok
14:57:32.0392 0x0c88  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:57:32.0392 0x0c88  sffp_mmc - ok
14:57:32.0423 0x0c88  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:57:32.0423 0x0c88  sffp_sd - ok
14:57:32.0455 0x0c88  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:57:32.0455 0x0c88  sfloppy - ok
14:57:32.0486 0x0c88  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:57:32.0486 0x0c88  SharedAccess - ok
14:57:32.0501 0x0c88  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:57:32.0517 0x0c88  ShellHWDetection - ok
14:57:32.0533 0x0c88  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:57:32.0533 0x0c88  SiSRaid2 - ok
14:57:32.0548 0x0c88  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:57:32.0548 0x0c88  SiSRaid4 - ok
14:57:32.0579 0x0c88  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:57:32.0579 0x0c88  Smb - ok
14:57:32.0595 0x0c88  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:57:32.0595 0x0c88  SNMPTRAP - ok
14:57:32.0611 0x0c88  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:57:32.0611 0x0c88  spldr - ok
14:57:32.0642 0x0c88  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:57:32.0657 0x0c88  Spooler - ok
14:57:32.0751 0x0c88  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:57:32.0782 0x0c88  sppsvc - ok
14:57:32.0798 0x0c88  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:57:32.0798 0x0c88  sppuinotify - ok
14:57:32.0829 0x0c88  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:57:32.0845 0x0c88  srv - ok
14:57:32.0860 0x0c88  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:57:32.0860 0x0c88  srv2 - ok
14:57:32.0876 0x0c88  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:57:32.0876 0x0c88  srvnet - ok
14:57:32.0891 0x0c88  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:57:32.0891 0x0c88  SSDPSRV - ok
14:57:32.0907 0x0c88  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:57:32.0907 0x0c88  SstpSvc - ok
14:57:32.0907 0x0c88  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:57:32.0907 0x0c88  stexstor - ok
14:57:32.0938 0x0c88  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:57:32.0938 0x0c88  stisvc - ok
14:57:32.0969 0x0c88  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:57:32.0969 0x0c88  storflt - ok
14:57:32.0969 0x0c88  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
14:57:32.0969 0x0c88  StorSvc - ok
14:57:32.0985 0x0c88  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:57:33.0001 0x0c88  storvsc - ok
14:57:33.0016 0x0c88  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:57:33.0016 0x0c88  swenum - ok
14:57:33.0047 0x0c88  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:57:33.0063 0x0c88  swprv - ok
14:57:33.0141 0x0c88  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:57:33.0157 0x0c88  SysMain - ok
14:57:33.0172 0x0c88  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:57:33.0172 0x0c88  TabletInputService - ok
14:57:33.0188 0x0c88  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:57:33.0188 0x0c88  TapiSrv - ok
14:57:33.0203 0x0c88  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:57:33.0203 0x0c88  TBS - ok
14:57:33.0266 0x0c88  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:57:33.0297 0x0c88  Tcpip - ok
14:57:33.0344 0x0c88  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:57:33.0375 0x0c88  TCPIP6 - ok
14:57:33.0406 0x0c88  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:57:33.0406 0x0c88  tcpipreg - ok
14:57:33.0422 0x0c88  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:57:33.0422 0x0c88  TDPIPE - ok
14:57:33.0453 0x0c88  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:57:33.0453 0x0c88  TDTCP - ok
14:57:33.0469 0x0c88  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:57:33.0469 0x0c88  tdx - ok
14:57:33.0469 0x0c88  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:57:33.0484 0x0c88  TermDD - ok
14:57:33.0515 0x0c88  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:57:33.0531 0x0c88  TermService - ok
14:57:33.0562 0x0c88  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:57:33.0562 0x0c88  Themes - ok
14:57:33.0578 0x0c88  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:57:33.0593 0x0c88  THREADORDER - ok
14:57:33.0609 0x0c88  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
14:57:33.0625 0x0c88  TPM - ok
14:57:33.0640 0x0c88  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:57:33.0640 0x0c88  TrkWks - ok
14:57:33.0687 0x0c88  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:57:33.0687 0x0c88  TrustedInstaller - ok
14:57:33.0718 0x0c88  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:33.0734 0x0c88  tssecsrv - ok
14:57:33.0765 0x0c88  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:57:33.0765 0x0c88  TsUsbFlt - ok
14:57:33.0781 0x0c88  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:57:33.0781 0x0c88  TsUsbGD - ok
14:57:33.0812 0x0c88  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:57:33.0812 0x0c88  tunnel - ok
14:57:33.0827 0x0c88  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:57:33.0827 0x0c88  uagp35 - ok
14:57:33.0843 0x0c88  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:57:33.0859 0x0c88  udfs - ok
14:57:33.0874 0x0c88  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:57:33.0874 0x0c88  UI0Detect - ok
14:57:33.0905 0x0c88  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:57:33.0905 0x0c88  uliagpkx - ok
14:57:33.0937 0x0c88  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:57:33.0937 0x0c88  umbus - ok
14:57:33.0952 0x0c88  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:57:33.0952 0x0c88  UmPass - ok
14:57:33.0968 0x0c88  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:57:33.0983 0x0c88  UmRdpService - ok
14:57:34.0061 0x0c88  [ 27CA59DBA52900789F194B97BD45B681, 09E32B37B0324BC17AE8F0DA9EF538BFF9D8C25406B903DB38545C1173D14BA6 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:57:34.0077 0x0c88  UNS - ok
14:57:34.0093 0x0c88  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:57:34.0108 0x0c88  upnphost - ok
14:57:34.0139 0x0c88  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:34.0139 0x0c88  usbccgp - ok
14:57:34.0171 0x0c88  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:57:34.0186 0x0c88  usbcir - ok
14:57:34.0202 0x0c88  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:57:34.0217 0x0c88  usbehci - ok
14:57:34.0249 0x0c88  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:57:34.0264 0x0c88  usbhub - ok
14:57:34.0280 0x0c88  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:57:34.0280 0x0c88  usbohci - ok
14:57:34.0311 0x0c88  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:57:34.0311 0x0c88  usbprint - ok
14:57:34.0342 0x0c88  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:57:34.0342 0x0c88  usbscan - ok
14:57:34.0358 0x0c88  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:34.0373 0x0c88  USBSTOR - ok
14:57:34.0405 0x0c88  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:57:34.0405 0x0c88  usbuhci - ok
14:57:34.0436 0x0c88  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:57:34.0436 0x0c88  UxSms - ok
14:57:34.0451 0x0c88  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
14:57:34.0451 0x0c88  VaultSvc - ok
14:57:34.0467 0x0c88  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:57:34.0467 0x0c88  vdrvroot - ok
14:57:34.0483 0x0c88  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:57:34.0498 0x0c88  vds - ok
14:57:34.0514 0x0c88  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:34.0514 0x0c88  vga - ok
14:57:34.0514 0x0c88  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:57:34.0514 0x0c88  VgaSave - ok
14:57:34.0561 0x0c88  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:57:34.0561 0x0c88  vhdmp - ok
14:57:34.0592 0x0c88  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:57:34.0592 0x0c88  viaide - ok
14:57:34.0607 0x0c88  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:57:34.0623 0x0c88  vmbus - ok
14:57:34.0639 0x0c88  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:57:34.0639 0x0c88  VMBusHID - ok
14:57:34.0654 0x0c88  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:57:34.0670 0x0c88  volmgr - ok
14:57:34.0685 0x0c88  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:57:34.0701 0x0c88  volmgrx - ok
14:57:34.0717 0x0c88  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:57:34.0717 0x0c88  volsnap - ok
14:57:34.0732 0x0c88  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:57:34.0748 0x0c88  vsmraid - ok
14:57:34.0795 0x0c88  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:57:34.0826 0x0c88  VSS - ok
14:57:34.0841 0x0c88  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:57:34.0841 0x0c88  vwifibus - ok
14:57:34.0857 0x0c88  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:57:34.0873 0x0c88  W32Time - ok
14:57:34.0888 0x0c88  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:57:34.0888 0x0c88  WacomPen - ok
14:57:34.0904 0x0c88  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:57:34.0904 0x0c88  WANARP - ok
14:57:34.0919 0x0c88  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:57:34.0919 0x0c88  Wanarpv6 - ok
14:57:34.0997 0x0c88  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:35.0029 0x0c88  WatAdminSvc - ok
14:57:35.0091 0x0c88  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:57:35.0107 0x0c88  wbengine - ok
14:57:35.0122 0x0c88  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:57:35.0122 0x0c88  WbioSrvc - ok
14:57:35.0138 0x0c88  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:57:35.0138 0x0c88  wcncsvc - ok
14:57:35.0138 0x0c88  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:57:35.0138 0x0c88  WcsPlugInService - ok
14:57:35.0153 0x0c88  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:57:35.0153 0x0c88  Wd - ok
14:57:35.0200 0x0c88  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:57:35.0216 0x0c88  Wdf01000 - ok
14:57:35.0231 0x0c88  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:57:35.0247 0x0c88  WdiServiceHost - ok
14:57:35.0247 0x0c88  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:57:35.0247 0x0c88  WdiSystemHost - ok
14:57:35.0263 0x0c88  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:57:35.0278 0x0c88  WebClient - ok
14:57:35.0294 0x0c88  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:57:35.0294 0x0c88  Wecsvc - ok
14:57:35.0294 0x0c88  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:57:35.0309 0x0c88  wercplsupport - ok
14:57:35.0309 0x0c88  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:57:35.0309 0x0c88  WerSvc - ok
14:57:35.0341 0x0c88  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:35.0341 0x0c88  WfpLwf - ok
14:57:35.0341 0x0c88  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:57:35.0341 0x0c88  WIMMount - ok
14:57:35.0372 0x0c88  WinDefend - ok
14:57:35.0372 0x0c88  WinHttpAutoProxySvc - ok
14:57:35.0419 0x0c88  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:57:35.0434 0x0c88  Winmgmt - ok
14:57:35.0481 0x0c88  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:57:35.0497 0x0c88  WinRM - ok
14:57:35.0559 0x0c88  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:57:35.0559 0x0c88  WinUsb - ok
14:57:35.0621 0x0c88  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:57:35.0637 0x0c88  Wlansvc - ok
14:57:35.0653 0x0c88  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:57:35.0653 0x0c88  WmiAcpi - ok
14:57:35.0684 0x0c88  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:57:35.0684 0x0c88  wmiApSrv - ok
14:57:35.0699 0x0c88  WMPNetworkSvc - ok
14:57:35.0731 0x0c88  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:57:35.0731 0x0c88  WPCSvc - ok
14:57:35.0746 0x0c88  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:57:35.0746 0x0c88  WPDBusEnum - ok
14:57:35.0777 0x0c88  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:57:35.0777 0x0c88  ws2ifsl - ok
14:57:35.0793 0x0c88  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:57:35.0793 0x0c88  wscsvc - ok
14:57:35.0824 0x0c88  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:57:35.0840 0x0c88  WSDPrintDevice - ok
14:57:35.0840 0x0c88  WSearch - ok
14:57:35.0933 0x0c88  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:57:35.0965 0x0c88  wuauserv - ok
14:57:35.0996 0x0c88  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:57:35.0996 0x0c88  WudfPf - ok
14:57:36.0027 0x0c88  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:36.0027 0x0c88  WUDFRd - ok
14:57:36.0058 0x0c88  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:57:36.0074 0x0c88  wudfsvc - ok
14:57:36.0105 0x0c88  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:57:36.0105 0x0c88  WwanSvc - ok
14:57:36.0121 0x0c88  ================ Scan global ===============================
14:57:36.0152 0x0c88  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:57:36.0183 0x0c88  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:57:36.0199 0x0c88  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:57:36.0230 0x0c88  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:57:36.0261 0x0c88  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:57:36.0277 0x0c88  [ Global ] - ok
14:57:36.0277 0x0c88  ================ Scan MBR ==================================
14:57:36.0292 0x0c88  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:57:36.0526 0x0c88  \Device\Harddisk0\DR0 - ok
14:57:36.0526 0x0c88  ================ Scan VBR ==================================
14:57:36.0526 0x0c88  [ C55A943B21CE930F0C4E82DBC7BDAB1B ] \Device\Harddisk0\DR0\Partition1
14:57:36.0526 0x0c88  \Device\Harddisk0\DR0\Partition1 - ok
14:57:36.0526 0x0c88  [ C425B35E3A7C4A256B12014F8DD156E6 ] \Device\Harddisk0\DR0\Partition2
14:57:36.0542 0x0c88  \Device\Harddisk0\DR0\Partition2 - ok
14:57:36.0542 0x0c88  [ C356063DE88751D245D9D794E01D13CF ] \Device\Harddisk0\DR0\Partition3
14:57:36.0542 0x0c88  \Device\Harddisk0\DR0\Partition3 - ok
14:57:36.0542 0x0c88  ================ Scan generic autorun ======================
14:57:36.0713 0x0c88  [ 06FEF4BD2346BC3A4BE096FA855C02A2, 747DA27A17DA523B50EAA0B5D178B5A63CDB60E89103B12E0B3597E7194E3E18 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:57:36.0791 0x0c88  RTHDVCPL - ok
14:57:36.0838 0x0c88  MfeEpePcMonitor - ok
14:57:36.0854 0x0c88  [ BE49AF92F13030E188DBE8E2841D173A, AFC312A888F63D34E4F4E27A3FF50D5569BCAF0DD061671CC661E778FEC02EEB ] C:\Windows\system32\igfxtray.exe
