| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschicktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.06.2015, 20:13
| #1 |
| |  Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Also, ich bin ein häufig Benutzer meines Laptops und serve Querbeet. Nun habe ich ein Problem. Mein Firefox-Briefkasten schickt mir immer häufiger "Mail delivery failed"-Emails, obwohl ich keine verschickt habe. Hat diese auch an meine gespeichert Emailadressen in meinem Namen verschickt.  Bin technisch nicht sehr geschickt und hoffe, daß mir jemand aus diesem Dilemma wieder raushelfen kann. ERstmal vielen Dank. |
|
09.06.2015, 20:29
| #2 |
| /// the machine /// TB-Ausbilder    | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.06.2015, 21:40
| #3 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Sorry, wie füge ich das hier ein?
__________________Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015 Ran by Renate (administrator) on ENGEL-PC on 09-06-2015 22:29:34 Running from C:\Users\Renate\Desktop Loaded Profiles: UpdatusUser & Renate (Available Profiles: UpdatusUser & Renate) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Renate at 2015-06-09 22:31:21
Running from C:\Users\Renate\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1026582432-930876547-3987948175-500 - Administrator - Disabled)
Gast (S-1-5-21-1026582432-930876547-3987948175-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1026582432-930876547-3987948175-1009 - Limited - Enabled)
Renate (S-1-5-21-1026582432-930876547-3987948175-1002 - Administrator - Enabled) => C:\Users\Renate
UpdatusUser (S-1-5-21-1026582432-930876547-3987948175-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA ANTIVIRUS (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA ANTIVIRUS (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1026582432-930876547-3987948175-1002\...\Amazon Amazon Music) (Version: 3.9.0.790 - Amazon Services LLC)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
Free YouTube to MP3 Converter version 3.12.57.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.57.324 - DVDVideoSoft Ltd.)
G DATA ANTIVIRUS (HKLM-x32\...\{B9FC0A7D-FA1D-4347-ABED-AD8AD5305633}) (Version: 25.0.2.4 - G DATA Software AG)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.3 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1026582432-930876547-3987948175-1002\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1026582432-930876547-3987948175-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Renate\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1026582432-930876547-3987948175-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Renate\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1026582432-930876547-3987948175-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Renate\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1026582432-930876547-3987948175-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Renate\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1026582432-930876547-3987948175-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Renate\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
23-05-2015 18:15:00 Geplanter Prüfpunkt
31-05-2015 09:51:30 Geplanter Prüfpunkt
08-06-2015 22:09:34 Geplanter Prüfpunkt
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {2A436A07-4DC3-4F15-8BE6-FCFABF880667} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {CCA4589B-C7D4-45EE-AA19-FB8A5B7FA79E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {D5DCA1BA-B2AA-4CE7-BE9A-353DF8B2D513} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {ED61605B-28F4-4D05-A931-97BCBD31DB54} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {EE2BF985-0E05-4E2D-A190-ABA6651C29D4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {F1945239-87E8-417E-9C26-85A3679D8592} - System32\Tasks\Opera scheduled Autoupdate 1422652730 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {FE1700AB-3092-497A-88C8-3EB87883AAB6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-20] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-13 10:51 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-19 21:16 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Renate (administrator) on ENGEL-PC on 09-06-2015 22:29:34
Running from C:\Users\Renate\Desktop
Loaded Profiles: UpdatusUser & Renate (Available Profiles: UpdatusUser & Renate)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
|
|
10.06.2015, 16:53
| #4 |
| /// the machine /// TB-Ausbilder | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Passwort vom Mail Account ändern. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.06.2015, 20:39
| #5 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.06.10.05 rootkit: v2015.06.02.01 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.17801 Renate :: ENGEL-PC [administrator] 10.06.2015 20:59:50 mbar-log-2015-06-10 (20-59-50).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 416101 Time elapsed: 32 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Code:
ATTFilter 21:35:12.0096 0x14dc TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:35:12.0096 0x14dc UEFI system
21:35:19.0360 0x14dc ============================================================
21:35:19.0360 0x14dc Current date / time: 2015/06/10 21:35:19.0360
21:35:19.0361 0x14dc SystemInfo:
21:35:19.0361 0x14dc
21:35:19.0361 0x14dc OS Version: 6.3.9600 ServicePack: 0.0
21:35:19.0361 0x14dc Product type: Workstation
21:35:19.0361 0x14dc ComputerName: ENGEL-PC
21:35:19.0361 0x14dc UserName: Renate
21:35:19.0361 0x14dc Windows directory: C:\WINDOWS
21:35:19.0361 0x14dc System windows directory: C:\WINDOWS
21:35:19.0361 0x14dc Running under WOW64
21:35:19.0361 0x14dc Processor architecture: Intel x64
21:35:19.0361 0x14dc Number of processors: 4
21:35:19.0361 0x14dc Page size: 0x1000
21:35:19.0361 0x14dc Boot type: Normal boot
21:35:19.0361 0x14dc ============================================================
21:35:19.0921 0x14dc KLMD registered as C:\WINDOWS\system32\drivers\96646924.sys
21:35:21.0245 0x14dc System UUID: {FAEABC84-9EB4-5FF7-5F03-44E726C96E7D}
21:35:22.0904 0x14dc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:35:22.0917 0x14dc ============================================================
21:35:22.0918 0x14dc \Device\Harddisk0\DR0:
21:35:22.0918 0x14dc GPT partitions:
21:35:22.0918 0x14dc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {22E86E28-F052-41C4-B0BD-540E40F0169B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
21:35:22.0918 0x14dc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8B55379C-CDE5-4808-86C4-56E10B266B0F}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
21:35:22.0918 0x14dc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DC702D79-3EDB-495C-9054-E8B05BE5369B}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
21:35:22.0919 0x14dc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C323487B-4B4C-4B0C-B460-D858E4D11AC5}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37B81000
21:35:22.0919 0x14dc \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1BBB7EDB-4307-44B1-991E-7D476382ABC8}, Name: , StartLBA 0x37D1F800, BlocksNum 0xE1000
21:35:22.0919 0x14dc \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {86192933-0379-4D07-9407-9C1571CED04A}, Name: Basic data partition, StartLBA 0x37E00800, BlocksNum 0x2585800
21:35:22.0919 0x14dc MBR partitions:
21:35:22.0919 0x14dc ============================================================
21:35:22.0938 0x14dc C: <-> \Device\Harddisk0\DR0\Partition4
21:35:22.0939 0x14dc ============================================================
21:35:22.0939 0x14dc Initialize success
21:35:22.0939 0x14dc ============================================================
21:36:32.0441 0x0d08 ============================================================
21:36:32.0441 0x0d08 Scan started
21:36:32.0441 0x0d08 Mode: Manual; SigCheck; TDLFS;
21:36:32.0441 0x0d08 ============================================================
21:36:32.0441 0x0d08 KSN ping started
21:36:35.0026 0x0d08 KSN ping finished: true
21:36:38.0496 0x0d08 ================ Scan system memory ========================
21:36:38.0496 0x0d08 System memory - ok
21:36:38.0499 0x0d08 ================ Scan services =============================
21:36:38.0686 0x0d08 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:36:39.0136 0x0d08 1394ohci - ok
21:36:39.0152 0x0d08 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:36:39.0169 0x0d08 3ware - ok
21:36:39.0280 0x0d08 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:36:39.0321 0x0d08 ACPI - ok
21:36:39.0348 0x0d08 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:36:39.0372 0x0d08 acpiex - ok
21:36:39.0388 0x0d08 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:36:39.0426 0x0d08 acpipagr - ok
21:36:39.0451 0x0d08 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:36:39.0543 0x0d08 AcpiPmi - ok
21:36:39.0574 0x0d08 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:36:39.0645 0x0d08 acpitime - ok
21:36:39.0760 0x0d08 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:36:39.0784 0x0d08 AdobeFlashPlayerUpdateSvc - ok
21:36:39.0837 0x0d08 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:36:39.0882 0x0d08 ADP80XX - ok
21:36:39.0925 0x0d08 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
21:36:39.0995 0x0d08 AeLookupSvc - ok
21:36:40.0061 0x0d08 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:36:40.0266 0x0d08 AFD - ok
21:36:40.0287 0x0d08 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:36:40.0353 0x0d08 agp440 - ok
21:36:40.0444 0x0d08 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:36:40.0615 0x0d08 ahcache - ok
21:36:40.0660 0x0d08 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
21:36:40.0820 0x0d08 ALG - ok
21:36:40.0884 0x0d08 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:36:40.0940 0x0d08 AmdK8 - ok
21:36:40.0952 0x0d08 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:36:40.0992 0x0d08 AmdPPM - ok
