Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
DHL-Trojaner

DHL-Trojaner


Plagegeister aller Art und deren Bekämpfung: DHL-Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.05.2015, 07:57   #1
didum
 
DHL-Trojaner - Standard

DHL-Trojaner


Hallo zusammen,
mir ist es leider auch passiert: in einem gedankenlosen Moment auf den zip-Anhang einer DHL-mail bzw. auf den Link darin geklickt.
Habe danach Kaspersky Internet Security installiert und den Trojaner allerdings professionell entfernen lassen.
Kaspersky meldet nun keinen Fund mehr, scannt aber bei jedem erneuten vollständigen Scan immer weniger Dateien.
Bin einfach verunsichert und möchte lediglich sichergehen, dass das Ding wirklich von meinem Rechner verschwunden ist.
Sollte ich auch zur Überprüfung Farbar's Recovery Scan Tool herunterladen und ist es kompatibel mit Kaspersky?
Für Hilfestellung wär ich dankbar.
LG

Alt 21.05.2015, 08:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 
DHL-Trojaner - Standard

DHL-Trojaner


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 21.05.2015, 08:28   #3
didum
 
DHL-Trojaner - Standard

DHL-Trojaner


Wow, danke für die schnelle Antwort!!!

Hier die FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by Jenny (administrator) on FANNY on 21-05-2015 09:23:28
Running from C:\Users\Jenny\Downloads
Loaded Profiles: Jenny (Available profiles: Jenny)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKU\S-1-5-21-2021139868-3573098032-3445443038-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2021139868-3573098032-3445443038-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2021139868-3573098032-3445443038-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2021139868-3573098032-3445443038-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2021139868-3573098032-3445443038-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-13] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-13] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-13] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\searchplugins\avira-safesearch.xml [2015-03-12]
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\searchplugins\ixquick.xml [2015-05-07]
FF Extension: ColorZilla - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-01-30]
FF Extension: Diigo Toolbar - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} [2015-03-02]
FF Extension: Firebug - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\firebug@software.joehewitt.com.xpi [2015-01-30]
FF Extension: Ghostery - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\firefox@ghostery.com.xpi [2015-01-30]
FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2015-02-26]
FF Extension: RSS Icon in url bar - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\rssicon.vaka@gmail.com.xpi [2015-01-30]
FF Extension: Flagfox - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2015-01-30]
FF Extension: MeasureIt - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\fX24GDnP.default\Extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2015-01-30]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-13]

Chrome: 
=======
CHR Profile: C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-21]
CHR Extension: (Google Docs) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-21]
CHR Extension: (Google Drive) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-21]
CHR Extension: (YouTube) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-21]
CHR Extension: (Google Search) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-21]
CHR Extension: (Kaspersky Protection) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-20]
CHR Extension: (Google Sheets) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-21]
CHR Extension: (Bookmark Manager) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-21]
CHR Extension: (Google Wallet) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-21]
CHR Extension: (Gmail) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-21]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324568 2014-06-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-13] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PORTMON; \??\E:\SysinternalsSuite\PORTMSYS.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-21 09:23 - 2015-05-21 09:23 - 00017222 _____ () C:\Users\Jenny\Downloads\FRST.txt
2015-05-21 09:23 - 2015-05-21 09:23 - 00000000 ____D () C:\FRST
2015-05-21 09:22 - 2015-05-21 09:22 - 02107904 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64.exe
2015-05-20 10:17 - 2015-05-20 10:19 - 00009964 _____ () C:\Users\Jenny\Desktop\Backup.buj
2015-05-20 10:14 - 2015-05-20 10:19 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\PersBackup5
2015-05-20 10:14 - 2015-05-20 10:14 - 00000000 ____D () C:\Users\Jenny\Documents\PersBackup
2015-05-20 10:14 - 2015-05-20 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Backup
2015-05-20 10:14 - 2015-05-20 10:14 - 00000000 ____D () C:\Program Files\Personal Backup 5
2015-05-20 10:13 - 2015-05-20 10:13 - 11580479 _____ (Dr. J. Rathlev ) C:\Users\Jenny\Downloads\pb-setup-x64-5.6.0802.exe
2015-05-20 10:00 - 2015-05-20 11:10 - 00011860 _____ () C:\Users\Jenny\Downloads\mailpv.zip
2015-05-20 09:59 - 2015-05-20 09:59 - 00007607 _____ () C:\Users\Jenny\AppData\Local\Resmon.ResmonCfg
2015-05-20 09:30 - 2015-05-20 09:30 - 00019736 _____ () C:\ComboFix.txt
2015-05-20 09:10 - 2015-05-20 09:50 - 00000000 ____D () C:\Qoobox
2015-05-20 09:10 - 2015-05-20 09:27 - 00000000 ____D () C:\Windows\erdnt
2015-05-20 09:10 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-20 09:10 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-20 09:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-20 09:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-20 09:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-20 09:10 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-20 09:10 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-20 09:10 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-20 08:59 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 08:59 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 08:55 - 2015-05-21 08:57 - 01901737 ____N () C:\Windows\WindowsUpdate.log
2015-05-20 08:51 - 2015-05-20 10:00 - 00000000 ____D () C:\AdwCleaner
2015-05-13 09:38 - 2015-05-13 09:53 - 00262144 _____ () C:\Windows\system32\config\elam
2015-05-13 08:54 - 2015-05-13 08:54 - 00002334 _____ () C:\Users\Jenny\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-13 08:53 - 2015-05-13 08:53 - 00002140 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-13 08:53 - 2015-05-13 08:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-13 08:52 - 2015-05-21 08:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-13 08:52 - 2015-05-13 08:52 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-05-13 08:52 - 2015-05-13 08:52 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-13 08:52 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-05-13 08:51 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-13 08:47 - 2015-05-13 08:47 - 01773376 _____ (Kaspersky Lab) C:\Users\Jenny\Downloads\kis15.0.2.361de_7539.exe
2015-05-13 06:17 - 2015-05-13 06:19 - 00002842 _____ () C:\Windows\system32\lic2.xml28856
2015-05-13 06:15 - 2015-05-13 06:16 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\QuickScan
2015-05-13 06:15 - 2015-05-13 06:15 - 10447328 _____ () C:\Users\Jenny\Downloads\Antivirus_Free_Edition_x64.exe
2015-05-13 06:05 - 2015-05-13 06:05 - 00162208 _____ () C:\Users\Jenny\Downloads\Antivirus_Free_Edition.exe
2015-05-13 05:50 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 05:50 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 05:50 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 05:50 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 05:50 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 05:50 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 05:50 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 05:50 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 05:50 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 05:50 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 05:50 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 05:50 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 05:50 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 05:50 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 05:50 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 05:50 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 05:50 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 05:50 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 05:50 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 05:50 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 05:50 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 05:50 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 05:50 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 05:50 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 05:50 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 05:50 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 05:50 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 05:50 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 05:50 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 05:50 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 05:50 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 05:50 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 05:50 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 05:50 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 05:50 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 05:50 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 05:50 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 05:50 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 05:50 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 05:50 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 05:50 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 05:50 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 05:50 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 05:50 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 05:50 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 05:50 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 05:50 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 05:50 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 05:50 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 05:50 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 05:50 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 05:50 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 05:50 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 05:50 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 05:50 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 05:50 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 05:50 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 05:50 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 05:50 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 05:50 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 05:50 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 05:50 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 05:50 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 05:50 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 05:50 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 05:50 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 05:50 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 05:50 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 05:50 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 05:50 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 05:50 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 05:50 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 05:50 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 05:50 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 05:50 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 05:50 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 05:50 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 05:50 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 05:50 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 05:50 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 05:50 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 05:50 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 05:50 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 05:50 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 05:50 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 05:50 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 05:49 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 05:49 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 05:49 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 05:49 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 05:49 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 05:49 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 05:49 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 05:49 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 05:49 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 05:49 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 05:49 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 05:49 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 20:14 - 2015-05-12 20:14 - 00014269 _____ () C:\Users\Jenny\Documents\kunz_2015-05-12.odt
2015-05-10 10:21 - 2015-05-10 10:21 - 00000000 ____D () C:\Users\Jenny\Documents\optimized_contents
2015-05-10 10:19 - 2015-05-10 10:19 - 00143343 _____ () C:\Users\Jenny\Documents\optimized_contents.zip
2015-05-10 10:17 - 2015-05-10 10:17 - 00000000 ____D () C:\Users\Jenny\Downloads\optimized_contents
2015-05-07 16:20 - 2015-05-07 16:20 - 00000000 ____D () C:\Users\Jenny\.drush
2015-05-07 16:19 - 2015-05-07 16:19 - 00000000 ____D () C:\Users\Jenny\Sites
2015-05-07 16:19 - 2015-05-07 16:19 - 00000000 ____D () C:\Users\Jenny\.acquia
2015-05-07 16:14 - 2015-05-07 16:16 - 128715472 _____ (Acquia, Inc.) C:\Users\Jenny\Downloads\AcquiaDevDesktop-2-2015-04-03.exe
2015-05-07 15:51 - 2015-05-07 15:51 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-07 15:50 - 2015-05-07 15:52 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-07 15:50 - 2015-05-07 15:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-07 15:50 - 2015-05-07 15:50 - 00002047 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-07 15:50 - 2015-05-07 15:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-07 15:49 - 2015-05-07 15:52 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Adobe
2015-05-07 14:07 - 2015-05-10 09:37 - 00166293 _____ () C:\Users\Jenny\Downloads\optimized_contents.zip
2015-05-03 16:58 - 2015-05-03 16:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-05-03 15:06 - 2015-05-21 08:24 - 00000000 ____D () C:\Users\Jenny\AppData\Local\FreePDF_XP
2015-04-30 18:59 - 2015-04-30 18:59 - 00141666 _____ () C:\Users\Jenny\AppData\Local\recently-used.xbel
2015-04-28 07:24 - 2015-04-28 07:24 - 06484352 _____ (Piriform Ltd) C:\Users\Jenny\Downloads\ccsetup505.exe
2015-04-23 07:37 - 2015-04-23 07:52 - 00038257 _____ () C:\Users\Jenny\Documents\linke woche der zukunft.ods
2015-04-23 07:00 - 2015-04-23 07:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-21 08:48 - 2015-03-21 18:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 08:32 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 08:32 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 08:27 - 2015-01-30 07:06 - 00073979 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-21 08:25 - 2015-03-21 18:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 08:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 07:03 - 2015-01-30 21:38 - 00711162 _____ () C:\Windows\system32\perfh007.dat
2015-05-21 07:03 - 2015-01-30 21:38 - 00152434 _____ () C:\Windows\system32\perfc007.dat
2015-05-21 07:03 - 2009-07-14 07:13 - 01640528 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-21 06:49 - 2015-04-04 07:32 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 06:49 - 2015-04-04 07:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 06:43 - 2015-03-21 18:37 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-21 06:43 - 2015-03-21 18:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 12:47 - 2015-04-07 20:55 - 00000000 ____D () C:\Users\Jenny\AppData\Local\CrashDumps
2015-05-20 12:47 - 2015-02-10 08:01 - 00000000 ____D () C:\Windows\Minidump
2015-05-20 12:21 - 2009-07-14 06:45 - 00338000 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-20 12:19 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-20 12:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-20 09:21 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-20 08:52 - 2015-01-30 08:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-13 08:55 - 2014-12-13 18:21 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-13 08:55 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-05-12 08:38 - 2015-02-15 17:24 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\FileZilla
2015-05-10 10:30 - 2015-02-19 16:44 - 00000600 _____ () C:\Users\Jenny\AppData\Local\PUTTY.RND
2015-05-07 16:20 - 2015-01-30 05:46 - 00000000 ____D () C:\Users\Jenny
2015-05-07 15:51 - 2015-01-30 12:43 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Adobe
2015-05-06 07:23 - 2015-02-02 06:52 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-01 06:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-30 19:25 - 2015-01-30 13:12 - 00000000 ____D () C:\Users\Jenny\.gimp-2.8
2015-04-30 18:59 - 2015-02-05 08:31 - 00000000 ____D () C:\Users\Jenny\AppData\Local\gtk-2.0
2015-04-30 07:44 - 2015-03-21 18:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 06:29 - 2015-01-30 21:10 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\inkscape
2015-04-28 07:24 - 2015-01-30 12:48 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-28 07:24 - 2015-01-30 12:48 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-23 12:09 - 2015-01-30 08:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-23 08:01 - 2015-04-08 09:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak

==================== Files in the root of some directories =======

2015-02-19 16:44 - 2015-05-10 10:30 - 0000600 _____ () C:\Users\Jenny\AppData\Local\PUTTY.RND
2015-04-30 18:59 - 2015-04-30 18:59 - 0141666 _____ () C:\Users\Jenny\AppData\Local\recently-used.xbel
2015-05-20 09:59 - 2015-05-20 09:59 - 0007607 _____ () C:\Users\Jenny\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-30 12:39

==================== End Of Log ============================
--- --- ---


...und die Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Jenny at 2015-05-21 09:24:26
Running from C:\Users\Jenny\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2021139868-3573098032-3445443038-500 - Administrator - Disabled)
Gast (S-1-5-21-2021139868-3573098032-3445443038-501 - Limited - Disabled)
Jenny (S-1-5-21-2021139868-3573098032-3445443038-1000 - Administrator - Enabled) => C:\Users\Jenny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3650 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Personal Backup 5.6 (HKLM\...\Personal Backup 5_is1) (Version: 5.6.8.2 - Dr. J. Rathlev)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Scribus 1.4.4 (64bit) (HKLM\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2021139868-3573098032-3445443038-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

04-04-2015 07:32:18 Windows Update
15-04-2015 12:07:27 Windows Update
20-05-2015 08:57:39 Windows Update
20-05-2015 12:04:41 Windows Update
21-05-2015 06:49:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-20 09:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AECA61A-108E-45A1-90DD-029B240524E3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {464A208E-4211-4453-806D-95473B2E7C9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-21] (Google Inc.)
Task: {6050922E-05C0-4E2F-A662-8DEAACE4D0D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-21] (Google Inc.)
Task: {6202A2D4-F061-40D4-9C79-D51772893314} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {6F7589AF-D36D-4DE2-BE41-14C96270C34E} - System32\Tasks\{CEC0244A-D0CD-4A4E-A25A-A6E8E7146604} => pcalua.exe -a "D:\OtherDriver\Intel SCT\Setup.exe" -d "D:\OtherDriver\Intel SCT" -c -s
Task: {7B769D12-636F-415B-BAF9-4F0EE0913D3F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {A080DD91-0C26-400E-BD7B-D0D3EE49F984} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {C8AA443D-F8DA-430B-A922-3CE88D07DC60} - System32\Tasks\{490E9FC2-3009-4255-BE31-4352DA4B4ECA} => pcalua.exe -a C:\Users\Jenny\Documents\avm_fritz!wlan_usb_stick_x64_build_100906.exe -d C:\Users\Jenny\Documents
Task: {CB797A79-1342-4534-BC11-23BC9925E8E0} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2014-03-27] (Intel Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-02-02 06:55 - 2012-06-21 08:25 - 00113152 _____ () C:\Windows\System32\redmon64.dll
2015-03-29 12:25 - 2015-03-29 12:25 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2014-04-03 17:48 - 2014-04-03 17:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00502056 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00608040 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00338216 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Jenny\Downloads\kis15.0.2.361de_7539.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2021139868-3573098032-3445443038-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{CC222C97-9A78-4231-9612-3DB6B8C92F74}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D6452E3-EF12-4810-A058-3969E67E0352}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1F00C291-881C-4C52-870E-6D5070CEEF87}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{903F5545-8DA0-4B3C-9BED-D49BEF55E441}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E51746DC-4CF6-47B4-AE8B-557C4E13DF4D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/21/2015 08:26:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2015 08:25:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 08:25:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 08:24:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 08:24:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 07:00:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2015 07:00:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 07:00:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 06:59:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2015 06:59:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (05/21/2015 08:25:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/21/2015 08:25:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP15.0.2 erreicht.

Error: (05/21/2015 07:00:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/21/2015 06:25:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/20/2015 04:06:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/20/2015 00:23:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/20/2015 10:07:27 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/20/2015 10:05:46 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa8008a06910, 0xfffffa8008a06bf0, 0xfffff80003581940)C:\Windows\MEMORY.DMP052015-21964-01

Error: (05/20/2015 09:52:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3045645)

Error: (05/20/2015 09:52:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5.1 unter Windows 7 und Windows Server 2008 R2 SP1 für x64-basierte Systeme (KB3048070)


Microsoft Office Sessions:
=========================
Error: (05/21/2015 08:26:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2015 08:25:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 08:25:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 08:24:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 08:24:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 07:00:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2015 07:00:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 07:00:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 06:59:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL

Error: (05/21/2015 06:59:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL


CodeIntegrity Errors:
===================================
  Date: 2015-05-20 09:18:33.616
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-20 09:18:33.554
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-20 09:17:02.121
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\SysinternalsSuite\PORTMSYS.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-20 09:17:02.030
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\SysinternalsSuite\PORTMSYS.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 23%
Total physical RAM: 8061.88 MB
Available physical RAM: 6157.29 MB
Total Pagefile: 16121.96 MB
Available Pagefile: 14012.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:418.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 56F4557D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 22.05.2015, 06:35   #4
schrauber
/// the machine
/// TB-Ausbilder
 
DHL-Trojaner - Standard

DHL-Trojaner


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.05.2015, 06:00   #5
didum
 
DHL-Trojaner - Standard

DHL-Trojaner


Moin Moin,
hier also die Ergebnisse der beiden Scans. Weder mbar noch TDSSKiller scheinen etwas gefunden zu haben. Kann wohl aufatmen?
Liebe Grüße
Jenny

mbar
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.22.06
  rootkit: v2015.05.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Jenny :: FANNY [administrator]