14:57:36.0854 0x0c88  IgfxTray - ok
14:57:36.0885 0x0c88  [ 664FF61BE83FCACBF67A8D307011ADF5, B5270D13A355002336D25C092C042CA8E36795D23EB81134418BB2A8ABFBDF66 ] C:\Windows\system32\hkcmd.exe
14:57:36.0901 0x0c88  HotKeysCmds - ok
14:57:36.0932 0x0c88  [ 899D435E1C190C204E349CE0E483098B, FC6E84D7A382FBCBF3B2DAA4B75BD78F447359F314C1CD4424759E2EC97FD2DE ] C:\Windows\system32\igfxpers.exe
14:57:36.0947 0x0c88  Persistence - ok
14:57:37.0025 0x0c88  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
14:57:37.0041 0x0c88  MSC - ok
14:57:37.0119 0x0c88  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
14:57:37.0119 0x0c88  NCPluginUpdater - ok
14:57:37.0150 0x0c88  [ 8B606D1033A30379322441CB083D5265, 5D57DC24DC57B48F90D91E8AD0BA566788F9307A76BBE1F971753AEA6BA6FAF6 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
14:57:37.0150 0x0c88  IMSS - ok
14:57:37.0213 0x0c88  [ BDDAFDB5F9517DFE97AD3750CF343819, 4DA9A1FE099CE2EF9F3BA2F30B391B2720806BB815D79CE7C0BEC101399B37FE ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:57:37.0228 0x0c88  USB3MON - ok
14:57:37.0275 0x0c88  [ FB9242750BEF44B7740B8D10BFF99DA3, C36F8B2FBF6484D98825BFCCDB20398B525024C69B7B25B571AEAC37222892D1 ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
14:57:37.0291 0x0c88  CLMLServer_For_P2G8 - ok
14:57:37.0306 0x0c88  [ CE66822E3C4E0221BB1638B4CBD37C62, 3B49307C9D688EC6724070CCCFEDDD7460837D7CF70D05AD962DD1E6CDA73ECF ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
14:57:37.0337 0x0c88  CLVirtualDrive - ok
14:57:37.0384 0x0c88  [ 6B480E6E07325386ED2422EE4ECD7BCE, 43805EE310708576105B92D842A8E5C700EC6352B13B28D559F3A160C8CC60A7 ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
14:57:37.0415 0x0c88  PDF Complete - ok
14:57:37.0696 0x0c88  [ 1E9BE983BB86FC938AEC57091BFAA477, 3E6EEEE111500A6A112C745FA83A267E8FFBE739B7F59DEDC7F8606CCDDC3CA0 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
14:57:37.0946 0x0c88  File Sanitizer - ok
14:57:38.0008 0x0c88  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:57:38.0024 0x0c88  Adobe ARM - ok
14:57:38.0086 0x0c88  [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
14:57:38.0086 0x0c88  IAStorIcon - ok
14:57:38.0133 0x0c88  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
14:57:38.0164 0x0c88  Sidebar - ok
14:57:38.0180 0x0c88  Waiting for KSN requests completion. In queue: 56
14:57:39.0194 0x0c88  Waiting for KSN requests completion. In queue: 56
14:57:40.0208 0x0c88  Waiting for KSN requests completion. In queue: 56
14:57:41.0237 0x0c88  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
14:57:41.0237 0x0c88  Win FW state via NFP2: enabled
14:57:43.0967 0x0c88  ============================================================
14:57:43.0967 0x0c88  Scan finished
14:57:43.0967 0x0c88  ============================================================
14:57:43.0967 0x158c  Detected object count: 0
14:57:43.0967 0x158c  Actual detected object count: 0
14:58:25.0822 0x11dc  ============================================================
14:58:25.0822 0x11dc  Scan started
14:58:25.0822 0x11dc  Mode: Manual; SigCheck; TDLFS; 
14:58:25.0822 0x11dc  ============================================================
14:58:25.0822 0x11dc  KSN ping started
14:58:28.0599 0x11dc  KSN ping finished: true
14:58:28.0911 0x11dc  ================ Scan system memory ========================
14:58:28.0911 0x11dc  System memory - ok
14:58:28.0911 0x11dc  ================ Scan services =============================
14:58:29.0020 0x11dc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:58:29.0083 0x11dc  1394ohci - ok
14:58:29.0114 0x11dc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:58:29.0114 0x11dc  ACPI - ok
14:58:29.0129 0x11dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:58:29.0176 0x11dc  AcpiPmi - ok
14:58:29.0239 0x11dc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:58:29.0254 0x11dc  AdobeARMservice - ok
14:58:29.0348 0x11dc  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:58:29.0363 0x11dc  AdobeFlashPlayerUpdateSvc - ok
14:58:29.0379 0x11dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:58:29.0395 0x11dc  adp94xx - ok
14:58:29.0441 0x11dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:58:29.0441 0x11dc  adpahci - ok
14:58:29.0457 0x11dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:58:29.0473 0x11dc  adpu320 - ok
14:58:29.0488 0x11dc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:58:29.0519 0x11dc  AeLookupSvc - ok
14:58:29.0566 0x11dc  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
14:58:29.0582 0x11dc  AERTFilters - ok
14:58:29.0629 0x11dc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:58:29.0660 0x11dc  AFD - ok
14:58:29.0675 0x11dc  [ 03EC463722B53F3A24B67FB5B51CFC40, 88707AA126BAD9C86969919901678D70D71820DAE6581CC759D662CE12872027 ] Agent           C:\Windows\VPDAgent_x64.exe
14:58:29.0675 0x11dc  Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:58:29.0675 0x11dc  Detect skipped due to KSN trusted
14:58:29.0675 0x11dc  Agent - ok
14:58:29.0707 0x11dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:58:29.0707 0x11dc  agp440 - ok
14:58:29.0738 0x11dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:58:29.0738 0x11dc  ALG - ok
14:58:29.0769 0x11dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:58:29.0769 0x11dc  aliide - ok
14:58:29.0785 0x11dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:58:29.0785 0x11dc  amdide - ok
14:58:29.0816 0x11dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:58:29.0816 0x11dc  AmdK8 - ok
14:58:29.0831 0x11dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:58:29.0831 0x11dc  AmdPPM - ok
14:58:29.0847 0x11dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:58:29.0863 0x11dc  amdsata - ok
14:58:29.0878 0x11dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:58:29.0894 0x11dc  amdsbs - ok
14:58:29.0894 0x11dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:58:29.0909 0x11dc  amdxata - ok
14:58:29.0925 0x11dc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:58:29.0941 0x11dc  AppID - ok
14:58:29.0972 0x11dc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:58:29.0987 0x11dc  AppIDSvc - ok
14:58:30.0003 0x11dc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:58:30.0019 0x11dc  Appinfo - ok
14:58:30.0034 0x11dc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:58:30.0050 0x11dc  AppMgmt - ok
14:58:30.0065 0x11dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:58:30.0065 0x11dc  arc - ok
14:58:30.0097 0x11dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:58:30.0097 0x11dc  arcsas - ok
14:58:30.0190 0x11dc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:58:30.0206 0x11dc  aspnet_state - ok
14:58:30.0221 0x11dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:58:30.0253 0x11dc  AsyncMac - ok
14:58:30.0268 0x11dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:58:30.0284 0x11dc  atapi - ok
14:58:30.0315 0x11dc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:58:30.0346 0x11dc  AudioEndpointBuilder - ok
14:58:30.0362 0x11dc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:58:30.0377 0x11dc  AudioSrv - ok
14:58:30.0409 0x11dc  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
14:58:30.0409 0x11dc  AVMCOWAN - ok
14:58:30.0424 0x11dc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:58:30.0440 0x11dc  AxInstSV - ok
14:58:30.0471 0x11dc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:58:30.0487 0x11dc  b06bdrv - ok
14:58:30.0518 0x11dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:58:30.0533 0x11dc  b57nd60a - ok
14:58:30.0533 0x11dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:58:30.0549 0x11dc  BDESVC - ok
14:58:30.0549 0x11dc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:58:30.0580 0x11dc  Beep - ok
14:58:30.0596 0x11dc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:58:30.0611 0x11dc  BFE - ok
14:58:30.0658 0x11dc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:58:30.0689 0x11dc  BITS - ok
14:58:30.0705 0x11dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:58:30.0705 0x11dc  blbdrive - ok
14:58:30.0752 0x11dc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:58:30.0767 0x11dc  Bonjour Service - ok
14:58:30.0783 0x11dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:58:30.0799 0x11dc  bowser - ok
14:58:30.0799 0x11dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:58:30.0814 0x11dc  BrFiltLo - ok
14:58:30.0814 0x11dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:58:30.0830 0x11dc  BrFiltUp - ok
14:58:30.0830 0x11dc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:58:30.0845 0x11dc  BridgeMP - ok
14:58:30.0877 0x11dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:58:30.0892 0x11dc  Browser - ok
14:58:30.0908 0x11dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:58:30.0923 0x11dc  Brserid - ok
14:58:30.0939 0x11dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:58:30.0939 0x11dc  BrSerWdm - ok
14:58:30.0955 0x11dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:58:30.0970 0x11dc  BrUsbMdm - ok
14:58:30.0986 0x11dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:58:30.0986 0x11dc  BrUsbSer - ok
14:58:31.0001 0x11dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:58:31.0001 0x11dc  BTHMODEM - ok
14:58:31.0033 0x11dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:58:31.0048 0x11dc  bthserv - ok
14:58:31.0048 0x11dc  catchme - ok
14:58:31.0079 0x11dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:58:31.0095 0x11dc  cdfs - ok
14:58:31.0111 0x11dc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:58:31.0111 0x11dc  cdrom - ok
14:58:31.0126 0x11dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:58:31.0142 0x11dc  CertPropSvc - ok
14:58:31.0157 0x11dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:58:31.0157 0x11dc  circlass - ok
14:58:31.0173 0x11dc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:58:31.0189 0x11dc  CLFS - ok
14:58:31.0313 0x11dc  [ E9C4FE59345E50CFCC544B051FBDDE0D, 0C5FA27C08A382028D8C78E3ECF86DF6AF9C488A671A9C080BC489C7B6073548 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:58:31.0360 0x11dc  ClickToRunSvc - ok
14:58:31.0407 0x11dc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:58:31.0423 0x11dc  clr_optimization_v2.0.50727_32 - ok
14:58:31.0469 0x11dc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:58:31.0485 0x11dc  clr_optimization_v2.0.50727_64 - ok
14:58:31.0547 0x11dc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:58:31.0563 0x11dc  clr_optimization_v4.0.30319_32 - ok
14:58:31.0563 0x11dc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:58:31.0579 0x11dc  clr_optimization_v4.0.30319_64 - ok
14:58:31.0594 0x11dc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
14:58:31.0610 0x11dc  CLVirtualDrive - ok
14:58:31.0625 0x11dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:58:31.0641 0x11dc  CmBatt - ok
14:58:31.0641 0x11dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:58:31.0641 0x11dc  cmdide - ok
14:58:31.0688 0x11dc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:58:31.0703 0x11dc  CNG - ok
14:58:31.0703 0x11dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:58:31.0719 0x11dc  Compbatt - ok
14:58:31.0719 0x11dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:58:31.0735 0x11dc  CompositeBus - ok
14:58:31.0735 0x11dc  COMSysApp - ok
14:58:31.0766 0x11dc  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:58:31.0781 0x11dc  cphs - ok
14:58:31.0813 0x11dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:58:31.0813 0x11dc  crcdisk - ok
14:58:31.0828 0x11dc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:58:31.0859 0x11dc  CryptSvc - ok
14:58:31.0875 0x11dc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:58:31.0891 0x11dc  CSC - ok
14:58:31.0937 0x11dc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:58:31.0969 0x11dc  CscService - ok
14:58:32.0000 0x11dc  [ D3FAC3926974F22F91E4C9E053DAD07F, 3FC6BA1ADAD70E914A32B2D0EA14D9EE125863F0375BC55B675C474786A90726 ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv64.sys
14:58:32.0000 0x11dc  DAMDrv - ok
14:58:32.0031 0x11dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:58:32.0062 0x11dc  DcomLaunch - ok
14:58:32.0093 0x11dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:58:32.0109 0x11dc  defragsvc - ok
14:58:32.0140 0x11dc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:58:32.0156 0x11dc  DfsC - ok
14:58:32.0171 0x11dc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:58:32.0203 0x11dc  Dhcp - ok
14:58:32.0203 0x11dc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:58:32.0234 0x11dc  discache - ok
14:58:32.0234 0x11dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:58:32.0249 0x11dc  Disk - ok
14:58:32.0265 0x11dc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:58:32.0281 0x11dc  dmvsc - ok
14:58:32.0312 0x11dc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:58:32.0327 0x11dc  Dnscache - ok
14:58:32.0343 0x11dc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:58:32.0374 0x11dc  dot3svc - ok
14:58:32.0452 0x11dc  [ 47BA566049A337A81ACBFA566EF9E795, 2066E6A0BF5B012F82FE74D21BD712C428BF33175F5E08AAD17B1A6DF53262BF ] DpHost          c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
14:58:32.0483 0x11dc  DpHost - ok
14:58:32.0499 0x11dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:58:32.0515 0x11dc  DPS - ok
14:58:32.0530 0x11dc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:58:32.0546 0x11dc  drmkaud - ok
14:58:32.0593 0x11dc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:58:32.0624 0x11dc  DXGKrnl - ok
14:58:32.0655 0x11dc  [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
14:58:32.0655 0x11dc  e1cexpress - ok
14:58:32.0671 0x11dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:58:32.0686 0x11dc  EapHost - ok
14:58:32.0795 0x11dc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:58:32.0842 0x11dc  ebdrv - ok
14:58:32.0889 0x11dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
14:58:32.0889 0x11dc  EFS - ok
14:58:32.0951 0x11dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:58:32.0967 0x11dc  ehRecvr - ok
14:58:32.0983 0x11dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:58:32.0998 0x11dc  ehSched - ok
14:58:33.0014 0x11dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:58:33.0029 0x11dc  elxstor - ok
14:58:33.0045 0x11dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:58:33.0045 0x11dc  ErrDev - ok