21:36:41.0012 0x0d08 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:36:41.0034 0x0d08 amdsata - ok
21:36:41.0065 0x0d08 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:36:41.0096 0x0d08 amdsbs - ok
21:36:41.0110 0x0d08 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:36:41.0123 0x0d08 amdxata - ok
21:36:41.0147 0x0d08 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:36:41.0200 0x0d08 AppID - ok
21:36:41.0237 0x0d08 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:36:41.0294 0x0d08 AppIDSvc - ok
21:36:41.0325 0x0d08 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:36:41.0369 0x0d08 Appinfo - ok
21:36:41.0413 0x0d08 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
21:36:41.0512 0x0d08 AppReadiness - ok
21:36:41.0593 0x0d08 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
21:36:41.0680 0x0d08 AppXSvc - ok
21:36:41.0715 0x0d08 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:36:41.0758 0x0d08 arcsas - ok
21:36:41.0768 0x0d08 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:36:41.0784 0x0d08 atapi - ok
21:36:41.0841 0x0d08 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:36:41.0952 0x0d08 AudioEndpointBuilder - ok
21:36:42.0027 0x0d08 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:36:42.0103 0x0d08 Audiosrv - ok
21:36:42.0250 0x0d08 [ 8DFC779658F5227019615CDF54748652, 5FFA2E04002C9C9888D4FE85179DD8FEA4C999DD66791B15325E933B24AA4AE3 ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
21:36:42.0324 0x0d08 AVKProxy - ok
21:36:42.0387 0x0d08 [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
21:36:42.0422 0x0d08 AVKService - ok
21:36:42.0533 0x0d08 [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
21:36:42.0652 0x0d08 AVKWCtl - ok
21:36:42.0707 0x0d08 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:36:42.0758 0x0d08 AxInstSV - ok
21:36:42.0816 0x0d08 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:36:42.0856 0x0d08 b06bdrv - ok
21:36:42.0893 0x0d08 [ 458AF8D6C7B837B3169750254E531095, 0CA3DB39C706A06D90B95D7377A0FEBEFBBBFAD69F7F5087F7DF128C69D674D9 ] b57xdbd C:\WINDOWS\System32\drivers\b57xdbd.sys
21:36:42.0905 0x0d08 b57xdbd - ok
21:36:42.0924 0x0d08 [ B97D9ADFEB4F0AADD3DAC9F8D427AA7A, 1F52B09264715192ED73A2871254675425C211BDBFF3575F96A85DE0411B5D7A ] b57xdmp C:\WINDOWS\System32\drivers\b57xdmp.sys
21:36:42.0934 0x0d08 b57xdmp - ok
21:36:42.0960 0x0d08 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:36:43.0035 0x0d08 BasicDisplay - ok
21:36:43.0049 0x0d08 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:36:43.0137 0x0d08 BasicRender - ok
21:36:43.0470 0x0d08 [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:36:43.0840 0x0d08 BCM43XX - ok
21:36:43.0864 0x0d08 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
21:36:43.0874 0x0d08 bcmfn2 - ok
21:36:43.0928 0x0d08 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:36:44.0014 0x0d08 BDESVC - ok
21:36:44.0044 0x0d08 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:36:44.0131 0x0d08 Beep - ok
21:36:44.0194 0x0d08 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
21:36:44.0334 0x0d08 BFE - ok
21:36:44.0422 0x0d08 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
21:36:44.0580 0x0d08 BITS - ok
21:36:44.0606 0x0d08 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:36:44.0682 0x0d08 bowser - ok
21:36:44.0772 0x0d08 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:36:44.0876 0x0d08 BrokerInfrastructure - ok
21:36:44.0934 0x0d08 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
21:36:45.0073 0x0d08 Browser - ok
21:36:45.0105 0x0d08 [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa C:\WINDOWS\System32\drivers\bScsiMSa.sys
21:36:45.0139 0x0d08 bScsiMSa - ok
21:36:45.0168 0x0d08 [ 8168FE3CA8C6C3F18137FF422F3C37DE, 5C0906D50D3585A2850316072FFC8726A70BCFBE7AFB17EE69A70A736125AD7A ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
21:36:45.0186 0x0d08 bScsiSDa - ok
21:36:45.0221 0x0d08 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:36:45.0296 0x0d08 BthAvrcpTg - ok
21:36:45.0315 0x0d08 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:36:45.0403 0x0d08 BthHFEnum - ok
21:36:45.0438 0x0d08 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:36:45.0488 0x0d08 bthhfhid - ok
21:36:45.0540 0x0d08 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
21:36:45.0594 0x0d08 BthHFSrv - ok
21:36:45.0627 0x0d08 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:36:45.0697 0x0d08 BTHMODEM - ok
21:36:45.0730 0x0d08 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:36:45.0829 0x0d08 bthserv - ok
21:36:45.0844 0x0d08 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:36:45.0912 0x0d08 cdfs - ok
21:36:45.0933 0x0d08 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:36:45.0951 0x0d08 cdrom - ok
21:36:45.0981 0x0d08 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:36:46.0055 0x0d08 CertPropSvc - ok
21:36:46.0094 0x0d08 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:36:46.0140 0x0d08 circlass - ok
21:36:46.0168 0x0d08 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:36:46.0196 0x0d08 CLFS - ok
21:36:46.0467 0x0d08 [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:36:46.0581 0x0d08 ClickToRunSvc - ok
21:36:46.0618 0x0d08 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:36:46.0664 0x0d08 CmBatt - ok
21:36:46.0711 0x0d08 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:36:46.0747 0x0d08 CNG - ok
21:36:46.0782 0x0d08 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
21:36:46.0835 0x0d08 CompositeBus - ok
21:36:46.0842 0x0d08 COMSysApp - ok
21:36:46.0858 0x0d08 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:36:46.0954 0x0d08 condrv - ok
21:36:47.0047 0x0d08 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:36:47.0085 0x0d08 cphs - ok
21:36:47.0118 0x0d08 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:36:47.0232 0x0d08 CryptSvc - ok
21:36:47.0252 0x0d08 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
21:36:47.0271 0x0d08 dam - ok
21:36:47.0340 0x0d08 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:36:47.0445 0x0d08 DcomLaunch - ok
21:36:47.0481 0x0d08 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:36:47.0592 0x0d08 defragsvc - ok
21:36:47.0629 0x0d08 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:36:47.0668 0x0d08 DeviceAssociationService - ok
21:36:47.0773 0x0d08 [ 6EC5098678F3E8724A9F3E151031FEDE, 50D8BF9AC08497FA45C097186BD5C0E85C265DDC40A48491E78249BB7243649D ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
21:36:47.0806 0x0d08 DeviceFastLaneService - ok
21:36:47.0834 0x0d08 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:36:47.0917 0x0d08 DeviceInstall - ok
21:36:47.0956 0x0d08 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:36:48.0076 0x0d08 Dfsc - ok
21:36:48.0112 0x0d08 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:36:48.0148 0x0d08 dg_ssudbus - ok
21:36:48.0215 0x0d08 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:36:48.0287 0x0d08 Dhcp - ok
21:36:48.0326 0x0d08 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
21:36:48.0368 0x0d08 disk - ok
21:36:48.0401 0x0d08 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:36:48.0464 0x0d08 dmvsc - ok
21:36:48.0501 0x0d08 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:36:48.0536 0x0d08 Dnscache - ok
21:36:48.0594 0x0d08 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:36:48.0684 0x0d08 dot3svc - ok
21:36:48.0731 0x0d08 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
21:36:48.0788 0x0d08 DPS - ok
21:36:48.0810 0x0d08 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:36:48.0822 0x0d08 drmkaud - ok
21:36:48.0904 0x0d08 [ 7C685CB0AC7D4E998D213C8B84FA609F, C4D8D178987FA68BC2A8864CB84AAD47031B5956DECD74929C4ED36AE1F41470 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
21:36:48.0941 0x0d08 DsiWMIService - ok
21:36:48.0981 0x0d08 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:36:49.0020 0x0d08 DsmSvc - ok
21:36:49.0096 0x0d08 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:36:49.0220 0x0d08 DXGKrnl - ok
21:36:49.0274 0x0d08 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
21:36:49.0389 0x0d08 Eaphost - ok
21:36:49.0565 0x0d08 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:36:49.0778 0x0d08 ebdrv - ok
21:36:49.0822 0x0d08 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
21:36:49.0851 0x0d08 EFS - ok
21:36:49.0881 0x0d08 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:36:49.0920 0x0d08 EhStorClass - ok
21:36:49.0950 0x0d08 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:36:49.0996 0x0d08 EhStorTcgDrv - ok
21:36:50.0090 0x0d08 [ C9455140176A5D1F05FDA44E5F319856, 2FE7ED1C70BFF238F7EB5CFF76552F272A4C95449A8D5C264E340C46281C1F75 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
21:36:50.0123 0x0d08 ePowerSvc - ok
21:36:50.0138 0x0d08 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:36:50.0169 0x0d08 ErrDev - ok
21:36:50.0226 0x0d08 [ 2D055FAB756A79F5221ADF56EAE4CB3B, ED8D2CA2EDBD23C794C1B183DD2622A8273E5767D2417FF923A569D07C85773D ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
21:36:50.0251 0x0d08 ETD - ok
21:36:50.0309 0x0d08 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
21:36:50.0409 0x0d08 EventSystem - ok
21:36:50.0444 0x0d08 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:36:50.0553 0x0d08 exfat - ok
21:36:50.0584 0x0d08 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:36:50.0605 0x0d08 fastfat - ok
21:36:50.0650 0x0d08 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
21:36:50.0779 0x0d08 Fax - ok
21:36:50.0814 0x0d08 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:36:50.0840 0x0d08 fdc - ok
21:36:50.0892 0x0d08 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:36:50.0946 0x0d08 fdPHost - ok
21:36:50.0958 0x0d08 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:36:50.0992 0x0d08 FDResPub - ok
21:36:51.0014 0x0d08 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:36:51.0082 0x0d08 fhsvc - ok
