www.MegaLab.it

da **stevens** » gio dic 05, 2013 10:34 pm

apri otl e copia questo codice poi clicca su run fix e allega il log

Codice: Seleziona tutto: :OTL 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DEDAF650-12B8-48f5-A843-BBA100716106}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/11/01 11:15:15 | 104,493,738 | ---- | M] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\錧�¡ [2013/11/01 11:15:15 | 104,493,738 | ---- | C] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\錧�¡ [2013/10/19 13:14:53 | 101,916,422 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\遲뮊 [2013/10/19 13:14:53 | 101,916,422 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\遲뮊 [2013/10/01 17:25:58 | 098,609,570 | ---- | M] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\�ᄹH [2013/10/01 17:25:58 | 098,609,570 | ---- | C] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\�ᄹH :Files ipconfig /flushdns /c :commands [Reboot]

da **Pancrazio** » gio dic 05, 2013 10:36 pm

stevens ha scritto:apri otl e copia questo codice poi clicca su run fix e allega il log

Codice: Seleziona tutto
:OTL 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DEDAF650-12B8-48f5-A843-BBA100716106}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/11/01 11:15:15 | 104,493,738 | ---- | M] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\錧�¡ [2013/11/01 11:15:15 | 104,493,738 | ---- | C] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\錧�¡ [2013/10/19 13:14:53 | 101,916,422 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\遲뮊 [2013/10/19 13:14:53 | 101,916,422 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\遲뮊 [2013/10/01 17:25:58 | 098,609,570 | ---- | M] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\�ᄹH [2013/10/01 17:25:58 | 098,609,570 | ---- | C] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\�ᄹH :Files ipconfig /flushdns /c :commands [Reboot]

Dovrò riavviare il computer?

da **stevens** » gio dic 05, 2013 10:41 pm

Dovrò riavviare il computer?

se non si riavvia fallo tu

da **Pancrazio** » gio dic 05, 2013 10:58 pm

========== OTL ==========
File C:\Windows\SysWow64\錧�¡ not found.
File C:\Windows\SysWow64\錧�¡ not found.
File C:\Windows\SysWow64\遲뮊 not found.
File C:\Windows\SysWow64\遲뮊 not found.
File C:\Windows\SysWow64\�ᄹH not found.
File C:\Windows\SysWow64\�ᄹH not found.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\XXX\Desktop\cmd.bat deleted successfully.
C:\Users\XXX\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 12052013_225944

da **Pancrazio** » ven dic 06, 2013 12:40 pm

Ma, allora, possiedo un pc infettato da un virus oppure no?

da **Pancrazio** » sab dic 07, 2013 12:12 pm

Ecco qui il log di una scansione effettuata con 'Hijackthis':

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:12:51, on 07/12/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Users\Adolfo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
C:\Users\Adolfo\Desktop\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Hi Suite] "C:\Program Files (x86)\Hi Suite\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: Dropbox.lnk = Adolfo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: old
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/3.0 ... ontrol.CAB
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - https://battlefield.play4free.com/stati ... 0.80.2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9943 bytes

da GERONIMO* » sab dic 07, 2013 5:10 pm

hai un windows non aggiornato,ma li fai gli aggiornamenti di windows? ti manca il service pack e hai IE 9
ovvio che becchi virus ed hai un sistema instabile

segui in ordine

Rilancia HijackThis: tasto destro - Esegui come Amministratore per aprirlo
clicca sul pulsante Do a system scan only
Metti la spunta alle voci che vedi sotto
clicca su Fix checked
Se vengono rilasciati messaggi clicca su Si

O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - Startup: old

IMPORTANTE disinstalla java e flash player
li installiamo dopo aggiornati

poi
sempre con hijackthis segui qui come rimuovere gli ADS
http://www.windoctor.it/sicurezza/i-mig ... ta-stream/

poi fai una scansione con Hitmanpro
http://www.windoctor.it/sicurezza/i-mig ... hitmanpro/

poi rilancia TDSSKiller
CliccA su Change parametres

Metti le spunte su tutte le voci come da immagine
tranne che su Loaded modules
e clicca su Ok

fare clic su Start Scan
attendere la fine della scansione
Se TDSSKiller trova file infetto,l’azione predefinita sarà Cure, fare clic su Continua.
Se trova file sospetto, l’azione predefinita sarà Skip , fare clic su Continua.
Se chiede di riavviare il pc (Reboot computer) acconsenti. (per eliminare l’infezione è necessario riavviare il pc)

clicca su Report
e posta il report

poi un'altra cosa,hai il dvd di windows?