14:58:33.0092 0x11dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:58:33.0123 0x11dc  EventSystem - ok
14:58:33.0139 0x11dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:58:33.0170 0x11dc  exfat - ok
14:58:33.0170 0x11dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:58:33.0201 0x11dc  fastfat - ok
14:58:33.0217 0x11dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:58:33.0232 0x11dc  Fax - ok
14:58:33.0248 0x11dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:58:33.0263 0x11dc  fdc - ok
14:58:33.0263 0x11dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:58:33.0279 0x11dc  fdPHost - ok
14:58:33.0295 0x11dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:58:33.0310 0x11dc  FDResPub - ok
14:58:33.0326 0x11dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:58:33.0326 0x11dc  FileInfo - ok
14:58:33.0326 0x11dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:58:33.0357 0x11dc  Filetrace - ok
14:58:33.0388 0x11dc  [ 84E05C54DE5EECC3C6A549A2863D0FBE, E5BA5E3BEF76EC129A956A3C9F6EC0592440128D424CAF79A9A933E91A141D05 ] FLCDLOCK        c:\Windows\SysWOW64\flcdlock.exe
14:58:33.0419 0x11dc  FLCDLOCK - ok
14:58:33.0435 0x11dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:58:33.0435 0x11dc  flpydisk - ok
14:58:33.0451 0x11dc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:58:33.0466 0x11dc  FltMgr - ok
14:58:33.0497 0x11dc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:58:33.0529 0x11dc  FontCache - ok
14:58:33.0575 0x11dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:58:33.0591 0x11dc  FontCache3.0.0.0 - ok
14:58:33.0607 0x11dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:58:33.0607 0x11dc  FsDepends - ok
14:58:33.0638 0x11dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:58:33.0638 0x11dc  Fs_Rec - ok
14:58:33.0685 0x11dc  [ 3D0F2C8B86BCAB9A2BC5D5A725F45DCC, 45ABA7D6B08803D59D6F56698223E1B8A6365471EDAA041FA6434BE9FE140260 ] FUS2BASE        C:\Windows\system32\DRIVERS\fus2base.sys
14:58:33.0700 0x11dc  FUS2BASE - ok
14:58:33.0731 0x11dc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:58:33.0763 0x11dc  fvevol - ok
14:58:33.0778 0x11dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:58:33.0778 0x11dc  gagp30kx - ok
14:58:33.0809 0x11dc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:58:33.0841 0x11dc  gpsvc - ok
14:58:33.0887 0x11dc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:33.0887 0x11dc  gupdate - ok
14:58:33.0903 0x11dc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:33.0919 0x11dc  gupdatem - ok
14:58:33.0934 0x11dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:58:33.0934 0x11dc  hcw85cir - ok
14:58:33.0950 0x11dc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:58:33.0965 0x11dc  HdAudAddService - ok
14:58:33.0981 0x11dc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:58:33.0981 0x11dc  HDAudBus - ok
14:58:33.0997 0x11dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:58:34.0012 0x11dc  HidBatt - ok
14:58:34.0012 0x11dc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:58:34.0028 0x11dc  HidBth - ok
14:58:34.0028 0x11dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:58:34.0043 0x11dc  HidIr - ok
14:58:34.0059 0x11dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:58:34.0090 0x11dc  hidserv - ok
14:58:34.0106 0x11dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:58:34.0106 0x11dc  HidUsb - ok
14:58:34.0137 0x11dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:58:34.0153 0x11dc  hkmsvc - ok
14:58:34.0168 0x11dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:58:34.0184 0x11dc  HomeGroupListener - ok
14:58:34.0199 0x11dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:58:34.0215 0x11dc  HomeGroupProvider - ok
14:58:34.0277 0x11dc  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:58:34.0277 0x11dc  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
14:58:34.0277 0x11dc  Detect skipped due to KSN trusted
14:58:34.0277 0x11dc  HP Support Assistant Service - ok
14:58:34.0324 0x11dc  [ F8951E83F125D6765E815444AA303035, 2BB0C974D4A8A718DED8A7F90992E77C937F6174BD29453A9014F87C031B2AD1 ] HPFSService     c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
14:58:34.0355 0x11dc  HPFSService - ok
14:58:34.0371 0x11dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:58:34.0387 0x11dc  HpSAMD - ok
14:58:34.0418 0x11dc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:58:34.0449 0x11dc  HTTP - ok
14:58:34.0449 0x11dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:58:34.0465 0x11dc  hwpolicy - ok
14:58:34.0480 0x11dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:58:34.0496 0x11dc  i8042prt - ok
14:58:34.0527 0x11dc  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:58:34.0558 0x11dc  iaStor - ok
14:58:34.0589 0x11dc  [ DF2C0EDDE78973653219483435EA25E6, 6FA6F7C5808174BF68073307231F3160F8AC36F4E2619A1F3FBFC49985E6BD14 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
14:58:34.0605 0x11dc  iaStorA - ok
14:58:34.0636 0x11dc  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:58:34.0652 0x11dc  IAStorDataMgrSvc - ok
14:58:34.0683 0x11dc  [ 5B62CE979C2FB35A0DF81D6E3B3E6187, 98ECBBB19E58781663AD4CCA82F36EBAE015EE8D59A0DCDD8B1FC16DF4FF8A7B ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
14:58:34.0699 0x11dc  iaStorF - ok
14:58:34.0714 0x11dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:58:34.0745 0x11dc  iaStorV - ok
14:58:34.0808 0x11dc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:58:34.0839 0x11dc  idsvc - ok
14:58:34.0839 0x11dc  IEEtwCollectorService - ok
14:58:34.0870 0x11dc  [ 02251659F056A161DF7A1D134DA86C6B, 8574774F59F89B4352AA7A6F1EC576E8400CFF8E8B932C52B9916C6C5028D37D ] IFCoEMP         C:\Windows\system32\drivers\ifM60x64.sys
14:58:34.0870 0x11dc  IFCoEMP - ok
14:58:34.0886 0x11dc  [ CBC96ADFEED64EB3BC264AAC409DA6BC, B8FE5E1B9782311B37FF646AF12496A1799C38471CF314409E83FE4CCD9CD9FC ] IFCoEVB         C:\Windows\system32\drivers\ifP60X64.sys
14:58:34.0901 0x11dc  IFCoEVB - ok
14:58:35.0042 0x11dc  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:58:35.0120 0x11dc  igfx - ok
14:58:35.0135 0x11dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:58:35.0151 0x11dc  iirsp - ok
14:58:35.0198 0x11dc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:58:35.0229 0x11dc  IKEEXT - ok
14:58:35.0338 0x11dc  [ 5C4F44779B1836990B82DA02CFBD94A6, 1778BFAF2A0FBC51069D3163DA8DACED3BBBA7A422332FF9DE6A68DBEDECDBE3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:58:35.0401 0x11dc  IntcAzAudAddService - ok
14:58:35.0416 0x11dc  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:58:35.0432 0x11dc  IntcDAud - ok
14:58:35.0463 0x11dc  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
14:58:35.0479 0x11dc  Intel® Capability Licensing Service Interface - ok
14:58:35.0494 0x11dc  [ 4A9EB8AC8959C580ADCADDBDBBEBE033, F7386FB51D4A2138A3BA0B76FE0FB6D0F6DF8AC4837345FCBD51308863D46D01 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
14:58:35.0510 0x11dc  Intel® PROSet Monitoring Service - ok
14:58:35.0525 0x11dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:58:35.0525 0x11dc  intelide - ok
14:58:35.0557 0x11dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:58:35.0557 0x11dc  intelppm - ok
14:58:35.0572 0x11dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:58:35.0588 0x11dc  IPBusEnum - ok
14:58:35.0603 0x11dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:58:35.0619 0x11dc  IpFilterDriver - ok
14:58:35.0650 0x11dc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:58:35.0666 0x11dc  iphlpsvc - ok
14:58:35.0681 0x11dc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:58:35.0697 0x11dc  IPMIDRV - ok
14:58:35.0713 0x11dc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:58:35.0728 0x11dc  IPNAT - ok
14:58:35.0744 0x11dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:58:35.0759 0x11dc  IRENUM - ok
14:58:35.0775 0x11dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:58:35.0791 0x11dc  isapnp - ok
14:58:35.0806 0x11dc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:58:35.0822 0x11dc  iScsiPrt - ok
14:58:35.0837 0x11dc  [ C8A3C909F0EFF13CAE0C17503B1F5DB2, 48B83C625AD4FFF4B8D92C70FEFDE70354C18193A8DDFE6D716776228FF691D5 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
14:58:35.0837 0x11dc  iusb3hcs - ok
14:58:35.0853 0x11dc  [ BB47E889BA2ADB7D1A438F9824F5899B, CE074B540154501C2B77A11BD27996D652BA3C81B7CBD2E8DF2E57B3DF770517 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
14:58:35.0853 0x11dc  iusb3hub - ok
14:58:35.0884 0x11dc  [ 7971B368F36042A0EC31FEA15945187B, E5EDD32316549644708DFD84ECC899C12C5095A16A607ACE0E23A9F49DCCC0BC ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
14:58:35.0900 0x11dc  iusb3xhc - ok
14:58:35.0931 0x11dc  [ 46FFD238D2FBA90186CE064D7B9FD58A, 1FF7170181FA5EC80D8AF5B72A844F2E38CE002C1DB0AB656FE8A47250C684CD ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
14:58:35.0947 0x11dc  jhi_service - ok
14:58:35.0962 0x11dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:58:35.0962 0x11dc  kbdclass - ok
14:58:35.0993 0x11dc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:58:35.0993 0x11dc  kbdhid - ok
14:58:36.0009 0x11dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
14:58:36.0025 0x11dc  KeyIso - ok
14:58:36.0056 0x11dc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:58:36.0056 0x11dc  KSecDD - ok
14:58:36.0087 0x11dc  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:58:36.0103 0x11dc  KSecPkg - ok
14:58:36.0118 0x11dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:58:36.0134 0x11dc  ksthunk - ok
14:58:36.0165 0x11dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:58:36.0196 0x11dc  KtmRm - ok
14:58:36.0212 0x11dc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:58:36.0243 0x11dc  LanmanServer - ok
14:58:36.0259 0x11dc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:58:36.0290 0x11dc  LanmanWorkstation - ok
14:58:36.0290 0x11dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:58:36.0321 0x11dc  lltdio - ok
14:58:36.0337 0x11dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:58:36.0352 0x11dc  lltdsvc - ok
14:58:36.0368 0x11dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:58:36.0383 0x11dc  lmhosts - ok
14:58:36.0399 0x11dc  [ 8142C947D6CC909A448AF95F4221B314, EF725E80C9E74A8FCC8323B222A77CD5CDE8BC1B6ADC89FF8AFDD12ADD0FB59A ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:58:36.0415 0x11dc  LMS - ok
14:58:36.0430 0x11dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:58:36.0446 0x11dc  LSI_FC - ok
14:58:36.0461 0x11dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:58:36.0461 0x11dc  LSI_SAS - ok
14:58:36.0477 0x11dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:58:36.0477 0x11dc  LSI_SAS2 - ok
14:58:36.0493 0x11dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:58:36.0508 0x11dc  LSI_SCSI - ok
14:58:36.0524 0x11dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:58:36.0539 0x11dc  luafv - ok
14:58:36.0617 0x11dc  [ 4CC02A07141B157DD72E580D8FBBBBBB, E3C269D843A4CC67F4951961FB053E69A89D88C7607B68A91EE0E833DE0E6804 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
14:58:36.0649 0x11dc  McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:58:36.0649 0x11dc  Detect skipped due to KSN trusted
14:58:36.0649 0x11dc  McAfee Endpoint Encryption Agent - ok
14:58:36.0680 0x11dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:58:36.0680 0x11dc  Mcx2Svc - ok
14:58:36.0695 0x11dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:58:36.0711 0x11dc  megasas - ok
14:58:36.0727 0x11dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:58:36.0727 0x11dc  MegaSR - ok
14:58:36.0758 0x11dc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:58:36.0758 0x11dc  MEIx64 - ok
14:58:36.0773 0x11dc  [ 2BD2D5D1BD5EDB084D87E6B07A1B12E4, 83A580C2ACB804182ED985E713CFC7573B0B2435A6156F33B574B029A2559718 ] MfeEpeOpal      C:\Windows\system32\drivers\MfeEpeOpal.sys
14:58:36.0789 0x11dc  MfeEpeOpal - ok
14:58:36.0805 0x11dc  [ 72672BAFCAB0214D9A4A17BC8D9DA64A, CEB8D52108701C7A5465F557A585420F17E1F72F168C4D24BDA484497D06B6DD ] MfeEpePc        C:\Windows\system32\drivers\MfeEpePc.sys
14:58:36.0805 0x11dc  MfeEpePc - ok
14:58:36.0820 0x11dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:58:36.0836 0x11dc  MMCSS - ok
14:58:36.0851 0x11dc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:58:36.0867 0x11dc  Modem - ok
14:58:36.0883 0x11dc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:58:36.0883 0x11dc  monitor - ok
14:58:36.0898 0x11dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:58:36.0898 0x11dc  mouclass - ok
14:58:36.0914 0x11dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:58:36.0914 0x11dc  mouhid - ok
14:58:36.0929 0x11dc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:58:36.0945 0x11dc  mountmgr - ok
14:58:36.0976 0x11dc  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:58:36.0992 0x11dc  MozillaMaintenance - ok
14:58:37.0023 0x11dc  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:58:37.0039 0x11dc  MpFilter - ok
14:58:37.0054 0x11dc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:58:37.0070 0x11dc  mpio - ok
14:58:37.0101 0x11dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:58:37.0132 0x11dc  mpsdrv - ok
14:58:37.0163 0x11dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:58:37.0195 0x11dc  MpsSvc - ok
14:58:37.0210 0x11dc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:58:37.0226 0x11dc  MRxDAV - ok
14:58:37.0241 0x11dc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:58:37.0257 0x11dc  mrxsmb - ok
14:58:37.0273 0x11dc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:58:37.0273 0x11dc  mrxsmb10 - ok
14:58:37.0288 0x11dc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:58:37.0288 0x11dc  mrxsmb20 - ok
14:58:37.0304 0x11dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:58:37.0319 0x11dc  msahci - ok
14:58:37.0335 0x11dc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:58:37.0335 0x11dc  msdsm - ok
14:58:37.0366 0x11dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:58:37.0382 0x11dc  MSDTC - ok
14:58:37.0413 0x11dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:58:37.0429 0x11dc  Msfs - ok
14:58:37.0444 0x11dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:58:37.0460 0x11dc  mshidkmdf - ok
14:58:37.0475 0x11dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:58:37.0475 0x11dc  msisadrv - ok