21:36:51.0102 0x0d08 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:36:51.0132 0x0d08 FileInfo - ok
21:36:51.0163 0x0d08 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:36:51.0224 0x0d08 Filetrace - ok
21:36:51.0314 0x0d08 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:36:51.0348 0x0d08 FLEXnet Licensing Service - ok
21:36:51.0370 0x0d08 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:36:51.0405 0x0d08 flpydisk - ok
21:36:51.0442 0x0d08 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:36:51.0465 0x0d08 FltMgr - ok
21:36:51.0528 0x0d08 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:36:51.0651 0x0d08 FontCache - ok
21:36:51.0745 0x0d08 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:36:51.0771 0x0d08 FontCache3.0.0.0 - ok
21:36:51.0804 0x0d08 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:36:51.0843 0x0d08 FsDepends - ok
21:36:51.0857 0x0d08 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:36:51.0874 0x0d08 Fs_Rec - ok
21:36:51.0918 0x0d08 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:36:51.0961 0x0d08 fvevol - ok
21:36:51.0993 0x0d08 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
21:36:52.0020 0x0d08 FxPPM - ok
21:36:52.0035 0x0d08 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:36:52.0054 0x0d08 gagp30kx - ok
21:36:52.0097 0x0d08 [ A90A90714221E50856FC009545E9A5CB, 67A39F9FD9BB6CDF467D820C4749B6064D19594D5A5B94B0D17CC257CB19AA21 ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
21:36:52.0123 0x0d08 GDBehave - ok
21:36:52.0141 0x0d08 [ 3AEF393C011738ADDF09057E221EE7D8, 52D3C51D0206C3C082C2AB9958325070A54BC0FD78FF974C69020B424229A18A ] GDKBFlt C:\Windows\system32\drivers\GDKBFlt64.sys
21:36:52.0157 0x0d08 GDKBFlt - ok
21:36:52.0175 0x0d08 [ F5A571A95A3E22877D0CBC60F7D66E05, D0D785C5D9F60414FCF01B9C1949661975BD49A93B4556D8D1045895531E457A ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
21:36:52.0236 0x0d08 GDMnIcpt - ok
21:36:52.0258 0x0d08 [ 383FA07DC3CBD2B084BB90E9A9A4A87B, B0B6483C9C6AAD9926498110857555B2A4519ABC565809F6787D181B917C7C74 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
21:36:52.0270 0x0d08 GDPkIcpt - ok
21:36:52.0368 0x0d08 [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
21:36:52.0414 0x0d08 GDScan - ok
21:36:52.0451 0x0d08 [ 0313E2A2B18A2AF40F3C9445653FDE9A, 8A7219B8A2B3FB9C401CCDF0349C48052F5D46400AC5C2D1E2B5BD5DE6E34B7E ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
21:36:52.0489 0x0d08 gdwfpcd - ok
21:36:52.0526 0x0d08 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:36:52.0570 0x0d08 gencounter - ok
21:36:52.0607 0x0d08 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:36:52.0648 0x0d08 GPIOClx0101 - ok
21:36:52.0721 0x0d08 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:36:52.0786 0x0d08 gpsvc - ok
21:36:52.0816 0x0d08 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:36:52.0915 0x0d08 HDAudBus - ok
21:36:52.0949 0x0d08 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:36:52.0985 0x0d08 HidBatt - ok
21:36:53.0013 0x0d08 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:36:53.0086 0x0d08 HidBth - ok
21:36:53.0098 0x0d08 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:36:53.0130 0x0d08 hidi2c - ok
21:36:53.0155 0x0d08 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:36:53.0170 0x0d08 HidIr - ok
21:36:53.0202 0x0d08 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
21:36:53.0277 0x0d08 hidserv - ok
21:36:53.0311 0x0d08 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:36:53.0394 0x0d08 HidUsb - ok
21:36:53.0436 0x0d08 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
21:36:53.0795 0x0d08 hkmsvc - ok
21:36:53.0925 0x0d08 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:36:54.0068 0x0d08 HomeGroupListener - ok
21:36:54.0207 0x0d08 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:36:54.0298 0x0d08 HomeGroupProvider - ok
21:36:54.0315 0x0d08 [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
21:36:54.0351 0x0d08 HookCentre - ok
21:36:54.0410 0x0d08 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:36:54.0444 0x0d08 HpSAMD - ok
21:36:54.0654 0x0d08 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:36:54.0795 0x0d08 HTTP - ok
21:36:54.0839 0x0d08 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:36:54.0883 0x0d08 hwpolicy - ok
21:36:54.0924 0x0d08 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:36:54.0981 0x0d08 hyperkbd - ok
21:36:55.0020 0x0d08 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:36:55.0074 0x0d08 HyperVideo - ok
21:36:55.0143 0x0d08 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:36:55.0444 0x0d08 i8042prt - ok
21:36:55.0471 0x0d08 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:36:55.0517 0x0d08 iaLPSSi_GPIO - ok
21:36:55.0569 0x0d08 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:36:55.0595 0x0d08 iaLPSSi_I2C - ok
21:36:55.0679 0x0d08 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:36:55.0713 0x0d08 iaStorA - ok
21:36:55.0746 0x0d08 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
21:36:55.0778 0x0d08 iaStorAV - ok
21:36:55.0816 0x0d08 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:36:55.0844 0x0d08 iaStorV - ok
21:36:55.0849 0x0d08 IEEtwCollectorService - ok
21:36:56.0086 0x0d08 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:36:56.0455 0x0d08 igfx - ok
21:36:56.0553 0x0d08 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:36:56.0633 0x0d08 IKEEXT - ok
21:36:56.0826 0x0d08 [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:36:57.0056 0x0d08 IntcAzAudAddService - ok
21:36:57.0094 0x0d08 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:36:57.0198 0x0d08 IntcDAud - ok
21:36:57.0286 0x0d08 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:36:57.0319 0x0d08 Intel(R) Capability Licensing Service Interface - ok
21:36:57.0332 0x0d08 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:36:57.0345 0x0d08 intelide - ok
21:36:57.0366 0x0d08 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
21:36:57.0380 0x0d08 intelpep - ok
21:36:57.0405 0x0d08 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:36:57.0440 0x0d08 intelppm - ok
21:36:57.0486 0x0d08 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:36:57.0583 0x0d08 IpFilterDriver - ok
21:36:57.0649 0x0d08 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:36:57.0712 0x0d08 iphlpsvc - ok
21:36:57.0733 0x0d08 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:36:57.0907 0x0d08 IPMIDRV - ok
21:36:57.0930 0x0d08 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:36:57.0992 0x0d08 IPNAT - ok
21:36:58.0017 0x0d08 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:36:58.0077 0x0d08 IRENUM - ok
21:36:58.0095 0x0d08 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:36:58.0113 0x0d08 isapnp - ok
21:36:58.0159 0x0d08 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:36:58.0204 0x0d08 iScsiPrt - ok
21:36:58.0298 0x0d08 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:36:58.0310 0x0d08 jhi_service - ok
21:36:58.0387 0x0d08 [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
21:36:58.0420 0x0d08 k57nd60a - ok
21:36:58.0451 0x0d08 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:36:58.0467 0x0d08 kbdclass - ok
21:36:58.0491 0x0d08 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:36:58.0556 0x0d08 kbdhid - ok
21:36:58.0593 0x0d08 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
21:36:58.0654 0x0d08 kdnic - ok
21:36:58.0667 0x0d08 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
21:36:58.0688 0x0d08 KeyIso - ok
21:36:58.0713 0x0d08 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:36:58.0728 0x0d08 KSecDD - ok
21:36:58.0760 0x0d08 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:36:58.0786 0x0d08 KSecPkg - ok
21:36:58.0817 0x0d08 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:36:58.0831 0x0d08 ksthunk - ok
21:36:58.0857 0x0d08 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:36:58.0885 0x0d08 KtmRm - ok
21:36:58.0934 0x0d08 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:36:58.0989 0x0d08 LanmanServer - ok
21:36:59.0033 0x0d08 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:36:59.0070 0x0d08 LanmanWorkstation - ok
21:36:59.0114 0x0d08 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
21:36:59.0246 0x0d08 lfsvc - ok
21:36:59.0270 0x0d08 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:36:59.0360 0x0d08 lltdio - ok
21:36:59.0436 0x0d08 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:36:59.0477 0x0d08 lltdsvc - ok
21:36:59.0515 0x0d08 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:36:59.0562 0x0d08 lmhosts - ok
21:36:59.0591 0x0d08 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:36:59.0608 0x0d08 LMS - ok
21:36:59.0641 0x0d08 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:36:59.0657 0x0d08 LSI_SAS - ok
21:36:59.0675 0x0d08 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:36:59.0690 0x0d08 LSI_SAS2 - ok
21:36:59.0709 0x0d08 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
21:36:59.0724 0x0d08 LSI_SAS3 - ok
21:36:59.0735 0x0d08 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:36:59.0751 0x0d08 LSI_SSS - ok
21:36:59.0823 0x0d08 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
21:36:59.0927 0x0d08 LSM - ok
21:36:59.0965 0x0d08 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:37:00.0042 0x0d08 luafv - ok
21:37:00.0069 0x0d08 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:37:00.0092 0x0d08 megasas - ok
21:37:00.0124 0x0d08 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
21:37:00.0160 0x0d08 megasr - ok
21:37:00.0185 0x0d08 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
21:37:00.0196 0x0d08 MEIx64 - ok
21:37:00.0229 0x0d08 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
21:37:00.0327 0x0d08 MMCSS - ok
21:37:00.0350 0x0d08 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:37:00.0386 0x0d08 Modem - ok
21:37:00.0419 0x0d08 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
21:37:00.0486 0x0d08 monitor - ok