23.05.2015 06:30:36
mbar-log-2015-05-23 (06-30-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 350981
Time elapsed: 12 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Kaspersky TDSSKiller
Code:
ATTFilter
06:47:28.0379 0x1124  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:47:44.0356 0x1124  ============================================================
06:47:44.0356 0x1124  Current date / time: 2015/05/23 06:47:44.0356
06:47:44.0356 0x1124  SystemInfo:
06:47:44.0356 0x1124  
06:47:44.0356 0x1124  OS Version: 6.1.7601 ServicePack: 1.0
06:47:44.0356 0x1124  Product type: Workstation
06:47:44.0356 0x1124  ComputerName: FANNY
06:47:44.0357 0x1124  UserName: Jenny
06:47:44.0357 0x1124  Windows directory: C:\Windows
06:47:44.0357 0x1124  System windows directory: C:\Windows
06:47:44.0357 0x1124  Running under WOW64
06:47:44.0357 0x1124  Processor architecture: Intel x64
06:47:44.0357 0x1124  Number of processors: 4
06:47:44.0357 0x1124  Page size: 0x1000
06:47:44.0357 0x1124  Boot type: Normal boot
06:47:44.0357 0x1124  ============================================================
06:47:45.0622 0x1124  KLMD registered as C:\Windows\system32\drivers\45235210.sys
06:47:45.0942 0x1124  System UUID: {7104FE9B-093B-04C7-8AFC-83D825CCFD01}
06:47:47.0103 0x1124  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:47:47.0116 0x1124  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB5800 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:47:47.0419 0x1124  ============================================================
06:47:47.0419 0x1124  \Device\Harddisk0\DR0:
06:47:47.0419 0x1124  MBR partitions:
06:47:47.0419 0x1124  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:47:47.0419 0x1124  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
06:47:47.0419 0x1124  \Device\Harddisk2\DR2:
06:47:47.0419 0x1124  GPT partitions:
06:47:47.0419 0x1124  Invalid gpt header signature
06:47:47.0419 0x1124  MBR partitions:
06:47:47.0420 0x1124  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D31C1
06:47:47.0420 0x1124  ============================================================
06:47:47.0443 0x1124  C: <-> \Device\Harddisk0\DR0\Partition2
06:47:47.0552 0x1124  G: <-> \Device\Harddisk2\DR2\Partition1
06:47:47.0552 0x1124  ============================================================
06:47:47.0553 0x1124  Initialize success
06:47:47.0553 0x1124  ============================================================
06:49:13.0848 0x12e0  ============================================================
06:49:13.0848 0x12e0  Scan started
06:49:13.0848 0x12e0  Mode: Manual; SigCheck; TDLFS; 
06:49:13.0848 0x12e0  ============================================================
06:49:13.0848 0x12e0  KSN ping started
06:49:16.0339 0x12e0  KSN ping finished: true
06:49:19.0143 0x12e0  ================ Scan system memory ========================
06:49:19.0143 0x12e0  System memory - ok
06:49:19.0144 0x12e0  ================ Scan services =============================
06:49:19.0330 0x12e0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:49:19.0447 0x12e0  1394ohci - ok
06:49:19.0488 0x12e0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:49:19.0530 0x12e0  ACPI - ok
06:49:19.0548 0x12e0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:49:19.0655 0x12e0  AcpiPmi - ok
06:49:19.0791 0x12e0  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:49:19.0816 0x12e0  AdobeARMservice - ok
06:49:19.0879 0x12e0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
06:49:19.0929 0x12e0  adp94xx - ok
06:49:19.0970 0x12e0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
06:49:20.0011 0x12e0  adpahci - ok
06:49:20.0034 0x12e0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
06:49:20.0066 0x12e0  adpu320 - ok
06:49:20.0102 0x12e0  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:49:20.0154 0x12e0  AeLookupSvc - ok
06:49:20.0223 0x12e0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
06:49:20.0311 0x12e0  AFD - ok
06:49:20.0342 0x12e0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
06:49:20.0367 0x12e0  agp440 - ok
06:49:20.0404 0x12e0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
06:49:20.0449 0x12e0  ALG - ok
06:49:20.0478 0x12e0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:49:20.0500 0x12e0  aliide - ok
06:49:20.0519 0x12e0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
06:49:20.0542 0x12e0  amdide - ok
06:49:20.0569 0x12e0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
06:49:20.0608 0x12e0  AmdK8 - ok
06:49:20.0617 0x12e0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
06:49:20.0654 0x12e0  AmdPPM - ok
06:49:20.0693 0x12e0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:49:20.0722 0x12e0  amdsata - ok
06:49:20.0738 0x12e0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
06:49:20.0771 0x12e0  amdsbs - ok
06:49:20.0794 0x12e0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:49:20.0817 0x12e0  amdxata - ok
06:49:20.0867 0x12e0  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
06:49:20.0920 0x12e0  AppID - ok
06:49:20.0934 0x12e0  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:49:20.0970 0x12e0  AppIDSvc - ok
06:49:21.0001 0x12e0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
06:49:21.0053 0x12e0  Appinfo - ok
06:49:21.0103 0x12e0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
06:49:21.0129 0x12e0  arc - ok
06:49:21.0140 0x12e0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
06:49:21.0167 0x12e0  arcsas - ok
06:49:21.0283 0x12e0  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:49:21.0305 0x12e0  aspnet_state - ok
06:49:21.0325 0x12e0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:49:21.0465 0x12e0  AsyncMac - ok
06:49:21.0480 0x12e0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
06:49:21.0501 0x12e0  atapi - ok
06:49:21.0591 0x12e0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:49:21.0693 0x12e0  AudioEndpointBuilder - ok
06:49:21.0741 0x12e0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
06:49:21.0802 0x12e0  AudioSrv - ok
06:49:21.0883 0x12e0  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
06:49:21.0913 0x12e0  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
06:49:24.0463 0x12e0  Detect skipped due to KSN trusted
06:49:24.0463 0x12e0  AVM WLAN Connection Service - ok
06:49:24.0517 0x12e0  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
06:49:24.0553 0x12e0  avmeject - ok
06:49:24.0630 0x12e0  [ CF467DE3D15EFB58C4DB780DF234EB34, B75CB9DFB86BE951505419A078F5993268062E2586CBA896B36E97BA768BD15D ] AVP15.0.2       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
06:49:24.0657 0x12e0  AVP15.0.2 - ok
06:49:24.0746 0x12e0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:49:24.0844 0x12e0  AxInstSV - ok
06:49:24.0922 0x12e0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
06:49:24.0986 0x12e0  b06bdrv - ok
06:49:25.0029 0x12e0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
06:49:25.0069 0x12e0  b57nd60a - ok
06:49:25.0175 0x12e0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:49:25.0223 0x12e0  BDESVC - ok
06:49:25.0230 0x12e0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:49:25.0316 0x12e0  Beep - ok
06:49:25.0398 0x12e0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
06:49:25.0488 0x12e0  BFE - ok
06:49:25.0564 0x12e0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
06:49:25.0841 0x12e0  BITS - ok
06:49:25.0886 0x12e0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:49:25.0929 0x12e0  blbdrive - ok
06:49:25.0967 0x12e0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:49:26.0005 0x12e0  bowser - ok
06:49:26.0012 0x12e0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
06:49:26.0054 0x12e0  BrFiltLo - ok
06:49:26.0061 0x12e0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
06:49:26.0094 0x12e0  BrFiltUp - ok
06:49:26.0132 0x12e0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
06:49:26.0224 0x12e0  BridgeMP - ok
06:49:26.0252 0x12e0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
06:49:26.0301 0x12e0  Browser - ok
06:49:26.0323 0x12e0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:49:26.0375 0x12e0  Brserid - ok
06:49:26.0384 0x12e0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:49:26.0428 0x12e0  BrSerWdm - ok
06:49:26.0435 0x12e0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:49:26.0470 0x12e0  BrUsbMdm - ok
06:49:26.0477 0x12e0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:49:26.0503 0x12e0  BrUsbSer - ok
06:49:26.0512 0x12e0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
06:49:26.0550 0x12e0  BTHMODEM - ok
06:49:26.0608 0x12e0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
06:49:26.0702 0x12e0  bthserv - ok
06:49:26.0759 0x12e0  catchme - ok
06:49:26.0789 0x12e0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:49:26.0871 0x12e0  cdfs - ok
06:49:26.0904 0x12e0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
06:49:26.0945 0x12e0  cdrom - ok
06:49:26.0977 0x12e0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
06:49:27.0064 0x12e0  CertPropSvc - ok
06:49:27.0073 0x12e0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
06:49:27.0111 0x12e0  circlass - ok
06:49:27.0165 0x12e0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
06:49:27.0209 0x12e0  CLFS - ok
06:49:27.0278 0x12e0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:49:27.0305 0x12e0  clr_optimization_v2.0.50727_32 - ok
06:49:27.0329 0x12e0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:49:27.0355 0x12e0  clr_optimization_v2.0.50727_64 - ok
06:49:27.0416 0x12e0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:49:27.0440 0x12e0  clr_optimization_v4.0.30319_32 - ok
06:49:27.0462 0x12e0  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:49:27.0487 0x12e0  clr_optimization_v4.0.30319_64 - ok
06:49:27.0523 0x12e0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
06:49:27.0560 0x12e0  CmBatt - ok
06:49:27.0592 0x12e0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:49:27.0615 0x12e0  cmdide - ok
06:49:27.0716 0x12e0  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
06:49:27.0751 0x12e0  cm_km_w - ok
06:49:27.0826 0x12e0  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
06:49:27.0888 0x12e0  CNG - ok
06:49:27.0923 0x12e0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
06:49:27.0945 0x12e0  Compbatt - ok
06:49:27.0964 0x12e0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
06:49:28.0006 0x12e0  CompositeBus - ok
06:49:28.0015 0x12e0  COMSysApp - ok
06:49:28.0128 0x12e0  [ C11D1ED8D11A8C93C5E45BF9030A4F85, 9BE234CB4009848E7C65F00689B19C286C153FD951D1B6A6ED9B7D9A8CC6E33B ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
06:49:28.0167 0x12e0  cphs - ok
06:49:28.0199 0x12e0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
06:49:28.0222 0x12e0  crcdisk - ok
06:49:28.0270 0x12e0  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:49:28.0314 0x12e0  CryptSvc - ok