14:58:37.0491 0x11dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:58:37.0522 0x11dc  MSiSCSI - ok
14:58:37.0522 0x11dc  msiserver - ok
14:58:37.0538 0x11dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:58:37.0553 0x11dc  MSKSSRV - ok
14:58:37.0585 0x11dc  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:58:37.0600 0x11dc  MsMpSvc - ok
14:58:37.0600 0x11dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:58:37.0631 0x11dc  MSPCLOCK - ok
14:58:37.0631 0x11dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:58:37.0647 0x11dc  MSPQM - ok
14:58:37.0663 0x11dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:58:37.0678 0x11dc  MsRPC - ok
14:58:37.0694 0x11dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:58:37.0694 0x11dc  mssmbios - ok
14:58:37.0709 0x11dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:58:37.0725 0x11dc  MSTEE - ok
14:58:37.0741 0x11dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:58:37.0741 0x11dc  MTConfig - ok
14:58:37.0741 0x11dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:58:37.0756 0x11dc  Mup - ok
14:58:37.0787 0x11dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:58:37.0803 0x11dc  napagent - ok
14:58:37.0819 0x11dc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:58:37.0834 0x11dc  NativeWifiP - ok
14:58:37.0865 0x11dc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:58:37.0897 0x11dc  NDIS - ok
14:58:37.0897 0x11dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:58:37.0928 0x11dc  NdisCap - ok
14:58:37.0928 0x11dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:58:37.0959 0x11dc  NdisTapi - ok
14:58:37.0959 0x11dc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:58:37.0975 0x11dc  Ndisuio - ok
14:58:37.0990 0x11dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:58:38.0006 0x11dc  NdisWan - ok
14:58:38.0021 0x11dc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:58:38.0037 0x11dc  NDProxy - ok
14:58:38.0037 0x11dc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:58:38.0053 0x11dc  NetBIOS - ok
14:58:38.0068 0x11dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:58:38.0099 0x11dc  NetBT - ok
14:58:38.0099 0x11dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
14:58:38.0099 0x11dc  Netlogon - ok
14:58:38.0131 0x11dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:58:38.0146 0x11dc  Netman - ok
14:58:38.0209 0x11dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:58:38.0224 0x11dc  NetMsmqActivator - ok
14:58:38.0240 0x11dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:58:38.0240 0x11dc  NetPipeActivator - ok
14:58:38.0271 0x11dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:58:38.0302 0x11dc  netprofm - ok
14:58:38.0302 0x11dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:58:38.0318 0x11dc  NetTcpActivator - ok
14:58:38.0318 0x11dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:58:38.0333 0x11dc  NetTcpPortSharing - ok
14:58:38.0349 0x11dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:58:38.0349 0x11dc  nfrd960 - ok
14:58:38.0365 0x11dc  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:58:38.0380 0x11dc  NisDrv - ok
14:58:38.0396 0x11dc  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:58:38.0411 0x11dc  NisSrv - ok
14:58:38.0427 0x11dc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:58:38.0443 0x11dc  NlaSvc - ok
14:58:38.0458 0x11dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:58:38.0474 0x11dc  Npfs - ok
14:58:38.0489 0x11dc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:58:38.0521 0x11dc  nsi - ok
14:58:38.0521 0x11dc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:58:38.0536 0x11dc  nsiproxy - ok
14:58:38.0599 0x11dc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:58:38.0614 0x11dc  Ntfs - ok
14:58:38.0630 0x11dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:58:38.0645 0x11dc  Null - ok
14:58:38.0661 0x11dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:58:38.0677 0x11dc  nvraid - ok
14:58:38.0677 0x11dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:58:38.0692 0x11dc  nvstor - ok
14:58:38.0708 0x11dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:58:38.0723 0x11dc  nv_agp - ok
14:58:38.0755 0x11dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:58:38.0770 0x11dc  ohci1394 - ok
14:58:38.0817 0x11dc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:58:38.0833 0x11dc  ose - ok
14:58:38.0957 0x11dc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:58:39.0035 0x11dc  osppsvc - ok
14:58:39.0067 0x11dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:58:39.0082 0x11dc  p2pimsvc - ok
14:58:39.0113 0x11dc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:58:39.0129 0x11dc  p2psvc - ok
14:58:39.0145 0x11dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:58:39.0160 0x11dc  Parport - ok
14:58:39.0176 0x11dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:58:39.0176 0x11dc  partmgr - ok
14:58:39.0191 0x11dc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:58:39.0207 0x11dc  PcaSvc - ok
14:58:39.0223 0x11dc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:58:39.0223 0x11dc  pci - ok
14:58:39.0254 0x11dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:58:39.0254 0x11dc  pciide - ok
14:58:39.0285 0x11dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:58:39.0285 0x11dc  pcmcia - ok
14:58:39.0301 0x11dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:58:39.0301 0x11dc  pcw - ok
14:58:39.0332 0x11dc  pdfcDispatcher - ok
14:58:39.0363 0x11dc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:58:39.0410 0x11dc  PEAUTH - ok
14:58:39.0472 0x11dc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:58:39.0503 0x11dc  PeerDistSvc - ok
14:58:39.0566 0x11dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:58:39.0581 0x11dc  PerfHost - ok
14:58:39.0644 0x11dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:58:39.0691 0x11dc  pla - ok
14:58:39.0706 0x11dc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:58:39.0722 0x11dc  PlugPlay - ok
14:58:39.0753 0x11dc  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
14:58:39.0753 0x11dc  pmxdrv - ok
14:58:39.0769 0x11dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:58:39.0769 0x11dc  PNRPAutoReg - ok
14:58:39.0784 0x11dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:58:39.0784 0x11dc  PNRPsvc - ok
14:58:39.0815 0x11dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:58:39.0847 0x11dc  PolicyAgent - ok
14:58:39.0862 0x11dc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:58:39.0878 0x11dc  Power - ok
14:58:39.0909 0x11dc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:58:39.0925 0x11dc  PptpMiniport - ok
14:58:39.0940 0x11dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:58:39.0940 0x11dc  Processor - ok
14:58:39.0971 0x11dc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:58:39.0971 0x11dc  ProfSvc - ok
14:58:39.0987 0x11dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:58:40.0003 0x11dc  ProtectedStorage - ok
14:58:40.0018 0x11dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:58:40.0034 0x11dc  Psched - ok
14:58:40.0096 0x11dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:58:40.0127 0x11dc  ql2300 - ok
14:58:40.0127 0x11dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:58:40.0143 0x11dc  ql40xx - ok
14:58:40.0159 0x11dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:58:40.0174 0x11dc  QWAVE - ok
14:58:40.0174 0x11dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:58:40.0190 0x11dc  QWAVEdrv - ok
14:58:40.0190 0x11dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:58:40.0221 0x11dc  RasAcd - ok
14:58:40.0237 0x11dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:58:40.0252 0x11dc  RasAgileVpn - ok
14:58:40.0268 0x11dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:58:40.0283 0x11dc  RasAuto - ok
14:58:40.0299 0x11dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:58:40.0315 0x11dc  Rasl2tp - ok
14:58:40.0330 0x11dc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:58:40.0361 0x11dc  RasMan - ok
14:58:40.0361 0x11dc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:58:40.0377 0x11dc  RasPppoe - ok
14:58:40.0393 0x11dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:58:40.0424 0x11dc  RasSstp - ok
14:58:40.0439 0x11dc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:58:40.0455 0x11dc  rdbss - ok
14:58:40.0455 0x11dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:58:40.0471 0x11dc  rdpbus - ok
14:58:40.0471 0x11dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:58:40.0486 0x11dc  RDPCDD - ok
14:58:40.0502 0x11dc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:58:40.0517 0x11dc  RDPDR - ok
14:58:40.0517 0x11dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:58:40.0533 0x11dc  RDPENCDD - ok
14:58:40.0549 0x11dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:58:40.0564 0x11dc  RDPREFMP - ok
14:58:40.0611 0x11dc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:58:40.0627 0x11dc  RdpVideoMiniport - ok
14:58:40.0673 0x11dc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:58:40.0689 0x11dc  RDPWD - ok
14:58:40.0705 0x11dc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:58:40.0720 0x11dc  rdyboost - ok
14:58:40.0736 0x11dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:58:40.0767 0x11dc  RemoteAccess - ok
14:58:40.0783 0x11dc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:58:40.0814 0x11dc  RemoteRegistry - ok
14:58:40.0829 0x11dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:58:40.0845 0x11dc  RpcEptMapper - ok
14:58:40.0861 0x11dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:58:40.0861 0x11dc  RpcLocator - ok
14:58:40.0876 0x11dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:58:40.0907 0x11dc  RpcSs - ok
14:58:40.0923 0x11dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:58:40.0939 0x11dc  rspndr - ok
14:58:40.0970 0x11dc  [ 3BDBB0CBFB27FEF51B7574676D1C9F6A, 80C1F54A01C4567EF0B8452C0394D82B7F141E60E5BE19778992286B3FD5D466 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
14:58:40.0970 0x11dc  RtkAudioService - ok
14:58:40.0985 0x11dc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:58:41.0001 0x11dc  s3cap - ok
14:58:41.0001 0x11dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
14:58:41.0001 0x11dc  SamSs - ok
14:58:41.0032 0x11dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:58:41.0032 0x11dc  sbp2port - ok
14:58:41.0063 0x11dc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:58:41.0079 0x11dc  SCardSvr - ok
14:58:41.0110 0x11dc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:58:41.0126 0x11dc  scfilter - ok
14:58:41.0157 0x11dc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:58:41.0188 0x11dc  Schedule - ok
14:58:41.0204 0x11dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:58:41.0235 0x11dc  SCPolicySvc - ok
14:58:41.0235 0x11dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:58:41.0251 0x11dc  SDRSVC - ok
14:58:41.0266 0x11dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:58:41.0282 0x11dc  secdrv - ok
14:58:41.0282 0x11dc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:58:41.0313 0x11dc  seclogon - ok
14:58:41.0313 0x11dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:58:41.0344 0x11dc  SENS - ok
14:58:41.0344 0x11dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:58:41.0360 0x11dc  SensrSvc - ok
14:58:41.0375 0x11dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:58:41.0375 0x11dc  Serenum - ok
14:58:41.0391 0x11dc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:58:41.0391 0x11dc  Serial - ok
14:58:41.0407 0x11dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:58:41.0422 0x11dc  sermouse - ok
14:58:41.0422 0x11dc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:58:41.0453 0x11dc  SessionEnv - ok
14:58:41.0469 0x11dc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:58:41.0469 0x11dc  sffdisk - ok
14:58:41.0485 0x11dc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:58:41.0485 0x11dc  sffp_mmc - ok
14:58:41.0516 0x11dc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:58:41.0516 0x11dc  sffp_sd - ok
14:58:41.0531 0x11dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:58:41.0547 0x11dc  sfloppy - ok
14:58:41.0563 0x11dc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:58:41.0594 0x11dc  SharedAccess - ok
14:58:41.0594 0x11dc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:58:41.0625 0x11dc  ShellHWDetection - ok
14:58:41.0641 0x11dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:58:41.0641 0x11dc  SiSRaid2 - ok
14:58:41.0672 0x11dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:58:41.0672 0x11dc  SiSRaid4 - ok
14:58:41.0703 0x11dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:58:41.0719 0x11dc  Smb - ok
14:58:41.0734 0x11dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:58:41.0734 0x11dc  SNMPTRAP - ok
14:58:41.0750 0x11dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:58:41.0750 0x11dc  spldr - ok
14:58:41.0781 0x11dc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:58:41.0797 0x11dc  Spooler - ok
14:58:41.0875 0x11dc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:58:41.0937 0x11dc  sppsvc - ok
14:58:41.0953 0x11dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:58:41.0968 0x11dc  sppuinotify - ok
14:58:41.0999 0x11dc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:58:42.0015 0x11dc  srv - ok
14:58:42.0031 0x11dc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:58:42.0046 0x11dc  srv2 - ok
14:58:42.0062 0x11dc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:58:42.0062 0x11dc  srvnet - ok
14:58:42.0077 0x11dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:58:42.0093 0x11dc  SSDPSRV - ok
14:58:42.0109 0x11dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:58:42.0140 0x11dc  SstpSvc - ok
14:58:42.0155 0x11dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:58:42.0155 0x11dc  stexstor - ok
14:58:42.0187 0x11dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:58:42.0202 0x11dc  stisvc - ok
14:58:42.0218 0x11dc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:58:42.0218 0x11dc  storflt - ok
14:58:42.0233 0x11dc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
14:58:42.0233 0x11dc  StorSvc - ok
14:58:42.0249 0x11dc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:58:42.0249 0x11dc  storvsc - ok
14:58:42.0280 0x11dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:58:42.0280 0x11dc  swenum - ok