21:37:00.0518 0x0d08 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:37:00.0540 0x0d08 mouclass - ok
21:37:00.0561 0x0d08 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:37:01.0708 0x0d08 mouhid - ok
21:37:01.0773 0x0d08 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:37:01.0810 0x0d08 mountmgr - ok
21:37:01.0845 0x0d08 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:37:01.0863 0x0d08 MozillaMaintenance - ok
21:37:01.0896 0x0d08 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:37:01.0988 0x0d08 mpsdrv - ok
21:37:02.0184 0x0d08 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:37:02.0263 0x0d08 MpsSvc - ok
21:37:02.0310 0x0d08 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:37:02.0396 0x0d08 MRxDAV - ok
21:37:02.0441 0x0d08 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:37:02.0505 0x0d08 mrxsmb - ok
21:37:02.0529 0x0d08 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:37:02.0681 0x0d08 mrxsmb10 - ok
21:37:02.0707 0x0d08 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:37:02.0763 0x0d08 mrxsmb20 - ok
21:37:02.0796 0x0d08 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
21:37:02.0864 0x0d08 MsBridge - ok
21:37:02.0910 0x0d08 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:37:02.0958 0x0d08 MSDTC - ok
21:37:02.0996 0x0d08 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:37:03.0051 0x0d08 Msfs - ok
21:37:03.0108 0x0d08 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:37:03.0137 0x0d08 msgpiowin32 - ok
21:37:03.0150 0x0d08 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:37:03.0171 0x0d08 mshidkmdf - ok
21:37:03.0187 0x0d08 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:37:03.0211 0x0d08 mshidumdf - ok
21:37:03.0249 0x0d08 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:37:03.0282 0x0d08 msisadrv - ok
21:37:03.0312 0x0d08 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:37:03.0334 0x0d08 MSiSCSI - ok
21:37:03.0339 0x0d08 msiserver - ok
21:37:03.0354 0x0d08 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:37:03.0389 0x0d08 MSKSSRV - ok
21:37:03.0417 0x0d08 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
21:37:03.0494 0x0d08 MsLldp - ok
21:37:03.0506 0x0d08 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:37:03.0538 0x0d08 MSPCLOCK - ok
21:37:03.0560 0x0d08 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:37:03.0584 0x0d08 MSPQM - ok
21:37:03.0613 0x0d08 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:37:03.0641 0x0d08 MsRPC - ok
21:37:03.0648 0x0d08 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:37:03.0662 0x0d08 mssmbios - ok
21:37:03.0671 0x0d08 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:37:03.0691 0x0d08 MSTEE - ok
21:37:03.0716 0x0d08 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:37:03.0747 0x0d08 MTConfig - ok
21:37:03.0764 0x0d08 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:37:03.0779 0x0d08 Mup - ok
21:37:03.0796 0x0d08 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:37:03.0811 0x0d08 mvumis - ok
21:37:03.0857 0x0d08 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
21:37:03.0902 0x0d08 napagent - ok
21:37:03.0938 0x0d08 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:37:04.0015 0x0d08 NativeWifiP - ok
21:37:04.0058 0x0d08 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:37:04.0151 0x0d08 NcaSvc - ok
21:37:04.0183 0x0d08 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
21:37:04.0264 0x0d08 NcbService - ok
21:37:04.0319 0x0d08 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:37:04.0369 0x0d08 NcdAutoSetup - ok
21:37:04.0431 0x0d08 [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:37:04.0490 0x0d08 NDIS - ok
21:37:04.0512 0x0d08 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:37:04.0541 0x0d08 NdisCap - ok
21:37:04.0568 0x0d08 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
21:37:05.0332 0x0d08 NdisImPlatform - ok
21:37:05.0383 0x0d08 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:37:06.0318 0x0d08 NdisTapi - ok
21:37:06.0364 0x0d08 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:37:06.0440 0x0d08 Ndisuio - ok
21:37:06.0462 0x0d08 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:37:06.0518 0x0d08 NdisVirtualBus - ok
21:37:06.0542 0x0d08 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:37:06.0589 0x0d08 NdisWan - ok
21:37:06.0597 0x0d08 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:37:06.0619 0x0d08 NdisWanLegacy - ok
21:37:06.0649 0x0d08 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:37:06.0664 0x0d08 NDProxy - ok
21:37:06.0687 0x0d08 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:37:06.0729 0x0d08 Ndu - ok
21:37:06.0761 0x0d08 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:37:06.0809 0x0d08 NetBIOS - ok
21:37:06.0840 0x0d08 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:37:06.0915 0x0d08 NetBT - ok
21:37:06.0933 0x0d08 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
21:37:06.0947 0x0d08 Netlogon - ok
21:37:06.0980 0x0d08 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
21:37:07.0018 0x0d08 Netman - ok
21:37:07.0100 0x0d08 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:37:07.0138 0x0d08 netprofm - ok
21:37:07.0169 0x0d08 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:07.0304 0x0d08 NetTcpPortSharing - ok
21:37:07.0345 0x0d08 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
21:37:07.0432 0x0d08 netvsc - ok
21:37:07.0478 0x0d08 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:37:07.0580 0x0d08 NlaSvc - ok
21:37:07.0614 0x0d08 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:37:07.0665 0x0d08 Npfs - ok
21:37:07.0696 0x0d08 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:37:07.0775 0x0d08 npsvctrig - ok
21:37:07.0814 0x0d08 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
21:37:07.0870 0x0d08 nsi - ok
21:37:07.0905 0x0d08 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:37:07.0948 0x0d08 nsiproxy - ok
21:37:08.0044 0x0d08 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:37:08.0139 0x0d08 Ntfs - ok
21:37:08.0197 0x0d08 [ FF472A7055E765498AE52564B1503C3F, 89A6E603238F854AA20F9E8EA4A4D4E281B95ED941A087B7E48FE961D1052CBA ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
21:37:08.0216 0x0d08 NTI IScheduleSvc - ok
21:37:08.0234 0x0d08 [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:37:08.0244 0x0d08 NTIDrvr - ok
21:37:08.0264 0x0d08 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
21:37:08.0319 0x0d08 Null - ok
21:37:08.0718 0x0d08 [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:37:09.0215 0x0d08 nvlddmkm - ok
21:37:09.0252 0x0d08 [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
21:37:09.0281 0x0d08 nvpciflt - ok
21:37:09.0307 0x0d08 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:37:09.0337 0x0d08 nvraid - ok
21:37:09.0361 0x0d08 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:37:09.0381 0x0d08 nvstor - ok
21:37:09.0441 0x0d08 [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
21:37:09.0493 0x0d08 nvsvc - ok
21:37:09.0623 0x0d08 [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:37:09.0672 0x0d08 nvUpdatusService - ok
21:37:09.0709 0x0d08 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:37:09.0743 0x0d08 nv_agp - ok
21:37:09.0794 0x0d08 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:37:09.0818 0x0d08 ose - ok
21:37:09.0858 0x0d08 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:37:09.0921 0x0d08 p2pimsvc - ok
21:37:09.0967 0x0d08 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:37:10.0084 0x0d08 p2psvc - ok
21:37:10.0117 0x0d08 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:37:10.0162 0x0d08 Parport - ok
21:37:10.0195 0x0d08 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:37:10.0224 0x0d08 partmgr - ok
21:37:10.0278 0x0d08 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:37:10.0466 0x0d08 PcaSvc - ok
21:37:10.0620 0x0d08 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
21:37:10.0687 0x0d08 pci - ok
21:37:10.0734 0x0d08 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:37:10.0754 0x0d08 pciide - ok
21:37:10.0778 0x0d08 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:37:10.0805 0x0d08 pcmcia - ok
21:37:10.0826 0x0d08 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:37:10.0861 0x0d08 pcw - ok
21:37:10.0907 0x0d08 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:37:10.0983 0x0d08 pdc - ok
21:37:11.0104 0x0d08 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:37:11.0243 0x0d08 PEAUTH - ok
21:37:11.0348 0x0d08 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:37:11.0429 0x0d08 PerfHost - ok
21:37:11.0537 0x0d08 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
21:37:11.0646 0x0d08 pla - ok
21:37:11.0679 0x0d08 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:37:11.0696 0x0d08 PlugPlay - ok
21:37:11.0722 0x0d08 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:37:11.0788 0x0d08 PNRPAutoReg - ok
21:37:11.0833 0x0d08 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:37:11.0865 0x0d08 PNRPsvc - ok
21:37:11.0910 0x0d08 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:37:11.0954 0x0d08 PolicyAgent - ok
21:37:11.0986 0x0d08 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
21:37:12.0019 0x0d08 Power - ok
21:37:12.0304 0x0d08 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:37:12.0615 0x0d08 PrintNotify - ok
21:37:12.0654 0x0d08 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:37:12.0720 0x0d08 Processor - ok
21:37:12.0823 0x0d08 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:37:12.0926 0x0d08 ProfSvc - ok
21:37:12.0957 0x0d08 [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
21:37:12.0980 0x0d08 Ps2Kb2Hid - ok
21:37:13.0015 0x0d08 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
21:37:13.0054 0x0d08 Psched - ok
21:37:13.0100 0x0d08 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:37:13.0147 0x0d08 QWAVE - ok
21:37:13.0182 0x0d08 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:37:13.0233 0x0d08 QWAVEdrv - ok