06:49:28.0384 0x12e0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:49:28.0499 0x12e0  DcomLaunch - ok
06:49:28.0559 0x12e0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
06:49:28.0659 0x12e0  defragsvc - ok
06:49:28.0712 0x12e0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:49:28.0847 0x12e0  DfsC - ok
06:49:28.0893 0x12e0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:49:28.0951 0x12e0  Dhcp - ok
06:49:28.0965 0x12e0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
06:49:29.0055 0x12e0  discache - ok
06:49:29.0074 0x12e0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
06:49:29.0099 0x12e0  Disk - ok
06:49:29.0135 0x12e0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:49:29.0194 0x12e0  Dnscache - ok
06:49:29.0224 0x12e0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:49:29.0311 0x12e0  dot3svc - ok
06:49:29.0330 0x12e0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
06:49:29.0411 0x12e0  DPS - ok
06:49:29.0451 0x12e0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:49:29.0490 0x12e0  drmkaud - ok
06:49:29.0587 0x12e0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:49:29.0666 0x12e0  DXGKrnl - ok
06:49:29.0728 0x12e0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
06:49:29.0844 0x12e0  EapHost - ok
06:49:30.0114 0x12e0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
06:49:30.0331 0x12e0  ebdrv - ok
06:49:30.0370 0x12e0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS             C:\Windows\System32\lsass.exe
06:49:30.0412 0x12e0  EFS - ok
06:49:30.0490 0x12e0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
06:49:30.0574 0x12e0  ehRecvr - ok
06:49:30.0586 0x12e0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
06:49:30.0670 0x12e0  ehSched - ok
06:49:30.0761 0x12e0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
06:49:30.0814 0x12e0  elxstor - ok
06:49:30.0822 0x12e0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:49:30.0854 0x12e0  ErrDev - ok
06:49:30.0915 0x12e0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
06:49:31.0014 0x12e0  EventSystem - ok
06:49:31.0038 0x12e0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
06:49:31.0123 0x12e0  exfat - ok
06:49:31.0147 0x12e0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:49:31.0243 0x12e0  fastfat - ok
06:49:31.0313 0x12e0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
06:49:31.0406 0x12e0  Fax - ok
06:49:31.0415 0x12e0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
06:49:31.0450 0x12e0  fdc - ok
06:49:31.0485 0x12e0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
06:49:31.0571 0x12e0  fdPHost - ok
06:49:31.0578 0x12e0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:49:31.0656 0x12e0  FDResPub - ok
06:49:31.0686 0x12e0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:49:31.0712 0x12e0  FileInfo - ok
06:49:31.0720 0x12e0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:49:31.0799 0x12e0  Filetrace - ok
06:49:31.0807 0x12e0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
06:49:31.0845 0x12e0  flpydisk - ok
06:49:31.0865 0x12e0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:49:31.0902 0x12e0  FltMgr - ok
06:49:32.0138 0x12e0  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
06:49:32.0253 0x12e0  FontCache - ok
06:49:32.0300 0x12e0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:49:32.0318 0x12e0  FontCache3.0.0.0 - ok
06:49:32.0405 0x12e0  [ 6227D8C06F94D4C59623AC661947CCD1, FA77454EB08BD568A9A6C2986F3EBBD1B6F728E01819DA6C866E77D5DEC47FF2 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
06:49:32.0439 0x12e0  FoxitCloudUpdateService - ok
06:49:32.0475 0x12e0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:49:32.0500 0x12e0  FsDepends - ok
06:49:32.0533 0x12e0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:49:32.0555 0x12e0  Fs_Rec - ok
06:49:32.0604 0x12e0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:49:32.0646 0x12e0  fvevol - ok
06:49:32.0732 0x12e0  [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn       C:\Windows\system32\DRIVERS\fwlanusbn.sys
06:49:32.0835 0x12e0  fwlanusbn - ok
06:49:32.0875 0x12e0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
06:49:32.0900 0x12e0  gagp30kx - ok
06:49:32.0974 0x12e0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:49:33.0093 0x12e0  gpsvc - ok
06:49:33.0145 0x12e0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:49:33.0167 0x12e0  gupdate - ok
06:49:33.0177 0x12e0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:49:33.0199 0x12e0  gupdatem - ok
06:49:33.0224 0x12e0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:49:33.0261 0x12e0  hcw85cir - ok
06:49:33.0316 0x12e0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:49:33.0371 0x12e0  HdAudAddService - ok
06:49:33.0394 0x12e0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
06:49:33.0439 0x12e0  HDAudBus - ok
06:49:33.0455 0x12e0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
06:49:33.0489 0x12e0  HidBatt - ok
06:49:33.0516 0x12e0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
06:49:33.0560 0x12e0  HidBth - ok
06:49:33.0586 0x12e0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
06:49:33.0651 0x12e0  HidIr - ok
06:49:33.0679 0x12e0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
06:49:33.0758 0x12e0  hidserv - ok
06:49:33.0773 0x12e0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:49:33.0806 0x12e0  HidUsb - ok
06:49:33.0850 0x12e0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:49:33.0929 0x12e0  hkmsvc - ok
06:49:33.0962 0x12e0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:49:34.0017 0x12e0  HomeGroupListener - ok
06:49:34.0054 0x12e0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:49:34.0096 0x12e0  HomeGroupProvider - ok
06:49:34.0134 0x12e0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:49:34.0160 0x12e0  HpSAMD - ok
06:49:34.0253 0x12e0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:49:34.0339 0x12e0  HTTP - ok
06:49:34.0355 0x12e0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:49:34.0377 0x12e0  hwpolicy - ok
06:49:34.0388 0x12e0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
06:49:34.0418 0x12e0  i8042prt - ok
06:49:34.0479 0x12e0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:49:34.0524 0x12e0  iaStorV - ok
06:49:34.0820 0x12e0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:49:34.0892 0x12e0  idsvc - ok
06:49:34.0909 0x12e0  IEEtwCollectorService - ok
06:49:35.0211 0x12e0  [ 549E0DEF32A5B7189BAC0BF53B189A16, 9264D8E78063BFB6008EAD25546F43E67A3E803865547DF5BC6CA9DFA8380CDA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
06:49:35.0547 0x12e0  igfx - ok
06:49:35.0601 0x12e0  [ 0C91417808FF6AB2A6638141C9FBF184, 62098ED30AD967F7DA42121B89EC16A7AA7C05F384E94106A760F08EEBA304A0 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
06:49:35.0633 0x12e0  igfxCUIService1.0.0.0 - ok
06:49:35.0662 0x12e0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
06:49:35.0682 0x12e0  iirsp - ok
06:49:35.0745 0x12e0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
06:49:35.0813 0x12e0  IKEEXT - ok
06:49:36.0346 0x12e0  [ CC2521C1BE66E922196431B77F765178, 07106F575F715F761E01D3788053CBA6E53DD8390CE79BD4F6FC2BCDDC34C982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:49:36.0605 0x12e0  IntcAzAudAddService - ok
06:49:37.0336 0x12e0  [ 6B8C74E8ED9B1050CFFEA8FFBE003CC5, 244E75B6E48AB781F2740776BE26670E7705BC096FA15CBF9D44C677BFA98C6A ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
06:49:37.0394 0x12e0  IntcDAud - ok
06:49:37.0634 0x12e0  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
06:49:37.0706 0x12e0  Intel(R) Capability Licensing Service TCP IP Interface - ok
06:49:37.0772 0x12e0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:49:37.0794 0x12e0  intelide - ok
06:49:37.0823 0x12e0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:49:37.0862 0x12e0  intelppm - ok
06:49:37.0945 0x12e0  [ 6894FA839454DD17EC0BE3566DF01659, B9E2876600A25E1CF1962B21D730F69AEE8DCEAE995DBF98D6F65CB81267AC1C ] intelsba        C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
06:49:37.0968 0x12e0  intelsba - ok
06:49:38.0015 0x12e0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:49:38.0104 0x12e0  IPBusEnum - ok
06:49:38.0141 0x12e0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:49:38.0218 0x12e0  IpFilterDriver - ok
06:49:38.0278 0x12e0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:49:38.0360 0x12e0  iphlpsvc - ok
06:49:38.0382 0x12e0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:49:38.0421 0x12e0  IPMIDRV - ok
06:49:38.0433 0x12e0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:49:38.0515 0x12e0  IPNAT - ok
06:49:38.0525 0x12e0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:49:38.0568 0x12e0  IRENUM - ok
06:49:38.0581 0x12e0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:49:38.0604 0x12e0  isapnp - ok
06:49:38.0852 0x12e0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:49:38.0890 0x12e0  iScsiPrt - ok
06:49:38.0961 0x12e0  [ 61662AFF4AF0413F461F2780167703AE, 55CCBA4F09581871B3EB81A40A3FB59013AD988CEED109E18C58609AD469117A ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
06:49:38.0983 0x12e0  iusb3hcs - ok
06:49:39.0031 0x12e0  [ 923030D5F4B1C801AE5219551F7B490B, C00D9CCE8D04FEFA9391725F79BBD77F03ED3E3DB53E02E80ABC008B2F179043 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
06:49:39.0074 0x12e0  iusb3hub - ok
06:49:39.0153 0x12e0  [ 234E2245AF65CFC021874F64C40E206B, 4254180327F7B58AAE1A158DADE53A06C02139F6CDD2A657E5E9B2868B96F806 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
06:49:39.0220 0x12e0  iusb3xhc - ok
06:49:39.0328 0x12e0  [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
06:49:39.0357 0x12e0  jhi_service - ok
06:49:39.0387 0x12e0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
06:49:39.0412 0x12e0  kbdclass - ok
06:49:39.0424 0x12e0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
06:49:39.0461 0x12e0  kbdhid - ok
06:49:39.0478 0x12e0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso          C:\Windows\system32\lsass.exe
06:49:39.0502 0x12e0  KeyIso - ok
06:49:39.0563 0x12e0  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
06:49:39.0611 0x12e0  kl1 - ok
06:49:39.0736 0x12e0  [ 885A70560731342CBD0D6BE8A72254B6, 91F93F1727ACF01EC3777C7D42522690010005FB67E12C461E935A880D11CD30 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
06:49:39.0762 0x12e0  kldisk - ok
06:49:39.0828 0x12e0  [ DDC9CC7D29254D8886DAFD62E265AE7C, 0DF72FC780BEB87E85F877EB4E864AF0530E8CCD599C24D469B1B0226E339DF1 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
06:49:39.0858 0x12e0  klflt - ok
06:49:39.0906 0x12e0  [ 658ADE6B5345B24D28B84A49495B0CF8, 2373DC12B737145F4A8949B8446CEB38B2C6C2B8B69054F32183FD2ED12FD915 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
06:49:39.0942 0x12e0  klhk - ok
06:49:40.0139 0x12e0  [ E05F3D847556FE0F5F14F46002CD6433, 8E7A3ABF617BDD00213615D5E1C7E1769580A220716D2881B21F5656BFBF6782 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
06:49:40.0211 0x12e0  KLIF - ok
06:49:40.0227 0x12e0  [ 366A0C2D4AD22E54F1B03DAC4B96E1C4, C81D8DFD1D4381E0DE94A54E03F3D2C0AB24B47350EC175181EBD7224FCE4BE5 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
06:49:40.0251 0x12e0  KLIM6 - ok
06:49:40.0281 0x12e0  [ 8BB0EA085EA9661B9218CCC5011C1CBE, 7FF590135F18F4EB339B5E71F790A49FA1EB5104604EE952E2694EC0CBFA3D21 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
06:49:40.0305 0x12e0  klkbdflt - ok
06:49:40.0319 0x12e0  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
06:49:40.0341 0x12e0  klmouflt - ok
06:49:40.0376 0x12e0  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
06:49:40.0398 0x12e0  klpd - ok
06:49:40.0430 0x12e0  [ AB3A62C17F342E195AFDA108867E6381, 77E3C17FC302FFC1585B013E5707C541061AF5011681980F870C9B6E346F3379 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
06:49:40.0455 0x12e0  kltdi - ok
06:49:40.0477 0x12e0  [ B699439F46FE914F3F8F60C0AA3148D3, 14C4A72DAE6713EF96CB47F3494BC9CD2BC06679CB139A2B571F55D4B4BC0512 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
06:49:40.0504 0x12e0  Klwtp - ok
06:49:40.0576 0x12e0  [ 8FBA7BEF56D0B29FC9FEBF480E8C3902, D8CA78E71E860AAAB166FAD7A6902A59DF3F5B598C162AD5CF68A571E8E437E9 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
06:49:40.0608 0x12e0  kneps - ok
06:49:40.0730 0x12e0  [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:49:40.0757 0x12e0  KSecDD - ok
06:49:41.0010 0x12e0  [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:49:41.0040 0x12e0  KSecPkg - ok
06:49:41.0077 0x12e0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
06:49:41.0160 0x12e0  ksthunk - ok
06:49:41.0255 0x12e0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:49:41.0365 0x12e0  KtmRm - ok
06:49:41.0402 0x12e0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
06:49:41.0496 0x12e0  LanmanServer - ok
06:49:41.0522 0x12e0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:49:41.0604 0x12e0  LanmanWorkstation - ok
06:49:41.0704 0x12e0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:49:41.0782 0x12e0  lltdio - ok
06:49:41.0859 0x12e0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:49:41.0969 0x12e0  lltdsvc - ok
06:49:41.0997 0x12e0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:49:42.0080 0x12e0  lmhosts - ok
06:49:42.0215 0x12e0  [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
06:49:42.0257 0x12e0  LMS - ok
06:49:42.0300 0x12e0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
06:49:42.0329 0x12e0  LSI_FC - ok
06:49:42.0340 0x12e0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
06:49:42.0367 0x12e0  LSI_SAS - ok
06:49:42.0379 0x12e0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
06:49:42.0404 0x12e0  LSI_SAS2 - ok
06:49:42.0416 0x12e0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
06:49:42.0444 0x12e0  LSI_SCSI - ok
06:49:42.0456 0x12e0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
06:49:42.0544 0x12e0  luafv - ok
06:49:42.0588 0x12e0  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
06:49:42.0611 0x12e0  MBfilt - ok
06:49:42.0716 0x12e0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
06:49:42.0746 0x12e0  Mcx2Svc - ok
06:49:42.0754 0x12e0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
06:49:42.0777 0x12e0  megasas - ok
06:49:42.0836 0x12e0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
06:49:42.0873 0x12e0  MegaSR - ok
06:49:42.0926 0x12e0  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
06:49:42.0955 0x12e0  MEIx64 - ok
06:49:42.0991 0x12e0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
06:49:43.0076 0x12e0  MMCSS - ok
06:49:43.0084 0x12e0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
06:49:43.0162 0x12e0  Modem - ok
06:49:43.0180 0x12e0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:49:43.0222 0x12e0  monitor - ok
06:49:43.0247 0x12e0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:49:43.0272 0x12e0  mouclass - ok
06:49:43.0287 0x12e0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:49:43.0312 0x12e0  mouhid - ok
06:49:43.0351 0x12e0  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:49:43.0377 0x12e0  mountmgr - ok
06:49:43.0454 0x12e0  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:49:43.0483 0x12e0  MozillaMaintenance - ok
06:49:43.0499 0x12e0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:49:43.0529 0x12e0  mpio - ok
06:49:43.0558 0x12e0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:49:43.0639 0x12e0  mpsdrv - ok
06:49:43.0759 0x12e0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:49:43.0895 0x12e0  MpsSvc - ok
06:49:43.0928 0x12e0  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:49:43.0976 0x12e0  MRxDAV - ok
06:49:44.0009 0x12e0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:49:44.0046 0x12e0  mrxsmb - ok
06:49:44.0076 0x12e0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:49:44.0130 0x12e0  mrxsmb10 - ok
06:49:44.0143 0x12e0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:49:44.0175 0x12e0  mrxsmb20 - ok
06:49:44.0200 0x12e0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
06:49:44.0223 0x12e0  msahci - ok
06:49:44.0270 0x12e0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:49:44.0300 0x12e0  msdsm - ok
06:49:44.0367 0x12e0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
06:49:44.0409 0x12e0  MSDTC - ok
06:49:44.0432 0x12e0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:49:44.0518 0x12e0  Msfs - ok
06:49:44.0528 0x12e0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:49:44.0615 0x12e0  mshidkmdf - ok
06:49:44.0634 0x12e0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:49:44.0656 0x12e0  msisadrv - ok
06:49:44.0721 0x12e0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:49:44.0812 0x12e0  MSiSCSI - ok
06:49:44.0818 0x12e0  msiserver - ok
06:49:44.0891 0x12e0  [ 6AFCD25B843D0C731B6987E39995AE72, FD0F2E15B0CEB1E558BD8A02D59B9002706A003049678281A446BC4398862B70 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
06:49:44.0920 0x12e0  MSI_SuperCharger - ok
06:49:44.0946 0x12e0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:49:45.0026 0x12e0  MSKSSRV - ok
06:49:45.0037 0x12e0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:49:45.0119 0x12e0  MSPCLOCK - ok
06:49:45.0125 0x12e0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:49:45.0202 0x12e0  MSPQM - ok
06:49:45.0233 0x12e0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:49:45.0274 0x12e0  MsRPC - ok
06:49:45.0286 0x12e0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
06:49:45.0309 0x12e0  mssmbios - ok
06:49:45.0315 0x12e0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:49:45.0402 0x12e0  MSTEE - ok
06:49:45.0409 0x12e0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
06:49:45.0450 0x12e0  MTConfig - ok
06:49:45.0460 0x12e0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
06:49:45.0485 0x12e0  Mup - ok
06:49:45.0534 0x12e0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
06:49:45.0645 0x12e0  napagent - ok
06:49:45.0805 0x12e0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:49:45.0857 0x12e0  NativeWifiP - ok
06:49:46.0086 0x12e0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:49:46.0166 0x12e0  NDIS - ok
06:49:46.0192 0x12e0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:49:46.0279 0x12e0  NdisCap - ok
06:49:46.0296 0x12e0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:49:46.0380 0x12e0  NdisTapi - ok
06:49:46.0388 0x12e0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:49:46.0468 0x12e0  Ndisuio - ok
06:49:46.0483 0x12e0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:49:46.0565 0x12e0  NdisWan - ok
06:49:46.0583 0x12e0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:49:46.0658 0x12e0  NDProxy - ok
06:49:46.0753 0x12e0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:49:46.0881 0x12e0  NetBIOS - ok
06:49:46.0900 0x12e0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:49:46.0995 0x12e0  NetBT - ok
06:49:47.0011 0x12e0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon        C:\Windows\system32\lsass.exe
06:49:47.0035 0x12e0  Netlogon - ok
06:49:47.0081 0x12e0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
06:49:47.0189 0x12e0  Netman - ok
06:49:47.0259 0x12e0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:49:47.0284 0x12e0  NetMsmqActivator - ok
06:49:47.0297 0x12e0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:49:47.0321 0x12e0  NetPipeActivator - ok
06:49:47.0353 0x12e0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
06:49:47.0468 0x12e0  netprofm - ok
06:49:47.0481 0x12e0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:49:47.0505 0x12e0  NetTcpActivator - ok
06:49:47.0517 0x12e0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:49:47.0540 0x12e0  NetTcpPortSharing - ok
06:49:47.0591 0x12e0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
06:49:47.0615 0x12e0  nfrd960 - ok
06:49:47.0829 0x12e0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:49:47.0912 0x12e0  NlaSvc - ok
06:49:47.0921 0x12e0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:49:47.0998 0x12e0  Npfs - ok
06:49:48.0030 0x12e0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
06:49:48.0109 0x12e0  nsi - ok
06:49:48.0117 0x12e0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:49:48.0208 0x12e0  nsiproxy - ok
06:49:48.0333 0x12e0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:49:48.0455 0x12e0  Ntfs - ok
06:49:48.0526 0x12e0  [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3   C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
06:49:48.0546 0x12e0  NTIOLib_1_0_3 - ok
06:49:48.0573 0x12e0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
06:49:48.0653 0x12e0  Null - ok
06:49:48.0764 0x12e0  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
06:49:48.0854 0x12e0  nusb3hub - ok
06:49:48.0906 0x12e0  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
06:49:48.0937 0x12e0  nusb3xhc - ok
06:49:49.0001 0x12e0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:49:49.0031 0x12e0  nvraid - ok
06:49:49.0074 0x12e0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:49:49.0105 0x12e0  nvstor - ok
06:49:49.0135 0x12e0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:49:49.0164 0x12e0  nv_agp - ok
06:49:49.0186 0x12e0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:49:49.0216 0x12e0  ohci1394 - ok
06:49:49.0262 0x12e0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:49:49.0320 0x12e0  p2pimsvc - ok
06:49:49.0358 0x12e0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
06:49:49.0413 0x12e0  p2psvc - ok
06:49:49.0456 0x12e0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:49:49.0486 0x12e0  Parport - ok
06:49:49.0516 0x12e0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:49:49.0542 0x12e0  partmgr - ok
06:49:49.0657 0x12e0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:49:49.0713 0x12e0  PcaSvc - ok
06:49:49.0729 0x12e0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
06:49:49.0761 0x12e0  pci - ok
06:49:49.0785 0x12e0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
06:49:49.0808 0x12e0  pciide - ok
06:49:49.0826 0x12e0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
06:49:49.0861 0x12e0  pcmcia - ok
06:49:49.0870 0x12e0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
06:49:49.0895 0x12e0  pcw - ok
06:49:49.0976 0x12e0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:49:50.0048 0x12e0  PEAUTH - ok
06:49:50.0122 0x12e0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:49:50.0152 0x12e0  PerfHost - ok
06:49:50.0260 0x12e0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
06:49:50.0418 0x12e0  pla - ok
06:49:50.0544 0x12e0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:49:50.0657 0x12e0  PlugPlay - ok
06:49:50.0751 0x12e0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:49:50.0823 0x12e0  PNRPAutoReg - ok
06:49:50.0953 0x12e0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:49:50.0995 0x12e0  PNRPsvc - ok
06:49:51.0092 0x12e0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:49:51.0195 0x12e0  PolicyAgent - ok
06:49:51.0281 0x12e0  PORTMON - ok
06:49:51.0329 0x12e0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
06:49:51.0437 0x12e0  Power - ok
06:49:51.0477 0x12e0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:49:51.0559 0x12e0  PptpMiniport - ok
06:49:51.0578 0x12e0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
06:49:51.0606 0x12e0  Processor - ok
06:49:51.0764 0x12e0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
06:49:51.0827 0x12e0  ProfSvc - ok
06:49:51.0860 0x12e0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
06:49:51.0884 0x12e0  ProtectedStorage - ok
06:49:51.0948 0x12e0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:49:52.0028 0x12e0  Psched - ok
06:49:52.0151 0x12e0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
06:49:52.0263 0x12e0  ql2300 - ok
06:49:52.0279 0x12e0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
06:49:52.0308 0x12e0  ql40xx - ok
06:49:52.0352 0x12e0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
06:49:52.0403 0x12e0  QWAVE - ok
06:49:52.0412 0x12e0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:49:52.0486 0x12e0  QWAVEdrv - ok
06:49:52.0494 0x12e0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:49:52.0590 0x12e0  RasAcd - ok
06:49:52.0791 0x12e0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:49:52.0868 0x12e0  RasAgileVpn - ok
06:49:52.0926 0x12e0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
06:49:53.0025 0x12e0  RasAuto - ok
06:49:53.0051 0x12e0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:49:53.0130 0x12e0  Rasl2tp - ok
06:49:53.0194 0x12e0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
06:49:53.0303 0x12e0  RasMan - ok
06:49:53.0314 0x12e0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:49:53.0398 0x12e0  RasPppoe - ok
06:49:53.0425 0x12e0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:49:53.0504 0x12e0  RasSstp - ok
06:49:53.0534 0x12e0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:49:53.0625 0x12e0  rdbss - ok
06:49:53.0634 0x12e0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
06:49:53.0704 0x12e0  rdpbus - ok
06:49:53.0744 0x12e0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:49:53.0825 0x12e0  RDPCDD - ok
06:49:53.0832 0x12e0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:49:53.0905 0x12e0  RDPENCDD - ok
06:49:53.0912 0x12e0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:49:53.0973 0x12e0  RDPREFMP - ok
06:49:54.0011 0x12e0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:49:54.0050 0x12e0  RDPWD - ok
06:49:54.0069 0x12e0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:49:54.0097 0x12e0  rdyboost - ok
06:49:54.0123 0x12e0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:49:54.0189 0x12e0  RemoteAccess - ok
06:49:54.0224 0x12e0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:49:54.0292 0x12e0  RemoteRegistry - ok
06:49:54.0306 0x12e0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:49:54.0371 0x12e0  RpcEptMapper - ok
06:49:54.0393 0x12e0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
06:49:54.0424 0x12e0  RpcLocator - ok
06:49:54.0461 0x12e0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
06:49:54.0544 0x12e0  RpcSs - ok
06:49:54.0612 0x12e0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:49:54.0702 0x12e0  rspndr - ok
06:49:54.0780 0x12e0  [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
06:49:54.0852 0x12e0  RTL8167 - ok
06:49:54.0877 0x12e0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs           C:\Windows\system32\lsass.exe
06:49:54.0900 0x12e0  SamSs - ok
06:49:54.0924 0x12e0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:49:54.0952 0x12e0  sbp2port - ok
06:49:54.0981 0x12e0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:49:55.0070 0x12e0  SCardSvr - ok
06:49:55.0078 0x12e0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:49:55.0163 0x12e0  scfilter - ok
06:49:55.0243 0x12e0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
06:49:55.0383 0x12e0  Schedule - ok
06:49:55.0417 0x12e0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:49:55.0492 0x12e0  SCPolicySvc - ok
06:49:55.0528 0x12e0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:49:55.0576 0x12e0  SDRSVC - ok
06:49:55.0615 0x12e0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:49:55.0757 0x12e0  secdrv - ok
06:49:55.0856 0x12e0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
06:49:55.0932 0x12e0  seclogon - ok
06:49:55.0961 0x12e0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
06:49:56.0040 0x12e0  SENS - ok
06:49:56.0096 0x12e0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:49:56.0130 0x12e0  SensrSvc - ok
06:49:56.0180 0x12e0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:49:56.0210 0x12e0  Serenum - ok
06:49:56.0246 0x12e0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:49:56.0313 0x12e0  Serial - ok
06:49:56.0334 0x12e0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
06:49:56.0372 0x12e0  sermouse - ok
06:49:56.0410 0x12e0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
06:49:56.0492 0x12e0  SessionEnv - ok
06:49:56.0499 0x12e0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:49:56.0530 0x12e0  sffdisk - ok
06:49:56.0537 0x12e0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:49:56.0574 0x12e0  sffp_mmc - ok
06:49:56.0581 0x12e0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:49:56.0612 0x12e0  sffp_sd - ok
06:49:56.0619 0x12e0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
06:49:56.0644 0x12e0  sfloppy - ok
06:49:56.0691 0x12e0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:49:56.0807 0x12e0  SharedAccess - ok
06:49:56.0864 0x12e0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:49:56.0968 0x12e0  ShellHWDetection - ok
06:49:56.0982 0x12e0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
06:49:57.0006 0x12e0  SiSRaid2 - ok
06:49:57.0025 0x12e0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
06:49:57.0052 0x12e0  SiSRaid4 - ok
06:49:57.0076 0x12e0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:49:57.0159 0x12e0  Smb - ok
06:49:57.0191 0x12e0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:49:57.0230 0x12e0  SNMPTRAP - ok
06:49:57.0237 0x12e0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:49:57.0258 0x12e0  spldr - ok
06:49:57.0317 0x12e0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
06:49:57.0395 0x12e0  Spooler - ok
06:49:57.0702 0x12e0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
06:49:57.0945 0x12e0  sppsvc - ok
06:49:57.0985 0x12e0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:49:58.0058 0x12e0  sppuinotify - ok
06:49:58.0193 0x12e0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:49:58.0297 0x12e0  srv - ok
06:49:58.0357 0x12e0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:49:58.0403 0x12e0  srv2 - ok
06:49:58.0446 0x12e0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:49:58.0501 0x12e0  srvnet - ok
06:49:58.0535 0x12e0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:49:58.0630 0x12e0  SSDPSRV - ok
06:49:58.0648 0x12e0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:49:58.0748 0x12e0  SstpSvc - ok
06:49:58.0779 0x12e0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
06:49:58.0802 0x12e0  stexstor - ok
06:49:58.0847 0x12e0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
06:49:58.0939 0x12e0  stisvc - ok
06:49:58.0947 0x12e0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
06:49:58.0970 0x12e0  swenum - ok
06:49:59.0014 0x12e0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
06:49:59.0122 0x12e0  swprv - ok
06:49:59.0244 0x12e0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
06:49:59.0386 0x12e0  SysMain - ok
06:49:59.0426 0x12e0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:49:59.0521 0x12e0  TabletInputService - ok
06:49:59.0574 0x12e0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:49:59.0667 0x12e0  TapiSrv - ok
06:49:59.0699 0x12e0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
06:49:59.0830 0x12e0  TBS - ok
06:50:00.0489 0x12e0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:50:00.0616 0x12e0  Tcpip - ok
06:50:00.0858 0x12e0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:50:00.0989 0x12e0  TCPIP6 - ok
06:50:01.0023 0x12e0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:50:01.0048 0x12e0  tcpipreg - ok
06:50:01.0127 0x12e0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:50:01.0219 0x12e0  TDPIPE - ok
06:50:01.0270 0x12e0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:50:01.0302 0x12e0  TDTCP - ok
06:50:01.0371 0x12e0  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:50:01.0431 0x12e0  tdx - ok
06:50:01.0449 0x12e0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
06:50:01.0474 0x12e0  TermDD - ok
06:50:01.0536 0x12e0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
06:50:01.0664 0x12e0  TermService - ok
06:50:01.0690 0x12e0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
06:50:01.0745 0x12e0  Themes - ok
06:50:01.0782 0x12e0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
06:50:01.0862 0x12e0  THREADORDER - ok
06:50:01.0907 0x12e0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
06:50:01.0992 0x12e0  TrkWks - ok
06:50:02.0149 0x12e0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:50:02.0231 0x12e0  TrustedInstaller - ok
06:50:02.0302 0x12e0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:50:02.0349 0x12e0  tssecsrv - ok
06:50:02.0382 0x12e0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:50:02.0457 0x12e0  TsUsbFlt - ok
06:50:02.0464 0x12e0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
06:50:02.0488 0x12e0  TsUsbGD - ok
06:50:02.0544 0x12e0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:50:02.0636 0x12e0  tunnel - ok
06:50:02.0677 0x12e0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
06:50:02.0702 0x12e0  uagp35 - ok
06:50:02.0732 0x12e0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:50:02.0837 0x12e0  udfs - ok
06:50:02.0883 0x12e0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:50:02.0947 0x12e0  UI0Detect - ok
06:50:02.0960 0x12e0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:50:02.0986 0x12e0  uliagpkx - ok
06:50:03.0042 0x12e0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
06:50:03.0069 0x12e0  umbus - ok
06:50:03.0089 0x12e0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
06:50:03.0113 0x12e0  UmPass - ok
06:50:03.0147 0x12e0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
06:50:03.0259 0x12e0  upnphost - ok
06:50:03.0291 0x12e0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:50:03.0334 0x12e0  usbccgp - ok
06:50:03.0357 0x12e0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:50:03.0405 0x12e0  usbcir - ok
06:50:03.0443 0x12e0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
06:50:03.0504 0x12e0  usbehci - ok
06:50:03.0543 0x12e0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:50:03.0585 0x12e0  usbhub - ok
06:50:03.0695 0x12e0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
06:50:03.0721 0x12e0  usbohci - ok
06:50:03.0759 0x12e0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:50:03.0817 0x12e0  usbprint - ok
06:50:03.0864 0x12e0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
06:50:03.0906 0x12e0  usbscan - ok
06:50:03.0942 0x12e0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:50:03.0989 0x12e0  USBSTOR - ok
06:50:04.0007 0x12e0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
06:50:04.0043 0x12e0  usbuhci - ok
06:50:04.0061 0x12e0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
06:50:04.0142 0x12e0  UxSms - ok
06:50:04.0202 0x12e0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc        C:\Windows\system32\lsass.exe
06:50:04.0221 0x12e0  VaultSvc - ok
06:50:04.0228 0x12e0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:50:04.0247 0x12e0  vdrvroot - ok
06:50:04.0332 0x12e0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
06:50:04.0472 0x12e0  vds - ok
06:50:04.0479 0x12e0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:50:04.0504 0x12e0  vga - ok
06:50:04.0510 0x12e0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:50:04.0583 0x12e0  VgaSave - ok
06:50:04.0641 0x12e0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:50:04.0676 0x12e0  vhdmp - ok
06:50:04.0751 0x12e0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:50:04.0774 0x12e0  viaide - ok
06:50:04.0821 0x12e0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:50:04.0847 0x12e0  volmgr - ok
06:50:04.0872 0x12e0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:50:04.0915 0x12e0  volmgrx - ok
06:50:04.0983 0x12e0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:50:05.0021 0x12e0  volsnap - ok
06:50:05.0079 0x12e0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
06:50:05.0109 0x12e0  vsmraid - ok
06:50:05.0284 0x12e0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
06:50:05.0470 0x12e0  VSS - ok
06:50:05.0497 0x12e0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
06:50:05.0535 0x12e0  vwifibus - ok
06:50:05.0600 0x12e0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
06:50:05.0680 0x12e0  W32Time - ok
06:50:05.0806 0x12e0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
06:50:05.0831 0x12e0  WacomPen - ok
06:50:05.0850 0x12e0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:50:05.0929 0x12e0  WANARP - ok
06:50:05.0963 0x12e0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:50:06.0032 0x12e0  Wanarpv6 - ok
06:50:06.0140 0x12e0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
06:50:06.0278 0x12e0  wbengine - ok
06:50:06.0298 0x12e0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:50:06.0355 0x12e0  WbioSrvc - ok
06:50:06.0379 0x12e0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:50:06.0439 0x12e0  wcncsvc - ok
06:50:06.0454 0x12e0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:50:06.0492 0x12e0  WcsPlugInService - ok
06:50:06.0510 0x12e0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
06:50:06.0533 0x12e0  Wd - ok
06:50:06.0593 0x12e0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:50:06.0664 0x12e0  Wdf01000 - ok
06:50:06.0700 0x12e0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:50:06.0746 0x12e0  WdiServiceHost - ok
06:50:06.0755 0x12e0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:50:06.0783 0x12e0  WdiSystemHost - ok
06:50:06.0862 0x12e0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
06:50:06.0922 0x12e0  WebClient - ok
06:50:06.0975 0x12e0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:50:07.0058 0x12e0  Wecsvc - ok
06:50:07.0077 0x12e0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:50:07.0154 0x12e0  wercplsupport - ok
06:50:07.0164 0x12e0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:50:07.0230 0x12e0  WerSvc - ok
06:50:07.0255 0x12e0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:50:07.0316 0x12e0  WfpLwf - ok
06:50:07.0322 0x12e0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:50:07.0340 0x12e0  WIMMount - ok
06:50:07.0372 0x12e0  WinDefend - ok
06:50:07.0381 0x12e0  WinHttpAutoProxySvc - ok
06:50:08.0043 0x12e0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:50:08.0174 0x12e0  Winmgmt - ok
06:50:08.0351 0x12e0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
06:50:08.0534 0x12e0  WinRM - ok
06:50:08.0631 0x12e0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
06:50:08.0657 0x12e0  WinUsb - ok
06:50:08.0765 0x12e0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:50:08.0846 0x12e0  Wlansvc - ok
06:50:08.0931 0x12e0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
06:50:08.0959 0x12e0  WmiAcpi - ok
06:50:09.0069 0x12e0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:50:09.0150 0x12e0  wmiApSrv - ok
06:50:09.0169 0x12e0  WMPNetworkSvc - ok
06:50:09.0227 0x12e0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:50:09.0291 0x12e0  WPCSvc - ok
06:50:09.0309 0x12e0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:50:09.0346 0x12e0  WPDBusEnum - ok
06:50:09.0372 0x12e0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:50:09.0449 0x12e0  ws2ifsl - ok
06:50:09.0474 0x12e0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
06:50:09.0517 0x12e0  wscsvc - ok
06:50:09.0563 0x12e0  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
06:50:09.0594 0x12e0  WSDPrintDevice - ok
06:50:09.0627 0x12e0  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
06:50:09.0650 0x12e0  WSDScan - ok
06:50:09.0656 0x12e0  WSearch - ok
06:50:10.0390 0x12e0  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:50:10.0587 0x12e0  wuauserv - ok
06:50:10.0617 0x12e0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:50:10.0683 0x12e0  WudfPf - ok
06:50:10.0703 0x12e0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
06:50:10.0746 0x12e0  WUDFRd - ok
06:50:10.0780 0x12e0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:50:10.0810 0x12e0  wudfsvc - ok
06:50:10.0916 0x12e0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:50:10.0974 0x12e0  WwanSvc - ok
06:50:11.0023 0x12e0  ================ Scan global ===============================
06:50:11.0058 0x12e0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
06:50:11.0165 0x12e0  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
06:50:11.0193 0x12e0  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
06:50:11.0272 0x12e0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
06:50:11.0430 0x12e0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
06:50:11.0448 0x12e0  [ Global ] - ok
06:50:11.0448 0x12e0  ================ Scan MBR ==================================
06:50:11.0482 0x12e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:50:12.0716 0x12e0  \Device\Harddisk0\DR0 - ok
06:50:13.0013 0x12e0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
06:50:13.0241 0x12e0  \Device\Harddisk2\DR2 - ok
06:50:13.0242 0x12e0  ================ Scan VBR ==================================
06:50:13.0263 0x12e0  [ 9598A9CA25A37FF94ADA91B0802FD969 ] \Device\Harddisk0\DR0\Partition1
06:50:13.0268 0x12e0  \Device\Harddisk0\DR0\Partition1 - ok
06:50:13.0276 0x12e0  [ 3E8BBB33817E11BE3391D86A43CB6200 ] \Device\Harddisk0\DR0\Partition2
06:50:13.0279 0x12e0  \Device\Harddisk0\DR0\Partition2 - ok
06:50:13.0283 0x12e0  [ E5068FCFEF3BADE0B640227AA5955B93 ] \Device\Harddisk2\DR2\Partition1
06:50:13.0313 0x12e0  \Device\Harddisk2\DR2\Partition1 - ok
06:50:13.0314 0x12e0  ================ Scan generic autorun ======================
06:50:14.0037 0x12e0  [ E1026B2975D308D43E896A108C92F1BD, 562903C88BC3CBD86E9A813001C72576181F2470286040240BAC92E5BF1F1583 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
06:50:14.0478 0x12e0  RTHDVCPL - ok
06:50:14.0682 0x12e0  [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
06:50:14.0822 0x12e0  CanonMyPrinter - ok
06:50:14.0927 0x12e0  [ 1A9CBFCE469C8CA77B70DB366056AAD9, BEA0919B7C934523CAFB5DB8B242872EAFBACA667517783472B8CCF0E7928DF2 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
06:50:14.0950 0x12e0  IMSS - ok
06:50:15.0031 0x12e0  [ F19BB9A114A0F85E6E8C4395322E7191, FDFAFE5535442031A1102F0AE2B50213BDACA291EF958DE59E9C3CD556BF5DA7 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
06:50:15.0066 0x12e0  USB3MON - ok
06:50:15.0153 0x12e0  [ C43736630B746B38C4E12C03F81AC1B9, BB3FD50A072AD96630E4D88726075313506BE7CE5F197A83BE2739FBA920C17E ] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
06:50:15.0231 0x12e0  Super Charger - ok
06:50:15.0408 0x12e0  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
06:50:15.0541 0x12e0  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
06:50:20.0432 0x12e0  Detect skipped due to KSN trusted
06:50:20.0433 0x12e0  AVMWlanClient - ok
06:50:20.0875 0x12e0  [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
06:50:20.0984 0x12e0  CanonSolutionMenuEx - ok
06:50:21.0176 0x12e0  [ 2B282A4050FE3B4B70EF9E3070BBFF78, 019B667781F5CE411AEB569EAA4095FA2B9942E43A6A1DFC6EEBB2DA214131FE ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
06:50:21.0200 0x12e0  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
06:50:28.0127 0x12e0  Detect skipped due to KSN trusted
06:50:28.0127 0x12e0  FreePDF Assistant - ok
06:50:28.0636 0x12e0  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
06:50:29.0061 0x12e0  CCleaner Monitoring - ok
06:50:29.0077 0x12e0  Waiting for KSN requests completion. In queue: 1
06:50:30.0077 0x12e0  Waiting for KSN requests completion. In queue: 1
06:50:31.0077 0x12e0  Waiting for KSN requests completion. In queue: 1
06:50:32.0136 0x12e0  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41000 ( enabled : updated )
06:50:32.0139 0x12e0  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled )
06:50:34.0558 0x12e0  ============================================================
06:50:34.0558 0x12e0  Scan finished
06:50:34.0558 0x12e0  ============================================================
06:50:34.0575 0x0aac  Detected object count: 0
06:50:34.0575 0x0aac  Actual detected object count: 0


Alt 23.05.2015, 19:49   #6
schrauber
/// the machine
/// TB-Ausbilder
 
DHL-Trojaner - Standard

DHL-Trojaner


Sieht gut aus. Zur Kontrolle:

Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

__________________
--> DHL-Trojaner

Alt 24.05.2015, 07:36   #7
didum
 
DHL-Trojaner - Standard

DHL-Trojaner


Hier das Quarantäne-Protokoll von Emsisoft. Insgesamt wurden 9 Objekte gefunden, die sich fast alle in der Kaspersky-Quarantäne befinden, darunter auch ein Programm, das zum Testen der neu installierten Kaspersky Internet Security vom Techniker heruntergeladen wurde.

Code:
ATTFilter
Emsisoft Emergency Kit - Version 9.0
Quarantäne-Protokoll

Datum	Quelle	Vorgang	Fund	
24.05.2015 08:16:35	Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Unter Quarantäne	Setting.DisableRegistryTools (A)	
24.05.2015 08:16:34	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\328c357500f60562.klq	Datei gesperrt, Löschung beim nächsten Reboot	Gen:Variant.Application.NirSoft.1 (B)	
24.05.2015 08:16:34	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\326fe7f7779d1b9b.klq	Datei gesperrt, Löschung beim nächsten Reboot	Gen:Variant.Application.NirSoft.1 (B)	
24.05.2015 08:16:34	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\19fb30817352635d.klq	Datei gesperrt, Löschung beim nächsten Reboot	Gen:Variant.Application.NirSoft.1 (B)	
24.05.2015 08:16:33	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\464057cdf7393593.klq	Datei gesperrt, Löschung beim nächsten Reboot	EICAR-Test-File (not a virus) (B)	
24.05.2015 08:16:33	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\43c50aa62b7397e4.klq.109261.gzquar	Datei gesperrt, Löschung beim nächsten Reboot	EICAR-Test-File (not a virus) (B)	
24.05.2015 08:16:33	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\4050fe8b65f92bf1.klq.107968.gzquar	Datei gesperrt, Löschung beim nächsten Reboot	EICAR-Test-File (not a virus) (B)	
24.05.2015 08:16:33	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\354ffce5ba2718a0.klq	Datei gesperrt, Löschung beim nächsten Reboot	Gen:Variant.Application.NirSoft.1 (B)	
24.05.2015 08:16:32	C:\ProgramData\Kaspersky Lab\AVP15.0.2\QB\71127f39917a4ff4.klq.109189.gzquar	Datei gesperrt, Löschung beim nächsten Reboot	EICAR-Test-File (not a virus) (B)

Alt 24.05.2015, 19:19   #8
schrauber
/// the machine
/// TB-Ausbilder
 
DHL-Trojaner - Standard

DHL-Trojaner


jo sieht gut aus
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.05.2015, 06:17   #9
didum
 
DHL-Trojaner - Standard

DHL-Trojaner


puh, bin erleichtert. vielen lieben dank für die unterstützung!!!
beste grüße
jenny

Alt 25.05.2015, 16:15   #10
schrauber
/// the machine
/// TB-Ausbilder
 
DHL-Trojaner - Standard

DHL-Trojaner


Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu DHL-Trojaner
einfach, entferne, entfernen, erneute, fund, hallo zusammen, installiert, interne, internet, kaspersky, kompatibel, link, melde, meldet, professionell, rechner, recovery, scan, scannt, security, tool, trojaner, verschwunden, wirklich, zusammen


« Bauerncomputer bereinigen | Steam Virus durch .src Datei? »


Zum Thema DHL-Trojaner - Hallo zusammen, mir ist es leider auch passiert: in einem gedankenlosen Moment auf den zip-Anhang einer DHL-mail bzw. auf den Link darin geklickt. Habe danach Kaspersky Internet Security installiert und - DHL-Trojaner...
Archiv
Du betrachtest: DHL-Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131