14:58:42.0296 0x11dc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:58:42.0327 0x11dc  swprv - ok
14:58:42.0374 0x11dc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:58:42.0405 0x11dc  SysMain - ok
14:58:42.0436 0x11dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:58:42.0452 0x11dc  TabletInputService - ok
14:58:42.0467 0x11dc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:58:42.0499 0x11dc  TapiSrv - ok
14:58:42.0514 0x11dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:58:42.0530 0x11dc  TBS - ok
14:58:42.0592 0x11dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:58:42.0623 0x11dc  Tcpip - ok
14:58:42.0670 0x11dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:58:42.0701 0x11dc  TCPIP6 - ok
14:58:42.0717 0x11dc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:58:42.0733 0x11dc  tcpipreg - ok
14:58:42.0748 0x11dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:58:42.0764 0x11dc  TDPIPE - ok
14:58:42.0779 0x11dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:58:42.0795 0x11dc  TDTCP - ok
14:58:42.0795 0x11dc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:58:42.0826 0x11dc  tdx - ok
14:58:42.0826 0x11dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:58:42.0842 0x11dc  TermDD - ok
14:58:42.0857 0x11dc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:58:42.0889 0x11dc  TermService - ok
14:58:42.0904 0x11dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:58:42.0920 0x11dc  Themes - ok
14:58:42.0935 0x11dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:58:42.0951 0x11dc  THREADORDER - ok
14:58:42.0967 0x11dc  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
14:58:42.0982 0x11dc  TPM - ok
14:58:42.0982 0x11dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:58:43.0013 0x11dc  TrkWks - ok
14:58:43.0060 0x11dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:58:43.0091 0x11dc  TrustedInstaller - ok
14:58:43.0123 0x11dc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:58:43.0138 0x11dc  tssecsrv - ok
14:58:43.0169 0x11dc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:58:43.0185 0x11dc  TsUsbFlt - ok
14:58:43.0216 0x11dc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:58:43.0232 0x11dc  TsUsbGD - ok
14:58:43.0247 0x11dc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:58:43.0279 0x11dc  tunnel - ok
14:58:43.0294 0x11dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:58:43.0310 0x11dc  uagp35 - ok
14:58:43.0310 0x11dc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:58:43.0341 0x11dc  udfs - ok
14:58:43.0357 0x11dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:58:43.0372 0x11dc  UI0Detect - ok
14:58:43.0388 0x11dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:58:43.0388 0x11dc  uliagpkx - ok
14:58:43.0403 0x11dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:58:43.0419 0x11dc  umbus - ok
14:58:43.0435 0x11dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:58:43.0435 0x11dc  UmPass - ok
14:58:43.0450 0x11dc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:58:43.0466 0x11dc  UmRdpService - ok
14:58:43.0528 0x11dc  [ 27CA59DBA52900789F194B97BD45B681, 09E32B37B0324BC17AE8F0DA9EF538BFF9D8C25406B903DB38545C1173D14BA6 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:58:43.0544 0x11dc  UNS - ok
14:58:43.0575 0x11dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:58:43.0606 0x11dc  upnphost - ok
14:58:43.0622 0x11dc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:58:43.0622 0x11dc  usbccgp - ok
14:58:43.0653 0x11dc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:58:43.0669 0x11dc  usbcir - ok
14:58:43.0700 0x11dc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:58:43.0715 0x11dc  usbehci - ok
14:58:43.0731 0x11dc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:58:43.0762 0x11dc  usbhub - ok
14:58:43.0778 0x11dc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:58:43.0778 0x11dc  usbohci - ok
14:58:43.0809 0x11dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:58:43.0809 0x11dc  usbprint - ok
14:58:43.0840 0x11dc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:58:43.0840 0x11dc  usbscan - ok
14:58:43.0856 0x11dc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:58:43.0871 0x11dc  USBSTOR - ok
14:58:43.0887 0x11dc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:58:43.0903 0x11dc  usbuhci - ok
14:58:43.0918 0x11dc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:58:43.0934 0x11dc  UxSms - ok
14:58:43.0949 0x11dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
14:58:43.0949 0x11dc  VaultSvc - ok
14:58:43.0965 0x11dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:58:43.0981 0x11dc  vdrvroot - ok
14:58:43.0996 0x11dc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:58:44.0027 0x11dc  vds - ok
14:58:44.0027 0x11dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:58:44.0043 0x11dc  vga - ok
14:58:44.0043 0x11dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:58:44.0059 0x11dc  VgaSave - ok
14:58:44.0090 0x11dc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:58:44.0105 0x11dc  vhdmp - ok
14:58:44.0121 0x11dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:58:44.0121 0x11dc  viaide - ok
14:58:44.0137 0x11dc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:58:44.0152 0x11dc  vmbus - ok
14:58:44.0168 0x11dc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:58:44.0183 0x11dc  VMBusHID - ok
14:58:44.0183 0x11dc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:58:44.0199 0x11dc  volmgr - ok
14:58:44.0215 0x11dc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:58:44.0215 0x11dc  volmgrx - ok
14:58:44.0230 0x11dc  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:58:44.0246 0x11dc  volsnap - ok
14:58:44.0246 0x11dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:58:44.0261 0x11dc  vsmraid - ok
14:58:44.0308 0x11dc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:58:44.0355 0x11dc  VSS - ok
14:58:44.0371 0x11dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:58:44.0371 0x11dc  vwifibus - ok
14:58:44.0386 0x11dc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:58:44.0417 0x11dc  W32Time - ok
14:58:44.0433 0x11dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:58:44.0433 0x11dc  WacomPen - ok
14:58:44.0449 0x11dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:58:44.0464 0x11dc  WANARP - ok
14:58:44.0464 0x11dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:58:44.0480 0x11dc  Wanarpv6 - ok
14:58:44.0527 0x11dc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:58:44.0558 0x11dc  WatAdminSvc - ok
14:58:44.0605 0x11dc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:58:44.0636 0x11dc  wbengine - ok
14:58:44.0651 0x11dc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:58:44.0667 0x11dc  WbioSrvc - ok
14:58:44.0667 0x11dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:58:44.0683 0x11dc  wcncsvc - ok
14:58:44.0698 0x11dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:58:44.0698 0x11dc  WcsPlugInService - ok
14:58:44.0714 0x11dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:58:44.0714 0x11dc  Wd - ok
14:58:44.0745 0x11dc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:58:44.0761 0x11dc  Wdf01000 - ok
14:58:44.0776 0x11dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:58:44.0792 0x11dc  WdiServiceHost - ok
14:58:44.0792 0x11dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:58:44.0807 0x11dc  WdiSystemHost - ok
14:58:44.0823 0x11dc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:58:44.0839 0x11dc  WebClient - ok
14:58:44.0839 0x11dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:58:44.0870 0x11dc  Wecsvc - ok
14:58:44.0870 0x11dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:58:44.0885 0x11dc  wercplsupport - ok
14:58:44.0901 0x11dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:58:44.0932 0x11dc  WerSvc - ok
14:58:44.0948 0x11dc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:58:44.0963 0x11dc  WfpLwf - ok
14:58:44.0963 0x11dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:58:44.0979 0x11dc  WIMMount - ok
14:58:44.0995 0x11dc  WinDefend - ok
14:58:44.0995 0x11dc  WinHttpAutoProxySvc - ok
14:58:45.0057 0x11dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:58:45.0088 0x11dc  Winmgmt - ok
14:58:45.0151 0x11dc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:58:45.0197 0x11dc  WinRM - ok
14:58:45.0229 0x11dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:58:45.0229 0x11dc  WinUsb - ok
14:58:45.0260 0x11dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:58:45.0291 0x11dc  Wlansvc - ok
14:58:45.0291 0x11dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:58:45.0307 0x11dc  WmiAcpi - ok
14:58:45.0307 0x11dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:58:45.0322 0x11dc  wmiApSrv - ok
14:58:45.0338 0x11dc  WMPNetworkSvc - ok
14:58:45.0353 0x11dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:58:45.0369 0x11dc  WPCSvc - ok
14:58:45.0385 0x11dc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:58:45.0400 0x11dc  WPDBusEnum - ok
14:58:45.0416 0x11dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:58:45.0431 0x11dc  ws2ifsl - ok
14:58:45.0431 0x11dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:58:45.0447 0x11dc  wscsvc - ok
14:58:45.0478 0x11dc  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:58:45.0478 0x11dc  WSDPrintDevice - ok
14:58:45.0494 0x11dc  WSearch - ok
14:58:45.0556 0x11dc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:58:45.0587 0x11dc  wuauserv - ok
14:58:45.0619 0x11dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:58:45.0634 0x11dc  WudfPf - ok
14:58:45.0634 0x11dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:58:45.0650 0x11dc  WUDFRd - ok
14:58:45.0665 0x11dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:58:45.0665 0x11dc  wudfsvc - ok
14:58:45.0697 0x11dc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:58:45.0712 0x11dc  WwanSvc - ok
14:58:45.0712 0x11dc  ================ Scan global ===============================
14:58:45.0743 0x11dc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:58:45.0759 0x11dc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:58:45.0775 0x11dc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:58:45.0790 0x11dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:58:45.0806 0x11dc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:58:45.0806 0x11dc  [ Global ] - ok
14:58:45.0806 0x11dc  ================ Scan MBR ==================================
14:58:45.0821 0x11dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:58:46.0118 0x11dc  \Device\Harddisk0\DR0 - ok
14:58:46.0118 0x11dc  ================ Scan VBR ==================================
14:58:46.0118 0x11dc  [ C55A943B21CE930F0C4E82DBC7BDAB1B ] \Device\Harddisk0\DR0\Partition1
14:58:46.0118 0x11dc  \Device\Harddisk0\DR0\Partition1 - ok
14:58:46.0118 0x11dc  [ C425B35E3A7C4A256B12014F8DD156E6 ] \Device\Harddisk0\DR0\Partition2
14:58:46.0149 0x11dc  \Device\Harddisk0\DR0\Partition2 - ok
14:58:46.0149 0x11dc  [ C356063DE88751D245D9D794E01D13CF ] \Device\Harddisk0\DR0\Partition3
14:58:46.0149 0x11dc  \Device\Harddisk0\DR0\Partition3 - ok
14:58:46.0149 0x11dc  ================ Scan generic autorun ======================
14:58:46.0321 0x11dc  [ 06FEF4BD2346BC3A4BE096FA855C02A2, 747DA27A17DA523B50EAA0B5D178B5A63CDB60E89103B12E0B3597E7194E3E18 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:58:46.0414 0x11dc  RTHDVCPL - ok
14:58:46.0461 0x11dc  MfeEpePcMonitor - ok
14:58:46.0477 0x11dc  [ BE49AF92F13030E188DBE8E2841D173A, AFC312A888F63D34E4F4E27A3FF50D5569BCAF0DD061671CC661E778FEC02EEB ] C:\Windows\system32\igfxtray.exe
14:58:46.0492 0x11dc  IgfxTray - ok
14:58:46.0523 0x11dc  [ 664FF61BE83FCACBF67A8D307011ADF5, B5270D13A355002336D25C092C042CA8E36795D23EB81134418BB2A8ABFBDF66 ] C:\Windows\system32\hkcmd.exe
14:58:46.0539 0x11dc  HotKeysCmds - ok
14:58:46.0570 0x11dc  [ 899D435E1C190C204E349CE0E483098B, FC6E84D7A382FBCBF3B2DAA4B75BD78F447359F314C1CD4424759E2EC97FD2DE ] C:\Windows\system32\igfxpers.exe
14:58:46.0586 0x11dc  Persistence - ok
14:58:46.0648 0x11dc  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
14:58:46.0679 0x11dc  MSC - ok
14:58:46.0757 0x11dc  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
14:58:46.0773 0x11dc  NCPluginUpdater - ok
14:58:46.0789 0x11dc  [ 8B606D1033A30379322441CB083D5265, 5D57DC24DC57B48F90D91E8AD0BA566788F9307A76BBE1F971753AEA6BA6FAF6 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
14:58:46.0804 0x11dc  IMSS - ok
14:58:46.0867 0x11dc  [ BDDAFDB5F9517DFE97AD3750CF343819, 4DA9A1FE099CE2EF9F3BA2F30B391B2720806BB815D79CE7C0BEC101399B37FE ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:58:46.0898 0x11dc  USB3MON - ok
14:58:46.0945 0x11dc  [ FB9242750BEF44B7740B8D10BFF99DA3, C36F8B2FBF6484D98825BFCCDB20398B525024C69B7B25B571AEAC37222892D1 ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
14:58:46.0960 0x11dc  CLMLServer_For_P2G8 - ok
14:58:46.0991 0x11dc  [ CE66822E3C4E0221BB1638B4CBD37C62, 3B49307C9D688EC6724070CCCFEDDD7460837D7CF70D05AD962DD1E6CDA73ECF ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
14:58:47.0007 0x11dc  CLVirtualDrive - ok
14:58:47.0054 0x11dc  [ 6B480E6E07325386ED2422EE4ECD7BCE, 43805EE310708576105B92D842A8E5C700EC6352B13B28D559F3A160C8CC60A7 ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
14:58:47.0069 0x11dc  PDF Complete - ok
14:58:47.0397 0x11dc  [ 1E9BE983BB86FC938AEC57091BFAA477, 3E6EEEE111500A6A112C745FA83A267E8FFBE739B7F59DEDC7F8606CCDDC3CA0 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
14:58:47.0553 0x11dc  File Sanitizer - ok
14:58:47.0615 0x11dc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:58:47.0631 0x11dc  Adobe ARM - ok
14:58:47.0678 0x11dc  [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
14:58:47.0693 0x11dc  IAStorIcon - ok
14:58:47.0787 0x11dc  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
14:58:47.0818 0x11dc  Sidebar - ok
14:58:47.0818 0x11dc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
14:58:47.0834 0x11dc  Win FW state via NFP2: enabled
14:58:50.0548 0x11dc  ============================================================
14:58:50.0548 0x11dc  Scan finished
14:58:50.0548 0x11dc  ============================================================
14:58:50.0548 0x1144  Detected object count: 0
14:58:50.0548 0x1144  Actual detected object count: 0
15:00:00.0513 0x1708  Deinitialize success