da **Pancrazio** » sab dic 07, 2013 5:47 pm

[MEMO][MEMO]17:43:14.0426 0x173c0 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
17:43:16.0946 0x173c0 ============================================================
17:43:16.0946 0x173c0 Current date / time: 2013/12/07 17:43:16.0946
17:43:16.0946 0x173c0 SystemInfo:
17:43:16.0946 0x173c0
17:43:16.0946 0x173c0 OS Version: 6.1.7600 ServicePack: 0.0
17:43:16.0946 0x173c0 Product type: Workstation
17:43:16.0946 0x173c0 ComputerName: XXX
17:43:16.0946 0x173c0 UserName: XXX
17:43:16.0946 0x173c0 Windows directory: C:\Windows
17:43:16.0946 0x173c0 System windows directory: C:\Windows
17:43:16.0946 0x173c0 Running under WOW64
17:43:16.0946 0x173c0 Processor architecture: Intel x64
17:43:16.0946 0x173c0 Number of processors: 4
17:43:16.0946 0x173c0 Page size: 0x1000
17:43:16.0946 0x173c0 Boot type: Normal boot
17:43:16.0946 0x173c0 ============================================================
17:43:18.0976 0x173c0 KLMD registered as C:\Windows\system32\drivers\07917285.sys
17:43:19.0146 0x173c0 System UUID: {366E4EBE-603F-6787-69C6-6E3F6A628CDE}
17:43:19.0726 0x173c0 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:43:19.0746 0x173c0 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:43:19.0756 0x173c0 ============================================================
17:43:19.0756 0x173c0 \Device\Harddisk0\DR0:
17:43:19.0756 0x173c0 MBR partitions:
17:43:19.0756 0x173c0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1BC7C0
17:43:19.0756 0x173c0 \Device\Harddisk1\DR1:
17:43:19.0756 0x173c0 MBR partitions:
17:43:19.0756 0x173c0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
17:43:19.0756 0x173c0 ============================================================
17:43:19.0776 0x173c0 C: <-> \Device\Harddisk0\DR0\Partition1
17:43:19.0776 0x173c0 D: <-> \Device\Harddisk1\DR1\Partition1
17:43:19.0776 0x173c0 ============================================================
17:43:19.0776 0x173c0 Initialize success
17:43:19.0776 0x173c0 ============================================================
17:43:48.0756 0x17320 ============================================================
17:43:48.0756 0x17320 Scan started
17:43:48.0756 0x17320 Mode: Manual; SigCheck; TDLFS;
17:43:48.0756 0x17320 ============================================================
17:43:48.0756 0x17320 KSN ping started
17:43:51.0606 0x17320 KSN ping finished: true
17:43:54.0076 0x17320 ================ Scan system memory ========================
17:43:54.0076 0x17320 System memory - ok
17:43:54.0076 0x17320 ================ Scan services =============================
17:43:54.0206 0x17320 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:43:54.0306 0x17320 1394ohci - ok
17:43:54.0356 0x17320 [ CF43E9BAEBD41844856D14DBE9C07CD7, C8DE2166B91F74B50EB20D7B588CC7CAAC29F0427D3012140BB7D56A3F4B3450 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:43:54.0386 0x17320 acedrv11 - ok
17:43:54.0406 0x17320 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:43:54.0426 0x17320 ACPI - ok
17:43:54.0456 0x17320 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:43:54.0526 0x17320 AcpiPmi - ok
17:43:54.0626 0x17320 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:43:54.0626 0x17320 AdobeARMservice - ok
17:43:54.0726 0x17320 [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:43:54.0736 0x17320 AdobeFlashPlayerUpdateSvc - ok
17:43:54.0776 0x17320 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:43:54.0796 0x17320 adp94xx - ok
17:43:54.0836 0x17320 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:43:54.0856 0x17320 adpahci - ok
17:43:54.0876 0x17320 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:43:54.0886 0x17320 adpu320 - ok
17:43:54.0916 0x17320 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:43:55.0036 0x17320 AeLookupSvc - ok
17:43:55.0086 0x17320 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
17:43:55.0136 0x17320 AFD - ok
17:43:55.0166 0x17320 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:43:55.0176 0x17320 agp440 - ok
17:43:55.0196 0x17320 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:43:55.0256 0x17320 ALG - ok
17:43:55.0276 0x17320 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:43:55.0286 0x17320 aliide - ok
17:43:55.0296 0x17320 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:43:55.0306 0x17320 amdide - ok
17:43:55.0326 0x17320 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:43:55.0356 0x17320 AmdK8 - ok
17:43:55.0376 0x17320 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:43:55.0416 0x17320 AmdPPM - ok
17:43:55.0446 0x17320 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:43:55.0456 0x17320 amdsata - ok
17:43:55.0476 0x17320 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:43:55.0486 0x17320 amdsbs - ok
17:43:55.0506 0x17320 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:43:55.0506 0x17320 amdxata - ok
17:43:55.0536 0x17320 [ 9C59BF508C5D408BB348254E0BA2EE30, A2A687B80E19F6EB8C815E99C1A9F4109322E99CBAB0A4E5003A1CF3CB221F25 ] androidusb C:\Windows\system32\Drivers\fxxandroidusb.sys
17:43:55.0586 0x17320 androidusb - ok
17:43:55.0686 0x17320 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:43:55.0696 0x17320 AntiVirSchedulerService - ok
17:43:55.0736 0x17320 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:43:55.0746 0x17320 AntiVirService - ok
17:43:55.0796 0x17320 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:43:55.0826 0x17320 AntiVirWebService - ok
17:43:55.0846 0x17320 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
17:43:55.0936 0x17320 AppID - ok
17:43:55.0966 0x17320 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:43:56.0016 0x17320 AppIDSvc - ok
17:43:56.0056 0x17320 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
17:43:56.0106 0x17320 Appinfo - ok
17:43:56.0156 0x17320 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:43:56.0206 0x17320 AppMgmt - ok
17:43:56.0246 0x17320 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:43:56.0256 0x17320 arc - ok
17:43:56.0266 0x17320 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:43:56.0276 0x17320 arcsas - ok
17:43:56.0326 0x17320 [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
17:43:56.0336 0x17320 AsIO - ok
17:43:56.0656 0x17320 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:43:56.0656 0x17320 aspnet_state - ok
17:43:56.0686 0x17320 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:43:56.0736 0x17320 AsyncMac - ok
17:43:56.0756 0x17320 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:43:56.0756 0x17320 atapi - ok
17:43:56.0796 0x17320 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:43:56.0816 0x17320 atksgt - ok
17:43:56.0856 0x17320 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:43:56.0906 0x17320 AudioEndpointBuilder - ok
17:43:56.0946 0x17320 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:43:56.0976 0x17320 AudioSrv - ok
17:43:57.0016 0x17320 [ 471321EA23309699AE61611CC1559C5E, CA48D874B1EA430613BC4E17869DCD52C6FBF317454B3614AFD5BB600DEC8403 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:43:57.0026 0x17320 avgntflt - ok
17:43:57.0066 0x17320 [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:43:57.0076 0x17320 avipbb - ok
17:43:57.0086 0x17320 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:43:57.0086 0x17320 avkmgr - ok
17:43:57.0116 0x17320 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:43:57.0126 0x17320 avnetflt - ok
17:43:57.0156 0x17320 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:43:57.0226 0x17320 AxInstSV - ok
17:43:57.0276 0x17320 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:43:57.0336 0x17320 b06bdrv - ok
17:43:57.0366 0x17320 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:43:57.0406 0x17320 b57nd60a - ok
17:43:57.0446 0x17320 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:43:57.0496 0x17320 BDESVC - ok
17:43:57.0516 0x17320 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:43:57.0566 0x17320 Beep - ok
17:43:57.0636 0x17320 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
17:43:57.0716 0x17320 BFE - ok
17:43:57.0766 0x17320 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\system32\qmgr.dll
17:43:57.0846 0x17320 BITS - ok
17:43:57.0886 0x17320 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:43:57.0916 0x17320 blbdrive - ok
17:43:57.0956 0x17320 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:43:57.0996 0x17320 bowser - ok
17:43:58.0036 0x17320 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:43:58.0066 0x17320 BrFiltLo - ok
17:43:58.0106 0x17320 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:43:58.0116 0x17320 BrFiltUp - ok
17:43:58.0136 0x17320 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:43:58.0186 0x17320 BridgeMP - ok
17:43:58.0246 0x17320 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
17:43:58.0286 0x17320 Browser - ok
17:43:58.0346 0x17320 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:43:58.0376 0x17320 Brserid - ok
17:43:58.0396 0x17320 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:43:58.0426 0x17320 BrSerWdm - ok
17:43:58.0466 0x17320 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:43:58.0506 0x17320 BrUsbMdm - ok
17:43:58.0526 0x17320 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:43:58.0556 0x17320 BrUsbSer - ok
17:43:58.0586 0x17320 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:43:58.0596 0x17320 BTHMODEM - ok
17:43:58.0636 0x17320 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:43:58.0686 0x17320 bthserv - ok
17:43:58.0706 0x17320 catchme - ok
17:43:58.0726 0x17320 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:43:58.0776 0x17320 cdfs - ok
17:43:58.0826 0x17320 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:43:58.0836 0x17320 cdrom - ok
17:43:58.0876 0x17320 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
17:43:58.0926 0x17320 CertPropSvc - ok
17:43:58.0976 0x17320 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:43:59.0006 0x17320 circlass - ok
17:43:59.0056 0x17320 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:43:59.0066 0x17320 CLFS - ok
17:43:59.0116 0x17320 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:43:59.0116 0x17320 clr_optimization_v2.0.50727_32 - ok
17:43:59.0146 0x17320 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:43:59.0156 0x17320 clr_optimization_v2.0.50727_64 - ok
17:43:59.0246 0x17320 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:43:59.0246 0x17320 clr_optimization_v4.0.30319_32 - ok
17:43:59.0286 0x17320 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:43:59.0296 0x17320 clr_optimization_v4.0.30319_64 - ok
17:43:59.0316 0x17320 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:43:59.0346 0x17320 CmBatt - ok
17:43:59.0366 0x17320 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:43:59.0376 0x17320 cmdide - ok
17:43:59.0406 0x17320 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
17:43:59.0426 0x17320 CNG - ok
17:43:59.0436 0x17320 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:43:59.0446 0x17320 Compbatt - ok
17:43:59.0466 0x17320 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:43:59.0496 0x17320 CompositeBus - ok
17:43:59.0516 0x17320 COMSysApp - ok
17:43:59.0526 0x17320 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:43:59.0536 0x17320 crcdisk - ok
17:43:59.0576 0x17320 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:43:59.0626 0x17320 CryptSvc - ok
17:43:59.0676 0x17320 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
17:43:59.0746 0x17320 CSC - ok
17:43:59.0786 0x17320 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
17:43:59.0856 0x17320 CscService - ok
17:43:59.0906 0x17320 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:43:59.0936 0x17320 DcomLaunch - ok
17:43:59.0996 0x17320 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:44:00.0056 0x17320 defragsvc - ok
17:44:00.0086 0x17320 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:44:00.0136 0x17320 DfsC - ok
17:44:00.0176 0x17320 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:44:00.0236 0x17320 Dhcp - ok
17:44:00.0256 0x17320 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:44:00.0296 0x17320 discache - ok
17:44:00.0346 0x17320 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:44:00.0346 0x17320 Disk - ok
17:44:00.0386 0x17320 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:44:00.0436 0x17320 Dnscache - ok
17:44:00.0466 0x17320 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
17:44:00.0526 0x17320 dot3svc - ok
17:44:00.0556 0x17320 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
17:44:00.0606 0x17320 DPS - ok
17:44:00.0636 0x17320 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:44:00.0646 0x17320 drmkaud - ok
17:44:00.0676 0x17320 [ FB9BEF3401EE5ECC2603311B9C64F44A, 33F8B6C9593677A360F580554D4F95B9F580C4E28F8187FBB27D96AFBFA8C7C1 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:44:00.0686 0x17320 dtsoftbus01 - ok
17:44:00.0726 0x17320 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:44:00.0766 0x17320 DXGKrnl - ok
17:44:00.0806 0x17320 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:44:00.0846 0x17320 EapHost - ok
17:44:00.0956 0x17320 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:44:01.0096 0x17320 ebdrv - ok
17:44:01.0136 0x17320 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
17:44:01.0146 0x17320 EFS - ok
17:44:01.0206 0x17320 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:44:01.0286 0x17320 ehRecvr - ok
17:44:01.0306 0x17320 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:44:01.0316 0x17320 ehSched - ok
17:44:01.0346 0x17320 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:44:01.0376 0x17320 elxstor - ok
17:44:01.0456 0x17320 [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
17:44:01.0506 0x17320 EPSON_PM_RPCV4_01 - ok
17:44:01.0506 0x17320 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:44:01.0536 0x17320 ErrDev - ok
17:44:01.0596 0x17320 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:44:01.0646 0x17320 EventSystem - ok
17:44:01.0686 0x17320 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:44:01.0816 0x17320 exfat - ok
17:44:01.0856 0x17320 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:44:01.0906 0x17320 fastfat - ok
17:44:01.0966 0x17320 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
17:44:02.0016 0x17320 Fax - ok
17:44:02.0016 0x17320 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:44:02.0046 0x17320 fdc - ok
17:44:02.0116 0x17320 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:44:02.0166 0x17320 fdPHost - ok
17:44:02.0186 0x17320 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:44:02.0216 0x17320 FDResPub - ok
17:44:02.0246 0x17320 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:44:02.0246 0x17320 FileInfo - ok
17:44:02.0256 0x17320 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:44:02.0286 0x17320 Filetrace - ok
17:44:02.0296 0x17320 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:44:02.0306 0x17320 flpydisk - ok
17:44:02.0326 0x17320 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:44:02.0346 0x17320 FltMgr - ok
17:44:02.0386 0x17320 [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
17:44:02.0476 0x17320 FontCache - ok
17:44:02.0526 0x17320 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:02.0536 0x17320 FontCache3.0.0.0 - ok
17:44:02.0546 0x17320 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:44:02.0556 0x17320 FsDepends - ok
17:44:02.0586 0x17320 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:44:02.0596 0x17320 Fs_Rec - ok
17:44:02.0626 0x17320 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:44:02.0646 0x17320 fvevol - ok
17:44:02.0656 0x17320 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:44:02.0666 0x17320 gagp30kx - ok
17:44:02.0696 0x17320 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
17:44:02.0756 0x17320 gpsvc - ok
17:44:02.0846 0x17320 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:02.0846 0x17320 gupdate - ok
17:44:02.0876 0x17320 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:02.0886 0x17320 gupdatem - ok
17:44:02.0896 0x17320 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:44:02.0956 0x17320 hcw85cir - ok
17:44:02.0996 0x17320 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:44:03.0036 0x17320 HdAudAddService - ok
17:44:03.0066 0x17320 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:44:03.0096 0x17320 HDAudBus - ok
17:44:03.0136 0x17320 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:44:03.0136 0x17320 HECIx64 - ok
17:44:03.0156 0x17320 hid7906 - ok
17:44:03.0176 0x17320 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:44:03.0206 0x17320 HidBatt - ok
17:44:03.0226 0x17320 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:44:03.0266 0x17320 HidBth - ok
17:44:03.0286 0x17320 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:44:03.0326 0x17320 HidIr - ok
17:44:03.0356 0x17320 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:44:03.0396 0x17320 hidserv - ok
17:44:03.0456 0x17320 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:44:03.0486 0x17320 HidUsb - ok
17:44:03.0516 0x17320 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
17:44:03.0566 0x17320 hkmsvc - ok
17:44:03.0596 0x17320 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:44:03.0646 0x17320 HomeGroupListener - ok
17:44:03.0676 0x17320 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:44:03.0706 0x17320 HomeGroupProvider - ok
17:44:03.0746 0x17320 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:44:03.0756 0x17320 HpSAMD - ok
17:44:03.0806 0x17320 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:44:03.0876 0x17320 HTTP - ok
17:44:03.0886 0x17320 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:44:03.0896 0x17320 hwpolicy - ok
17:44:03.0926 0x17320 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:44:03.0946 0x17320 i8042prt - ok
17:44:03.0976 0x17320 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:44:03.0996 0x17320 iaStorV - ok
17:44:04.0096 0x17320 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:44:04.0106 0x17320 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )

da **Pancrazio** » sab dic 07, 2013 5:48 pm

17:44:04.0166 0x17320 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:44:04.0166 0x17320 Force sending object to P2P due to detect: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:44:24.0176 0x17320 Object send P2P result: false
17:44:26.0986 0x17320 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:27.0016 0x17320 idsvc - ok
17:44:27.0036 0x17320 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:44:27.0056 0x17320 iirsp - ok
17:44:27.0126 0x17320 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
17:44:27.0206 0x17320 IKEEXT - ok
17:44:27.0396 0x17320 [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:44:27.0446 0x17320 IntcAzAudAddService - ok
17:44:27.0456 0x17320 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:44:27.0466 0x17320 intelide - ok
17:44:27.0486 0x17320 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:44:27.0516 0x17320 intelppm - ok
17:44:27.0556 0x17320 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:44:27.0606 0x17320 IPBusEnum - ok
17:44:27.0636 0x17320 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:27.0666 0x17320 IpFilterDriver - ok
17:44:27.0686 0x17320 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:44:27.0746 0x17320 iphlpsvc - ok
17:44:27.0786 0x17320 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:44:27.0816 0x17320 IPMIDRV - ok
17:44:27.0836 0x17320 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:44:27.0886 0x17320 IPNAT - ok
17:44:27.0916 0x17320 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:44:27.0926 0x17320 IRENUM - ok
17:44:27.0936 0x17320 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:44:27.0946 0x17320 isapnp - ok
17:44:27.0966 0x17320 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:44:27.0986 0x17320 iScsiPrt - ok
17:44:28.0006 0x17320 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:44:28.0016 0x17320 kbdclass - ok
17:44:28.0046 0x17320 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:44:28.0076 0x17320 kbdhid - ok
17:44:28.0096 0x17320 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
17:44:28.0106 0x17320 KeyIso - ok
17:44:28.0136 0x17320 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:44:28.0146 0x17320 KSecDD - ok
17:44:28.0156 0x17320 [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:44:28.0166 0x17320 KSecPkg - ok
17:44:28.0186 0x17320 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:44:28.0226 0x17320 ksthunk - ok
17:44:28.0286 0x17320 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:44:28.0336 0x17320 KtmRm - ok
17:44:28.0386 0x17320 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\System32\srvsvc.dll
17:44:28.0436 0x17320 LanmanServer - ok
17:44:28.0466 0x17320 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:44:28.0486 0x17320 LanmanWorkstation - ok
17:44:28.0536 0x17320 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:44:28.0536 0x17320 lirsgt - ok
17:44:28.0556 0x17320 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:44:28.0586 0x17320 lltdio - ok
17:44:28.0616 0x17320 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:44:28.0676 0x17320 lltdsvc - ok
17:44:28.0706 0x17320 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:44:28.0726 0x17320 lmhosts - ok
17:44:28.0786 0x17320 [ D0E7FF91B52FE9FD2F9522B91F27CB09, 6123B81EA394E81C2CD4D1BA0562E87CB0A1E18FD32B214A82E4E18300879CCD ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:44:28.0796 0x17320 LMS - ok
17:44:28.0836 0x17320 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:44:28.0846 0x17320 LSI_FC - ok
17:44:28.0856 0x17320 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:44:28.0866 0x17320 LSI_SAS - ok
17:44:28.0876 0x17320 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:44:28.0896 0x17320 LSI_SAS2 - ok
17:44:28.0906 0x17320 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:44:28.0926 0x17320 LSI_SCSI - ok
17:44:28.0946 0x17320 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:44:28.0986 0x17320 luafv - ok
17:44:29.0036 0x17320 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:44:29.0046 0x17320 MBAMProtector - ok
17:44:29.0076 0x17320 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:44:29.0096 0x17320 MBAMScheduler - ok
17:44:29.0116 0x17320 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:44:29.0136 0x17320 MBAMService - ok
17:44:29.0156 0x17320 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:44:29.0196 0x17320 Mcx2Svc - ok
17:44:29.0216 0x17320 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:44:29.0226 0x17320 megasas - ok
17:44:29.0256 0x17320 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:44:29.0276 0x17320 MegaSR - ok
17:44:29.0356 0x17320 Microsoft SharePoint Workspace Audit Service - ok
17:44:29.0376 0x17320 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:44:29.0426 0x17320 MMCSS - ok
17:44:29.0446 0x17320 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:44:29.0486 0x17320 Modem - ok
17:44:29.0536 0x17320 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:44:29.0566 0x17320 monitor - ok
17:44:29.0596 0x17320 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:44:29.0606 0x17320 mouclass - ok
17:44:29.0636 0x17320 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:44:29.0646 0x17320 mouhid - ok
17:44:29.0666 0x17320 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:44:29.0676 0x17320 mountmgr - ok
17:44:29.0696 0x17320 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:44:29.0716 0x17320 mpio - ok
17:44:29.0736 0x17320 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:44:29.0766 0x17320 mpsdrv - ok
17:44:29.0806 0x17320 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
17:44:29.0856 0x17320 MpsSvc - ok
17:44:29.0886 0x17320 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:44:29.0926 0x17320 MRxDAV - ok
17:44:29.0956 0x17320 [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:29.0976 0x17320 mrxsmb - ok
17:44:29.0996 0x17320 [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:30.0026 0x17320 mrxsmb10 - ok
17:44:30.0026 0x17320 [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:30.0056 0x17320 mrxsmb20 - ok
17:44:30.0066 0x17320 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:44:30.0076 0x17320 msahci - ok
17:44:30.0096 0x17320 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:44:30.0116 0x17320 msdsm - ok
17:44:30.0126 0x17320 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:44:30.0146 0x17320 MSDTC - ok
17:44:30.0146 0x17320 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:44:30.0176 0x17320 Msfs - ok
17:44:30.0196 0x17320 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:44:30.0236 0x17320 mshidkmdf - ok
17:44:30.0266 0x17320 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:44:30.0276 0x17320 msisadrv - ok
17:44:30.0306 0x17320 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:44:30.0356 0x17320 MSiSCSI - ok
17:44:30.0356 0x17320 msiserver - ok
17:44:30.0386 0x17320 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:44:30.0426 0x17320 MSKSSRV - ok
17:44:30.0456 0x17320 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:30.0496 0x17320 MSPCLOCK - ok
17:44:30.0496 0x17320 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:44:30.0526 0x17320 MSPQM - ok
17:44:30.0576 0x17320 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:44:30.0586 0x17320 MsRPC - ok
17:44:30.0606 0x17320 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:44:30.0606 0x17320 mssmbios - ok
17:44:30.0656 0x17320 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:44:30.0696 0x17320 MSTEE - ok
17:44:30.0726 0x17320 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:44:30.0776 0x17320 MTConfig - ok
17:44:30.0836 0x17320 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:44:30.0836 0x17320 MTsensor - ok
17:44:30.0856 0x17320 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:44:30.0866 0x17320 Mup - ok
17:44:30.0896 0x17320 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
17:44:30.0926 0x17320 napagent - ok
17:44:30.0966 0x17320 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:44:31.0016 0x17320 NativeWifiP - ok
17:44:31.0076 0x17320 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
17:44:31.0106 0x17320 NDIS - ok
17:44:31.0126 0x17320 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:44:31.0156 0x17320 NdisCap - ok
17:44:31.0186 0x17320 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:31.0226 0x17320 NdisTapi - ok
17:44:31.0286 0x17320 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:31.0326 0x17320 Ndisuio - ok
17:44:31.0376 0x17320 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:31.0436 0x17320 NdisWan - ok
17:44:31.0466 0x17320 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:44:31.0506 0x17320 NDProxy - ok
17:44:31.0526 0x17320 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:44:31.0566 0x17320 NetBIOS - ok
17:44:31.0616 0x17320 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:44:31.0666 0x17320 NetBT - ok
17:44:31.0696 0x17320 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
17:44:31.0706 0x17320 Netlogon - ok
17:44:31.0736 0x17320 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:44:31.0786 0x17320 Netman - ok
17:44:31.0846 0x17320 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:31.0856 0x17320 NetMsmqActivator - ok
17:44:31.0876 0x17320 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:31.0886 0x17320 NetPipeActivator - ok
17:44:31.0916 0x17320 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:44:31.0976 0x17320 netprofm - ok
17:44:32.0046 0x17320 [ 9C7234623096284339C698FFB41DAECE, 361752FC9C702F7498116EE820D29D87F4957831C95B61CA529FE1B08B1ECADC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
17:44:32.0096 0x17320 netr28ux - ok
17:44:32.0116 0x17320 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:32.0126 0x17320 NetTcpActivator - ok
17:44:32.0126 0x17320 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:32.0136 0x17320 NetTcpPortSharing - ok
17:44:32.0166 0x17320 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:44:32.0176 0x17320 nfrd960 - ok
17:44:32.0206 0x17320 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
17:44:32.0256 0x17320 NlaSvc - ok
17:44:32.0326 0x17320 [ CD569FA91EC6F59D045C19D0D3850F44, 8DDD03BB5EB614689D62FD9BDD89A2AF960EC07BA18792AFAA87D1E565E74EBC ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
17:44:32.0346 0x17320 nmservice - ok
17:44:32.0376 0x17320 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:44:32.0396 0x17320 Npfs - ok
17:44:32.0416 0x17320 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:44:32.0466 0x17320 nsi - ok
17:44:32.0486 0x17320 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:44:32.0526 0x17320 nsiproxy - ok
17:44:32.0596 0x17320 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:44:32.0646 0x17320 Ntfs - ok
17:44:32.0656 0x17320 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:44:32.0696 0x17320 Null - ok
17:44:32.0736 0x17320 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:44:32.0746 0x17320 NVHDA - ok
17:44:33.0016 0x17320 [ CE1B54F1ED2080B15DAF9044EC92075A, DD8557B0E159C09DF3195EC01545CCE2BD580DC2557CCC4F90D3B7C02D07FC36 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:44:33.0226 0x17320 nvlddmkm - ok
17:44:33.0256 0x17320 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:44:33.0266 0x17320 nvraid - ok
17:44:33.0286 0x17320 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:44:33.0296 0x17320 nvstor - ok
17:44:33.0726 0x17320 [ F0AD6B3A2352EFADC223A9587693A51A, A0B3AB07364BB59D531AD73145A606DE2B2CB9AF29691FD983F1B0E3197E6637 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:44:34.0016 0x17320 NvStreamSvc - ok
17:44:34.0056 0x17320 [ 67E9F641C1B5387F298F3063FAFA022B, F9C9974828632349E426C5375D2FD63744350D3D6FD693071231370D52E76DE7 ] NVSvc C:\Windows\system32\nvvsvc.exe
17:44:34.0086 0x17320 NVSvc - ok
17:44:34.0176 0x17320 [ F313FFEA01C3DFF4E7E763DA29B0FF36, 6D9FA981A27E120DB7AF9B6545B476ACA08B511CB01A202553017F63A4709188 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:44:34.0216 0x17320 nvUpdatusService - ok
17:44:34.0256 0x17320 [ 31B16657118E439B77B0A527F7EA66CB, 8C375D2AFF56125E08587DDDCE6AD31DE6D2DEEDC9AD95ADE95B7499F79A5B56 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:44:34.0266 0x17320 nvvad_WaveExtensible - ok
17:44:34.0286 0x17320 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:44:34.0306 0x17320 nv_agp - ok
17:44:34.0316 0x17320 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:44:34.0346 0x17320 ohci1394 - ok
17:44:34.0396 0x17320 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:34.0396 0x17320 ose64 - ok
17:44:34.0556 0x17320 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:44:34.0656 0x17320 osppsvc - ok
17:44:34.0686 0x17320 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:44:34.0736 0x17320 p2pimsvc - ok
17:44:34.0766 0x17320 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:44:34.0796 0x17320 p2psvc - ok
17:44:34.0816 0x17320 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:44:34.0836 0x17320 Parport - ok
17:44:34.0846 0x17320 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:44:34.0856 0x17320 partmgr - ok
17:44:34.0876 0x17320 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:44:34.0906 0x17320 PcaSvc - ok
17:44:34.0926 0x17320 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
17:44:34.0936 0x17320 pci - ok
17:44:34.0946 0x17320 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:44:34.0956 0x17320 pciide - ok
17:44:34.0976 0x17320 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:44:34.0996 0x17320 pcmcia - ok
17:44:35.0046 0x17320 [ AF7CE12C4F3DC8CB2B07685C916BBCFE, 1AF47113778D411BF3CF82ACF428676908121B1F3252133A5F98E188ED1E9C6C ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
17:44:35.0066 0x17320 pcouffin - ok
17:44:35.0076 0x17320 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:44:35.0086 0x17320 pcw - ok
17:44:35.0126 0x17320 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:44:35.0206 0x17320 PEAUTH - ok
17:44:35.0266 0x17320 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:44:35.0356 0x17320 PeerDistSvc - ok
17:44:35.0406 0x17320 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:44:35.0426 0x17320 PerfHost - ok
17:44:35.0496 0x17320 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
17:44:35.0586 0x17320 pla - ok
17:44:35.0626 0x17320 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:44:35.0676 0x17320 PlugPlay - ok
17:44:35.0716 0x17320 [ FB83B6C62DFF5ABE36304351D2BED581, ADFB563328B3D3F35F641E72BA8559949FD706146544CE7AFD5CE529B8355ACC ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
17:44:35.0726 0x17320 pnarp - ok
17:44:35.0746 0x17320 PnkBstrA - ok
17:44:35.0776 0x17320 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:44:35.0806 0x17320 PNRPAutoReg - ok
17:44:35.0836 0x17320 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:44:35.0856 0x17320 PNRPsvc - ok
17:44:35.0886 0x17320 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:44:35.0946 0x17320 PolicyAgent - ok
17:44:35.0966 0x17320 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:44:35.0996 0x17320 Power - ok
17:44:36.0016 0x17320 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:44:36.0066 0x17320 PptpMiniport - ok
17:44:36.0086 0x17320 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:44:36.0116 0x17320 Processor - ok
17:44:36.0156 0x17320 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
17:44:36.0196 0x17320 ProfSvc - ok
17:44:36.0216 0x17320 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:44:36.0226 0x17320 ProtectedStorage - ok
17:44:36.0256 0x17320 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:44:36.0276 0x17320 Psched - ok
17:44:36.0336 0x17320 [ 1B3434642CE3C26E6F24D3A76D749C2A, 51FE9D777002B905EEFE546701BC1B143E22B360014A4CB5BAAD0490DF21E278 ] purendis C:\Windows\system32\DRIVERS\purendis.sys
17:44:36.0346 0x17320 purendis - ok
17:44:36.0386 0x17320 [ 58E25BE1CAA4F908C4CABEB1A27BC4DD, 03090FB7985A5BB5C1A213031E237EFCD8A6F5F19383B60A48CB4343DD9A0786 ] qcusbser C:\Windows\system32\DRIVERS\FXX\qcusbser.sys
17:44:36.0416 0x17320 qcusbser - ok
17:44:36.0496 0x17320 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:44:36.0556 0x17320 ql2300 - ok
17:44:36.0606 0x17320 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:44:36.0616 0x17320 ql40xx - ok
17:44:36.0646 0x17320 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:44:36.0676 0x17320 QWAVE - ok

da **Pancrazio** » sab dic 07, 2013 5:50 pm

17:44:36.0686 0x17320 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:44:36.0726 0x17320 QWAVEdrv - ok
17:44:36.0776 0x17320 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:44:36.0816 0x17320 RasAcd - ok
17:44:36.0866 0x17320 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:44:36.0886 0x17320 RasAgileVpn - ok
17:44:36.0916 0x17320 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:44:36.0986 0x17320 RasAuto - ok
17:44:36.0986 0x17320 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:37.0046 0x17320 Rasl2tp - ok
17:44:37.0086 0x17320 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
17:44:37.0136 0x17320 RasMan - ok
17:44:37.0176 0x17320 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:37.0226 0x17320 RasPppoe - ok
17:44:37.0256 0x17320 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:44:37.0286 0x17320 RasSstp - ok
17:44:37.0306 0x17320 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:44:37.0356 0x17320 rdbss - ok
17:44:37.0396 0x17320 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:44:37.0456 0x17320 rdpbus - ok
17:44:37.0526 0x17320 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:37.0556 0x17320 RDPCDD - ok
17:44:37.0626 0x17320 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:44:37.0676 0x17320 RDPDR - ok
17:44:37.0696 0x17320 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:44:37.0726 0x17320 RDPENCDD - ok
17:44:37.0726 0x17320 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:44:37.0756 0x17320 RDPREFMP - ok
17:44:37.0786 0x17320 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:44:37.0836 0x17320 RDPWD - ok
17:44:37.0856 0x17320 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:44:37.0866 0x17320 rdyboost - ok
17:44:37.0896 0x17320 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:44:37.0946 0x17320 RemoteAccess - ok
17:44:37.0996 0x17320 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:44:38.0046 0x17320 RemoteRegistry - ok
17:44:38.0066 0x17320 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:44:38.0106 0x17320 RpcEptMapper - ok
17:44:38.0146 0x17320 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:44:38.0176 0x17320 RpcLocator - ok
17:44:38.0216 0x17320 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
17:44:38.0246 0x17320 RpcSs - ok
17:44:38.0266 0x17320 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:44:38.0306 0x17320 rspndr - ok
17:44:38.0356 0x17320 [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:44:38.0406 0x17320 RTL8167 - ok
17:44:38.0426 0x17320 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
17:44:38.0466 0x17320 s3cap - ok
17:44:38.0476 0x17320 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
17:44:38.0486 0x17320 SamSs - ok
17:44:38.0516 0x17320 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:44:38.0526 0x17320 sbp2port - ok
17:44:38.0626 0x17320 [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
17:44:38.0656 0x17320 SBSDWSCService - ok
17:44:38.0696 0x17320 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:44:38.0746 0x17320 SCardSvr - ok
17:44:38.0806 0x17320 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D, 64A07303E538A1EE439D4AAD0DEBBD6037219D37B884026701A06E59A729E9C9 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:44:38.0806 0x17320 SCDEmu - ok
17:44:38.0816 0x17320 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:44:38.0866 0x17320 scfilter - ok
17:44:38.0926 0x17320 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
17:44:38.0986 0x17320 Schedule - ok
17:44:39.0016 0x17320 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:44:39.0046 0x17320 SCPolicySvc - ok
17:44:39.0056 0x17320 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:44:39.0126 0x17320 SDRSVC - ok
17:44:39.0146 0x17320 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:44:39.0176 0x17320 secdrv - ok
17:44:39.0196 0x17320 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
17:44:39.0236 0x17320 seclogon - ok
17:44:39.0256 0x17320 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:44:39.0306 0x17320 SENS - ok
17:44:39.0336 0x17320 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:44:39.0386 0x17320 SensrSvc - ok
17:44:39.0426 0x17320 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:44:39.0436 0x17320 Serenum - ok
17:44:39.0466 0x17320 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:44:39.0496 0x17320 Serial - ok
17:44:39.0536 0x17320 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:44:39.0576 0x17320 sermouse - ok
17:44:39.0606 0x17320 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
17:44:39.0656 0x17320 SessionEnv - ok
17:44:39.0676 0x17320 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:44:39.0716 0x17320 sffdisk - ok
17:44:39.0746 0x17320 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:44:39.0776 0x17320 sffp_mmc - ok
17:44:39.0796 0x17320 [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:44:39.0816 0x17320 sffp_sd - ok
17:44:39.0826 0x17320 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:44:39.0836 0x17320 sfloppy - ok
17:44:39.0876 0x17320 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:44:39.0916 0x17320 SharedAccess - ok
17:44:39.0946 0x17320 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:44:39.0976 0x17320 ShellHWDetection - ok
17:44:40.0006 0x17320 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:44:40.0016 0x17320 SiSRaid2 - ok
17:44:40.0036 0x17320 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:44:40.0046 0x17320 SiSRaid4 - ok
17:44:40.0076 0x17320 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:44:40.0106 0x17320 Smb - ok
17:44:40.0146 0x17320 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:44:40.0176 0x17320 SNMPTRAP - ok
17:44:40.0206 0x17320 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:44:40.0216 0x17320 spldr - ok
17:44:40.0236 0x17320 [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
17:44:40.0266 0x17320 Spooler - ok
17:44:40.0357 0x17320 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
17:44:40.0487 0x17320 sppsvc - ok
17:44:40.0507 0x17320 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:44:40.0557 0x17320 sppuinotify - ok
17:44:40.0647 0x17320 [ 4C33F139236FD9BD14A920F60C1CB072, 806650B2AE7DC299DEC49C519E2452427B819213F863BFCC4188EDF075EAAD2D ] sptd C:\Windows\system32\Drivers\sptd.sys
17:44:40.0657 0x17320 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 4C33F139236FD9BD14A920F60C1CB072, sha256: 806650B2AE7DC299DEC49C519E2452427B819213F863BFCC4188EDF075EAAD2D
17:44:40.0657 0x17320 sptd - detected LockedFile.Multi.Generic ( 1 )
17:44:40.0657 0x17320 sptd ( LockedFile.Multi.Generic ) - warning
17:44:40.0657 0x17320 Force sending object to P2P due to detect: C:\Windows\system32\Drivers\sptd.sys
17:44:56.0867 0x17320 Object send P2P result: true
17:44:59.0757 0x17320 [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:44:59.0787 0x17320 srv - ok
17:44:59.0817 0x17320 [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:44:59.0847 0x17320 srv2 - ok
17:44:59.0857 0x17320 [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:44:59.0897 0x17320 srvnet - ok
17:44:59.0947 0x17320 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:44:59.0997 0x17320 SSDPSRV - ok
17:45:00.0027 0x17320 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:45:00.0057 0x17320 SstpSvc - ok
17:45:00.0107 0x17320 [ 7DE35FB26617D9AEF44CEFE9FAC5C51A, ADAFD4690D61070DEEC7D04CBE565C73EF92A17F9C16B7FDD1375D38CD54395A ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:45:00.0117 0x17320 Steam Client Service - ok
17:45:00.0217 0x17320 [ 4F08BE2C2AC568EE9867A9B0F4F09540, 2EACD391B66D649BA458955257912B302270AB883B13FD4034B069B7CECE75FD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:45:00.0227 0x17320 Stereo Service - ok
17:45:00.0287 0x17320 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:45:00.0317 0x17320 stexstor - ok
17:45:00.0457 0x17320 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
17:45:00.0507 0x17320 stisvc - ok
17:45:00.0537 0x17320 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
17:45:00.0547 0x17320 storflt - ok
17:45:00.0557 0x17320 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
17:45:00.0567 0x17320 storvsc - ok
17:45:00.0597 0x17320 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:45:00.0607 0x17320 swenum - ok
17:45:00.0637 0x17320 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:45:00.0677 0x17320 swprv - ok
17:45:00.0717 0x17320 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
17:45:00.0777 0x17320 SysMain - ok
17:45:00.0797 0x17320 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:00.0837 0x17320 TabletInputService - ok
17:45:00.0867 0x17320 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:45:00.0907 0x17320 TapiSrv - ok
17:45:00.0907 0x17320 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:45:00.0937 0x17320 TBS - ok
17:45:01.0007 0x17320 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:45:01.0067 0x17320 Tcpip - ok
17:45:01.0127 0x17320 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:45:01.0167 0x17320 TCPIP6 - ok
17:45:01.0187 0x17320 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:45:01.0207 0x17320 tcpipreg - ok
17:45:01.0217 0x17320 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:45:01.0267 0x17320 TDPIPE - ok
17:45:01.0287 0x17320 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:45:01.0307 0x17320 TDTCP - ok
17:45:01.0317 0x17320 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:45:01.0367 0x17320 tdx - ok
17:45:01.0407 0x17320 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:45:01.0417 0x17320 TermDD - ok
17:45:01.0447 0x17320 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
17:45:01.0497 0x17320 TermService - ok
17:45:01.0507 0x17320 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:45:01.0537 0x17320 Themes - ok
17:45:01.0567 0x17320 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:45:01.0597 0x17320 THREADORDER - ok
17:45:01.0617 0x17320 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:45:01.0667 0x17320 TrkWks - ok
17:45:01.0717 0x17320 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:01.0757 0x17320 TrustedInstaller - ok
17:45:01.0767 0x17320 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:01.0817 0x17320 tssecsrv - ok
17:45:01.0857 0x17320 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:45:01.0907 0x17320 tunnel - ok
17:45:01.0937 0x17320 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:45:01.0947 0x17320 uagp35 - ok
17:45:01.0957 0x17320 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:45:02.0017 0x17320 udfs - ok
17:45:02.0057 0x17320 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:45:02.0087 0x17320 UI0Detect - ok
17:45:02.0127 0x17320 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:45:02.0137 0x17320 uliagpkx - ok
17:45:02.0167 0x17320 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:45:02.0177 0x17320 umbus - ok
17:45:02.0187 0x17320 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:45:02.0207 0x17320 UmPass - ok
17:45:02.0237 0x17320 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
17:45:02.0267 0x17320 UmRdpService - ok
17:45:02.0377 0x17320 [ A7377410BC0D28C5A72135A4BE1A1068, D051CD79B9CD66EA6345A6DB5FAA89EC7355B615A36775A4693EF818CA816E2F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:45:02.0427 0x17320 UNS - ok
17:45:02.0447 0x17320 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:45:02.0497 0x17320 upnphost - ok
17:45:02.0527 0x17320 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:02.0567 0x17320 usbccgp - ok
17:45:02.0607 0x17320 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:45:02.0647 0x17320 usbcir - ok
17:45:02.0667 0x17320 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:45:02.0707 0x17320 usbehci - ok
17:45:02.0747 0x17320 [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:45:02.0797 0x17320 usbhub - ok
17:45:02.0817 0x17320 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:45:02.0847 0x17320 usbohci - ok
17:45:02.0877 0x17320 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:45:02.0887 0x17320 usbprint - ok
17:45:02.0897 0x17320 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:45:02.0937 0x17320 usbscan - ok
17:45:02.0957 0x17320 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:02.0987 0x17320 USBSTOR - ok
17:45:03.0007 0x17320 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:45:03.0017 0x17320 usbuhci - ok
17:45:03.0047 0x17320 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:45:03.0067 0x17320 UxSms - ok
17:45:03.0077 0x17320 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
17:45:03.0087 0x17320 VaultSvc - ok
17:45:03.0117 0x17320 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:45:03.0117 0x17320 vdrvroot - ok
17:45:03.0147 0x17320 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
17:45:03.0177 0x17320 vds - ok
17:45:03.0207 0x17320 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:03.0217 0x17320 vga - ok
17:45:03.0237 0x17320 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:45:03.0277 0x17320 VgaSave - ok
17:45:03.0307 0x17320 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:45:03.0327 0x17320 vhdmp - ok
17:45:03.0337 0x17320 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:45:03.0347 0x17320 viaide - ok
17:45:03.0367 0x17320 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
17:45:03.0387 0x17320 vmbus - ok
17:45:03.0407 0x17320 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
17:45:03.0437 0x17320 VMBusHID - ok
17:45:03.0477 0x17320 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:45:03.0477 0x17320 volmgr - ok
17:45:03.0487 0x17320 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:45:03.0507 0x17320 volmgrx - ok
17:45:03.0517 0x17320 [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:45:03.0527 0x17320 volsnap - ok
17:45:03.0547 0x17320 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:45:03.0557 0x17320 vsmraid - ok
17:45:03.0617 0x17320 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
17:45:03.0677 0x17320 VSS - ok
17:45:03.0697 0x17320 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:45:03.0707 0x17320 vwifibus - ok
17:45:03.0737 0x17320 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:45:03.0777 0x17320 W32Time - ok
17:45:03.0797 0x17320 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:45:03.0807 0x17320 WacomPen - ok
17:45:03.0827 0x17320 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:45:03.0867 0x17320 WANARP - ok
17:45:03.0877 0x17320 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:45:03.0897 0x17320 Wanarpv6 - ok
17:45:03.0957 0x17320 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
17:45:04.0067 0x17320 wbengine - ok
17:45:04.0087 0x17320 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:45:04.0107 0x17320 WbioSrvc - ok
17:45:04.0147 0x17320 [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:45:04.0167 0x17320 wcncsvc - ok
17:45:04.0177 0x17320 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:04.0227 0x17320 WcsPlugInService - ok
17:45:04.0247 0x17320 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:45:04.0257 0x17320 Wd - ok
17:45:04.0277 0x17320 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:45:04.0307 0x17320 Wdf01000 - ok
17:45:04.0327 0x17320 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:45:04.0357 0x17320 WdiServiceHost - ok
17:45:04.0357 0x17320 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:45:04.0377 0x17320 WdiSystemHost - ok
17:45:04.0417 0x17320 [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
17:45:04.0457 0x17320 WebClient - ok
17:45:04.0487 0x17320 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:45:04.0547 0x17320 Wecsvc - ok
17:45:04.0567 0x17320 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:45:04.0607 0x17320 wercplsupport - ok
17:45:04.0637 0x17320 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:45:04.0667 0x17320 WerSvc - ok
17:45:04.0697 0x17320 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:04.0717 0x17320 WfpLwf - ok
17:45:04.0737 0x17320 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:45:04.0747 0x17320 WIMMount - ok
17:45:04.0767 0x17320 WinDefend - ok
17:45:04.0777 0x17320 WinHttpAutoProxySvc - ok
17:45:04.0827 0x17320 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:45:04.0877 0x17320 Winmgmt - ok
17:45:04.0957 0x17320 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
17:45:05.0057 0x17320 WinRM - ok
17:45:05.0117 0x17320 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:45:05.0157 0x17320 Wlansvc - ok
17:45:05.0317 0x17320 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:45:05.0367 0x17320 wlidsvc - ok
17:45:05.0377 0x17320 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:45:05.0387 0x17320 WmiAcpi - ok
17:45:05.0417 0x17320 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:45:05.0457 0x17320 wmiApSrv - ok
17:45:05.0487 0x17320 WMPNetworkSvc - ok
17:45:05.0527 0x17320 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:45:05.0557 0x17320 WPCSvc - ok
17:45:05.0577 0x17320 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:45:05.0657 0x17320 WPDBusEnum - ok
17:45:05.0717 0x17320 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:45:05.0757 0x17320 ws2ifsl - ok
17:45:05.0807 0x17320 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:45:05.0837 0x17320 wscsvc - ok
17:45:05.0837 0x17320 WSearch - ok
17:45:05.0927 0x17320 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
17:45:05.0997 0x17320 wuauserv - ok
17:45:06.0017 0x17320 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:45:06.0067 0x17320 WudfPf - ok
17:45:06.0107 0x17320 [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:06.0157 0x17320 WUDFRd - ok
17:45:06.0197 0x17320 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:45:06.0237 0x17320 wudfsvc - ok
17:45:06.0277 0x17320 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:45:06.0347 0x17320 WwanSvc - ok
17:45:06.0377 0x17320 ================ Scan global ===============================
17:45:06.0407 0x17320 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:45:06.0437 0x17320 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
17:45:06.0447 0x17320 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
17:45:06.0467 0x17320 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:45:06.0487 0x17320 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:45:06.0497 0x17320 [ Global ] - ok
17:45:06.0497 0x17320 ================ Scan MBR ==================================
17:45:06.0507 0x17320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:45:07.0037 0x17320 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:45:07.0037 0x17320 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:45:09.0797 0x17320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:45:09.0847 0x17320 \Device\Harddisk1\DR1 - ok
17:45:09.0847 0x17320 ================ Scan VBR ==================================
17:45:09.0847 0x17320 [ 2470DF6A1388B108B8E0634B3FC3F296 ] \Device\Harddisk0\DR0\Partition1
17:45:09.0847 0x17320 \Device\Harddisk0\DR0\Partition1 - ok
17:45:09.0847 0x17320 [ D5E740F1F8EA2609F167AD2B886C8AE5 ] \Device\Harddisk1\DR1\Partition1
17:45:09.0847 0x17320 \Device\Harddisk1\DR1\Partition1 - ok
17:45:09.0867 0x17320 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
17:45:09.0867 0x17320 Win FW state via NFP2: enabled
17:45:12.0667 0x17320 ============================================================
17:45:12.0667 0x17320 Scan finished
17:45:12.0667 0x17320 ============================================================
17:45:12.0667 0x16a68 Detected object count: 3
17:45:12.0667 0x16a68 Actual detected object count: 3
17:45:30.0667 0x16a68 C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
17:45:30.0667 0x16a68 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
17:45:30.0697 0x16a68 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
17:45:30.0697 0x16a68 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
17:45:30.0727 0x16a68 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:45:30.0727 0x16a68 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
17:45:30.0727 0x16a68 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
17:45:30.0727 0x16a68 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
17:45:30.0737 0x16a68 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
17:45:30.0737 0x16a68 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
17:45:30.0737 0x16a68 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
17:45:30.0737 0x16a68 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
17:45:30.0737 0x16a68 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
17:45:30.0747 0x16a68 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:45:30.0747 0x16a68 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:45:30.0747 0x16a68 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:45:30.0747 0x16a68 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:45:30.0747 0x16a68 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
17:45:30.0747 0x16a68 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
17:45:30.0757 0x16a68 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine
17:45:30.0757 0x16a68 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine
17:45:30.0757 0x16a68 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine
17:45:30.0757 0x16a68 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
17:45:30.0757 0x16a68 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

P.S: Devo controllare per sapere se possiedo il cd di Windows. Windows gli aggiornamenti dovrebbe farli dato che ho lasciato che si aggiornasse automaticamente ed il motivo perché possiedo Internet Explorer 9 corrisponde al fatto che ho provato ad installare le versione più 'avanzate'ma esse mi portavano solamente virus.

da GERONIMO* » sab dic 07, 2013 6:44 pm

TDSSKiller ha trovato il rootkit TDSS
Rifai lo scan come prima mettendo le spunte a quelle voci come hai fatto prima
e a questa voce cambia da Skip a Delete
\Device\Harddisk0\DR0 ( TDSS File System ) - warning

e riavvia il pc quando te lo chiede

il dvd di windows ci servirebbe,per riparare il master boot record

windows lo tieni settato che ti ricerca gli aggiiornamenti automaticamente e non che te li installa
infatti non hai il service pack 1 e hai IE 9 ,che ormai IE è giunto alla versione 11

non la puoi installare la versione più avanzata se prima non installi il service pack 1
IE 11 per essere installato necessita del SP1
se non aggiorni windows e i programmi becchi sempre virus,perché è vulnerabile [^]

da **Pancrazio** » sab dic 07, 2013 7:16 pm

http://wikisend.com/download/208600/TDSSKiller.3.0.0.19_07.12.2013_19.01.29_log.txt

19:00:14.0858 24164 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:00:17.0898 24164 Perform update action was selected
19:00:17.0898 25168 Deinitialize success

http://wikisend.com/download/379768/TDSSKiller.3.0.0.19_07.12.2013_19.06.14_log.txt
http://wikisend.com/download/385194/TDSSKiller.3.0.0.19_07.12.2013_19.09.52_log.txt

P.S: perché prima dell'avvio mi chiede di controllare il disco rigido?

da GERONIMO* » sab dic 07, 2013 7:26 pm

ok
può essere uno strascico del rootkit,dopo facciamo uno scandisk

non ho capito se hai fatto la pulizia degli ADS,disinstallato java,flash,e la scansione di hitmanpro
me lo confermi gentilmente? grazie. [;)]

poi vedi se Avira ti trova ancora il rootkit

da **Pancrazio** » sab dic 07, 2013 7:30 pm

GERONIMO* ha scritto:ok
può essere uno strascico del rootkit,dopo facciamo uno scan disk

non ho capito se hai fatto la pulizia degli ADS,disinstallato java,flash,e la scansione di hitmanpro
me lo confermi gentilmente? grazie.

poi vedi se Avira ti trova ancora il rootkit

In alcuni ADS vi sono dei file che devo utilizzare, Hitman Pro si blocca mentre effettua la scansione mentre Java e Flash non riesco a disinstallarli dato che mi si blocca, se non li disinstallassi cosa accadrebbe?

da GERONIMO* » sab dic 07, 2013 7:38 pm

a che ti servono gli ADS [:D]

da te sento delle cose che non ho mai sentito [:)]

,devi disinstallarlo perché è buggato ,e devi scaricarlo integro e aggiornato
possibilmente se chiedi aiuto,fidati ed esegui ciò che uno ti chiede,altrimenti non chiederlo proprio un aiuto

quindi Avira ti trova ancora il rootkit?

da **Pancrazio** » sab dic 07, 2013 7:44 pm

GERONIMO* ha scritto:quindi Avira ti trova ancora il rootkit?

Si e poi la scansione di HitmanPro si blocca più o meno a metà e non c'è verso di farlo ripartire...

da **Pancrazio** » sab dic 07, 2013 7:50 pm

Allora, dove posso scaricare in modo sicuro le ultime versione di Java ed Adobe Flash Player?

da GERONIMO* » sab dic 07, 2013 7:59 pm

servirebbe il dvd di windows in modo da fixare il master boot record,e facciamo prima
himanpro lancialo in questo modo
tieni premuto fisso il tasto Ctrl sulla tastiera e lancia hitmanpro senza lasciare il tsto fino alla sua apertura

java
http://www.java.com/it/download/
flash
http://get.adobe.com/it/flashplayer/

da **stevens** » sab dic 07, 2013 8:12 pm

ciao Geronimo potrebbe pulire l'M.B.R. anche come viene specificato in questa discussione

da GERONIMO* » sab dic 07, 2013 8:23 pm

diciamo che sarebbe più sicuro agire con il dvd tramite la console di riprstino

www.MegaLab.it

Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Re: Problema con un virus

Chi c’è in linea