21:37:13.0260 0x0d08 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:37:13.0330 0x0d08 RasAcd - ok
21:37:13.0361 0x0d08 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:37:13.0409 0x0d08 RasAuto - ok
21:37:13.0451 0x0d08 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:37:13.0519 0x0d08 RasMan - ok
21:37:13.0548 0x0d08 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:37:13.0593 0x0d08 RasPppoe - ok
21:37:13.0624 0x0d08 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:37:13.0751 0x0d08 rdbss - ok
21:37:13.0790 0x0d08 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:37:13.0850 0x0d08 rdpbus - ok
21:37:13.0876 0x0d08 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:37:13.0957 0x0d08 RDPDR - ok
21:37:13.0991 0x0d08 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:37:14.0026 0x0d08 RdpVideoMiniport - ok
21:37:14.0066 0x0d08 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:37:14.0090 0x0d08 rdyboost - ok
21:37:14.0144 0x0d08 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
21:37:14.0214 0x0d08 ReFS - ok
21:37:14.0254 0x0d08 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:37:14.0277 0x0d08 RemoteAccess - ok
21:37:14.0321 0x0d08 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:37:14.0413 0x0d08 RemoteRegistry - ok
21:37:14.0439 0x0d08 [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
21:37:14.0464 0x0d08 RfButtonDriverService - ok
21:37:14.0504 0x0d08 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:37:14.0540 0x0d08 RpcEptMapper - ok
21:37:14.0568 0x0d08 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
21:37:14.0619 0x0d08 RpcLocator - ok
21:37:14.0693 0x0d08 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:37:14.0734 0x0d08 RpcSs - ok
21:37:14.0776 0x0d08 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:37:14.0832 0x0d08 rspndr - ok
21:37:14.0854 0x0d08 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:37:14.0883 0x0d08 s3cap - ok
21:37:14.0923 0x0d08 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
21:37:14.0954 0x0d08 SamSs - ok
21:37:14.0989 0x0d08 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:37:15.0021 0x0d08 sbp2port - ok
21:37:15.0066 0x0d08 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:37:15.0133 0x0d08 SCardSvr - ok
21:37:15.0154 0x0d08 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
21:37:15.0218 0x0d08 ScDeviceEnum - ok
21:37:15.0260 0x0d08 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:37:15.0311 0x0d08 scfilter - ok
21:37:15.0411 0x0d08 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:37:15.0516 0x0d08 Schedule - ok
21:37:15.0564 0x0d08 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:37:15.0594 0x0d08 SCPolicySvc - ok
21:37:15.0646 0x0d08 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:37:15.0688 0x0d08 sdbus - ok
21:37:15.0713 0x0d08 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:37:15.0746 0x0d08 sdstor - ok
21:37:15.0773 0x0d08 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
21:37:15.0787 0x0d08 secdrv - ok
21:37:15.0819 0x0d08 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
21:37:15.0846 0x0d08 seclogon - ok
21:37:15.0887 0x0d08 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
21:37:15.0941 0x0d08 SENS - ok
21:37:15.0992 0x0d08 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:37:16.0067 0x0d08 SensrSvc - ok
21:37:16.0093 0x0d08 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:37:16.0125 0x0d08 SerCx - ok
21:37:16.0144 0x0d08 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
21:37:16.0183 0x0d08 SerCx2 - ok
21:37:16.0207 0x0d08 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:37:16.0221 0x0d08 Serenum - ok
21:37:16.0231 0x0d08 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:37:16.0266 0x0d08 Serial - ok
21:37:16.0291 0x0d08 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:37:16.0313 0x0d08 sermouse - ok
21:37:16.0355 0x0d08 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:37:16.0459 0x0d08 SessionEnv - ok
21:37:16.0499 0x0d08 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:37:16.0543 0x0d08 sfloppy - ok
21:37:16.0584 0x0d08 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:37:16.0631 0x0d08 SharedAccess - ok
21:37:16.0718 0x0d08 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:37:16.0804 0x0d08 ShellHWDetection - ok
21:37:16.0832 0x0d08 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:37:16.0860 0x0d08 SiSRaid2 - ok
21:37:16.0881 0x0d08 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:37:16.0925 0x0d08 SiSRaid4 - ok
21:37:17.0009 0x0d08 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:37:17.0055 0x0d08 SkypeUpdate - ok
21:37:17.0097 0x0d08 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
21:37:17.0121 0x0d08 smphost - ok
21:37:17.0151 0x0d08 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:37:17.0190 0x0d08 SNMPTRAP - ok
21:37:17.0246 0x0d08 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:37:17.0290 0x0d08 spaceport - ok
21:37:17.0316 0x0d08 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:37:17.0331 0x0d08 SpbCx - ok
21:37:17.0399 0x0d08 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:37:17.0527 0x0d08 Spooler - ok
21:37:17.0779 0x0d08 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:37:18.0158 0x0d08 sppsvc - ok
21:37:18.0212 0x0d08 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:37:18.0376 0x0d08 srv - ok
21:37:18.0443 0x0d08 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:37:18.0486 0x0d08 srv2 - ok
21:37:18.0561 0x0d08 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:37:18.0743 0x0d08 srvnet - ok
21:37:18.0794 0x0d08 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:37:18.0846 0x0d08 SSDPSRV - ok
21:37:18.0885 0x0d08 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:37:18.0930 0x0d08 SstpSvc - ok
21:37:18.0961 0x0d08 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:37:18.0991 0x0d08 ssudmdm - ok
21:37:19.0019 0x0d08 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:37:19.0037 0x0d08 stexstor - ok
21:37:19.0123 0x0d08 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:37:19.0210 0x0d08 stisvc - ok
21:37:19.0245 0x0d08 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:37:19.0280 0x0d08 storahci - ok
21:37:19.0313 0x0d08 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:37:19.0341 0x0d08 storflt - ok
21:37:19.0363 0x0d08 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
21:37:19.0378 0x0d08 stornvme - ok
21:37:19.0420 0x0d08 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:37:19.0524 0x0d08 StorSvc - ok
21:37:19.0545 0x0d08 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:37:19.0569 0x0d08 storvsc - ok
21:37:19.0607 0x0d08 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
21:37:19.0677 0x0d08 svsvc - ok
21:37:19.0703 0x0d08 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
21:37:19.0722 0x0d08 swenum - ok
21:37:19.0771 0x0d08 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
21:37:19.0838 0x0d08 swprv - ok
21:37:19.0948 0x0d08 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
21:37:20.0072 0x0d08 SysMain - ok
21:37:20.0112 0x0d08 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:37:20.0162 0x0d08 SystemEventsBroker - ok
21:37:20.0185 0x0d08 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:37:20.0302 0x0d08 TabletInputService - ok
21:37:20.0361 0x0d08 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:37:20.0503 0x0d08 TapiSrv - ok
21:37:20.0668 0x0d08 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:37:20.0861 0x0d08 Tcpip - ok
21:37:20.0936 0x0d08 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:37:21.0033 0x0d08 TCPIP6 - ok
21:37:21.0075 0x0d08 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:37:21.0180 0x0d08 tcpipreg - ok
21:37:21.0222 0x0d08 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:37:21.0270 0x0d08 tdx - ok
21:37:21.0303 0x0d08 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:37:21.0320 0x0d08 terminpt - ok
21:37:21.0383 0x0d08 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
21:37:21.0429 0x0d08 TermService - ok
21:37:21.0481 0x0d08 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
21:37:21.0512 0x0d08 Themes - ok
21:37:21.0618 0x0d08 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
21:37:21.0633 0x0d08 THREADORDER - ok
21:37:21.0673 0x0d08 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
21:37:21.0884 0x0d08 TimeBroker - ok
21:37:21.0921 0x0d08 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
21:37:21.0955 0x0d08 TPM - ok
21:37:21.0987 0x0d08 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:37:22.0006 0x0d08 TrkWks - ok
21:37:22.0058 0x0d08 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:37:22.0129 0x0d08 TrustedInstaller - ok
21:37:22.0158 0x0d08 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:37:22.0259 0x0d08 TsUsbFlt - ok
21:37:22.0295 0x0d08 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:37:22.0391 0x0d08 TsUsbGD - ok
21:37:22.0411 0x0d08 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:37:22.0473 0x0d08 tunnel - ok
21:37:22.0509 0x0d08 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:37:22.0546 0x0d08 uagp35 - ok
21:37:22.0572 0x0d08 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:37:22.0599 0x0d08 UASPStor - ok
21:37:22.0623 0x0d08 [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
21:37:22.0644 0x0d08 UBHelper - ok
21:37:22.0675 0x0d08 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
21:37:22.0695 0x0d08 UCX01000 - ok
21:37:22.0723 0x0d08 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:37:22.0770 0x0d08 udfs - ok
21:37:22.0792 0x0d08 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
21:37:22.0829 0x0d08 UEFI - ok
21:37:22.0871 0x0d08 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:37:22.0939 0x0d08 UI0Detect - ok
21:37:22.0959 0x0d08 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:37:23.0004 0x0d08 uliagpkx - ok
21:37:23.0034 0x0d08 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:37:23.0084 0x0d08 umbus - ok
21:37:23.0116 0x0d08 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:37:23.0137 0x0d08 UmPass - ok
21:37:23.0177 0x0d08 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:37:23.0291 0x0d08 UmRdpService - ok
21:37:23.0393 0x0d08 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:37:23.0423 0x0d08 UNS - ok
21:37:23.0478 0x0d08 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:37:23.0514 0x0d08 upnphost - ok
21:37:23.0547 0x0d08 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:37:23.0584 0x0d08 usbccgp - ok
21:37:23.0611 0x0d08 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:37:23.0646 0x0d08 usbcir - ok
21:37:23.0676 0x0d08 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:37:23.0693 0x0d08 usbehci - ok
21:37:23.0729 0x0d08 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:37:23.0774 0x0d08 usbhub - ok
21:37:23.0818 0x0d08 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:37:23.0851 0x0d08 USBHUB3 - ok
21:37:23.0906 0x0d08 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:37:24.0098 0x0d08 usbohci - ok
21:37:24.0129 0x0d08 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:37:24.0217 0x0d08 usbprint - ok
21:37:24.0265 0x0d08 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:37:24.0317 0x0d08 USBSTOR - ok
21:37:24.0333 0x0d08 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:37:24.0361 0x0d08 usbuhci - ok
21:37:24.0389 0x0d08 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
21:37:24.0433 0x0d08 usbvideo - ok
21:37:24.0469 0x0d08 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:37:24.0510 0x0d08 USBXHCI - ok
21:37:24.0534 0x0d08 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:37:24.0547 0x0d08 VaultSvc - ok
21:37:24.0566 0x0d08 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:37:24.0590 0x0d08 vdrvroot - ok
21:37:24.0680 0x0d08 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
21:37:24.0768 0x0d08 vds - ok
21:37:24.0793 0x0d08 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:37:24.0850 0x0d08 VerifierExt - ok
21:37:24.0897 0x0d08 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:37:24.0951 0x0d08 vhdmp - ok
21:37:24.0973 0x0d08 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
21:37:25.0005 0x0d08 viaide - ok
21:37:25.0039 0x0d08 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:37:25.0074 0x0d08 vmbus - ok
21:37:25.0093 0x0d08 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:37:25.0119 0x0d08 VMBusHID - ok
21:37:25.0172 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:37:25.0232 0x0d08 vmicguestinterface - ok
21:37:25.0250 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
21:37:25.0279 0x0d08 vmicheartbeat - ok
21:37:25.0296 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:37:25.0324 0x0d08 vmickvpexchange - ok
21:37:25.0341 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
21:37:25.0369 0x0d08 vmicrdv - ok
21:37:25.0387 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
21:37:25.0415 0x0d08 vmicshutdown - ok
21:37:25.0432 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
21:37:25.0459 0x0d08 vmictimesync - ok
21:37:25.0477 0x0d08 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
21:37:25.0504 0x0d08 vmicvss - ok
21:37:25.0535 0x0d08 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:37:25.0562 0x0d08 volmgr - ok
21:37:25.0575 0x0d08 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:37:25.0603 0x0d08 volmgrx - ok
21:37:25.0642 0x0d08 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:37:25.0666 0x0d08 volsnap - ok
21:37:25.0678 0x0d08 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:37:25.0722 0x0d08 vpci - ok
21:37:25.0750 0x0d08 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:37:25.0780 0x0d08 vsmraid - ok
21:37:25.0870 0x0d08 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
21:37:25.0943 0x0d08 VSS - ok
21:37:25.0980 0x0d08 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:37:26.0004 0x0d08 VSTXRAID - ok
21:37:26.0064 0x0d08 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:37:26.0216 0x0d08 vwifibus - ok
21:37:26.0257 0x0d08 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
21:37:26.0325 0x0d08 vwififlt - ok
21:37:26.0350 0x0d08 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
21:37:26.0388 0x0d08 vwifimp - ok
21:37:26.0434 0x0d08 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
21:37:26.0543 0x0d08 W32Time - ok
21:37:26.0568 0x0d08 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:37:26.0603 0x0d08 WacomPen - ok
21:37:26.0704 0x0d08 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
21:37:26.0867 0x0d08 wbengine - ok
21:37:26.0927 0x0d08 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:37:26.0999 0x0d08 WbioSrvc - ok
21:37:27.0040 0x0d08 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:37:27.0067 0x0d08 Wcmsvc - ok
21:37:27.0105 0x0d08 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:37:27.0147 0x0d08 wcncsvc - ok
21:37:27.0174 0x0d08 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:37:27.0251 0x0d08 WcsPlugInService - ok
21:37:27.0280 0x0d08 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:37:27.0315 0x0d08 WdBoot - ok
21:37:27.0391 0x0d08 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:37:27.0448 0x0d08 Wdf01000 - ok
21:37:27.0479 0x0d08 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:37:27.0502 0x0d08 WdFilter - ok
21:37:27.0522 0x0d08 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:37:27.0555 0x0d08 WdiServiceHost - ok
21:37:27.0561 0x0d08 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:37:27.0579 0x0d08 WdiSystemHost - ok
21:37:27.0613 0x0d08 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:37:27.0667 0x0d08 WdNisDrv - ok
21:37:27.0696 0x0d08 WdNisSvc - ok
21:37:27.0747 0x0d08 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:37:27.0823 0x0d08 WebClient - ok
21:37:27.0870 0x0d08 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:37:27.0918 0x0d08 Wecsvc - ok
21:37:27.0945 0x0d08 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
21:37:27.0976 0x0d08 WEPHOSTSVC - ok
21:37:27.0998 0x0d08 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:37:28.0091 0x0d08 wercplsupport - ok
21:37:28.0118 0x0d08 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:37:28.0151 0x0d08 WerSvc - ok
21:37:28.0191 0x0d08 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
21:37:28.0219 0x0d08 WFPLWFS - ok
21:37:28.0244 0x0d08 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:37:28.0308 0x0d08 WiaRpc - ok
21:37:28.0336 0x0d08 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:37:28.0350 0x0d08 WIMMount - ok
21:37:28.0352 0x0d08 WinDefend - ok
21:37:28.0414 0x0d08 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:37:28.0463 0x0d08 WinHttpAutoProxySvc - ok
21:37:28.0537 0x0d08 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:37:28.0627 0x0d08 Winmgmt - ok
21:37:28.0765 0x0d08 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:37:28.0881 0x0d08 WinRM - ok
21:37:28.0928 0x0d08 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
21:37:28.0976 0x0d08 WinUsb - ok
21:37:29.0069 0x0d08 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:37:29.0151 0x0d08 WlanSvc - ok
21:37:29.0222 0x0d08 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:37:29.0303 0x0d08 wlidsvc - ok
21:37:29.0334 0x0d08 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:37:29.0377 0x0d08 WmiAcpi - ok
21:37:29.0415 0x0d08 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:37:29.0464 0x0d08 wmiApSrv - ok
21:37:29.0487 0x0d08 WMPNetworkSvc - ok
21:37:29.0525 0x0d08 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:37:29.0543 0x0d08 Wof - ok
21:37:29.0633 0x0d08 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
21:37:29.0783 0x0d08 workfolderssvc - ok
21:37:29.0810 0x0d08 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:37:29.0831 0x0d08 wpcfltr - ok
21:37:29.0852 0x0d08 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
21:37:29.0933 0x0d08 WPCSvc - ok
21:37:29.0971 0x0d08 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:37:30.0047 0x0d08 WPDBusEnum - ok
21:37:30.0084 0x0d08 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:37:30.0162 0x0d08 WpdUpFltr - ok
21:37:30.0192 0x0d08 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:37:30.0225 0x0d08 ws2ifsl - ok
21:37:30.0261 0x0d08 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:37:30.0346 0x0d08 wscsvc - ok
21:37:30.0356 0x0d08 WSearch - ok
21:37:30.0507 0x0d08 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
21:37:30.0717 0x0d08 WSService - ok
21:37:30.0858 0x0d08 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:37:31.0046 0x0d08 wuauserv - ok
21:37:31.0075 0x0d08 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:37:31.0149 0x0d08 WudfPf - ok
21:37:31.0185 0x0d08 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:37:31.0264 0x0d08 WUDFRd - ok
21:37:31.0298 0x0d08 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:37:31.0315 0x0d08 wudfsvc - ok
21:37:31.0338 0x0d08 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
21:37:31.0357 0x0d08 WUDFWpdFs - ok
21:37:31.0366 0x0d08 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
21:37:31.0384 0x0d08 WUDFWpdMtp - ok
21:37:31.0424 0x0d08 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:37:31.0473 0x0d08 WwanSvc - ok
21:37:31.0484 0x0d08 ================ Scan global ===============================
21:37:31.0528 0x0d08 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
21:37:31.0564 0x0d08 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
21:37:31.0597 0x0d08 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
21:37:31.0626 0x0d08 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
21:37:31.0636 0x0d08 [ Global ] - ok
21:37:31.0636 0x0d08 ================ Scan MBR ==================================
21:37:31.0650 0x0d08 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:37:31.0727 0x0d08 \Device\Harddisk0\DR0 - ok
21:37:31.0728 0x0d08 ================ Scan VBR ==================================
21:37:31.0758 0x0d08 [ A01972CFA26D8EFB0DD6511185D2A660 ] \Device\Harddisk0\DR0\Partition1
21:37:31.0760 0x0d08 \Device\Harddisk0\DR0\Partition1 - ok
21:37:31.0769 0x0d08 [ ACAF8200F011343CB1A2D511AEB331A6 ] \Device\Harddisk0\DR0\Partition2
21:37:31.0784 0x0d08 \Device\Harddisk0\DR0\Partition2 - ok
21:37:31.0797 0x0d08 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
21:37:31.0798 0x0d08 \Device\Harddisk0\DR0\Partition3 - ok
21:37:31.0812 0x0d08 [ F1EC53DE9CC8E0E4BE32A50D1FBFAB4F ] \Device\Harddisk0\DR0\Partition4
21:37:31.0822 0x0d08 \Device\Harddisk0\DR0\Partition4 - ok
21:37:31.0855 0x0d08 [ F75C847C50B1EF4841A8114EF15F65DA ] \Device\Harddisk0\DR0\Partition5
21:37:31.0874 0x0d08 \Device\Harddisk0\DR0\Partition5 - ok
21:37:31.0892 0x0d08 [ 72C2C7C863C99EF8137B067BC363F791 ] \Device\Harddisk0\DR0\Partition6
21:37:31.0893 0x0d08 \Device\Harddisk0\DR0\Partition6 - ok
21:37:31.0895 0x0d08 ================ Scan generic autorun ======================
21:37:31.0940 0x0d08 ETDCtrl - ok
21:37:31.0976 0x0d08 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
21:37:31.0989 0x0d08 IgfxTray - ok
21:37:32.0021 0x0d08 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\WINDOWS\system32\hkcmd.exe
21:37:32.0041 0x0d08 HotKeysCmds - ok
21:37:32.0069 0x0d08 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
21:37:32.0090 0x0d08 Persistence - ok
21:37:32.0525 0x0d08 [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:37:33.0086 0x0d08 RTHDVCPL - ok
21:37:33.0172 0x0d08 [ 704A01D402F0275877E7FA1BB151D997, 585C8B31599FFF0EF9B1DF9FD63979E498D2A601497780E07706A99A359AB8B8 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
21:37:33.0228 0x0d08 BakupManagerTray - ok
21:37:33.0283 0x0d08 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
21:37:33.0402 0x0d08 WAB Migrate - ok
21:37:33.0433 0x0d08 Skype - ok
21:37:33.0725 0x0d08 [ BEB406E509C454E697A7F6526DAC1EC6, CCB791616E50EE89D5EA83C8A2B685F58BC3133930B78189AE4FEC6CBC98D583 ] C:\Users\Renate\AppData\Local\Amazon Music\Amazon Music Helper.exe
21:37:34.0008 0x0d08 Amazon Music - ok
21:37:34.0015 0x0d08 Waiting for KSN requests completion. In queue: 129
21:37:35.0015 0x0d08 Waiting for KSN requests completion. In queue: 129
21:37:36.0016 0x0d08 Waiting for KSN requests completion. In queue: 129
21:37:37.0117 0x0d08 AV detected via SS2: G DATA ANTIVIRUS, C:\Program Files (x86)\G Data\AntiVirus\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
21:37:37.0169 0x0d08 Win FW state via NFP2: enabled
21:37:39.0599 0x0d08 ============================================================
21:37:39.0599 0x0d08 Scan finished
21:37:39.0599 0x0d08 ============================================================
21:37:39.0626 0x1e70 Detected object count: 0
21:37:39.0626 0x1e70 Actual detected object count: 0
|
|
11.06.2015, 16:15
| #6 |
| /// the machine /// TB-Ausbilder | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt hi, Scan mit Combofix
__________________ --> Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt |
|
11.06.2015, 17:37
| #7 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Ich bekomme folgende Fehlermeldung: This operating system ist not supported. ComboFix only runs on: Windows XP (32bit) Windows Vista (32/64 bit) Windows 7 (32/64 bit) Windows 8 (32/64 bit) Windows 2000 ist no longer supported. |
|
12.06.2015, 16:54
| #8 |
| /// the machine /// TB-Ausbilder | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt mein fehler  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.06.2015, 18:57
| #9 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 12/06/2015 um 19:42:06
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Renate - ENGEL-PC
# Gestarted von : C:\Users\Renate\Desktop\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Renate\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\Renate\AppData\Roaming\Opera Software\Opera Stable\Extensions\npnkeeiehehhefofiekoflfedgehcdhl
Datei Gelöscht : C:\Users\Renate\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v38.0.5 (x86 de)
[0iddgk4k.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
-\\ Opera v30.0.1835.59
*************************
AdwCleaner[R0].txt - [1984 Bytes] - [12/06/2015 19:30:46]
AdwCleaner[S0].txt - [1905 Bytes] - [12/06/2015 19:42:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1964 Bytes] ##########
Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 12.06.2015 Suchlauf-Zeit: 18:34:48 Logdatei: mbamlog.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.12.04 Rootkit Datenbank: v2015.06.02.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Renate Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 415583 Verstrichene Zeit: 36 Min, 57 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) |
|
13.06.2015, 13:50
| #10 |
| /// the machine /// TB-Ausbilder | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt und der Rest?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.06.2015, 14:08
| #11 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Oh sorry, irgendwie übersehen, daß es 3 sind  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.9.3 (06.13.2015:1) OS: Windows 8.1 x64 Ran by Renate on 13.06.2015 at 14:58:21,68 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13.06.2015 at 15:03:50,60 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
14.06.2015, 06:27
| #12 |
| /// the machine /// TB-Ausbilder | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschicktESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.06.2015, 08:14
| #13 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschicktCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dc52ca4c1908644abd09d21e70c3cc80
# end=init
# utc_time=2015-06-14 06:21:50
# local_time=2015-06-14 08:21:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24317
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dc52ca4c1908644abd09d21e70c3cc80
# end=updated
# utc_time=2015-06-14 06:39:55
# local_time=2015-06-14 08:39:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=dc52ca4c1908644abd09d21e70c3cc80
# engine=24317
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-14 06:55:33
# local_time=2015-06-14 08:55:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7896988 59146226 0 0
# scanned=10090
# found=0
# cleaned=0
# scan_time=937
x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` G DATA ANTIVIRUS Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 17.0.0.188 Mozilla Firefox (38.0.5) ````````Process Check: objlist.exe by Laurent```````` G Data AntiVirus AVK AVKWCtlx64.exe G Data AntiVirus AVK AVKService.exe G Data AntiVirus AVKTray AVKTray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Renate (administrator) on ENGEL-PC on 14-06-2015 09:11:56
Running from C:\Users\Renate\Desktop
Loaded Profiles: Renate & (Available Profiles: UpdatusUser & Renate)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.59\opera.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1026582432-930876547-3987948175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1026582432-930876547-3987948175-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1026582432-930876547-3987948175-1002\...\Run: [Amazon Music] => C:\Users\Renate\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-16] ()
HKU\S-1-5-21-1026582432-930876547-3987948175-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1026582432-930876547-3987948175-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Renate\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-16] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1026582432-930876547-3987948175-1002\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1026582432-930876547-3987948175-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1026582432-930876547-3987948175-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1026582432-930876547-3987948175-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
URLSearchHook: [S-1-5-21-1026582432-930876547-3987948175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION ==> Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1026582432-930876547-3987948175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Renate\AppData\Roaming\Mozilla\Firefox\Profiles\0iddgk4k.default
FF Homepage: chrome://unitedtb/content/newtab/startpage.xhtml
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-13] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Extension: Mein Grundeinkommen - CrowdBar - C:\Users\Renate\AppData\Roaming\Mozilla\Firefox\Profiles\0iddgk4k.default\Extensions\jid1-XGbYhwCViPEOUQ@jetpack.xpi [2015-01-07]
FF Extension: NoScript - C:\Users\Renate\AppData\Roaming\Mozilla\Firefox\Profiles\0iddgk4k.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-09-13]
FF Extension: Password Exporter - C:\Users\Renate\AppData\Roaming\Mozilla\Firefox\Profiles\0iddgk4k.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2014-09-13]
FF Extension: Adblock Plus - C:\Users\Renate\AppData\Roaming\Mozilla\Firefox\Profiles\0iddgk4k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-13]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-19] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-09-13] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-11-11] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-09-13] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-09-13] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-01-18] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-09-13] (G Data Software AG)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-19] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 09:11 - 2015-06-14 09:11 - 00000000 ____D C:\Users\Renate\Desktop\FRST-OlderVersion
2015-06-14 09:02 - 2015-06-14 09:02 - 00852639 _____ C:\Users\Renate\Desktop\SecurityCheck.exe
2015-06-14 08:20 - 2015-06-14 08:20 - 02870984 _____ (ESET) C:\Users\Renate\Desktop\esetsmartinstaller_deu.exe