  • 0

#22
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

malwarebytes apparently changed the user interface and switched to xml logs:

(In the end it found 4 minor threads, but nothing serious)

 

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/12/10 15:06:38 +0100</date>
<logfile>mbam-log-2014-12-10 (15-06-37).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2014.12.10.06</malware-database>
<rootkit-database>v2014.12.08.03</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>W04</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>411725</objects>
<time>499</time>
<processes>0</processes>
<modules>0</modules>
<keys>1</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>3</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKU\S-1-5-21-2920637412-3910169905-2197952584-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Re-Markable</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>success</action><hash>be70ef72a6d616203efd80ff966de51b</hash></key>
<file><path>C:\Users\W04\Downloads\installer_adobe_flash_player_English.exe</path><vendor>PUP.Optional.OutBrowse</vendor><action>success</action><hash>57d774ed7b0187afd2f7f00647ba12ee</hash></file>
<file><path>C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>success</action><hash>7cb2520f215bbb7b75c4c700dd2701ff</hash></file>
<file><path>C:\Users\W04\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>success</action><hash>16189fc28bf16fc78eabdee9a65e966a</hash></file>
</items>
</mbam-log>

  • 0

#23
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

esetScan and bitdefender:

 

##### eset #####

C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir Win32/Toolbar.Babylon.Y potentially unwanted application
C:\FRST\Quarantine\C\Users\W04\AppData\Local\privacysdiagschd_86\privacysdiagschd_86.exe.xBAD Win32/Adware.Pirrit.O application
C:\FRST\Quarantine\C\Users\W04\AppData\Local\privacysdiagschd_86\softwarewpcmigSched.exe.xBAD Win32/Adware.Pirrit.N application
C:\FRST\Quarantine\C\Users\W04\AppData\Local\privacysdiagschd_86\SrDt.exe.xBAD Win32/NetToolDetect.B potentially unwanted application
C:\FRST\Quarantine\C\Windows\SysWOW64\textcbvaProt\textcbvaProt.exe Win32/Adware.Pirrit.M application
C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBZOA2K9\91[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Windows\System32\FinderFolderPython\FinderFolderPython.exe Win32/Adware.Pirrit.M application
C:\Windows\SysWOW64\FinderFolderPython\FinderFolderPython.exe Win32/Adware.Pirrit.M application
 
