aiuto, virus sconosciuto o forse no... per favore aiutatemi sono alla disperazione...

gn · 24-12-2014, 19:21

ciao ed auguri per la vigilia.
come vedete sono un "anzianotto" del forum

ieri per sbaglio ho aperto un .exe che il pc ha scaricato a mia insaputa;
da allora windows carica e si freeza e non riesco a fare nulla:
si avvia normalmente, ho circa 30 secondi prima che entri in "attesa" con la rotella blu che gira e non succede niente e non posso aprire niente.
solo facendo un ripristino di sistema riuscivo a farlo funzionare; poi ho seguito una procedura per stanare i virus e ho dovuto disabilitare il ripristino, e da allora niente di niente. ci sto impazzendo da ieri sera, ho scannato con tutto lo scannabile, al punto che malwarebytes e combofix mi danno ormai il computer come pulito....
allora ho pensato che magari non è un virus ma qualcos'altro che va in conflitto ?
altro problema, non ho una connessione internet fissa, e dalla modalità provvisoria non posso collegarmi con la chiavetta tim.
vi allego qualche log file che ho provveduto a fare, ormai anche fare una scansione con hijackthis è diventato difficile.
nel frattempo dalla modalità provvisoria ho disattivato tutte le esecuzioni automatiche, ma non c'è verso, il computer è bloccato con la CPU allo 0% e la memoria utilizzata al 23% (la ventola non fa strani rumori e rimane fresco)
per favore aiutatemi a passare un natale sereno.... grazie...

seguono adwcleaner(pro), hitmanpro, combofix e tdskiller
grazie ancora ed auguri !

Quote:

# AdwCleaner v4.106 - Rapporto creato 24/12/2014 in 12:13:15
# Aggiornato 21/12/2014 di Xplode
# Database : 2014-12-21.4 [Live]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nome utente : Michelangelo - IOIO2
# In esecuzione da : C:\Users\Michelangelo\Desktop\disinf\1AdwCleaner.exe
# Opzione : Pulisci

***** [ Servizi ] *****

[#] Servizio Eliminato : PanService

***** [ File / Cartelle ] *****

Cartella Eliminato : C:\ProgramData\apn
Cartella Eliminato : C:\ProgramData\Tarma Installer
Cartella Eliminato : C:\Program Files (x86)\BonanzaDeals
Cartella Eliminato : C:\Program Files (x86)\MyPC Backup
Cartella Eliminato : C:\Program Files (x86)\Yontoo
Cartella Eliminato : C:\Program Files (x86)\PANDORA.TV
Cartella Eliminato : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Cartella Eliminato : C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Cartella Eliminato : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
File Eliminato : C:\Windows\System32\roboot64.exe

***** [ Compiti ] *****

***** [ Collegamenti ] *****

Collegamento Disinfetatti : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Collegamento Disinfetatti : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Collegamento Disinfetatti : C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Collegamento Disinfetatti : C:\Users\Michelangelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Collegamento Disinfetatti : C:\Users\Michelangelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registro ] *****

Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Chiave Eliminati : HKLM\SOFTWARE\Classes\driverscanner
Chiave Eliminati : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chiave Eliminati : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Chiave Eliminati : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chiave Eliminati : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chiave Eliminati : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Chiave Eliminati : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Chiave Eliminati : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Chiave Eliminati : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chiave Eliminati : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Valore Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Valore Eliminati : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Valore Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Chiave Eliminati : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dato Ripristinati : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chiave Eliminati : HKCU\Software\APN PIP
Chiave Eliminati : HKCU\Software\AVG Nation toolbar
Chiave Eliminati : HKCU\Software\BonanzaDealsLive
Chiave Eliminati : HKCU\Software\GoforFiles
Chiave Eliminati : HKCU\Software\InstallCore
Chiave Eliminati : HKCU\Software\Myfree Codec
Chiave Eliminati : HKCU\Software\Softonic
Chiave Eliminati : HKLM\SOFTWARE\AVG Nation toolbar
Chiave Eliminati : HKLM\SOFTWARE\AVG Secure Search
Chiave Eliminati : HKLM\SOFTWARE\AVG Security Toolbar
Chiave Eliminati : HKLM\SOFTWARE\BonanzaDealsLive
Chiave Eliminati : HKLM\SOFTWARE\GoforFiles
Chiave Eliminati : HKLM\SOFTWARE\Myfree Codec
Chiave Eliminati : HKLM\SOFTWARE\PIP
Chiave Eliminati : HKLM\SOFTWARE\qone8Software
Chiave Eliminati : HKLM\SOFTWARE\systweak
Chiave Eliminati : HKLM\SOFTWARE\Uniblue
Chiave Eliminati : [x64] HKLM\SOFTWARE\Tarma Installer
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Impostazioni Ripristinato : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Impostazioni Ripristinato : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (it)

[3amhpa1c.default\prefs.js] - Riga eliminata : user_pref("browser.newtab.url", "hxxp://start.qone8.com/newtab/?type=nt&ts=1382884694&from=cor&uid=ST9750420AS_5WS16SY9XXXX5WS16SY9");
[3amhpa1c.default\prefs.js] - Riga eliminata : user_pref("browser.search.defaultenginename", "qone8");
[3amhpa1c.default\prefs.js] - Riga eliminata : user_pref("browser.search.selectedEngine", "qone8");

-\\ Google Chrome v39.0.2171.95

*************************

AdwCleaner[R0].txt - [19227 octets] - [23/12/2014 21:57:03]
AdwCleaner[R1].txt - [8629 octets] - [24/12/2014 12:09:53]
AdwCleaner[S0].txt - [6988 octets] - [23/12/2014 22:02:18]
AdwCleaner[S1].txt - [8496 octets] - [24/12/2014 12:13:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8556 octets] ##########

Quote:

Codice:

HitmanPro 3.7.9.232
www.hitmanpro.com

   Computer name . . . . : IOIO2
   Windows . . . . . . . : 6.1.1.7601.X64/8
   User name . . . . . . : IOIO2\Michelangelo
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-12-24 12:58:47
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 7m 11s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 90

   Objects scanned . . . : 2.392.362
   Files scanned . . . . : 91.834
   Remnants scanned  . . : 971.979 files / 1.328.549 keys

Suspicious files ____________________________________________________________

   C:\Program Files (x86)\MagicDisc\MagicDisc.exe
      Size . . . . . . . : 576.000 bytes
      Age  . . . . . . . : 702.5 days (2013-01-21 00:42:17)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : E8F100A8BF30CB101088E6E5BAFF9FF472976691B9BBF70BE324A75635D4D451
      Product  . . . . . : MagicDisc
      Publisher  . . . . : MagicISO, Inc.
      Description  . . . : MagicISO Virtual CD/DVD Manager
      Version  . . . . . : 2.7.0.106
      Copyright  . . . . : MagicISO, Inc.
      Gossip . . . . . . : MagicDisc
      Parent Name  . . . : C:\Windows\Explorer.EXE
      LanguageID . . . . : 1033
      Running processes  : 4524
      Fuzzy  . . . . . . : 22.0
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Uses the Startup folder in the Start Menu to run each time the user logs on.
         Program is running but currently exposes no human-computer interface (GUI).
         Program starts automatically without user intervention.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is in use by one or more active processes.
      Startup
         C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
      References
         C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc\MagicDisc.lnk
         C:\Users\UpdatusUser\Desktop\MagicDisc.lnk


Potential Unwanted Programs _________________________________________________

   Google Chrome.lnk
   C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\


Cookies _____________________________________________________________________

   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:cstatic.weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:pg2.solution.weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:playstationit.solution.weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:weboramaitdata.solution.weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:weboramaitdatas2.solution.weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:weboramaitdatas3.solution.weborama.fr
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.payclick.it
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adsrvmedia.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.servebom.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.torrentco.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.hwupgrade.it
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertorials.genieo.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:be.sitestat.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas8.emediate.eu
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:int.sitestat.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:myroitracking.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:nasdaq.122.2o7.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:oasc-eu1.247realmedia.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:oase00821.247realmedia.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:oracle.112.2o7.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.juiceadv.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.tradedoubler.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\Michelangelo\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\0EQE2ZSP.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\4GUQ14IA.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\749AIMGZ.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\B8EU8EJL.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\BKJ8857D.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\DOKFXDF1.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\KFQE8L1T.txt
   C:\Users\Michelangelo\AppData\Roaming\Microsoft\Windows\Cookies\ZRB35S8T.txt

Quote:

ComboFix 14-12-23.01 - Michelangelo 24/12/2014 17:09:54.2.8 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.6055.5192 [GMT 1:00]
Eseguito da: c:\users\Michelangelo\Desktop\disinf\8abc.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((( Files Creati Da 2014-11-24 al 2014-12-24 )))))))))))))))))))))))))))))))))))
.
.
2014-12-24 16:17 . 2014-12-24 16:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-12-24 16:17 . 2014-12-24 16:17 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-12-24 16:17 . 2014-12-24 16:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-24 14:56 . 2014-12-24 14:56 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-24 14:56 . 2014-12-24 14:56 -------- d-----w- c:\programdata\RogueKiller
2014-12-24 13:35 . 2014-12-24 13:35 20672 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-12-24 13:35 . 2014-12-24 13:43 -------- d-----w- c:\users\Michelangelo\AppData\Roaming\DiskDefrag
2014-12-24 13:35 . 2014-12-24 13:35 -------- d-----w- c:\users\Michelangelo\AppData\Roaming\GlarySoft
2014-12-24 13:35 . 2014-08-18 01:06 118048 ----a-w- c:\windows\system32\BootDefrag.exe
2014-12-24 13:35 . 2014-07-18 07:11 17600 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-12-24 13:35 . 2014-12-24 13:35 -------- d-----w- c:\program files (x86)\Glary Utilities 5
2014-12-24 11:58 . 2014-12-24 11:58 -------- d-----w- c:\program files\HitmanPro
2014-12-24 11:57 . 2014-12-24 12:06 -------- d-----w- c:\programdata\HitmanPro
2014-12-24 11:18 . 2014-12-24 15:00 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-23 14:45 . 2014-12-23 14:45 -------- d-----w- c:\programdata\Malwarebytes
2014-12-23 14:23 . 2014-12-23 14:23 -------- d-----w- c:\program files (x86)\BuuYNSavE
2014-12-23 14:22 . 2014-12-23 17:40 -------- d-----w- c:\programdata\claiclenihocpchlplmgbcigdlplehec
2014-12-21 07:31 . 2014-12-21 07:31 -------- d-----w- c:\program files\Sierra
2014-12-21 07:26 . 2014-12-21 07:26 -------- d-----w- c:\program files (x86)\Sierra
2014-12-21 07:25 . 2004-04-18 22:39 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2014-12-21 07:25 . 2014-12-21 07:25 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2014-12-21 07:25 . 2014-12-21 07:25 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2014-12-21 07:25 . 2004-04-18 22:42 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2014-12-21 07:25 . 2004-04-18 22:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2014-12-21 07:25 . 2004-04-18 22:39 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2014-12-21 07:25 . 2004-04-18 22:39 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2014-12-18 06:41 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 06:41 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-15 14:39 . 2014-12-15 14:41 -------- d-----w- c:\program files (x86)\CCleaner
2014-12-15 11:16 . 2014-12-24 15:40 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2014-12-15 11:15 . 2014-12-24 15:38 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2014-12-14 19:24 . 2014-12-14 19:25 -------- d-----w- c:\program files (x86)\WinMerge
2014-12-14 12:53 . 2014-12-18 20:34 -------- d-----w- c:\users\Michelangelo\AppData\Local\JDownloader v2.0
2014-12-11 21:21 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-11 21:21 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 17:20 . 2014-12-11 17:20 -------- d-----w- C:\CloneSpy
2014-12-11 11:23 . 2014-11-11 03:09 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-11 11:23 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-11 11:21 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-09 19:02 . 2014-12-09 19:02 -------- d-----w- c:\users\Michelangelo\AppData\Local\skybn
2014-12-09 19:01 . 2014-12-09 19:01 -------- d-----w- c:\users\Michelangelo\AppData\Local\Lorenz_Cuno_Klopfenstein
2014-12-06 11:33 . 2014-12-06 11:33 -------- d-----w- c:\program files\Oracle
2014-11-25 13:24 . 2014-11-25 13:24 24294072 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-25 12:59 . 2014-11-25 12:59 18638520 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-24 15:38 . 2014-09-21 15:01 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2014-12-11 21:23 . 2013-01-21 01:25 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 18:08 . 2013-01-19 21:02 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 18:08 . 2013-01-19 21:02 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-24 11:43 . 2014-11-24 11:44 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 11:30 . 2014-11-24 11:30 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-11-23 16:25 . 2013-03-03 17:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-11-23 16:25 . 2013-03-03 17:31 375632 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-17 15:05 . 2014-10-13 16:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-11-17 15:05 . 2014-10-13 16:33 375632 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-11-11 03:08 . 2014-11-21 17:18 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-21 17:18 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-21 17:18 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-21 17:18 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-29 20:35 . 2014-10-29 20:35 263960 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2014-10-25 01:57 . 2014-11-15 14:15 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-15 14:15 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-15 14:15 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-15 14:15 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-15 14:17 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-15 14:17 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-15 14:15 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-15 14:17 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-15 14:17 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-15 14:17 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-15 14:17 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-15 14:15 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-15 14:17 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-15 14:17 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-15 14:17 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-13 16:28 . 2012-07-17 22:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-10 13:14 . 2014-10-10 13:14 274200 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2014-10-10 00:57 . 2014-11-15 14:15 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-05 19:41 . 2014-10-05 19:41 124184 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2014-10-03 02:12 . 2014-11-15 14:16 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-15 14:16 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-15 14:16 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-15 14:16 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-15 14:16 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-15 14:16 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-15 14:16 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-15 14:16 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2009-12-06 09:18 26624 --sh--w- c:\windows\bfcs2.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}]
2013-07-08 02:43 126520 ----a-w- c:\program files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3170\npQQPhoneManagerExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_Chiavetta Internet"="c:\program files (x86)\Chiavetta Internet\UpdateDog\ouc.exe" [2013-05-26 224096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-24 1601536]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-12-11 311152]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2013-04-19 374784]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
MobileGo Service.lnk - c:\program files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe [2014-3-26 103312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\progra~2\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
R1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [x]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 Chiavetta Internet. RunOuc;Chiavetta Internet. OUC;c:\program files (x86)\Chiavetta Internet\UpdateDog\ouc.exe;c:\program files (x86)\Chiavetta Internet\UpdateDog\ouc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HauppaugeTVServer;HauppaugeTVServer;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [x]
R2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys;c:\windows\SYSNATIVE\DRIVERS\appliand.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Rockusb;Driver for Rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys;c:\windows\SYSNATIVE\DRIVERS\rockusb.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys;c:\windows\SYSNATIVE\Drivers\FSPFltd.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys;c:\windows\SYSNATIVE\DRIVERS\appliand.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-13 08:23 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 18:08]
.
2014-12-24 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2014-08-18 01:05]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19 21:02]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19 21:02]
.
2014-12-24 c:\windows\Tasks\GU5SkipUAC.job
- c:\program files (x86)\Glary Utilities 5\Integrator.exe [2014-08-18 01:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-14 2168424]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2013-07-06 2584864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\acaptuser64.dll c:\progra~1\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap64.dll
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.it/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Aggiungi a PDF esistente - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Aggiungi destinazione link a PDF esistente - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti destinazione link in Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti in Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
Trusted Zone: mydirtyhobby.com
TCP: Interfaces\{2BD2C0CE-8D26-498D-AC9B-5020634CD888}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{2BD2C0CE-8D26-498D-AC9B-5020634CD888}\26F63636F6E696D23747574656E64796: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2BD2C0CE-8D26-498D-AC9B-5020634CD888}\54D4241435: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{2BD2C0CE-8D26-498D-AC9B-5020634CD888}\77966696D27657563747: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Michelangelo\AppData\Roaming\Mozilla\Firefox\Profiles\3amhpa1c.default\
FF - prefs.js: browser.startup.homepage - about:homeabout:home
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-MBAMSwissArmy
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-2950939168-3566930926-795002402-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*1¢‚@]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2950939168-3566930926-795002402-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*1¢‚@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2014-12-24 17:20:05
ComboFix-quarantined-files.txt 2014-12-24 16:20
ComboFix2.txt 2014-12-24 12:44
ComboFix3.txt 2014-12-23 21:27
.
Pre-Run: 64.411.131.904 byte disponibili
Post-Run: 64.404.008.960 byte disponibili
.
- - End Of File - - 20A5562CA2B88348392A200BF78E16C1
A36C5E4F47E84449FF07ED3517B43A31

Quote:

16:28:36.0986 0x0168 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
16:28:46.0003 0x0168 ============================================================
16:28:46.0003 0x0168 Current date / time: 2014/12/24 16:28:46.0003
16:28:46.0003 0x0168 SystemInfo:
16:28:46.0003 0x0168
16:28:46.0003 0x0168 OS Version: 6.1.7601 ServicePack: 1.0
16:28:46.0003 0x0168 Product type: Workstation
16:28:46.0003 0x0168 ComputerName: IOIO2
16:28:46.0019 0x0168 UserName: Michelangelo
16:28:46.0019 0x0168 Windows directory: C:\Windows
16:28:46.0019 0x0168 System windows directory: C:\Windows
16:28:46.0019 0x0168 Running under WOW64
16:28:46.0019 0x0168 Processor architecture: Intel x64
16:28:46.0019 0x0168 Number of processors: 8
16:28:46.0019 0x0168 Page size: 0x1000
16:28:46.0019 0x0168 Boot type: Safe boot with network
16:28:46.0019 0x0168 ============================================================
16:28:48.0328 0x0168 KLMD registered as C:\Windows\system32\drivers\64416862.sys
16:28:48.0530 0x0168 System UUID: {4AA56B75-4A6F-43E4-92E2-3B2FDE0DCF39}
16:28:49.0045 0x0168 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:28:51.0526 0x0168 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:28:51.0541 0x0168 Drive \Device\Harddisk2\DR3 - Size: 0x1E7900000 ( 7.62 Gb ), SectorSize: 0x200, Cylinders: 0x3E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:28:51.0541 0x0168 ============================================================
16:28:51.0541 0x0168 \Device\Harddisk0\DR0:
16:28:51.0668 0x0168 MBR partitions:
16:28:51.0668 0x0168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x26357000
16:28:51.0684 0x0168 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x29558000, BlocksNum 0x2DFEE000
16:28:51.0684 0x0168 \Device\Harddisk1\DR1:
16:28:51.0684 0x0168 MBR partitions:
16:28:51.0715 0x0168 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x2BAA48A2
16:28:51.0730 0x0168 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2BAA87E1, BlocksNum 0x2BA9CB20
16:28:51.0730 0x0168 \Device\Harddisk2\DR3:
16:28:51.0730 0x0168 MBR partitions:
16:28:51.0730 0x0168 ============================================================
16:28:51.0762 0x0168 C: <-> \Device\Harddisk0\DR0\Partition1
16:28:51.0793 0x0168 D: <-> \Device\Harddisk1\DR1\Partition1
16:28:51.0808 0x0168 E: <-> \Device\Harddisk1\DR1\Partition2
16:28:51.0840 0x0168 F: <-> \Device\Harddisk0\DR0\Partition2
16:28:51.0840 0x0168 ============================================================
16:28:51.0840 0x0168 Initialize success
16:28:51.0840 0x0168 ============================================================
16:29:01.0075 0x0780 ============================================================
16:29:01.0075 0x0780 Scan started
16:29:01.0075 0x0780 Mode: Manual;
16:29:01.0075 0x0780 ============================================================
16:29:01.0075 0x0780 KSN ping started
16:29:01.0137 0x0780 KSN ping finished: false
16:29:02.0229 0x0780 ================ Scan system memory ========================
16:29:02.0229 0x0780 System memory - ok
16:29:02.0229 0x0780 ================ Scan services =============================
16:29:02.0385 0x0780 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:29:02.0385 0x0780 1394ohci - ok
16:29:02.0416 0x0780 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:29:02.0432 0x0780 ACPI - ok
16:29:02.0448 0x0780 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:29:02.0448 0x0780 AcpiPmi - ok
16:29:02.0526 0x0780 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:29:02.0541 0x0780 AdobeFlashPlayerUpdateSvc - ok
16:29:02.0572 0x0780 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:29:02.0588 0x0780 adp94xx - ok
16:29:02.0650 0x0780 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:29:02.0650 0x0780 adpahci - ok
16:29:02.0697 0x0780 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:29:02.0697 0x0780 adpu320 - ok
16:29:02.0728 0x0780 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:29:02.0728 0x0780 AeLookupSvc - ok
16:29:02.0791 0x0780 [ 69FD46FAC0D9C4A8ECD522AC6A7481F5, 048FA3F77423D43346A35F142DBD0ACEC190F5E68F79960856C325B3CA7DD6C9 ] AFBAgent C:\Windows\system32\FBAgent.exe
16:29:02.0806 0x0780 AFBAgent - ok
16:29:02.0853 0x0780 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:29:02.0869 0x0780 AFD - ok
16:29:02.0884 0x0780 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:29:02.0884 0x0780 agp440 - ok
16:29:02.0900 0x0780 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:29:02.0916 0x0780 ALG - ok
16:29:02.0978 0x0780 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:29:02.0978 0x0780 aliide - ok
16:29:02.0978 0x0780 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:29:02.0994 0x0780 amdide - ok
16:29:03.0025 0x0780 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:29:03.0025 0x0780 AmdK8 - ok
16:29:03.0056 0x0780 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:29:03.0056 0x0780 AmdPPM - ok
16:29:03.0103 0x0780 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:29:03.0103 0x0780 amdsata - ok
16:29:03.0118 0x0780 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:29:03.0134 0x0780 amdsbs - ok
16:29:03.0150 0x0780 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:29:03.0150 0x0780 amdxata - ok
16:29:03.0196 0x0780 [ 838B52A5EFEF8AD36636E514AE51263F, A2FEF70E8696CF9DB13BAB4C262C9E275F3CEC6E007DDF9E1386175DE5A6790F ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
16:29:03.0196 0x0780 AmUStor - ok
16:29:03.0228 0x0780 [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
16:29:03.0228 0x0780 Apowersoft_AudioDevice - ok
16:29:03.0274 0x0780 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
16:29:03.0274 0x0780 AppID - ok
16:29:03.0290 0x0780 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:29:03.0290 0x0780 AppIDSvc - ok
16:29:03.0321 0x0780 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:29:03.0321 0x0780 Appinfo - ok
16:29:03.0352 0x0780 [ 0EEFF7103E4F3E783F3D2B870AF67F1C, 6DD18D21D58CD359C5D0B0FD4C81C4B039A0FCA36597DC183DF57902AC2274F0 ] appliand C:\Windows\system32\DRIVERS\appliand.sys
16:29:03.0368 0x0780 appliand - ok
16:29:03.0399 0x0780 [ 0EEFF7103E4F3E783F3D2B870AF67F1C, 6DD18D21D58CD359C5D0B0FD4C81C4B039A0FCA36597DC183DF57902AC2274F0 ] appliandMP C:\Windows\system32\DRIVERS\appliand.sys
16:29:03.0399 0x0780 appliandMP - ok
16:29:03.0446 0x0780 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:29:03.0446 0x0780 arc - ok
16:29:03.0462 0x0780 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:29:03.0462 0x0780 arcsas - ok
16:29:03.0555 0x0780 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:29:03.0571 0x0780 ASLDRService - ok
16:29:03.0586 0x0780 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:29:03.0586 0x0780 ASMMAP64 - ok
16:29:03.0711 0x0780 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:29:03.0742 0x0780 aspnet_state - ok
16:29:03.0805 0x0780 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:29:03.0805 0x0780 AsyncMac - ok
16:29:03.0852 0x0780 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:29:03.0852 0x0780 atapi - ok
16:29:03.0883 0x0780 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
16:29:03.0898 0x0780 AthBTPort - ok
16:29:03.0976 0x0780 [ A6307F356D778E18A76E7783EF98C6AA, BD8326AA08B669517BDB54BAF53E6D3D6AFFE69359C67EF857114587A9064BA6 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
16:29:03.0976 0x0780 Atheros Bt&Wlan Coex Agent - ok
16:29:04.0008 0x0780 [ 147D5C092D116E3E4768D7BE532ADD79, 6CF3E3A9880662DC096B44CBA53F47EBB0E08D63CAED4DBF903D656D6122E7F1 ] AtherosSvc C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
16:29:04.0008 0x0780 AtherosSvc - ok
16:29:04.0148 0x0780 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:29:04.0242 0x0780 athr - ok
16:29:04.0257 0x0780 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:29:04.0257 0x0780 ATKGFNEXSrv - ok
16:29:04.0288 0x0780 [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
16:29:04.0288 0x0780 ATKWMIACPIIO - ok
16:29:04.0351 0x0780 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:29:04.0382 0x0780 AudioEndpointBuilder - ok
16:29:04.0413 0x0780 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:29:04.0429 0x0780 AudioSrv - ok
16:29:04.0491 0x0780 [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
16:29:04.0491 0x0780 Avgdiska - ok
16:29:04.0663 0x0780 [ 11BE8047AF7016C4D814F40CF4E5F1BD, 6E30843985B169D818BE9B0DDFB1841C271E9F58C119A3082286380933943184 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
16:29:04.0772 0x0780 AVGIDSAgent - ok
16:29:04.0803 0x0780 [ 4A989DB4EABAC4297A9DE0D70A9483CB, C739F577988916216A7537D43247FF4FBFEB59531BC02AF92BD7DF5375ED8F6B ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:29:04.0803 0x0780 AVGIDSDriver - ok
16:29:04.0834 0x0780 [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:29:04.0850 0x0780 AVGIDSHA - ok
16:29:04.0866 0x0780 [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:29:04.0866 0x0780 Avgldx64 - ok
16:29:04.0881 0x0780 [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:29:04.0897 0x0780 Avgloga - ok
16:29:04.0912 0x0780 [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:29:04.0912 0x0780 Avgmfx64 - ok
16:29:04.0959 0x0780 [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:29:04.0959 0x0780 Avgrkx64 - ok
16:29:04.0990 0x0780 [ 0BB7ECAC81554D83A66A0B9F961BB9D0, BBCE86FE8980E06F5A92E8636D6D3F2FD7B6EF7DB999BBEB0E68A5FCB220EDC9 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:29:05.0006 0x0780 Avgtdia - ok
16:29:05.0053 0x0780 [ BA5BEC7FB1EABF3FBD38924AB45C7B3A, DF731DB44CDA24F412E72555A0AEB64E7B182BE22C8283CDEA4397DDBE6AA0EE ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
16:29:05.0084 0x0780 avgwd - ok
16:29:05.0131 0x0780 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:29:05.0131 0x0780 AxInstSV - ok
16:29:05.0193 0x0780 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:29:05.0209 0x0780 b06bdrv - ok
16:29:05.0240 0x0780 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:29:05.0256 0x0780 b57nd60a - ok
16:29:05.0302 0x0780 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:29:05.0302 0x0780 BDESVC - ok
16:29:05.0302 0x0780 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:29:05.0302 0x0780 Beep - ok
16:29:05.0349 0x0780 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:29:05.0396 0x0780 BFE - ok
16:29:05.0458 0x0780 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
16:29:05.0490 0x0780 BITS - ok
16:29:05.0536 0x0780 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:29:05.0536 0x0780 blbdrive - ok
16:29:05.0614 0x0780 [ 093B1B419EF25B15D3A1CA6953F41AFB, 52B7AD47CE65BEA723ED361E67781E237EE85D71D8233BF965F69B1C6353ADE4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:29:05.0646 0x0780 Bluetooth Device Monitor - ok
16:29:05.0708 0x0780 [ 03A7341E94ACD92E0831336D4F3ACE92, B7BF8B549F2E1508E13568A735C20E799751143DE7D58728100E0EB527D39AC6 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:29:05.0755 0x0780 Bluetooth Media Service - ok
16:29:05.0802 0x0780 [ A2EBF384ED105FED7D05C5465500EF2E, 07D38237B295D87FB3E2A3744B6AA9F8D0529FC0DE64B39A6B7ACC63803BB401 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:29:05.0833 0x0780 Bluetooth OBEX Service - ok
16:29:05.0942 0x0780 [ 369D7E0E01117A1A4A23C9C6A04EED06, 000793ECF7BF88A108A9FF623AF03508AD360854D08BD70DF32C22EBFE78E119 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
16:29:05.0942 0x0780 BootDefragDriver - ok
16:29:05.0989 0x0780 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:29:05.0989 0x0780 bowser - ok
16:29:06.0020 0x0780 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:29:06.0020 0x0780 BrFiltLo - ok
16:29:06.0036 0x0780 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:29:06.0051 0x0780 BrFiltUp - ok
16:29:06.0051 0x0780 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:29:06.0067 0x0780 BridgeMP - ok
16:29:06.0114 0x0780 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:29:06.0114 0x0780 Browser - ok
16:29:06.0160 0x0780 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:29:06.0176 0x0780 Brserid - ok
16:29:06.0192 0x0780 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:29:06.0207 0x0780 BrSerWdm - ok
16:29:06.0207 0x0780 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:29:06.0223 0x0780 BrUsbMdm - ok
16:29:06.0223 0x0780 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:29:06.0223 0x0780 BrUsbSer - ok
16:29:06.0285 0x0780 [ 2ECF188C1D4246EFC6419F118F7B8EC6, EE1CABC423D42F104BB1CB931019B084B1DEFE53C92C1593D2C190A69A320BF1 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
16:29:06.0301 0x0780 BTATH_A2DP - ok
16:29:06.0332 0x0780 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
16:29:06.0332 0x0780 BTATH_BUS - ok
16:29:06.0379 0x0780 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
16:29:06.0379 0x0780 BTATH_HCRP - ok
16:29:06.0441 0x0780 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
16:29:06.0441 0x0780 BTATH_RCP - ok
16:29:06.0504 0x0780 [ 6E7427156DE0F0601DC0DF42CAFF971D, 5BEE2BE8FB6C92E34F686AC84CFB88F99E98D8251DB88D41A7483D267A91760D ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
16:29:06.0519 0x0780 BtFilter - ok
16:29:06.0550 0x0780 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:29:06.0550 0x0780 BthEnum - ok
16:29:06.0597 0x0780 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:29:06.0597 0x0780 BTHMODEM - ok
16:29:06.0628 0x0780 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:29:06.0644 0x0780 BthPan - ok
16:29:06.0675 0x0780 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:29:06.0706 0x0780 BTHPORT - ok
16:29:06.0738 0x0780 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:29:06.0753 0x0780 bthserv - ok
16:29:06.0784 0x0780 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:29:06.0784 0x0780 BTHUSB - ok
16:29:06.0831 0x0780 [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A, 0A965D032CF7CCB7297A919D1554433CB57BF3D555B7A002E7A1059BE8AE74A0 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
16:29:06.0847 0x0780 btmaux - ok
16:29:06.0878 0x0780 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:29:06.0878 0x0780 cdfs - ok
16:29:06.0909 0x0780 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:29:06.0925 0x0780 cdrom - ok
16:29:06.0940 0x0780 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:29:06.0956 0x0780 CertPropSvc - ok
16:29:07.0018 0x0780 [ 6895A32D5ED4262258D1519BC5B0CC42, 91F43A39855F4D5A4C720BD2734B2B476D9A7C8C7D787CF58496318DD11AFC9C ] Chiavetta Internet. RunOuc C:\Program Files (x86)\Chiavetta Internet\UpdateDog\ouc.exe
16:29:07.0034 0x0780 Chiavetta Internet. RunOuc - ok
16:29:07.0050 0x0780 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:29:07.0050 0x0780 circlass - ok
16:29:07.0112 0x0780 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:29:07.0128 0x0780 CLFS - ok
16:29:07.0206 0x0780 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:29:07.0206 0x0780 clr_optimization_v2.0.50727_32 - ok
16:29:07.0252 0x0780 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:29:07.0268 0x0780 clr_optimization_v2.0.50727_64 - ok
16:29:07.0330 0x0780 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:07.0346 0x0780 clr_optimization_v4.0.30319_32 - ok
16:29:07.0346 0x0780 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:29:07.0393 0x0780 clr_optimization_v4.0.30319_64 - ok
16:29:07.0440 0x0780 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:29:07.0440 0x0780 CmBatt - ok
16:29:07.0471 0x0780 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:29:07.0471 0x0780 cmdide - ok
16:29:07.0528 0x0780 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:29:07.0530 0x0780 CNG - ok
16:29:07.0546 0x0780 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:29:07.0561 0x0780 Compbatt - ok
16:29:07.0592 0x0780 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:29:07.0592 0x0780 CompositeBus - ok
16:29:07.0624 0x0780 COMSysApp - ok
16:29:07.0702 0x0780 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:29:07.0717 0x0780 cphs - ok
16:29:07.0733 0x0780 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:29:07.0733 0x0780 crcdisk - ok
16:29:07.0764 0x0780 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:29:07.0780 0x0780 CryptSvc - ok
16:29:07.0860 0x0780 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:29:07.0891 0x0780 DcomLaunch - ok
16:29:07.0922 0x0780 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:29:07.0938 0x0780 defragsvc - ok
16:29:07.0953 0x0780 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:29:07.0953 0x0780 DfsC - ok
16:29:08.0000 0x0780 [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:29:08.0000 0x0780 dg_ssudbus - ok
16:29:08.0031 0x0780 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:29:08.0047 0x0780 Dhcp - ok
16:29:08.0094 0x0780 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:29:08.0094 0x0780 discache - ok
16:29:08.0140 0x0780 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:29:08.0140 0x0780 Disk - ok
16:29:08.0187 0x0780 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:29:08.0203 0x0780 Dnscache - ok
16:29:08.0234 0x0780 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:29:08.0250 0x0780 dot3svc - ok
16:29:08.0281 0x0780 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:29:08.0281 0x0780 DPS - ok
16:29:08.0343 0x0780 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:29:08.0343 0x0780 drmkaud - ok
16:29:08.0374 0x0780 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:29:08.0390 0x0780 dtsoftbus01 - ok
16:29:08.0452 0x0780 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:29:08.0484 0x0780 DXGKrnl - ok
16:29:08.0546 0x0780 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:29:08.0546 0x0780 EapHost - ok
16:29:08.0702 0x0780 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:29:08.0811 0x0780 ebdrv - ok
16:29:08.0858 0x0780 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:29:08.0858 0x0780 EFS - ok
16:29:08.0936 0x0780 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:29:08.0983 0x0780 ehRecvr - ok
16:29:08.0983 0x0780 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:29:08.0998 0x0780 ehSched - ok
16:29:09.0030 0x0780 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:29:09.0061 0x0780 elxstor - ok
16:29:09.0123 0x0780 [ 38FA2DE536D445D4EF2C7B6A3224DAF8, 0F5DCA93B41D3F1A0ED32ECA12BBEBF61BD0A3204E97CB17738CFF0198B24FD0 ] emAudio C:\Windows\system32\drivers\emAudio64.sys
16:29:09.0123 0x0780 emAudio - ok
16:29:09.0139 0x0780 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:29:09.0139 0x0780 ErrDev - ok
16:29:09.0186 0x0780 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:29:09.0201 0x0780 EventSystem - ok
16:29:09.0264 0x0780 [ 97F9144BA87EB5826363FB345DEB40CD, 7ECDAC691EFD149C22869802F1EEE5CD147A14B8B57B3433B9D4FDCE4BD045CD ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
16:29:09.0279 0x0780 ewusbmbb - ok
16:29:09.0326 0x0780 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
16:29:09.0342 0x0780 ew_hwusbdev - ok
16:29:09.0373 0x0780 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
16:29:09.0373 0x0780 ew_usbenumfilter - ok
16:29:09.0435 0x0780 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:29:09.0435 0x0780 exfat - ok
16:29:09.0451 0x0780 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:29:09.0466 0x0780 fastfat - ok
16:29:09.0513 0x0780 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:29:09.0544 0x0780 Fax - ok
16:29:09.0560 0x0780 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:29:09.0560 0x0780 fdc - ok
16:29:09.0591 0x0780 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:29:09.0607 0x0780 fdPHost - ok
16:29:09.0622 0x0780 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:29:09.0622 0x0780 FDResPub - ok
16:29:09.0654 0x0780 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:29:09.0654 0x0780 FileInfo - ok
16:29:09.0669 0x0780 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:29:09.0669 0x0780 Filetrace - ok
16:29:09.0747 0x0780 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:29:09.0778 0x0780 FLEXnet Licensing Service - ok
16:29:09.0794 0x0780 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:29:09.0794 0x0780 flpydisk - ok
16:29:09.0825 0x0780 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:29:09.0825 0x0780 FltMgr - ok
16:29:09.0888 0x0780 [ 7DE8A770487FC4B5E3A168AD97E1D370, C60414C793AF00D93D2E579CDAD5BD188421725CDCDDB6552DEF32DD5AC65C90 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
16:29:09.0888 0x0780 FLxHCIc - ok
16:29:09.0903 0x0780 [ 2D54A3319FC955029E4B371CDC088FF4, 19BD3AE7183852DC6DF42BDF0B941BB3AA7F01C25A9D94C07F3D168A7C8732AB ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
16:29:09.0919 0x0780 FLxHCIh - ok
16:29:09.0981 0x0780 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:29:10.0028 0x0780 FontCache - ok
16:29:10.0090 0x0780 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:29:10.0090 0x0780 FontCache3.0.0.0 - ok
16:29:10.0122 0x0780 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:29:10.0122 0x0780 FsDepends - ok
16:29:10.0168 0x0780 [ 8197C85348A33BCCFE80DD6E2DB53903, 092CA0616AA37ACA44EF358F554C4A37247E5B29761AFC11A805C28A02D5771D ] FSProFilter C:\Windows\system32\Drivers\FSPFltd.sys
16:29:10.0184 0x0780 FSProFilter - ok
16:29:10.0215 0x0780 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS
16:29:10.0215 0x0780 FsUsbExDisk - ok
16:29:10.0262 0x0780 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:29:10.0262 0x0780 Fs_Rec - ok
16:29:10.0324 0x0780 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:29:10.0324 0x0780 fvevol - ok
16:29:10.0371 0x0780 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:29:10.0371 0x0780 gagp30kx - ok
16:29:10.0434 0x0780 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:29:10.0465 0x0780 gpsvc - ok
16:29:10.0512 0x0780 [ 500CBE92D24D21B78120BF0FD0196F58, 62514A8A96AA0092B7327CFF2E1168A5619DCFC947E7995FEE81A32F83AF3AE1 ] GUBootStartup C:\Windows\System32\drivers\GUBootStartup.sys
16:29:10.0512 0x0780 GUBootStartup - ok
16:29:10.0574 0x0780 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:29:10.0574 0x0780 gupdate - ok
16:29:10.0605 0x0780 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:29:10.0605 0x0780 gupdatem - ok
16:29:10.0621 0x0780 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:29:10.0636 0x0780 gusvc - ok
16:29:10.0761 0x0780 [ 237197AA5D1E807F2F2AE44284536378, B295599AFA99B2C72EA50D85D64BBA6EE893F8B347C964AF9A10D1D3773BF7D2 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
16:29:10.0792 0x0780 HauppaugeTVServer - ok
16:29:10.0824 0x0780 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:29:10.0824 0x0780 hcw85cir - ok
16:29:10.0902 0x0780 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:29:10.0917 0x0780 HdAudAddService - ok
16:29:10.0933 0x0780 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:29:10.0933 0x0780 HDAudBus - ok
16:29:10.0964 0x0780 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:29:10.0964 0x0780 HidBatt - ok
16:29:10.0980 0x0780 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:29:10.0980 0x0780 HidBth - ok
16:29:10.0995 0x0780 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:29:10.0995 0x0780 HidIr - ok
16:29:11.0026 0x0780 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
16:29:11.0026 0x0780 hidserv - ok
16:29:11.0058 0x0780 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:29:11.0058 0x0780 HidUsb - ok
16:29:11.0104 0x0780 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:29:11.0104 0x0780 hkmsvc - ok
16:29:11.0120 0x0780 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:29:11.0136 0x0780 HomeGroupListener - ok
16:29:11.0182 0x0780 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:29:11.0198 0x0780 HomeGroupProvider - ok
16:29:11.0229 0x0780 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:29:11.0229 0x0780 HpSAMD - ok
16:29:11.0276 0x0780 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:29:11.0307 0x0780 HTTP - ok
16:29:11.0370 0x0780 [ 8F3C72B2B005BB9AF90D645EDDF818B8, 37D861D8848CA75B14F647A3FFF80E132E0DCD4709FE3A6E16EB99A5DCDBF5B4 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
16:29:11.0385 0x0780 huawei_cdcacm - ok
16:29:11.0416 0x0780 [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
16:29:11.0416 0x0780 huawei_enumerator - ok
16:29:11.0448 0x0780 [ 83D6CD158B6D543BD6C61D5FA6063E93, 01C3402A96EF9EBDE81A26CB2DA4268E594693426A894A4D53F6284220B2C7F5 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
16:29:11.0448 0x0780 huawei_ext_ctrl - ok
16:29:11.0479 0x0780 [ F0A1A00F44FBAB86A3607A7002620915, 7BC6578A06EE255E4CBC3C937D64EF3F4BEE2DB7700A73F5F59423FA2AE5B56F ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
16:29:11.0494 0x0780 huawei_wwanecm - ok
16:29:11.0557 0x0780 [ 24FA6177FE55C4BC045EC87E39F90688, 14B6EF152CE5293BB549A8FA069BEBC34C8C6B9796A6AA94B0AB6ADBEC3819C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:29:11.0572 0x0780 hwdatacard - ok
16:29:11.0635 0x0780 [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
16:29:11.0650 0x0780 HWDeviceService64.exe - ok
16:29:11.0682 0x0780 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:29:11.0697 0x0780 hwpolicy - ok
16:29:11.0744 0x0780 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:29:11.0760 0x0780 i8042prt - ok
16:29:11.0838 0x0780 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:29:11.0853 0x0780 iaStorV - ok
16:29:11.0947 0x0780 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:29:11.0978 0x0780 idsvc - ok
16:29:11.0994 0x0780 IEEtwCollectorService - ok
16:29:12.0196 0x0780 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:29:12.0914 0x0780 igfx - ok
16:29:13.0070 0x0780 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:29:13.0070 0x0780 iirsp - ok
16:29:13.0117 0x0780 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:29:13.0164 0x0780 IKEEXT - ok
16:29:13.0273 0x0780 [ E22397FB13975FF21BE8E6897D7DC584, 8C3E85BB54208928F1F058D914D1D52EC59B1939C3E123D8800E134B1A09AF9D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:29:13.0351 0x0780 IntcAzAudAddService - ok
16:29:13.0413 0x0780 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:29:13.0429 0x0780 IntcDAud - ok
16:29:13.0460 0x0780 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:29:13.0460 0x0780 intelide - ok
16:29:13.0476 0x0780 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:29:13.0476 0x0780 intelppm - ok
16:29:13.0538 0x0780 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:29:13.0538 0x0780 IPBusEnum - ok
16:29:13.0569 0x0780 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:29:13.0585 0x0780 IpFilterDriver - ok
16:29:13.0632 0x0780 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:29:13.0663 0x0780 iphlpsvc - ok
16:29:13.0678 0x0780 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:29:13.0678 0x0780 IPMIDRV - ok
16:29:13.0694 0x0780 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:29:13.0694 0x0780 IPNAT - ok
16:29:13.0710 0x0780 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:29:13.0710 0x0780 IRENUM - ok
16:29:13.0725 0x0780 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:29:13.0725 0x0780 isapnp - ok
16:29:13.0772 0x0780 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:29:13.0788 0x0780 iScsiPrt - ok
16:29:13.0803 0x0780 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:29:13.0803 0x0780 kbdclass - ok
16:29:13.0834 0x0780 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:29:13.0834 0x0780 kbdhid - ok
16:29:13.0850 0x0780 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:29:13.0850 0x0780 KeyIso - ok
16:29:13.0881 0x0780 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:29:13.0881 0x0780 KSecDD - ok
16:29:13.0944 0x0780 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:29:13.0944 0x0780 KSecPkg - ok
16:29:13.0959 0x0780 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:29:13.0959 0x0780 ksthunk - ok
16:29:14.0006 0x0780 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:29:14.0022 0x0780 KtmRm - ok
16:29:14.0053 0x0780 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
16:29:14.0068 0x0780 L1C - ok
16:29:14.0100 0x0780 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:29:14.0115 0x0780 LanmanServer - ok
16:29:14.0162 0x0780 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:29:14.0162 0x0780 LanmanWorkstation - ok
16:29:14.0224 0x0780 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:29:14.0224 0x0780 lltdio - ok
16:29:14.0287 0x0780 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:29:14.0302 0x0780 lltdsvc - ok
16:29:14.0318 0x0780 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:29:14.0318 0x0780 lmhosts - ok
16:29:14.0349 0x0780 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:29:14.0349 0x0780 LSI_FC - ok
16:29:14.0380 0x0780 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:29:14.0396 0x0780 LSI_SAS - ok
16:29:14.0396 0x0780 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:29:14.0396 0x0780 LSI_SAS2 - ok
16:29:14.0427 0x0780 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:29:14.0443 0x0780 LSI_SCSI - ok
16:29:14.0458 0x0780 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:29:14.0458 0x0780 luafv - ok
16:29:14.0505 0x0780 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:29:14.0505 0x0780 MBAMProtector - ok
16:29:14.0599 0x0780 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
16:29:14.0677 0x0780 MBAMScheduler - ok
16:29:14.0724 0x0780 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:29:14.0770 0x0780 MBAMService - ok
16:29:14.0817 0x0780 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:29:14.0833 0x0780 MBAMSwissArmy - ok
16:29:14.0848 0x0780 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:29:14.0848 0x0780 MBAMWebAccessControl - ok
16:29:14.0989 0x0780 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
16:29:14.0989 0x0780 McComponentHostService - ok
16:29:15.0036 0x0780 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
16:29:15.0036 0x0780 mcdbus - ok
16:29:15.0082 0x0780 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:29:15.0098 0x0780 Mcx2Svc - ok
16:29:15.0145 0x0780 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:29:15.0145 0x0780 megasas - ok
16:29:15.0176 0x0780 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:29:15.0176 0x0780 MegaSR - ok
16:29:15.0207 0x0780 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:29:15.0223 0x0780 MEIx64 - ok
16:29:15.0301 0x0780 Microsoft SharePoint Workspace Audit Service - ok
16:29:15.0332 0x0780 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:29:15.0348 0x0780 MMCSS - ok
16:29:15.0379 0x0780 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:29:15.0379 0x0780 Modem - ok
16:29:15.0394 0x0780 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:29:15.0394 0x0780 monitor - ok
16:29:15.0441 0x0780 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:29:15.0441 0x0780 mouclass - ok
16:29:15.0457 0x0780 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:29:15.0457 0x0780 mouhid - ok
16:29:15.0472 0x0780 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:29:15.0488 0x0780 mountmgr - ok
16:29:15.0550 0x0780 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:29:15.0550 0x0780 MozillaMaintenance - ok
16:29:15.0582 0x0780 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:29:15.0582 0x0780 mpio - ok
16:29:15.0628 0x0780 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:29:15.0628 0x0780 mpsdrv - ok
16:29:15.0691 0x0780 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:29:15.0722 0x0780 MpsSvc - ok
16:29:15.0753 0x0780 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:29:15.0753 0x0780 MRxDAV - ok
16:29:15.0784 0x0780 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:29:15.0800 0x0780 mrxsmb - ok
16:29:15.0816 0x0780 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:29:15.0831 0x0780 mrxsmb10 - ok
16:29:15.0862 0x0780 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:29:15.0862 0x0780 mrxsmb20 - ok
16:29:15.0894 0x0780 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:29:15.0894 0x0780 msahci - ok
16:29:15.0925 0x0780 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:29:15.0940 0x0780 msdsm - ok
16:29:15.0956 0x0780 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:29:15.0956 0x0780 MSDTC - ok
16:29:16.0003 0x0780 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:29:16.0003 0x0780 Msfs - ok
16:29:16.0050 0x0780 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:29:16.0050 0x0780 mshidkmdf - ok
16:29:16.0065 0x0780 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:29:16.0065 0x0780 msisadrv - ok
16:29:16.0096 0x0780 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:29:16.0112 0x0780 MSiSCSI - ok
16:29:16.0112 0x0780 msiserver - ok
16:29:16.0143 0x0780 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:29:16.0143 0x0780 MSKSSRV - ok
16:29:16.0143 0x0780 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:29:16.0159 0x0780 MSPCLOCK - ok
16:29:16.0174 0x0780 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:29:16.0190 0x0780 MSPQM - ok
16:29:16.0206 0x0780 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:29:16.0206 0x0780 MsRPC - ok
16:29:16.0221 0x0780 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:29:16.0221 0x0780 mssmbios - ok
16:29:16.0237 0x0780 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:29:16.0237 0x0780 MSTEE - ok
16:29:16.0252 0x0780 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:29:16.0252 0x0780 MTConfig - ok
16:29:16.0268 0x0780 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:29:16.0268 0x0780 Mup - ok
16:29:16.0315 0x0780 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:29:16.0346 0x0780 napagent - ok
16:29:16.0424 0x0780 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:29:16.0424 0x0780 NativeWifiP - ok
16:29:16.0502 0x0780 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:29:16.0549 0x0780 NDIS - ok
16:29:16.0596 0x0780 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:29:16.0596 0x0780 NdisCap - ok
16:29:16.0611 0x0780 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:29:16.0611 0x0780 NdisTapi - ok
16:29:16.0642 0x0780 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:29:16.0642 0x0780 Ndisuio - ok
16:29:16.0658 0x0780 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:29:16.0658 0x0780 NdisWan - ok
16:29:16.0689 0x0780 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:29:16.0689 0x0780 NDProxy - ok
16:29:16.0705 0x0780 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:29:16.0705 0x0780 NetBIOS - ok
16:29:16.0736 0x0780 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:29:16.0752 0x0780 NetBT - ok
16:29:16.0767 0x0780 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:29:16.0767 0x0780 Netlogon - ok
16:29:16.0814 0x0780 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:29:16.0830 0x0780 Netman - ok
16:29:16.0892 0x0780 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:16.0908 0x0780 NetMsmqActivator - ok
16:29:16.0908 0x0780 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:16.0908 0x0780 NetPipeActivator - ok
16:29:16.0923 0x0780 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:29:16.0954 0x0780 netprofm - ok
16:29:16.0970 0x0780 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:16.0970 0x0780 NetTcpActivator - ok
16:29:16.0970 0x0780 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:16.0986 0x0780 NetTcpPortSharing - ok
16:29:16.0986 0x0780 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:29:17.0001 0x0780 nfrd960 - ok
16:29:17.0032 0x0780 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:29:17.0048 0x0780 NlaSvc - ok
16:29:17.0079 0x0780 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:29:17.0079 0x0780 Npfs - ok
16:29:17.0126 0x0780 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:29:17.0126 0x0780 nsi - ok
16:29:17.0157 0x0780 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:29:17.0157 0x0780 nsiproxy - ok
16:29:17.0282 0x0780 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:29:17.0329 0x0780 Ntfs - ok
16:29:17.0344 0x0780 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:29:17.0344 0x0780 Null - ok
16:29:17.0844 0x0780 [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:29:18.0265 0x0780 nvlddmkm - ok
16:29:18.0296 0x0780 [ 918841B2454F4F2BD94479692079490B, 16667315DE4EB5543E176273362791B157223E775ED1CF285330CC8195E0F1BB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:29:18.0312 0x0780 nvpciflt - ok
16:29:18.0343 0x0780 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:29:18.0358 0x0780 nvraid - ok
16:29:18.0390 0x0780 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:29:18.0390 0x0780 nvstor - ok
16:29:18.0452 0x0780 [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] NVSvc C:\Windows\system32\nvvsvc.exe
16:29:18.0499 0x0780 NVSvc - ok
16:29:18.0608 0x0780 [ 84E035225474E48CD3A6A3CE52332095, C90E1BC112EDED3035F2D440DDA6FC838D5D9B5F0D7CBE5E4672FEB1CC49F449 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:29:18.0655 0x0780 nvUpdatusService - ok
16:29:18.0686 0x0780 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:29:18.0686 0x0780 nv_agp - ok
16:29:18.0717 0x0780 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:29:18.0717 0x0780 ohci1394 - ok
16:29:18.0795 0x0780 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:29:18.0811 0x0780 ose64 - ok
16:29:19.0029 0x0780 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:29:19.0201 0x0780 osppsvc - ok
16:29:19.0263 0x0780 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:29:19.0279 0x0780 p2pimsvc - ok
16:29:19.0341 0x0780 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:29:19.0357 0x0780 p2psvc - ok
16:29:19.0419 0x0780 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:29:19.0419 0x0780 Parport - ok
16:29:19.0466 0x0780 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:29:19.0482 0x0780 partmgr - ok
16:29:19.0544 0x0780 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:29:19.0544 0x0780 PcaSvc - ok
16:29:19.0575 0x0780 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\DRIVERS\pci.sys
16:29:19.0591 0x0780 pci - ok
16:29:19.0622 0x0780 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:29:19.0622 0x0780 pciide - ok
16:29:19.0653 0x0780 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:29:19.0653 0x0780 pcmcia - ok
16:29:19.0669 0x0780 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:29:19.0669 0x0780 pcw - ok
16:29:19.0716 0x0780 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:29:19.0747 0x0780 PEAUTH - ok
16:29:19.0825 0x0780 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:29:19.0840 0x0780 PerfHost - ok
16:29:19.0903 0x0780 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:29:19.0965 0x0780 pla - ok
16:29:20.0043 0x0780 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:29:20.0059 0x0780 PlugPlay - ok
16:29:20.0074 0x0780 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:29:20.0074 0x0780 PNRPAutoReg - ok
16:29:20.0090 0x0780 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:29:20.0106 0x0780 PNRPsvc - ok
16:29:20.0168 0x0780 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:29:20.0184 0x0780 PolicyAgent - ok
16:29:20.0230 0x0780 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:29:20.0246 0x0780 Power - ok
16:29:20.0277 0x0780 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:29:20.0293 0x0780 PptpMiniport - ok
16:29:20.0340 0x0780 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:29:20.0340 0x0780 Processor - ok
16:29:20.0402 0x0780 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:29:20.0418 0x0780 ProfSvc - ok
16:29:20.0449 0x0780 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:29:20.0449 0x0780 ProtectedStorage - ok
16:29:20.0480 0x0780 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:29:20.0496 0x0780 Psched - ok
16:29:20.0542 0x0780 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:29:20.0605 0x0780 ql2300 - ok
16:29:20.0620 0x0780 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:29:20.0636 0x0780 ql40xx - ok
16:29:20.0667 0x0780 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:29:20.0683 0x0780 QWAVE - ok
16:29:20.0698 0x0780 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:29:20.0745 0x0780 QWAVEdrv - ok
16:29:20.0823 0x0780 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:29:20.0886 0x0780 RasAcd - ok
16:29:21.0010 0x0780 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:29:21.0010 0x0780 RasAgileVpn - ok
16:29:21.0026 0x0780 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:29:21.0042 0x0780 RasAuto - ok
16:29:21.0042 0x0780 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:29:21.0057 0x0780 Rasl2tp - ok
16:29:21.0088 0x0780 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:29:21.0104 0x0780 RasMan - ok
16:29:21.0120 0x0780 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:29:21.0120 0x0780 RasPppoe - ok
16:29:21.0135 0x0780 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:29:21.0151 0x0780 RasSstp - ok
16:29:21.0166 0x0780 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:29:21.0182 0x0780 rdbss - ok
16:29:21.0213 0x0780 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:29:21.0213 0x0780 rdpbus - ok
16:29:21.0229 0x0780 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:29:21.0229 0x0780 RDPCDD - ok
16:29:21.0276 0x0780 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:29:21.0276 0x0780 RDPENCDD - ok
16:29:21.0291 0x0780 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:29:21.0291 0x0780 RDPREFMP - ok
16:29:21.0338 0x0780 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:29:21.0354 0x0780 RdpVideoMiniport - ok
16:29:21.0369 0x0780 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:29:21.0385 0x0780 RDPWD - ok
16:29:21.0400 0x0780 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:29:21.0416 0x0780 rdyboost - ok
16:29:21.0447 0x0780 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:29:21.0463 0x0780 RemoteAccess - ok
16:29:21.0494 0x0780 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:29:21.0494 0x0780 RemoteRegistry - ok
16:29:21.0556 0x0780 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:29:21.0556 0x0780 RFCOMM - ok
16:29:21.0619 0x0780 [ 060586AFCF2C4260E2428D30F5C2B55E, 0420A902D3456E2C5C9365D116AFE5AD485D6C2BD71C705C0CE113FFCE437627 ] Rockusb C:\Windows\system32\DRIVERS\rockusb.sys
16:29:21.0619 0x0780 Rockusb - ok
16:29:21.0650 0x0780 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:29:21.0666 0x0780 RpcEptMapper - ok
16:29:21.0697 0x0780 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:29:21.0697 0x0780 RpcLocator - ok
16:29:21.0744 0x0780 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll
16:29:21.0759 0x0780 RpcSs - ok
16:29:21.0806 0x0780 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:29:21.0806 0x0780 rspndr - ok
16:29:21.0837 0x0780 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:29:21.0837 0x0780 SamSs - ok
16:29:21.0868 0x0780 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:29:21.0868 0x0780 sbp2port - ok
16:29:21.0900 0x0780 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:29:21.0915 0x0780 SCardSvr - ok
16:29:21.0931 0x0780 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:29:21.0931 0x0780 scfilter - ok
16:29:21.0993 0x0780 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:29:22.0040 0x0780 Schedule - ok
16:29:22.0071 0x0780 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:29:22.0071 0x0780 SCPolicySvc - ok
16:29:22.0118 0x0780 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:29:22.0118 0x0780 SDRSVC - ok
16:29:22.0165 0x0780 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:29:22.0165 0x0780 secdrv - ok
16:29:22.0180 0x0780 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:29:22.0196 0x0780 seclogon - ok
16:29:22.0212 0x0780 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
16:29:22.0212 0x0780 SENS - ok
16:29:22.0227 0x0780 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:29:22.0243 0x0780 SensrSvc - ok
16:29:22.0274 0x0780 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:29:22.0274 0x0780 Serenum - ok
16:29:22.0305 0x0780 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:29:22.0305 0x0780 Serial - ok
16:29:22.0336 0x0780 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:29:22.0336 0x0780 sermouse - ok
16:29:22.0368 0x0780 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:29:22.0383 0x0780 SessionEnv - ok
16:29:22.0399 0x0780 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:29:22.0399 0x0780 sffdisk - ok
16:29:22.0414 0x0780 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:29:22.0414 0x0780 sffp_mmc - ok
16:29:22.0430 0x0780 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:29:22.0430 0x0780 sffp_sd - ok
16:29:22.0461 0x0780 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:29:22.0461 0x0780 sfloppy - ok
16:29:22.0508 0x0780 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:29:22.0524 0x0780 SharedAccess - ok
16:29:22.0539 0x0780 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:29:22.0555 0x0780 ShellHWDetection - ok
16:29:22.0586 0x0780 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:29:22.0586 0x0780 SiSRaid2 - ok
16:29:22.0602 0x0780 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:29:22.0617 0x0780 SiSRaid4 - ok
16:29:22.0648 0x0780 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:29:22.0664 0x0780 Smb - ok
16:29:22.0695 0x0780 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:29:22.0695 0x0780 SNMPTRAP - ok
16:29:22.0804 0x0780 [ C98375D19F9E9966F6201BAE65FB3728, F54146BFC5B3BDFD41B5793D63AFF1FE5DB2A562A723DD1203E0C549C9538906 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:29:22.0882 0x0780 SNP2UVC - ok
16:29:22.0898 0x0780 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:29:22.0898 0x0780 spldr - ok
16:29:22.0945 0x0780 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:29:22.0976 0x0780 Spooler - ok
16:29:23.0101 0x0780 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:29:23.0228 0x0780 sppsvc - ok
16:29:23.0259 0x0780 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:29:23.0259 0x0780 sppuinotify - ok
16:29:23.0306 0x0780 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:29:23.0321 0x0780 srv - ok
16:29:23.0352 0x0780 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:29:23.0368 0x0780 srv2 - ok
16:29:23.0430 0x0780 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:29:23.0430 0x0780 srvnet - ok
16:29:23.0477 0x0780 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:29:23.0493 0x0780 SSDPSRV - ok
16:29:23.0524 0x0780 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:29:23.0540 0x0780 SstpSvc - ok
16:29:23.0618 0x0780 [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:29:23.0618 0x0780 ssudmdm - ok
16:29:23.0664 0x0780 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:29:23.0664 0x0780 stexstor - ok
16:29:23.0727 0x0780 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:29:23.0758 0x0780 stisvc - ok
16:29:23.0774 0x0780 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:29:23.0774 0x0780 swenum - ok
16:29:23.0805 0x0780 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:29:23.0820 0x0780 swprv - ok
16:29:23.0898 0x0780 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:29:23.0961 0x0780 SysMain - ok
16:29:23.0976 0x0780 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:29:23.0992 0x0780 TabletInputService - ok
16:29:24.0023 0x0780 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:29:24.0054 0x0780 TapiSrv - ok
16:29:24.0086 0x0780 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:29:24.0086 0x0780 TBS - ok
16:29:24.0179 0x0780 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:29:24.0257 0x0780 Tcpip - ok
16:29:24.0320 0x0780 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:29:24.0366 0x0780 TCPIP6 - ok
16:29:24.0398 0x0780 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:29:24.0398 0x0780 tcpipreg - ok
16:29:24.0444 0x0780 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:29:24.0444 0x0780 TDPIPE - ok
16:29:24.0476 0x0780 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:29:24.0476 0x0780 TDTCP - ok
16:29:24.0507 0x0780 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:29:24.0507 0x0780 tdx - ok
16:29:24.0694 0x0780 [ 6B1B2F8D62D606B200C2072564090104, 5EC2A32CAC5729CD26C2A5E1EFF65B4CE24E41BB89F098FF9B9C4968756712FA ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
16:29:24.0819 0x0780 TeamViewer8 - ok
16:29:24.0850 0x0780 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:29:24.0850 0x0780 TermDD - ok
16:29:24.0912 0x0780 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:29:24.0928 0x0780 TermService - ok
16:29:24.0959 0x0780 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:29:24.0959 0x0780 Themes - ok
16:29:25.0006 0x0780 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:29:25.0006 0x0780 THREADORDER - ok
16:29:25.0037 0x0780 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:29:25.0053 0x0780 TrkWks - ok
16:29:25.0100 0x0780 [ 531121E7ED50084B493A69F8F8A7A927, BFBFCB7CAE421739163E7630865009D3197F587265E9E5797142D93E1B72B191 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
16:29:25.0115 0x0780 TrueSight - ok
16:29:25.0162 0x0780 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:29:25.0162 0x0780 TrustedInstaller - ok
16:29:25.0193 0x0780 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:29:25.0209 0x0780 tssecsrv - ok
16:29:25.0240 0x0780 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:29:25.0240 0x0780 TsUsbFlt - ok
16:29:25.0287 0x0780 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:29:25.0287 0x0780 TsUsbGD - ok
16:29:25.0334 0x0780 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:29:25.0334 0x0780 tunnel - ok
16:29:25.0349 0x0780 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:29:25.0349 0x0780 uagp35 - ok
16:29:25.0365 0x0780 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:29:25.0380 0x0780 udfs - ok
16:29:25.0443 0x0780 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:29:25.0443 0x0780 UI0Detect - ok
16:29:25.0474 0x0780 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:29:25.0474 0x0780 uliagpkx - ok
16:29:25.0490 0x0780 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:29:25.0505 0x0780 umbus - ok
16:29:25.0536 0x0780 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:29:25.0536 0x0780 UmPass - ok
16:29:25.0599 0x0780 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:29:25.0630 0x0780 upnphost - ok
16:29:25.0724 0x0780 [ 4C1CBABF1BEF8801D1C637650C799F26, EA0C5230D84E2D7474CA89D8DD64A614FFB8C3F307DA92B96D71CF8CE5852B62 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
16:29:25.0739 0x0780 USB28xxBGA - ok
16:29:25.0786 0x0780 [ 8A66E038CC070BF95DD9F4259C8D3DF2, 098CDFCBD475086DAE5526DCCB7DE1C74B7A1FB4436D01C17FB52ACDECC7E241 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
16:29:25.0786 0x0780 USB28xxOEM - ok
16:29:25.0833 0x0780 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:29:25.0833 0x0780 usbaudio - ok
16:29:25.0864 0x0780 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:29:25.0880 0x0780 usbccgp - ok
16:29:25.0942 0x0780 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:29:25.0942 0x0780 usbcir - ok
16:29:25.0973 0x0780 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:29:25.0973 0x0780 usbehci - ok
16:29:26.0020 0x0780 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:29:26.0020 0x0780 usbhub - ok
16:29:26.0051 0x0780 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:29:26.0051 0x0780 usbohci - ok
16:29:26.0082 0x0780 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:29:26.0082 0x0780 usbprint - ok
16:29:26.0114 0x0780 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:29:26.0114 0x0780 usbscan - ok
16:29:26.0145 0x0780 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:29:26.0160 0x0780 USBSTOR - ok
16:29:26.0192 0x0780 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:29:26.0192 0x0780 usbuhci - ok
16:29:26.0238 0x0780 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:29:26.0254 0x0780 usbvideo - ok
16:29:26.0285 0x0780 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:29:26.0285 0x0780 UxSms - ok
16:29:26.0301 0x0780 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:29:26.0301 0x0780 VaultSvc - ok
16:29:26.0316 0x0780 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:29:26.0332 0x0780 vdrvroot - ok
16:29:26.0348 0x0780 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:29:26.0379 0x0780 vds - ok
16:29:26.0410 0x0780 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:29:26.0410 0x0780 vga - ok
16:29:26.0426 0x0780 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:29:26.0426 0x0780 VgaSave - ok
16:29:26.0441 0x0780 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:29:26.0441 0x0780 vhdmp - ok
16:29:26.0488 0x0780 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:29:26.0488 0x0780 viaide - ok
16:29:26.0519 0x0780 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:29:26.0519 0x0780 volmgr - ok
16:29:26.0550 0x0780 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:29:26.0566 0x0780 volmgrx - ok
16:29:26.0613 0x0780 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
16:29:26.0628 0x0780 volsnap - ok
16:29:26.0675 0x0780 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:29:26.0675 0x0780 vsmraid - ok
16:29:26.0753 0x0780 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:29:26.0816 0x0780 VSS - ok
16:29:26.0831 0x0780 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:29:26.0831 0x0780 vwifibus - ok
16:29:26.0847 0x0780 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:29:26.0847 0x0780 VWiFiFlt - ok
16:29:26.0862 0x0780 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:29:26.0862 0x0780 vwifimp - ok
16:29:26.0894 0x0780 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:29:26.0925 0x0780 W32Time - ok
16:29:26.0940 0x0780 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:29:26.0940 0x0780 WacomPen - ok
16:29:26.0987 0x0780 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:29:26.0987 0x0780 WANARP - ok
16:29:26.0987 0x0780 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:29:27.0003 0x0780 Wanarpv6 - ok
16:29:27.0096 0x0780 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:29:27.0143 0x0780 WatAdminSvc - ok
16:29:27.0206 0x0780 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:29:27.0268 0x0780 wbengine - ok
16:29:27.0284 0x0780 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:29:27.0299 0x0780 WbioSrvc - ok
16:29:27.0330 0x0780 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:29:27.0346 0x0780 wcncsvc - ok
16:29:27.0362 0x0780 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:29:27.0377 0x0780 WcsPlugInService - ok
16:29:27.0424 0x0780 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:29:27.0424 0x0780 Wd - ok
16:29:27.0486 0x0780 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:29:27.0518 0x0780 Wdf01000 - ok
16:29:27.0533 0x0780 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:29:27.0549 0x0780 WdiServiceHost - ok
16:29:27.0564 0x0780 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:29:27.0564 0x0780 WdiSystemHost - ok
16:29:27.0611 0x0780 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:29:27.0642 0x0780 WebClient - ok
16:29:27.0658 0x0780 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:29:27.0674 0x0780 Wecsvc - ok
16:29:27.0689 0x0780 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:29:27.0705 0x0780 wercplsupport - ok
16:29:27.0736 0x0780 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:29:27.0752 0x0780 WerSvc - ok
16:29:27.0783 0x0780 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:29:27.0783 0x0780 WfpLwf - ok
16:29:27.0814 0x0780 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:29:27.0814 0x0780 WIMMount - ok
16:29:27.0845 0x0780 WinDefend - ok
16:29:27.0861 0x0780 WinHttpAutoProxySvc - ok
16:29:27.0923 0x0780 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:29:27.0923 0x0780 Winmgmt - ok
16:29:28.0032 0x0780 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:29:28.0110 0x0780 WinRM - ok
16:29:28.0157 0x0780 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:29:28.0157 0x0780 WinUsb - ok
16:29:28.0220 0x0780 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:29:28.0266 0x0780 Wlansvc - ok
16:29:28.0376 0x0780 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:29:28.0485 0x0780 wlidsvc - ok
16:29:28.0516 0x0780 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:29:28.0516 0x0780 WmiAcpi - ok
16:29:28.0578 0x0780 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:29:28.0578 0x0780 wmiApSrv - ok
16:29:28.0610 0x0780 WMPNetworkSvc - ok
16:29:28.0641 0x0780 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:29:28.0656 0x0780 WPCSvc - ok
16:29:28.0656 0x0780 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:29:28.0672 0x0780 WPDBusEnum - ok
16:29:28.0688 0x0780 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:29:28.0688 0x0780 ws2ifsl - ok
16:29:28.0703 0x0780 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
16:29:28.0719 0x0780 wscsvc - ok
16:29:28.0734 0x0780 WSearch - ok
16:29:28.0859 0x0780 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:29:28.0953 0x0780 wuauserv - ok
16:29:28.0984 0x0780 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:29:28.0984 0x0780 WudfPf - ok
16:29:29.0015 0x0780 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:29:29.0031 0x0780 WUDFRd - ok
16:29:29.0046 0x0780 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:29:29.0046 0x0780 wudfsvc - ok
16:29:29.0093 0x0780 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:29:29.0109 0x0780 WwanSvc - ok
16:29:29.0187 0x0780 ================ Scan global ===============================
16:29:29.0218 0x0780 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:29:29.0249 0x0780 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:29:29.0280 0x0780 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:29:29.0343 0x0780 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:29:29.0390 0x0780 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:29:29.0405 0x0780 [ Global ] - ok
16:29:29.0405 0x0780 ================ Scan MBR ==================================
16:29:29.0421 0x0780 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:29:29.0655 0x0780 \Device\Harddisk0\DR0 - ok
16:29:29.0967 0x0780 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:29:30.0045 0x0780 \Device\Harddisk1\DR1 - ok
16:29:30.0060 0x0780 [ 41FB6BBDCCE44A1B83510AC79EDCDB55 ] \Device\Harddisk2\DR3
16:29:30.0060 0x0780 \Device\Harddisk2\DR3 - ok
16:29:30.0060 0x0780 ================ Scan VBR ==================================
16:29:30.0138 0x0780 [ A10FCB7510FE094164D80EDC72665DBC ] \Device\Harddisk0\DR0\Partition1
16:29:30.0138 0x0780 \Device\Harddisk0\DR0\Partition1 - ok
16:29:30.0170 0x0780 [ E4540CC9CB3E813DB9194C829427804B ] \Device\Harddisk0\DR0\Partition2
16:29:30.0185 0x0780 \Device\Harddisk0\DR0\Partition2 - ok
16:29:30.0185 0x0780 [ 7281D32BE4E9CB4CB9457F73D95CB2B9 ] \Device\Harddisk1\DR1\Partition1
16:29:30.0185 0x0780 \Device\Harddisk1\DR1\Partition1 - ok
16:29:30.0232 0x0780 [ D8D1297298B41A25C170184BC743B9FA ] \Device\Harddisk1\DR1\Partition2
16:29:30.0232 0x0780 \Device\Harddisk1\DR1\Partition2 - ok
16:29:30.0232 0x0780 ================ Scan generic autorun ======================
16:29:30.0357 0x0780 [ 6993616BE5701347BF24BB6D5286192F, C40B50449E810664D2787C69738C1DD98D46F7FB5251D04348E5A7433B209E29 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:29:30.0435 0x0780 RtHDVBg - ok
16:29:30.0435 0x0780 BTMTrayAgent - ok
16:29:30.0497 0x0780 [ 588CC348AF1D6A926C42FFF7842E4BCA, 9768B751FCD42AAAAD9764B9303BEBAAC68D557F043B4933836F17B2AE3FEC89 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe
16:29:30.0528 0x0780 AtherosBtStack - ok
16:29:30.0560 0x0780 [ B7C70E9DBEB28F6C7CA54922CC0BF90E, 2E4FFBFA7E4E9971F1A8EAC3ACCCF852C49BC8B3D9AAAD1F6F30C98DA7558BA6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe
16:29:30.0560 0x0780 AthBtTray - ok
16:29:30.0606 0x0780 [ 483BAA4246B80BDE1EA562C618BBA4A1, 0340A483F2F00A329ADC625940E5B2E951E1AA362CB088477EFC92D245207CEA ] C:\Windows\system32\igfxtray.exe
16:29:30.0622 0x0780 IgfxTray - ok
16:29:30.0638 0x0780 [ 40CAEC9DBC892ED1915704CC54CB382E, 38976A5EF1461027FF8F07397793A9BEFD0B3B47EB1B86F0F3FB88818E5917C9 ] C:\Windows\system32\hkcmd.exe
16:29:30.0653 0x0780 HotKeysCmds - ok
16:29:30.0684 0x0780 [ C88B01661694F2013F8DF1BD66B8B39E, 5BB40F448A85EE00FC090D61BFAB2D15874946E355F92B4FA40482153F0EB83E ] C:\Windows\system32\igfxpers.exe
16:29:30.0700 0x0780 Persistence - ok
16:29:30.0840 0x0780 [ F4C9DA1EA20C316FD627F0E67F16E3C6, 0E34DB066A1CDA9133F03DDB666F33040FE84E6F38F71F1C92B812624F277544 ] C:\Program Files\My Lockbox\mylbx.exe
16:29:30.0950 0x0780 mylbx - ok
16:29:30.0996 0x0780 [ DFAA68C2445C2A659AA122358E1219BA, 2F0A0CF114E4F6457534BA3484C8BB5EC7C71AA3A495B20DFE9D9C40506C2B5C ] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
16:29:31.0012 0x0780 FLxHCIm - ok
16:29:31.0106 0x0780 [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
16:29:31.0106 0x0780 ATKMEDIA - ok
16:29:31.0121 0x0780 [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
16:29:31.0137 0x0780 HControlUser - ok
16:29:31.0230 0x0780 [ FD22B00049F775E952371E9C3DAC631B, CBC3BF5DBF3E0D5EA4095F9FE90D8688D43BEF352B657D5EF5D843267ED35388 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
16:29:31.0293 0x0780 Wireless Console 3 - ok
16:29:31.0355 0x0780 [ 6895A32D5ED4262258D1519BC5B0CC42, 91F43A39855F4D5A4C720BD2734B2B476D9A7C8C7D787CF58496318DD11AFC9C ] C:\Program Files (x86)\Chiavetta Internet\UpdateDog\ouc.exe
16:29:31.0371 0x0780 HW_OPENEYE_OUC_Chiavetta Internet - ok
16:29:31.0449 0x0780 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:29:31.0496 0x0780 Sidebar - ok
16:29:31.0542 0x0780 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:29:31.0558 0x0780 mctadmin - ok
16:29:31.0652 0x0780 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:29:31.0698 0x0780 Sidebar - ok
16:29:31.0730 0x0780 [ 6895A32D5ED4262258D1519BC5B0CC42, 91F43A39855F4D5A4C720BD2734B2B476D9A7C8C7D787CF58496318DD11AFC9C ] C:\Program Files (x86)\Chiavetta Internet\UpdateDog\ouc.exe
16:29:31.0730 0x0780 HW_OPENEYE_OUC_Chiavetta Internet - ok
16:29:31.0823 0x0780 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5577 ), 0x40000 ( disabled : updated )
16:29:31.0823 0x0780 Win FW state via NFP2: enabled
16:29:31.0823 0x0780 ============================================================
16:29:31.0823 0x0780 Scan finished
16:29:31.0823 0x0780 ============================================================
16:29:31.0839 0x0644 Detected object count: 0
16:29:31.0839 0x0644 Actual detected object count: 0

alecomputer · 27-12-2014, 13:54

Vista la situazione probabilmente ti converrebbe fare un ripristino di Windows , in modo da ripristinare eventuali file corrotti dal virus .

Se riesci ad entrare in modalità provvisoria , prova anche a fare una scansione anche con il programma trojan killer .

Walter Mitty · 03-01-2015, 13:57

Non sei riuscito a risolvere neanche con Combofix ?

anders · 10-01-2015, 01:57

Quote:

Originariamente inviato da Walter Mitty

Non sei riuscito a risolvere neanche con Combofix ?

ciao, volevo provare questo sw ma quando lo avvio mi dice che non è compatibile con win2000!!! ma io sono su win8..

27-12-2014, 13:54	#2
alecomputer Senior Member Iscritto dal: May 2003 Città: venezia Messaggi: 18696	Vista la situazione probabilmente ti converrebbe fare un ripristino di Windows , in modo da ripristinare eventuali file corrotti dal virus . Se riesci ad entrare in modalità provvisoria , prova anche a fare una scansione anche con il programma trojan killer .

03-01-2015, 13:57	#3
Walter Mitty Senior Member Iscritto dal: Jan 2015 Messaggi: 415	Non sei riuscito a risolvere neanche con Combofix ?

Strumenti
Mostra una versione stampabile Invia questa pagina per email