2015-06-13 15:03 - 2015-06-13 15:03 - 00000611 _____ C:\Users\Renate\Desktop\JRT.txt
2015-06-13 14:58 - 2015-06-13 14:58 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ENGEL-PC-Windows-8.1-(64-bit).dat
2015-06-13 14:58 - 2015-06-13 14:58 - 00000000 ____D C:\RegBackup
2015-06-13 14:57 - 2015-06-13 14:57 - 02943844 _____ (Thisisu) C:\Users\Renate\Desktop\JRT.exe
2015-06-12 19:30 - 2015-06-12 19:42 - 00000000 ____D C:\AdwCleaner
2015-06-12 19:27 - 2015-06-12 19:27 - 02231296 _____ C:\Users\Renate\Desktop\AdwCleaner_4.206.exe
2015-06-12 18:32 - 2015-06-12 18:32 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-12 18:32 - 2015-06-12 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-06-12 18:32 - 2015-06-12 18:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-06-12 18:32 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-12 18:32 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-12 18:30 - 2015-06-12 18:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Renate\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-10 21:34 - 2015-06-10 21:34 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Renate\Desktop\tdsskiller.exe
2015-06-10 20:19 - 2015-06-13 01:41 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-10 20:19 - 2015-06-12 18:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-10 20:19 - 2015-06-10 21:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-10 20:18 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-10 20:17 - 2015-06-10 21:32 - 00000000 ____D C:\Users\Renate\Desktop\mbar
2015-06-10 20:16 - 2015-06-10 20:16 - 00001508 _____ C:\Users\Renate\Desktop\mbar-1.09.1.1004 - Verknüpfung.lnk
2015-06-10 20:15 - 2015-06-10 20:15 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Renate\Desktop\mbar-1.09.1.1004.exe
2015-06-10 19:25 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 19:25 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 19:25 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 19:25 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 19:25 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 19:25 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 19:25 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 19:25 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 19:25 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 19:25 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 19:25 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 19:25 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 19:25 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 19:25 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 19:25 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 19:25 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 19:25 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 19:25 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 19:25 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 19:25 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 19:25 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 19:25 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 19:25 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 19:25 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 19:25 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 19:25 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 19:25 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 19:25 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 19:25 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 19:25 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 19:25 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 19:25 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 19:25 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 19:25 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 19:25 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 19:25 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 19:25 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 19:25 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 19:25 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 19:25 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 19:25 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 19:25 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 19:24 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 22:31 - 2015-06-09 22:34 - 00036374 _____ C:\Users\Renate\Desktop\Addition.txt
2015-06-09 22:29 - 2015-06-14 09:11 - 00014300 _____ C:\Users\Renate\Desktop\FRST.txt
2015-06-09 22:28 - 2015-06-14 09:12 - 00000000 ____D C:\FRST
2015-06-09 22:28 - 2015-06-14 09:11 - 02109952 _____ (Farbar) C:\Users\Renate\Desktop\FRST64.exe
2015-06-02 20:08 - 2015-06-12 19:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-31 23:03 - 2015-05-31 23:04 - 00013054 _____ C:\Users\Renate\Downloads\basentest.html
2015-05-27 13:11 - 2015-05-27 13:11 - 00000000 ___RD C:\Users\Renate\AppData\Roaming\Brother
2015-05-15 14:12 - 2015-06-03 18:18 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-15 14:12 - 2015-06-03 18:18 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-15 13:57 - 2015-05-15 13:59 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 09:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-14 08:44 - 2014-11-16 22:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-13 21:39 - 2014-09-20 18:22 - 01966078 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-13 19:29 - 2013-08-22 16:46 - 00342068 _____ C:\WINDOWS\setupact.log
2015-06-12 20:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-12 19:53 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-12 19:53 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-12 19:53 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-12 19:47 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-12 19:47 - 2013-08-22 16:44 - 00482240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 19:45 - 2014-09-20 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-12 19:45 - 2014-03-18 03:50 - 00029286 _____ C:\WINDOWS\PFRO.log
2015-06-12 19:45 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-12 19:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-12 19:42 - 2014-09-20 18:31 - 00000000 ____D C:\Users\Renate
2015-06-12 19:16 - 2014-09-12 21:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-12 19:15 - 2014-09-12 21:43 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-12 19:13 - 2014-09-12 20:06 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1026582432-930876547-3987948175-1002
2015-06-11 20:14 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 18:59 - 2015-01-30 23:19 - 00003852 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1422652730
2015-06-10 18:59 - 2015-01-30 23:19 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-10 18:59 - 2015-01-30 23:17 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-09 21:44 - 2014-11-16 22:26 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-09 21:44 - 2014-09-13 10:39 - 00000000 ____D C:\Users\Renate\AppData\Roaming\Skype
2015-06-09 20:59 - 2014-09-14 18:09 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2015-06-03 23:03 - 2014-09-12 20:00 - 00000000 ____D C:\Users\Renate\AppData\Local\Packages
2015-05-31 06:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-05-27 12:37 - 2014-09-13 10:39 - 00000000 ____D C:\ProgramData\Skype
2015-05-22 16:17 - 2014-09-13 10:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-15 14:11 - 2013-08-22 17:37 - 00006837 _____ C:\WINDOWS\DtcInstall.log
2015-05-15 14:01 - 2014-03-18 11:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-05-15 14:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-05-15 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-05-15 14:00 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-05-15 14:00 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-05-15 14:00 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Com
2015-05-15 13:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-05-15 13:59 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-05-15 13:59 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-05-15 13:59 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-05-15 13:57 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\WindowsPowerShell
2015-05-15 13:57 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-05-15 13:57 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-05-15 13:57 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
==================== Files in the root of some directories =======
2014-09-13 10:07 - 2014-09-13 10:07 - 0000000 _____ () C:\Users\Renate\AppData\Roaming\gdfw.log
2014-09-13 10:07 - 2014-09-13 10:32 - 0001558 _____ () C:\Users\Renate\AppData\Roaming\gdscan.log
Some files in TEMP:
====================
C:\Users\Renate\AppData\Local\Temp\Execute2App.exe
C:\Users\Renate\AppData\Local\Temp\msvcp90.dll
C:\Users\Renate\AppData\Local\Temp\msvcr90.dll
C:\Users\Renate\AppData\Local\Temp\Quarantine.exe
C:\Users\Renate\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Renate\AppData\Local\Temp\sqlite3.dll
C:\Users\Renate\AppData\Local\Temp\tmd_34019403.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-08 21:37
==================== End of log ============================
|
|
14.06.2015, 15:57
| #14 |
| /// the machine /// TB-Ausbilder | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.06.2015, 08:56
| #15 |
| | Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt Vielen vielen Dank! Ich habe mich sehr sicher begleitet gefühlt und verstehe jetzt ein bißchen mehr von meinem Laptop.  Eine kleine Spende ist unterwegs!!!!!!!  |
|
| Themen zu Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt |
| benutzer, delivery, dilemma, emailadresse, emailadressen, failed, geschickt, gespeichert, hoffe, häufig, häufiger, laptops, mail, mail delivery, mail delivery failed, namen, schickt, serve, verschickt |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