##### bitdefender #####
 
QuickScan 32-bit v0.9.9.118
---------------------------
Scan date:  Wed Dec 10 16:02:32 2014
Machine ID: 98A8E82C
 
 
 
No infection found.
-------------------
 
 
 
Processes
---------
            Internet Explorer                        3660    C:\Program Files (x86)\Internet Explorer\iexplore.exe
(unsigned)  McAfee Endpoint Encryption Agent         2160    C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
 
(verified)  Adobe Acrobat Update Service             1920    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(verified)  CyberLink MediaLibray Service            3468    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(verified)  File Sanitizer For HP Protect Tools      3448    C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(verified)  File Sanitizer For HP Protect Tools      1488    C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(verified)  IAStorDataSvc                            5052    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(verified)  IAStorIcon                               4108    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(verified)  Intel® Active Management Technology L  4868    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(verified)  Intel® Dynamic Application Loader Hos  2128    C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(verified)  Intel® Management and Security Applic  2996    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(verified)  Intel® USB 3.0 Monitor                 3492    C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(verified)  PDF Complete                             2240    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
 
 
Network activity
----------------
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 2.21.111.139
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 173.194.113.73
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 173.194.113.73
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 2.20.182.208
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 23.54.107.27
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 93.184.221.133
Process iexplore.exe (3660) connected on port 80 (HTTP) --> 66.235.141.144
 
Process LMS.exe (4868) listens on ports: 623, 16992
 
 
Autoruns and critical files
---------------------------
            Betriebssystem Microsoft® Windows®       C:\Windows\system32\scrnsave.scr
            Betriebssystem Microsoft® Windows®       c:\windows\system32\userinit.exe
            HP ProtectTools Device Access Manager    C:\Windows\system32\DeviceNP.dll
(unsigned)  HP Ceement                               C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
(verified)  Adobe Reader and Acrobat Manager         C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(verified)  Adobe® Flash® Player Update Service      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(verified)  CyberLink MediaLibray Service            C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(verified)  CyberLink Virtual Drive                  c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
(verified)  File Sanitizer For HP Protect Tools      C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(verified)  Google Update                            C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(verified)  IAStorIcon                               C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(verified)  Intel® PIconStartup                    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
(verified)  Intel® USB 3.0 Monitor                 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(verified)  Microsoft Security Client                c:\Program Files\Microsoft Security Client\msseces.exe
(verified)  PDF Complete                             C:\Program Files (x86)\PDF Complete\pdfsty.exe
(verified)  Realtek HD Audio-Manager                 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
 
 
Browser plugins
---------------
            Adobe Acrobat                            C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
            Bitdefender QuickScan                    C:\Windows\Downloaded Program Files\qsax.dll
            File Sanitizer For HP Protect Tools      c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
            Google Update                            C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
            HP Network Check                         C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
            Intel® Identity Protection Technology    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
            Intel® Identity Protection Technology    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
            Microsoft Office 2010                    C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
            Microsoft Office 2013                    C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
            Silverlight Plug-In                      c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
(verified)  Betriebssystem Microsoft® Windows®       C:\Windows\system32\mswsock.dll
(verified)  Betriebssystem Microsoft® Windows®       C:\Windows\system32\napinsp.dll
(verified)  Betriebssystem Microsoft® Windows®       C:\Windows\system32\pnrpnsp.dll
(verified)  Bonjour                                  C:\Program Files (x86)\Bonjour\mdnsNSP.dll
(verified)  Bonjour                                  C:\Program Files\Bonjour\mdnsNSP.dll
(verified)  Internet Explorer                        c:\windows\syswow64\ieframe.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\system32\NLAapi.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll
(verified)  NCLauncherFromIE                         C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
 
 
Scan
----
MD5: 446bcae59e26321802e000fc3e0c390a  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
MD5: d2377c9458efeb094e38b8c874aa214c  C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
MD5: aa5f799cdfc591beab86996aeb5888d3  c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
MD5: 8aa3b22b716a04ac8dd13318a40d708d  C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
MD5: bb1fc298be53aab1e110f6e786bd8ac5  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
MD5: 5e1a9965470b82f3c0b0ed3820d6ceef  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
MD5: e5b64eef764ff090c6ad0c8c5c4c62b0  C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
MD5: d158d8f67851ca35efa39418b16940b8  C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
MD5: 8c4e4d9ddd7b9e3d1493022c6b918038  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\de-DE\IAStorDataMgr.resources.dll
MD5: a6ffd7b8ab36113a0c388980ceb9d76d  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\de-DE\IAStorIcon.resources.dll
MD5: ded1d2e0bd756b39ee305b116cd553f1  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\de-DE\IntelVisualDesign.resources.dll
MD5: 0b4b3598a1750e115545d67afa02b90c  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
MD5: 523d0a842145f29855aab2ee814b9754  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MD5: 300a0be0401e783787dd38d4ed408081  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
MD5: 502d419765d2aacc963680e077e19a95  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
MD5: 503117a1a66ccebae99c4aa080320ae4  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MD5: d5f2109320aff2637ef867752186a48d  C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MD5: 921751900e45220dd281fda3d34ce39a  C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: 591c6fd1541bafaeee82b1f5831c8532  C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: 15c8afc4f5e0ccd3c692ba860526528e  c:\Program Files (x86)\Microsoft Security Client\mpclient.dll
MD5: 523656f7a19585b962138504f164643b  c:\Program Files (x86)\Microsoft Security Client\MpOAv.dll
MD5: 893bf7d2261c56c24f813405d9d018e0  c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
MD5: 6e06df9d803ccae0dc367b4279499371  C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
MD5: 4cc02a07141b157dd72e580d8fbbbbbb  C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
MD5: 570174fd9e5278221fcd3dbb8b558e63  C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
MD5: a3c18cb208a9835dcebc868be935476b  C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
MD5: eb74d03a604495aa45326c9af90c3222  C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
MD5: c87471094607634a0e5ca17402abc5bc  C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
MD5: dd8d14c06ef99612ea133dc9098a16d9  C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
MD5: da2c148ae71d0b019c5a2f2ebf5d6fc4  C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
MD5: e9c4fe59345e50cfcc544b051fbdde0d  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
MD5: 764db36b548897b304f224a18308b41e  C:\Program Files\Microsoft Office 15\root\Office15\MSOHEV.DLL
MD5: e3c817f7fe44cc870ecdbcbc3ea36132  C:\Program Files\Microsoft Office 15\root\Office15\MSVCP100.dll
MD5: bf38660a9125935658cfa3e53fdc7d65  C:\Program Files\Microsoft Office 15\root\Office15\MSVCR100.dll
MD5: 18cf51689186aeb9d1d149aeb0e92d03  C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
MD5: 59e50586336530e432fa8c8037cf6727  C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
MD5: 98861b021264afbe8533c0c8f4fa0c6a  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b3131ca726aaef63c3306c2a7636449f\IAStorCommon.ni.dll
MD5: 06bb9b7658c35a5e5b0f213b4182bc65  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\a5a46401e9260da200153a384d07489c\IAStorDataMgr.ni.dll
MD5: 0459a6d63713a626eed7338c132f6203  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\e355d3acb2e66c29ff6cf70b85cd0434\IAStorDataMgrSvc.ni.exe
MD5: cb6e879b81619cea49affc55ccbd0f00  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\72371e4161a77e12fbdf954f0c312729\IAStorUtil.ni.dll
MD5: 737ab10d1f3aeeaaef6f099382358449  C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
MD5: b7a50025e0d3521e6aa4d2f047c95f61  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MD5: 49ba0caaa0668976382abb600870129c  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MD5: ac0b6d0c310cfc83fc56c3314a6945d3  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MD5: b74a81c9cad5b324dc2e2a57ccc60c72  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MD5: d4a6547df01a88fecbaac7c987e0e201  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MD5: 6976f63c95c1c34af794b3c1550192e8  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MD5: 3e099bcdda4d167bed6928281b3c5c26  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MD5: 2fbb653f8bf919e32c9869fa545a5f01  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MD5: aa60fc73326973a774036486421f386c  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MD5: 07e182aa3ed9df0166f72b40dcc2cba1  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MD5: 56940b50ab0e5923822f47b0e4463885  C:\Windows\Downloaded Program Files\qsax.dll
MD5: b53bbeb3a90030adcd8fcec26ab0e65b  C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: cfcd9edb4b54653b767ebdf722ba8309  C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 4810bdb223adbef09c6a96153f7b9987  C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 05635e9f41c3ed112e48b06a039c0b3d  C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: ca9bf20c89804ddf90b77186e9c4053d  C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: 6ab46ceebd62287b3cac9cabf35c0b31  C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: c1b384335b462d49d44a36eef3d84458  C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 9bb5788e5403adb0fbec56c12fdf01f6  C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: e1364901e2db1d50069b3c7d3167d788  C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: c204a714c587e5935d93818357c5f2f1  C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: ab19dc0b708cfda06567b1428d5ebe16  C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 4d338a4961c16ce062725508a43392ad  C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 1f89ee12d56d833d0bf4b8070d213a27  C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: f8664c3b4a7365773312eae6593e7525  C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 6f482e6ba305ab471d0baf728bc75310  C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 541f08d2a39affbd938c76137407d286  C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: 9ceba869447b1e338631db05493c21ce  C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: c74df35f56ca85075060ed2a715d776a  C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 5ea6870fe09f75d92e26a2614a756659  C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: b28490ac5caabf0bf796a49946300f67  C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 65e14c022a7e3a70c7fd2627ef75b4d6  C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: c7280f39f0e4ed5ddb97630b59c1a804  C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: e515b51caa7ce378ca9419ee9b07cd2f  C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 232e3a49a5897afda0881f3d2a1ad98a  C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: 46237f5c64ca4638024e341be2ad1d19  C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: ccba7f264a5259df5f6915cbefc453c9  C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: c3566123385c8ff53bffe4d7413f6290  C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: ff41cf91302c9c12bc2abd41989ddeb5  C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 7a6986dd659b96398a11af5173892715  C:\Windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98  C:\Windows\system32\cmd.exe
MD5: 7ca1becea5de2643addad32670e7a4c9  C:\Windows\system32\cryptsvc.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47  C:\Windows\system32\cscapi.dll
MD5: eaf4712b706936c0b10d3b5319b37e81  C:\Windows\System32\davclnt.dll
MD5: 692dd6b1b670c78068c7b7f8ddd98b2c  C:\Windows\system32\DeviceNP.dll
MD5: 162d247e995eaebf3ef4289069e1111c  C:\Windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63  C:\Windows\system32\dhcpcore.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e  C:\Windows\system32\explorer.exe
MD5: f7b6e341f4b1947bec0e14eebe3c627e  C:\Windows\system32\IEADVPACK.DLL
MD5: 8585bc27224f97458c186aa085b754a7  C:\Windows\system32\IEUI.dll
MD5: 7267d99f3ab9fbf8a9adcac9d91089a3  C:\Windows\system32\igd10umd32.dll
MD5: 7f8678c59f188528d60104e697c2361e  C:\Windows\system32\mscms.dll
MD5: eee470f2a771fc0b543bdeef74fceca0  C:\Windows\system32\msiexec.exe
MD5: e227b810296aa27e6c69307a7b6456e5  C:\Windows\System32\msxml6.dll
MD5: 3d57ffbad3ed16b63de3879bab0fb56f  C:\Windows\system32\NetworkExplorer.dll
MD5: d7b7159bc8374e87d8c45a30377a3440  C:\Windows\System32\ntlanman.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0  C:\Windows\system32\ntshrui.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720  C:\Windows\system32\pla.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8  C:\Windows\system32\provsvc.dll
MD5: b83f08ce1bdd80c69e7bdaffc4c070c9  C:\Windows\system32\scrnsave.scr
MD5: 6581b52e133cc6d00661c58968c7e212  C:\Windows\system32\SearchFolder.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd  C:\Windows\system32\SearchIndexer.exe
MD5: 4ae380f39a0032eab7dd953030b26d28  C:\Windows\system32\sessenv.dll
MD5: 2c4a87ca8c00e98efdcfa2e8ec9a3503  C:\Windows\system32\SHDOCVW.dll
MD5: 414da952a35bf5d50192e28263b40577  C:\Windows\System32\shsvcs.dll
MD5: 4b9e4ce667df26ada061aa81e9aa841d  C:\Windows\system32\SPFILEQ.dll
MD5: 6a1e8deb746912df47cf651e138401d7  C:\Windows\System32\StructuredQuery.dll
MD5: 613bf4820361543956909043a265c6ac  C:\Windows\System32\tapisrv.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223  c:\windows\system32\userinit.exe
MD5: 34eee0dfaadb4f691d6d5308a51315dc  C:\Windows\System32\wcncsvc.dll
MD5: 75e8ebd7040ce238684333f97014762a  C:\Windows\System32\webclnt.dll
MD5: 62a6eb5771580cae445804389f3f7432  C:\Windows\system32\windowscodecsext.dll
MD5: fd67683fba9b2c4bb551780bd8846f64  C:\Windows\System32\WINSTA.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc  C:\Windows\system32\WsmSvc.dll
MD5: edf2a5e96bec469da3f64e9bdd386111  C:\Windows\system32\XmlLite.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc  C:\Windows\SysWOW64\actxprxy.dll
MD5: 5e01004cbc35a78fe2ab4016ccad4760  C:\Windows\SysWOW64\ieapfltr.dll
MD5: 8cfaefcd7f1e004950fcae870a501b3e  C:\Windows\SysWOW64\schannel.dll
MD5: 03ec463722b53f3a24b67fb5b51cfc40  C:\Windows\VPDAgent_x64.exe
MD5: d34a527493f39af4491b3e909dc697ca  C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
 
 
No file uploaded.
 
Scan finished - communication took 0 sec
Total traffic - 0.00 MB sent, 0.40 KB recvd
Scanned 355 files and modules - 39 seconds
 
==============================================================================
 

  • 0

#24
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello

 

I've finally installed teamviewer.  I only use Linux, but there is a Linux client as well.

 

I've uninstalled MSE and installed avast.

 

Task scheduler did't show up, when typing task.  Google told me that the application is called Taskschd.msc which I started as administrator.

I got 2 error messages during start:

* Die ausgewählte Aufgabe "{0}" ist nicht mehr vorhanden. Klicken Sie auf "Aktualisieren", um die aktuellen Aufgaben anzuzeigen.
(this error message was repeated 3 times, then the other error message was shown.)
* Der Aufgabenplanungsdienst ist nicht verfügbar. Die Aufgabenplanung wird erneut versuchen, eine Verbindung herzustellen.
 
I then found 4 tasks (all ready): 
Adobe Flash
GoogleUpdate
GoogleUpdate
Microsoft Office
 
 
thanks
christian
 
 

  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
 Die ausgewählte Aufgabe "{0}" ist nicht mehr vorhanden. Klicken Sie auf "Aktualisieren", um die aktuellen Aufgaben anzuzeigen.
(this error message was repeated 3 times, then the other error message was shown.)

 

 

This is the cause of your task scheduler problem.  CCleaner or something else removed critical parts of some tasks.   The solution is supposed to be:

 

The issue is a result of task files which exist in the Tasks folders which have no entry in (presumably) in the registry. Here's how I worked through the issue - will take some time, but it has cleared up the issue completely for me:
 

  1. Open Task Scheduler and click OK when prompted with the error. It may seem like you are receiving the same error over and over, but this is really due to the number of tasks which are broken. Make a note of the number of times you are prompted with the the selected task "{0}" error. This is the number of task files that are out of sync with the registry.
  2. Start with the first folder under Windows tasks (Task Scheduler(Local)\Task Scheduler Library\Microsoft\Windows) and select each folder in turn until you receive the the selected task "{0}" error. This folder contains files that are not in sync with the task scheduler.
  3. Open Windows Explorer and navigate to the tasks file folder (%SystemFolder%\Tasks\Microsoft\Windows) and find the folder which corresponds to the folder in which you received the error.
  4. For some tasks you will be able to determine which files need to be deleted by comparing the list in the Task Scheduler with the list of files in Explorer. Some tasks will only have a single file in explorer, or, in one case I had 2 and the first was missing. Once Task Scheduler encounters this error it will no longer display tasks so it makes the job of getting the two in sync a little more difficult. Once you have determined which files exist in the File Folder but do not exist in the Task Scheduler folder, delete those files.
  5. IMPORTANT - Close and Re-open Task Scheduler. Once the error is encountered, Task Scheduler no longer displays the tasks so you need to close it and restart in order to continue your synchronization effort.
  6. Continue to select folders in Task Scheduler under Windows tasks until you encounter the error again and repeat the process of determining which file exists on the file system, but not in Task Scheduler.

I had 6 files that were out of sync with what was displayed in Task Scheduler. Once I deleted all of the offending files, Task Scheduler fired up without issue.

 

Something appears to be wrong with FRST.  It's not finding the files and removing them as it should.  However, Combofix took out a few I was trying to get rid of and doesn't show anything active.  ESET took out a few folders of stuff but we had already killed off their exe files.  It also found some stuff we had already removed and quarantined.    The other scans were all negative.  Since your uncle removed the proxy and it appears to remain gone I think the malware is finally dead.  Now we just need to fix the task scheduler.

 

The other error we see is:

 

Fehler beim Laden des Treibers \Driver\WUDFRd für das Gerät WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_CANON&PROD_MX710_SERIES&REV_0201#7&2C02147&0&459886&0#.

 

which is probably a Canon printer which should be uninstalled or removed from the system and then if it still exists, reinstalled with a new download of the software.


  • 0

Advertisements


#26
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hi,

 

on my way home I realized that I have not run FRST as administrator.  Might be the reason the fixlist didn't work.

 

I am currently running avast bootscan and will try to fix the task scheduler and driver as soon as possible.

 

Sincerely: thanks for helping me!

 

regards

christian


  • 0

#27
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello again,

 

* TaskScheduler Problem:

I was not able to see any tasks but found http://blogs.technet...ck-refresh.aspx

After setting the trace flag to 0 I was able to go through all tasks and sync them with the filesystem.

 

Here are the tasks I had to remove:

AppId:
  PolicyConverter
 
Application Experience
  AitAgent
  Microsoft Compatibility Appraiser
  ProgramDataUpdater
 
Bluetooth
  UninstallDeviceTask
 
CertificateServicesClient
  UserTask
  UserTask-Roam
 
Customer Experience Improvement ProgramDataUpdater
  Consolidator
  KernelCeipTask
  UsbCeip
 
Defrag
  ScheduledDefrag
 
Diagnosis
  Scheduled
 
Location
  Notifications
 
Maintenance
  WinSAT
 
Media Center
  ActivateWindowsSearch
  ConfigureInternetTimeService
  DispatchRecoveryTasks
  ehDRMInit
  InstallPlayReady
  mcupdate
  MediaCenterRecoveryTask
  ObjectStoreRecoveryTask
  OCURActivate
  OCURDiscovery
  PBDADiscovery
  PBDADiscoveryW1
  PBDADiscoveryW2
  PeriodicScanRetry
  PvrRecoveryTaks
  PvrScheduleTask
  RecordingRestart
  RegisterSearch
  ReindexSearchRoot
  SqlLiteRecoveryTask
  StartRecording
  UpdateRecordPath
 
MemoryDiagnostic
  CorruptionDetector
  DecompressionFailureDetector
 
NetTrace
  GatherNetworkInfo
 
OfflineFile
  Background Synchronization
 
PerfTrack
  BackgroundConfigSurveyor
 
Power Efficiency Diagnostics
  AnalyzeSystem
 
RAC
  RacTask
 
Ras
  MobilityManager
 
Registry
  RegIdleBackup
 
RemoteAssistance
  RemoteAssistanceTask
 
SoftwareProtectionPlatform
  SvcRestartTask
 
UPnp
  UPnpHostConfig
 
WindowsBackup
  ConfigNotification
 
(I have made a copy of these files.)
 
In addition I had to clear the TaskCache in the registry:
 
Only then was I able to start the TaskSchd.msc without any errors.
 
 
 
I will look at the printer driver the next time I visit my uncle.  The canon printer is currently active and I don't want to risk disabling the printer (over TeamViewer).
 
 
regards
 
christian

  • 0

#28
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hi,

 

here the boot scan of avast:

 

regards

christian

 

==== aswBoot.txt ====

 

12/10/2014 16:57
Scan of C:
 
Scan of *STARTUP
 
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XOBPPHL\ajs[1].js is infected by JS:Includer-BHE [Trj], Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQXY878H\2040-5830_Re-Markable[1].exe|>nsis.hdr is infected by NSIS:Adware-QI [Adw], Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQXY878H\2040-5830_Re-Markable[1].exe|>$PLUGINSDIR\g.dll is infected by Win32:Adware-gen [Adw], Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQXY878H\2[1].zip|>SupTab_v5.8.8.777_noblank.exe Error 42125 {ZIP archive is corrupted.}
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBZOA2K9\FastPlayerSetup[1].exe|>$_OUTDIR\AddonFP.exe is infected by Win32:Malware-gen, Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBZOA2K9\FastPlayerSetup[1].exe|>$_OUTDIR\FastPlayerUpdater.exe is infected by Win32:Malware-gen, Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBZOA2K9\FastPlayerSetup[1].exe is infected by Win32:Adware-gen [Adw], Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBZOA2K9\Setup[2].exe is infected by Win32:Malware-gen, Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBZOA2K9\VOPackage[1].exe is infected by Win32:Dropper-gen [Drp], Moved to chest
File C:\Users\W04\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1TU76VZ\ajs[1].js is infected by JS:Includer-BHE [Trj], Moved to chest
File C:\Users\W04\leo\setup.EXE|>Wise0087.bin Error 42145 {Installer archive is corrupted.}
File C:\FRST\Quarantine\C\Users\W04\AppData\Local\privacysdiagschd_86\SrDt.exe.xBAD is infected by Win32:Malware-gen, Moved to chest
File C:\FRST\Quarantine\C\Windows\SysWOW64\textcbvaProt\textcbvaProt.exe is infected by Win32:Dropper-gen [Drp], Moved to chest
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-676518b2.exe|>mpavdlta.vdm Error 42127 {CAB archive is corrupted.}
File C:\Windows\SysWOW64\FinderFolderPython\FinderFolderPython.exe is infected by Win32:Dropper-gen [Drp], Moved to chest
File C:\_OTL\MovedFiles\12032014_132538\C_Program Files (x86)\ver8Re-Markable\H8Re-MarkableM34.exe is infected by Win32:Adware-gen [Adw], Moved to chest
File C:\_OTL\MovedFiles\12032014_132538\C_Program Files (x86)\ver8Re-Markable\Uninstall.exe|>$PLUGINSDIR\h.dll is infected by Win32:Adware-gen [Adw], Moved to chest
Number of searched folders: 31002
Number of tested files: 534353
Number of infected files: 14

  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Thanks for the links.  I've got another Task scheduler problem and they will come in handy.


  • 0

#30
clOI

clOI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hi,

 

that's the least I can do.

 

Will I need to reinsert the tasks?

 

Is the PC now "fixed"  (except for the Canon driver)?

 

 

christian


  • 0






Similar Topics


Also tagged with one or more of these keywords: malware, proxy, ad, security

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP