Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner - wie erkenne ich, ob er entfernt ist?

Trojaner - wie erkenne ich, ob er entfernt ist?


Plagegeister aller Art und deren Bekämpfung: Trojaner - wie erkenne ich, ob er entfernt ist?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 16.07.2015, 07:33   #1
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Hallo,

Von der Telekom kam ein Schreiben, dass auf unserem Computer ein Trojaner sei. Nun zeigte der PC heute morgen an, dass ein Trojaner entfernt wurde.

Kann ich nun sicher sein, dass der Trojaner wirklich weg ist?

Danke für Hilfe

Elisabeth

Alt 16.07.2015, 08:18   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 16.07.2015, 11:49   #3
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

FRST


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by mama (administrator) on MAMA-PC on 16-07-2015 12:46:17
Running from C:\Users\mama\Downloads
Loaded Profiles: mama (Available Profiles: mama)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cacls.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8461528 2015-03-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WebWeaver Desktop] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-02] (Geek Software GmbH)
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\Run: [communication-stand] => C:\Users\mama\AppData\Local\Communication_guy\communicationreference.exe [191784 2015-07-12] ()
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\Run: [nature-shoe] => C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe [209920 2015-07-02] () <===== ATTENTION
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\Run: [firewire] => C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\ductility.exe [225576 2014-08-14] ()
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\RunOnce: [ddr_sdram] => C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\bending.exe [168448 2014-05-24] (MATCODE Software)
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\RunOnce: [nature-shoe] => C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe [209920 2015-07-02] () <===== ATTENTION
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\MountPoints2: {bec7f9c7-d3dc-11e4-a400-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\MountPoints2: {d75124f2-d540-11e4-8892-448a5b2c8606} - E:\SISetup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2DB9448A-FEBA-4767-953C-198C723A393B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AFC12B33-F661-422A-A025-A36070689609}: [DhcpNameServer] 10.1.1.1

FireFox:
========
FF ProfilePath: C:\Users\mama\AppData\Roaming\Mozilla\Firefox\Profiles\k7ch3lys.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-16 12:46 - 2015-07-16 12:46 - 00007013 _____ C:\Users\mama\Downloads\FRST.txt
2015-07-16 12:45 - 2015-07-16 12:46 - 00000000 ____D C:\FRST
2015-07-16 12:45 - 2015-07-16 12:45 - 02133504 _____ (Farbar) C:\Users\mama\Downloads\FRST64.exe
2015-07-16 09:02 - 2015-07-16 09:02 - 00242928 _____ C:\Users\mama\Downloads\Firefox Setup Stub 39.0.exe
2015-07-15 21:50 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 21:50 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 21:50 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 21:50 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 21:50 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 21:50 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 21:07 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 21:07 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 21:07 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 21:07 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 21:07 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 21:07 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 21:07 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 21:07 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 21:07 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 21:07 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 21:07 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 21:07 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 21:07 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 21:07 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 21:07 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 21:07 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 21:07 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 21:07 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 21:07 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 21:07 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 21:07 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 21:07 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 21:07 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 21:07 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 21:07 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 21:07 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 21:07 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 21:07 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 21:07 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 21:07 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 21:07 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 21:07 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 21:07 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 21:07 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 21:07 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 21:07 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 21:07 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 21:07 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 21:07 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 21:07 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 21:07 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 21:07 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 21:07 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 21:07 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 20:40 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 20:40 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 20:40 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 20:40 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 20:40 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 20:40 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 20:40 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 20:40 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 20:40 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 20:37 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:37 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:37 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:37 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:37 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:37 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:37 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:37 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:37 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:37 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:37 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:37 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 20:29 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 20:29 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 20:28 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 20:28 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 20:28 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 20:28 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 20:28 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 20:28 - 2015-07-03 20:05 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-15 20:28 - 2015-07-03 20:05 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-15 20:28 - 2015-07-03 20:05 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-15 20:28 - 2015-07-03 20:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-15 20:28 - 2015-07-03 19:56 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-15 20:28 - 2015-07-03 19:56 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-15 20:28 - 2015-07-03 19:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-15 20:28 - 2015-07-03 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-15 20:28 - 2015-07-03 18:52 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-15 20:28 - 2015-07-03 18:42 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 20:28 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 20:28 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 20:28 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 20:28 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 20:28 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 20:28 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 20:28 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 20:28 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 20:28 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 20:28 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 20:28 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 20:28 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 20:28 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 20:28 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 20:28 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 20:28 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 20:28 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 20:28 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 20:28 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 20:28 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 20:28 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 20:28 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 20:28 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 20:28 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 20:28 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 20:28 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 20:28 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 20:28 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 20:28 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 20:28 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 20:28 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 20:28 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 20:28 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 20:28 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 20:28 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 20:28 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 20:28 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 20:28 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 20:28 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 20:28 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-12 15:03 - 2015-07-12 15:03 - 00000000 ___HD C:\Users\mama\AppData\Local\Communication_guy
2015-07-02 12:09 - 2015-07-02 12:09 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-07-02 12:09 - 2015-07-02 12:09 - 00001063 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-07-02 12:09 - 2015-07-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-07-02 12:09 - 2015-07-02 12:09 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-07-02 12:07 - 2015-07-02 12:09 - 16390392 _____ (Geek Software GmbH ) C:\Users\mama\Downloads\pdf24-creator-7.0.2.exe
2015-06-30 16:08 - 2015-06-30 16:07 - 01002284 _____ C:\Users\mama\Desktop\MöbelII.jpeg
2015-06-30 16:07 - 2015-06-30 16:07 - 00850262 _____ C:\Users\mama\Desktop\Möbel I.jpeg.jpeg
2015-06-28 20:27 - 2015-06-28 20:27 - 00000000 ____D C:\Users\mama\Tracing
2015-06-28 20:26 - 2015-06-28 20:26 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-28 20:26 - 2015-06-28 20:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-28 20:26 - 2015-06-28 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-28 20:20 - 2015-06-28 20:21 - 01384064 _____ (Skype Technologies S.A.) C:\Users\mama\Downloads\SkypeSetup.exe
2015-06-24 01:29 - 2015-06-24 01:29 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-06-21 10:54 - 2015-06-21 10:54 - 02265955 _____ (DigiOnline GmbH ) C:\Users\mama\Downloads\WebWeaverDesktopSetup.exe
2015-06-21 10:54 - 2015-06-21 10:54 - 00001311 _____ C:\Users\Public\Desktop\WebWeaver Desktop.lnk
2015-06-21 10:54 - 2015-06-21 10:54 - 00000000 ____D C:\Users\mama\AppData\Roaming\DigiOnline GmbH
2015-06-21 10:54 - 2015-06-21 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigiOnline GmbH
2015-06-21 10:54 - 2015-06-21 10:54 - 00000000 ____D C:\Program Files (x86)\DigiOnline GmbH

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-16 12:43 - 2009-07-14 06:45 - 00023808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-16 12:43 - 2009-07-14 06:45 - 00023808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-16 12:41 - 2010-11-21 08:22 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-07-16 12:41 - 2010-11-21 08:22 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-07-16 12:41 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-16 12:40 - 2015-03-26 19:24 - 02067748 _____ C:\Windows\WindowsUpdate.log
2015-07-16 12:36 - 2015-03-26 21:43 - 00000000 ____D C:\Users\mama\AppData\Roaming\Skype
2015-07-16 12:36 - 2015-03-26 20:02 - 00003510 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-16 12:35 - 2015-06-05 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-16 12:35 - 2015-03-26 19:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-16 12:35 - 2010-11-21 05:47 - 00062732 _____ C:\Windows\PFRO.log
2015-07-16 12:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-16 12:35 - 2009-07-14 06:51 - 00053721 _____ C:\Windows\setupact.log
2015-07-16 09:06 - 2015-03-26 19:34 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-16 09:06 - 2015-03-26 19:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-16 08:56 - 2015-04-04 16:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-16 07:58 - 2015-04-04 16:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 07:58 - 2015-04-04 16:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 07:58 - 2015-04-04 16:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 07:56 - 2015-03-26 20:59 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 07:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 21:48 - 2015-03-28 12:26 - 00000000 ____D C:\Users\mama\Documents\Thunderbird
2015-07-15 21:46 - 2009-07-14 06:45 - 00408448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-15 20:56 - 2015-03-26 21:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 20:56 - 2015-03-26 21:49 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:41 - 2015-03-26 19:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 11:59 - 2015-03-28 12:38 - 00000000 ____D C:\Users\mama\Documents\thunderbird2
2015-07-12 19:52 - 2015-05-17 17:53 - 00000000 ____D C:\Users\mama\Documents\Lesung Kindergarten
2015-07-05 19:53 - 2015-06-09 08:47 - 00000000 ____D C:\ProgramData\vcgnty
2015-07-03 10:32 - 2015-05-18 14:37 - 00000000 ____D C:\Users\mama\Desktop\Lesung Kindergarten
2015-07-03 08:43 - 2011-03-08 21:49 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-28 20:27 - 2015-03-26 19:24 - 00000000 ____D C:\Users\mama
2015-06-28 20:26 - 2015-03-26 21:43 - 00000000 ____D C:\ProgramData\Skype
2015-06-25 07:22 - 2015-03-26 21:51 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 17:07 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 12:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-16 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2015-03-26 19:48 - 2015-03-26 19:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe


Some files in TEMP:
====================
C:\Users\mama\AppData\Local\Temp\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
C:\Users\mama\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\mama\AppData\Local\Temp\ose00000.exe
C:\Users\mama\AppData\Local\Temp\raptrpatch.exe
C:\Users\mama\AppData\Local\Temp\raptr_stub.exe
C:\Users\mama\AppData\Local\Temp\siinst.exe
C:\Users\mama\AppData\Local\Temp\strings.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-25 10:08

==================== End of log ============================
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by mama at 2015-07-16 12:46:40
Running from C:\Users\mama\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2633793881-2841567878-4254833180-500 - Administrator - Disabled)
Gast (S-1-5-21-2633793881-2841567878-4254833180-501 - Limited - Disabled)
mama (S-1-5-21-2633793881-2841567878-4254833180-1000 - Administrator - Enabled) => C:\Users\mama

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
PDF24 Creator 7.0.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WebWeaver® Desktop 6 (HKLM-x32\...\{93B1F463-12CE-4F94-8AC8-939BC361FBB4}_is1) (Version:  - DigiOnline GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-05-2015 11:29:57 Windows Update
26-05-2015 14:15:56 Windows Update
05-06-2015 09:51:39 Windows Update
09-06-2015 12:57:36 Windows Update
10-06-2015 16:42:56 Windows Update
11-06-2015 14:27:13 Windows Update
16-06-2015 11:08:48 Windows Update
19-06-2015 11:45:49 Windows Update
23-06-2015 15:05:27 Windows Update
30-06-2015 15:24:23 Windows Update
09-07-2015 08:53:31 Windows Update
15-07-2015 20:27:34 Windows Update
15-07-2015 20:36:28 Windows Update
15-07-2015 21:07:24 Windows Update
15-07-2015 21:55:02 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {985B2A69-379C-4EC2-AACD-D8990F814A8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {AB4436B1-3C77-4EB9-9652-F8E50EC58EF1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E3704628-374A-448E-8C9C-08F83F989E9F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-26] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-28 13:55 - 2012-09-29 14:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2015-03-28 13:58 - 2012-09-29 14:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-02 12:09 - 2015-07-02 10:26 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-07-02 12:09 - 2015-07-02 10:26 - 00051232 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-16 07:58 - 2015-07-16 07:58 - 17448624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mama\Desktop\Möbel I.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\mama\Desktop\Möbel I.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\mama\Desktop\MöbelII.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\mama\Desktop\MöbelII.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\mama\Desktop\Opa Karin Kinder.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\mama\Desktop\Opa Karin Kinder.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\mama\Documents\handy 08.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mama\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6DAA8D66-CD5B-4AAD-9174-6B4D98B6CACF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECD95AC6-B812-4DAF-99C2-3E51DCCE2DE9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{389FCC48-FF44-4A6D-871C-1C7931BBEC96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{53793B36-3DB5-41E6-BB7D-E65DDA310A85}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{35178E9E-0341-4958-9F49-61A5EAC08B94}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{8C30AEE1-0CD9-481C-AE3F-87900FF11896}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{CE593ACB-1D53-4992-852C-910D92B461AD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A6B0B673-A868-4CA2-A0FF-A465F0FCF621}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{00E02635-3242-40A3-942D-63F8F75854ED}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DCC11026-E0C5-44F9-8E35-547CBE315308}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{20FCAE38-B22D-44D3-873E-5AB967CFA163}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4ED8E75E-71E4-4CDE-8D6E-E2F85F5F2C61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{237CB828-BE79-4D61-85B5-5407C1EB49F4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{776A8C83-6266-414F-B4D5-4C325214904F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E88D14B-9570-4B7D-ABD6-C6D8CFA7DDC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{16C9068F-492F-46FD-8482-13B5CF2D8D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5A75E538-7046-4B13-A2B8-E2DFF7E218F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/16/2015 12:37:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2015 07:55:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 09:49:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 08:57:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 08:14:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 11:52:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/14/2015 02:52:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2015 06:27:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 07:29:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 02:42:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/15/2015 09:47:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Diagnostics Tracking Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/10/2015 07:48:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/28/2015 09:19:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/16/2015 01:02:29 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/16/2015 11:14:50 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/15/2015 12:54:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/14/2015 08:58:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎06.‎2015 um 20:57:59 unerwartet heruntergefahren.

Error: (06/11/2015 09:19:49 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (06/11/2015 01:57:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/09/2015 01:58:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office:
=========================
Error: (07/16/2015 12:37:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2015 07:55:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 09:49:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 08:57:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 08:14:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2015 11:52:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/14/2015 02:52:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2015 06:27:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 07:29:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 02:42:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: AMD A4-4020 APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 31%
Total physical RAM: 4056.19 MB
Available physical RAM: 2792.62 MB
Total Virtual: 8110.59 MB
Available Virtual: 6300.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:143.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EEC9BB50)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---
__________________
Alt 17.07.2015, 07:16   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.07.2015, 14:12   #5
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.17.03
  rootkit: v2015.07.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
mama :: MAMA-PC [administrator]

17.07.2015 14:39:59
mbar-log-2015-07-17 (14-39-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 340517
Time elapsed: 5 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\mama\AppData\Local\Temp\{00008D8E-D332-FCD9} (Trojan.Trustezeb) -> Delete on reboot. [a5329f43fc8e0c2adfa38d23a55ccf31]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.17.03
  rootkit: v2015.07.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
mama :: MAMA-PC [administrator]

17.07.2015 15:01:47
mbar-log-2015-07-17 (15-01-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 340477
Time elapsed: 5 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
ATTFilter
15:09:31.0295 0x0144  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:09:45.0417 0x0144  ============================================================
15:09:45.0417 0x0144  Current date / time: 2015/07/17 15:09:45.0417
15:09:45.0417 0x0144  SystemInfo:
15:09:45.0418 0x0144  
15:09:45.0418 0x0144  OS Version: 6.1.7601 ServicePack: 1.0
15:09:45.0418 0x0144  Product type: Workstation
15:09:45.0418 0x0144  ComputerName: MAMA-PC
15:09:45.0418 0x0144  UserName: mama
15:09:45.0418 0x0144  Windows directory: C:\Windows
15:09:45.0418 0x0144  System windows directory: C:\Windows
15:09:45.0418 0x0144  Running under WOW64
15:09:45.0418 0x0144  Processor architecture: Intel x64
15:09:45.0418 0x0144  Number of processors: 2
15:09:45.0418 0x0144  Page size: 0x1000
15:09:45.0418 0x0144  Boot type: Normal boot
15:09:45.0418 0x0144  ============================================================
15:09:45.0466 0x0144  KLMD registered as C:\Windows\system32\drivers\45616563.sys
15:09:45.0498 0x0144  System UUID: {FE51E0AA-F1F0-4734-4DD1-E5B6CA6F5909}
15:09:45.0782 0x0144  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:09:45.0787 0x0144  ============================================================
15:09:45.0787 0x0144  \Device\Harddisk0\DR0:
15:09:45.0787 0x0144  MBR partitions:
15:09:45.0787 0x0144  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:09:45.0787 0x0144  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
15:09:45.0787 0x0144  ============================================================
15:09:45.0788 0x0144  C: <-> \Device\Harddisk0\DR0\Partition2
15:09:45.0788 0x0144  ============================================================
15:09:45.0788 0x0144  Initialize success
15:09:45.0788 0x0144  ============================================================
15:10:00.0287 0x0750  ============================================================
15:10:00.0288 0x0750  Scan started
15:10:00.0288 0x0750  Mode: Manual; 
15:10:00.0288 0x0750  ============================================================
15:10:00.0288 0x0750  KSN ping started
15:10:03.0143 0x0750  KSN ping finished: true
15:10:03.0347 0x0750  ================ Scan system memory ========================
15:10:03.0347 0x0750  System memory - ok
15:10:03.0348 0x0750  ================ Scan services =============================
15:10:03.0388 0x0750  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:10:03.0394 0x0750  1394ohci - ok
15:10:03.0418 0x0750  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:10:03.0426 0x0750  ACPI - ok
15:10:03.0431 0x0750  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:10:03.0433 0x0750  AcpiPmi - ok
15:10:03.0439 0x0750  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:10:03.0441 0x0750  AdobeARMservice - ok
15:10:03.0463 0x0750  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:10:03.0470 0x0750  AdobeFlashPlayerUpdateSvc - ok
15:10:03.0487 0x0750  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:10:03.0498 0x0750  adp94xx - ok
15:10:03.0512 0x0750  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:10:03.0520 0x0750  adpahci - ok
15:10:03.0530 0x0750  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:10:03.0535 0x0750  adpu320 - ok
15:10:03.0545 0x0750  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:10:03.0547 0x0750  AeLookupSvc - ok
15:10:03.0563 0x0750  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:10:03.0575 0x0750  AFD - ok
15:10:03.0582 0x0750  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:10:03.0584 0x0750  agp440 - ok
15:10:03.0591 0x0750  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:10:03.0593 0x0750  ALG - ok
15:10:03.0597 0x0750  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:10:03.0599 0x0750  aliide - ok
15:10:03.0609 0x0750  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:10:03.0615 0x0750  AMD External Events Utility - ok
15:10:03.0620 0x0750  AMD FUEL Service - ok
15:10:03.0626 0x0750  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:10:03.0627 0x0750  amdide - ok
15:10:03.0633 0x0750  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:10:03.0635 0x0750  AmdK8 - ok
15:10:04.0076 0x0750  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:10:04.0507 0x0750  amdkmdag - ok
15:10:04.0566 0x0750  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:10:04.0580 0x0750  amdkmdap - ok
15:10:04.0587 0x0750  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:10:04.0589 0x0750  AmdPPM - ok
15:10:04.0598 0x0750  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:10:04.0604 0x0750  amdsata - ok
15:10:04.0613 0x0750  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:10:04.0618 0x0750  amdsbs - ok
15:10:04.0623 0x0750  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:10:04.0625 0x0750  amdxata - ok
15:10:04.0632 0x0750  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
15:10:04.0633 0x0750  amd_sata - ok
15:10:04.0639 0x0750  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
15:10:04.0641 0x0750  amd_xata - ok
15:10:04.0645 0x0750  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:10:04.0648 0x0750  AODDriver4.3 - ok
15:10:04.0654 0x0750  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
15:10:04.0656 0x0750  AppID - ok
15:10:04.0661 0x0750  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:10:04.0663 0x0750  AppIDSvc - ok
15:10:04.0669 0x0750  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
15:10:04.0671 0x0750  Appinfo - ok
15:10:04.0682 0x0750  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:10:04.0687 0x0750  AppMgmt - ok
15:10:04.0694 0x0750  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:10:04.0697 0x0750  arc - ok
15:10:04.0703 0x0750  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:10:04.0706 0x0750  arcsas - ok
15:10:04.0721 0x0750  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:10:04.0724 0x0750  aspnet_state - ok
15:10:04.0729 0x0750  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:10:04.0730 0x0750  AsyncMac - ok
15:10:04.0736 0x0750  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:10:04.0737 0x0750  atapi - ok
15:10:04.0746 0x0750  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:10:04.0749 0x0750  AtiHDAudioService - ok
15:10:04.0768 0x0750  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:10:04.0784 0x0750  AudioEndpointBuilder - ok
15:10:04.0803 0x0750  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:10:04.0816 0x0750  AudioSrv - ok
15:10:04.0825 0x0750  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:10:04.0828 0x0750  AxInstSV - ok
15:10:04.0843 0x0750  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:10:04.0855 0x0750  b06bdrv - ok
15:10:04.0866 0x0750  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:10:04.0873 0x0750  b57nd60a - ok
15:10:04.0882 0x0750  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:10:04.0885 0x0750  BDESVC - ok
15:10:04.0890 0x0750  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:10:04.0890 0x0750  Beep - ok
15:10:04.0912 0x0750  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:10:04.0928 0x0750  BFE - ok
15:10:04.0953 0x0750  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:10:04.0975 0x0750  BITS - ok
15:10:04.0981 0x0750  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:10:04.0983 0x0750  blbdrive - ok
15:10:04.0989 0x0750  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:10:04.0992 0x0750  bowser - ok
15:10:04.0997 0x0750  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:10:04.0999 0x0750  BrFiltLo - ok
15:10:05.0003 0x0750  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:10:05.0004 0x0750  BrFiltUp - ok
15:10:05.0012 0x0750  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:10:05.0016 0x0750  Browser - ok
15:10:05.0027 0x0750  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:10:05.0035 0x0750  Brserid - ok
15:10:05.0041 0x0750  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:10:05.0043 0x0750  BrSerWdm - ok
15:10:05.0048 0x0750  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:10:05.0049 0x0750  BrUsbMdm - ok
15:10:05.0053 0x0750  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:10:05.0054 0x0750  BrUsbSer - ok
15:10:05.0061 0x0750  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:10:05.0063 0x0750  BTHMODEM - ok
15:10:05.0071 0x0750  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:10:05.0074 0x0750  bthserv - ok
15:10:05.0081 0x0750  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:10:05.0084 0x0750  cdfs - ok
15:10:05.0093 0x0750  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:10:05.0096 0x0750  cdrom - ok
15:10:05.0102 0x0750  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:10:05.0105 0x0750  CertPropSvc - ok
15:10:05.0110 0x0750  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:10:05.0112 0x0750  circlass - ok
15:10:05.0128 0x0750  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:10:05.0137 0x0750  CLFS - ok
15:10:05.0146 0x0750  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:10:05.0149 0x0750  clr_optimization_v2.0.50727_32 - ok
15:10:05.0157 0x0750  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:10:05.0160 0x0750  clr_optimization_v2.0.50727_64 - ok
15:10:05.0171 0x0750  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:10:05.0174 0x0750  clr_optimization_v4.0.30319_32 - ok
15:10:05.0181 0x0750  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:10:05.0187 0x0750  clr_optimization_v4.0.30319_64 - ok
15:10:05.0191 0x0750  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:10:05.0193 0x0750  CmBatt - ok
15:10:05.0198 0x0750  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:10:05.0200 0x0750  cmdide - ok
15:10:05.0216 0x0750  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:10:05.0230 0x0750  CNG - ok
15:10:05.0235 0x0750  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:10:05.0236 0x0750  Compbatt - ok
15:10:05.0241 0x0750  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:10:05.0243 0x0750  CompositeBus - ok
15:10:05.0247 0x0750  COMSysApp - ok
15:10:05.0254 0x0750  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:10:05.0255 0x0750  crcdisk - ok
15:10:05.0266 0x0750  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:10:05.0271 0x0750  CryptSvc - ok
15:10:05.0287 0x0750  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:10:05.0300 0x0750  CSC - ok
15:10:05.0320 0x0750  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:10:05.0337 0x0750  CscService - ok
15:10:05.0357 0x0750  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:10:05.0371 0x0750  DcomLaunch - ok
15:10:05.0384 0x0750  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:10:05.0391 0x0750  defragsvc - ok
15:10:05.0399 0x0750  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:10:05.0402 0x0750  DfsC - ok
15:10:05.0413 0x0750  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:10:05.0422 0x0750  Dhcp - ok
15:10:05.0456 0x0750  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:10:05.0484 0x0750  DiagTrack - ok
15:10:05.0491 0x0750  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:10:05.0493 0x0750  discache - ok
15:10:05.0499 0x0750  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:10:05.0501 0x0750  Disk - ok
15:10:05.0508 0x0750  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
15:10:05.0510 0x0750  dmvsc - ok
15:10:05.0520 0x0750  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:10:05.0525 0x0750  Dnscache - ok
15:10:05.0535 0x0750  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:10:05.0543 0x0750  dot3svc - ok
15:10:05.0552 0x0750  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:10:05.0557 0x0750  DPS - ok
15:10:05.0563 0x0750  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:10:05.0564 0x0750  drmkaud - ok
15:10:05.0591 0x0750  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:10:05.0614 0x0750  DXGKrnl - ok
15:10:05.0624 0x0750  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:10:05.0628 0x0750  E1G60 - ok
15:10:05.0635 0x0750  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:10:05.0638 0x0750  EapHost - ok
15:10:05.0719 0x0750  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:10:05.0792 0x0750  ebdrv - ok
15:10:05.0804 0x0750  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
15:10:05.0805 0x0750  EFS - ok
15:10:05.0827 0x0750  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:10:05.0843 0x0750  ehRecvr - ok
15:10:05.0850 0x0750  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:10:05.0854 0x0750  ehSched - ok
15:10:05.0871 0x0750  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:10:05.0884 0x0750  elxstor - ok
15:10:05.0889 0x0750  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:10:05.0890 0x0750  ErrDev - ok
15:10:05.0908 0x0750  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:10:05.0918 0x0750  EventSystem - ok
15:10:05.0927 0x0750  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:10:05.0932 0x0750  exfat - ok
15:10:05.0941 0x0750  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:10:05.0946 0x0750  fastfat - ok
15:10:05.0968 0x0750  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:10:05.0984 0x0750  Fax - ok
15:10:05.0991 0x0750  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:10:05.0992 0x0750  fdc - ok
15:10:05.0997 0x0750  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:10:05.0999 0x0750  fdPHost - ok
15:10:06.0004 0x0750  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:10:06.0006 0x0750  FDResPub - ok
15:10:06.0012 0x0750  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:10:06.0014 0x0750  FileInfo - ok
15:10:06.0019 0x0750  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:10:06.0021 0x0750  Filetrace - ok
15:10:06.0026 0x0750  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:10:06.0028 0x0750  flpydisk - ok
15:10:06.0038 0x0750  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:10:06.0046 0x0750  FltMgr - ok
15:10:06.0078 0x0750  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
15:10:06.0105 0x0750  FontCache - ok
15:10:06.0113 0x0750  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:10:06.0115 0x0750  FontCache3.0.0.0 - ok
15:10:06.0121 0x0750  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:10:06.0123 0x0750  FsDepends - ok
15:10:06.0128 0x0750  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:10:06.0129 0x0750  Fs_Rec - ok
15:10:06.0139 0x0750  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:10:06.0145 0x0750  fvevol - ok
15:10:06.0151 0x0750  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:10:06.0153 0x0750  gagp30kx - ok
15:10:06.0178 0x0750  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:10:06.0196 0x0750  gpsvc - ok
15:10:06.0202 0x0750  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:10:06.0204 0x0750  hcw85cir - ok
15:10:06.0217 0x0750  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:10:06.0227 0x0750  HdAudAddService - ok
15:10:06.0236 0x0750  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:10:06.0239 0x0750  HDAudBus - ok
15:10:06.0244 0x0750  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:10:06.0246 0x0750  HidBatt - ok
15:10:06.0252 0x0750  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:10:06.0256 0x0750  HidBth - ok
15:10:06.0261 0x0750  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:10:06.0263 0x0750  HidIr - ok
15:10:06.0268 0x0750  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:10:06.0270 0x0750  hidserv - ok
15:10:06.0276 0x0750  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:10:06.0278 0x0750  HidUsb - ok
15:10:06.0285 0x0750  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:10:06.0288 0x0750  hkmsvc - ok
15:10:06.0298 0x0750  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:10:06.0305 0x0750  HomeGroupListener - ok
15:10:06.0314 0x0750  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:10:06.0320 0x0750  HomeGroupProvider - ok
15:10:06.0326 0x0750  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:10:06.0329 0x0750  HpSAMD - ok
15:10:06.0337 0x0750  [ 2C4DE764EAB27C09C265F9B7CDF24D13, 1CBA082A7579A7B50DE1DC45F11BC9DA5E16B2555737E0986247E0CDEF2E6524 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
15:10:06.0340 0x0750  HPSIService - ok
15:10:06.0366 0x0750  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:10:06.0387 0x0750  HTTP - ok
15:10:06.0393 0x0750  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:10:06.0394 0x0750  hwpolicy - ok
15:10:06.0401 0x0750  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:10:06.0404 0x0750  i8042prt - ok
15:10:06.0420 0x0750  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:10:06.0432 0x0750  iaStorV - ok
15:10:06.0457 0x0750  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:10:06.0478 0x0750  idsvc - ok
15:10:06.0484 0x0750  IEEtwCollectorService - ok
15:10:06.0490 0x0750  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:10:06.0491 0x0750  iirsp - ok
15:10:06.0516 0x0750  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:10:06.0537 0x0750  IKEEXT - ok
15:10:06.0649 0x0750  [ 7641FFE251E30993D037C2A6613CED59, 93A7AD4FD7A593613A8BF43F3F2AA44969C47E8417E930F70A0E06FA8E52CB58 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:10:06.0747 0x0750  IntcAzAudAddService - ok
15:10:06.0760 0x0750  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:10:06.0762 0x0750  intelide - ok
15:10:06.0768 0x0750  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:10:06.0770 0x0750  intelppm - ok
15:10:06.0777 0x0750  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:10:06.0780 0x0750  IPBusEnum - ok
15:10:06.0787 0x0750  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:10:06.0789 0x0750  IpFilterDriver - ok
15:10:06.0806 0x0750  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:10:06.0820 0x0750  iphlpsvc - ok
15:10:06.0827 0x0750  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:10:06.0830 0x0750  IPMIDRV - ok
15:10:06.0837 0x0750  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:10:06.0840 0x0750  IPNAT - ok
15:10:06.0845 0x0750  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:10:06.0846 0x0750  IRENUM - ok
15:10:06.0851 0x0750  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:10:06.0853 0x0750  isapnp - ok
15:10:06.0864 0x0750  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:10:06.0872 0x0750  iScsiPrt - ok
15:10:06.0877 0x0750  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:10:06.0879 0x0750  kbdclass - ok
15:10:06.0885 0x0750  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:10:06.0887 0x0750  kbdhid - ok
15:10:06.0892 0x0750  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
15:10:06.0894 0x0750  KeyIso - ok
15:10:06.0901 0x0750  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:10:06.0904 0x0750  KSecDD - ok
15:10:06.0912 0x0750  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:10:06.0916 0x0750  KSecPkg - ok
15:10:06.0921 0x0750  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:10:06.0922 0x0750  ksthunk - ok
15:10:06.0935 0x0750  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:10:06.0944 0x0750  KtmRm - ok
15:10:06.0955 0x0750  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:10:06.0962 0x0750  LanmanServer - ok
15:10:06.0970 0x0750  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:10:06.0975 0x0750  LanmanWorkstation - ok
15:10:06.0984 0x0750  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:10:06.0986 0x0750  lltdio - ok
15:10:06.0997 0x0750  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:10:07.0005 0x0750  lltdsvc - ok
15:10:07.0010 0x0750  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:10:07.0012 0x0750  lmhosts - ok
15:10:07.0021 0x0750  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:10:07.0025 0x0750  LSI_FC - ok
15:10:07.0032 0x0750  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:10:07.0035 0x0750  LSI_SAS - ok
15:10:07.0041 0x0750  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:10:07.0043 0x0750  LSI_SAS2 - ok
15:10:07.0051 0x0750  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:10:07.0054 0x0750  LSI_SCSI - ok
15:10:07.0061 0x0750  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:10:07.0065 0x0750  luafv - ok
15:10:07.0072 0x0750  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:10:07.0075 0x0750  Mcx2Svc - ok
15:10:07.0081 0x0750  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:10:07.0082 0x0750  megasas - ok
15:10:07.0093 0x0750  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:10:07.0100 0x0750  MegaSR - ok
15:10:07.0107 0x0750  Microsoft SharePoint Workspace Audit Service - ok
15:10:07.0114 0x0750  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:10:07.0117 0x0750  MMCSS - ok
15:10:07.0122 0x0750  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:10:07.0123 0x0750  Modem - ok
15:10:07.0129 0x0750  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:10:07.0130 0x0750  monitor - ok
15:10:07.0137 0x0750  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:10:07.0139 0x0750  mouclass - ok
15:10:07.0144 0x0750  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:10:07.0146 0x0750  mouhid - ok
15:10:07.0153 0x0750  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:10:07.0156 0x0750  mountmgr - ok
15:10:07.0163 0x0750  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:10:07.0167 0x0750  MozillaMaintenance - ok
15:10:07.0175 0x0750  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:10:07.0179 0x0750  mpio - ok
15:10:07.0186 0x0750  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:10:07.0189 0x0750  mpsdrv - ok
15:10:07.0213 0x0750  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:10:07.0234 0x0750  MpsSvc - ok
15:10:07.0244 0x0750  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:10:07.0248 0x0750  MRxDAV - ok
15:10:07.0256 0x0750  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:10:07.0260 0x0750  mrxsmb - ok
15:10:07.0272 0x0750  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:10:07.0279 0x0750  mrxsmb10 - ok
15:10:07.0287 0x0750  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:10:07.0291 0x0750  mrxsmb20 - ok
15:10:07.0296 0x0750  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:10:07.0297 0x0750  msahci - ok
15:10:07.0305 0x0750  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:10:07.0309 0x0750  msdsm - ok
15:10:07.0316 0x0750  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:10:07.0321 0x0750  MSDTC - ok
15:10:07.0330 0x0750  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:10:07.0332 0x0750  Msfs - ok
15:10:07.0336 0x0750  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:10:07.0337 0x0750  mshidkmdf - ok
15:10:07.0342 0x0750  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:10:07.0343 0x0750  msisadrv - ok
15:10:07.0352 0x0750  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:10:07.0357 0x0750  MSiSCSI - ok
15:10:07.0362 0x0750  msiserver - ok
15:10:07.0367 0x0750  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:10:07.0368 0x0750  MSKSSRV - ok
15:10:07.0374 0x0750  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:10:07.0376 0x0750  MSPCLOCK - ok
15:10:07.0380 0x0750  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:10:07.0381 0x0750  MSPQM - ok
15:10:07.0394 0x0750  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:10:07.0403 0x0750  MsRPC - ok
15:10:07.0411 0x0750  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:10:07.0413 0x0750  mssmbios - ok
15:10:07.0417 0x0750  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:10:07.0418 0x0750  MSTEE - ok
15:10:07.0425 0x0750  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:10:07.0426 0x0750  MTConfig - ok
15:10:07.0432 0x0750  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:10:07.0434 0x0750  Mup - ok
15:10:07.0440 0x0750  [ 705E9675014EB688BEDD967B1ABECF19, 7FA4B0A5120DD415C5D3F3BE56C69455647029332DC2E9B4E9874AF3C34F89AD ] mvusbews        C:\Windows\system32\Drivers\mvusbews.sys
15:10:07.0441 0x0750  mvusbews - ok
15:10:07.0464 0x0750  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:10:07.0478 0x0750  napagent - ok
15:10:07.0490 0x0750  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:10:07.0497 0x0750  NativeWifiP - ok
15:10:07.0524 0x0750  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:10:07.0546 0x0750  NDIS - ok
15:10:07.0552 0x0750  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:10:07.0554 0x0750  NdisCap - ok
15:10:07.0559 0x0750  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:10:07.0560 0x0750  NdisTapi - ok
15:10:07.0566 0x0750  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:10:07.0568 0x0750  Ndisuio - ok
15:10:07.0576 0x0750  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:10:07.0583 0x0750  NdisWan - ok
15:10:07.0589 0x0750  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:10:07.0591 0x0750  NDProxy - ok
15:10:07.0596 0x0750  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:10:07.0598 0x0750  NetBIOS - ok
15:10:07.0608 0x0750  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:10:07.0614 0x0750  NetBT - ok
15:10:07.0619 0x0750  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
15:10:07.0621 0x0750  Netlogon - ok
15:10:07.0633 0x0750  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:10:07.0643 0x0750  Netman - ok
15:10:07.0650 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:07.0654 0x0750  NetMsmqActivator - ok
15:10:07.0662 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:07.0665 0x0750  NetPipeActivator - ok
15:10:07.0681 0x0750  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:10:07.0692 0x0750  netprofm - ok
15:10:07.0719 0x0750  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
15:10:07.0740 0x0750  netr28ux - ok
15:10:07.0748 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:07.0751 0x0750  NetTcpActivator - ok
15:10:07.0757 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:07.0760 0x0750  NetTcpPortSharing - ok
15:10:07.0766 0x0750  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:10:07.0768 0x0750  nfrd960 - ok
15:10:07.0779 0x0750  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:10:07.0787 0x0750  NlaSvc - ok
15:10:07.0792 0x0750  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:10:07.0794 0x0750  Npfs - ok
15:10:07.0799 0x0750  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:10:07.0801 0x0750  nsi - ok
15:10:07.0806 0x0750  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:10:07.0808 0x0750  nsiproxy - ok
15:10:07.0853 0x0750  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:10:07.0890 0x0750  Ntfs - ok
15:10:07.0898 0x0750  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:10:07.0899 0x0750  Null - ok
15:10:07.0909 0x0750  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:10:07.0916 0x0750  nvraid - ok
15:10:07.0925 0x0750  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:10:07.0931 0x0750  nvstor - ok
15:10:07.0938 0x0750  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:10:07.0941 0x0750  nv_agp - ok
15:10:07.0947 0x0750  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:10:07.0950 0x0750  ohci1394 - ok
15:10:07.0960 0x0750  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:10:07.0964 0x0750  ose - ok
15:10:08.0082 0x0750  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:10:08.0172 0x0750  osppsvc - ok
15:10:08.0198 0x0750  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:10:08.0207 0x0750  p2pimsvc - ok
15:10:08.0222 0x0750  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:10:08.0233 0x0750  p2psvc - ok
15:10:08.0241 0x0750  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:10:08.0244 0x0750  Parport - ok
15:10:08.0250 0x0750  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:10:08.0253 0x0750  partmgr - ok
15:10:08.0261 0x0750  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:10:08.0267 0x0750  PcaSvc - ok
15:10:08.0276 0x0750  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:10:08.0281 0x0750  pci - ok
15:10:08.0285 0x0750  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:10:08.0287 0x0750  pciide - ok
15:10:08.0296 0x0750  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:10:08.0302 0x0750  pcmcia - ok
15:10:08.0307 0x0750  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:10:08.0309 0x0750  pcw - ok
15:10:08.0328 0x0750  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:10:08.0344 0x0750  PEAUTH - ok
15:10:08.0380 0x0750  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:10:08.0411 0x0750  PeerDistSvc - ok
15:10:08.0432 0x0750  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:10:08.0434 0x0750  PerfHost - ok
15:10:08.0476 0x0750  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:10:08.0508 0x0750  pla - ok
15:10:08.0525 0x0750  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:10:08.0536 0x0750  PlugPlay - ok
15:10:08.0541 0x0750  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:10:08.0544 0x0750  PNRPAutoReg - ok
15:10:08.0556 0x0750  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:10:08.0563 0x0750  PNRPsvc - ok
15:10:08.0579 0x0750  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:10:08.0592 0x0750  PolicyAgent - ok
15:10:08.0603 0x0750  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:10:08.0610 0x0750  Power - ok
15:10:08.0617 0x0750  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:10:08.0620 0x0750  PptpMiniport - ok
15:10:08.0626 0x0750  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:10:08.0628 0x0750  Processor - ok
15:10:08.0637 0x0750  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:10:08.0643 0x0750  ProfSvc - ok
15:10:08.0648 0x0750  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
15:10:08.0650 0x0750  ProtectedStorage - ok
15:10:08.0658 0x0750  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:10:08.0661 0x0750  Psched - ok
15:10:08.0700 0x0750  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:10:08.0735 0x0750  ql2300 - ok
15:10:08.0745 0x0750  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:10:08.0749 0x0750  ql40xx - ok
15:10:08.0759 0x0750  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:10:08.0766 0x0750  QWAVE - ok
15:10:08.0771 0x0750  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:10:08.0773 0x0750  QWAVEdrv - ok
15:10:08.0778 0x0750  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:10:08.0779 0x0750  RasAcd - ok
15:10:08.0785 0x0750  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:10:08.0787 0x0750  RasAgileVpn - ok
15:10:08.0794 0x0750  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:10:08.0797 0x0750  RasAuto - ok
15:10:08.0805 0x0750  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:10:08.0809 0x0750  Rasl2tp - ok
15:10:08.0821 0x0750  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:10:08.0831 0x0750  RasMan - ok
15:10:08.0837 0x0750  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:10:08.0840 0x0750  RasPppoe - ok
15:10:08.0846 0x0750  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:10:08.0849 0x0750  RasSstp - ok
15:10:08.0860 0x0750  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:10:08.0867 0x0750  rdbss - ok
15:10:08.0873 0x0750  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:10:08.0875 0x0750  rdpbus - ok
15:10:08.0879 0x0750  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:10:08.0880 0x0750  RDPCDD - ok
15:10:08.0890 0x0750  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:10:08.0895 0x0750  RDPDR - ok
15:10:08.0899 0x0750  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:10:08.0900 0x0750  RDPENCDD - ok
15:10:08.0908 0x0750  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:10:08.0909 0x0750  RDPREFMP - ok
15:10:08.0916 0x0750  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:10:08.0918 0x0750  RdpVideoMiniport - ok
15:10:08.0930 0x0750  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:10:08.0935 0x0750  RDPWD - ok
15:10:08.0944 0x0750  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:10:08.0950 0x0750  rdyboost - ok
15:10:08.0956 0x0750  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:10:08.0961 0x0750  RemoteAccess - ok
15:10:08.0968 0x0750  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:10:08.0974 0x0750  RemoteRegistry - ok
15:10:08.0980 0x0750  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:10:08.0983 0x0750  RpcEptMapper - ok
15:10:08.0987 0x0750  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:10:08.0989 0x0750  RpcLocator - ok
15:10:09.0006 0x0750  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:10:09.0017 0x0750  RpcSs - ok
15:10:09.0024 0x0750  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:10:09.0026 0x0750  rspndr - ok
15:10:09.0052 0x0750  [ 6F593C7B14264FE2C6F3B96165BD95E5, 4D38B4EAFE5B5EAD409250DEA1FD45860751A9E8477D3775E97FF386895182A2 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:10:09.0073 0x0750  RTL8167 - ok
15:10:09.0080 0x0750  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:10:09.0081 0x0750  s3cap - ok
15:10:09.0085 0x0750  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
15:10:09.0087 0x0750  SamSs - ok
15:10:09.0094 0x0750  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:10:09.0097 0x0750  sbp2port - ok
15:10:09.0106 0x0750  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:10:09.0112 0x0750  SCardSvr - ok
15:10:09.0117 0x0750  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:10:09.0118 0x0750  scfilter - ok
15:10:09.0147 0x0750  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:10:09.0173 0x0750  Schedule - ok
15:10:09.0181 0x0750  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:10:09.0183 0x0750  SCPolicySvc - ok
15:10:09.0191 0x0750  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:10:09.0197 0x0750  SDRSVC - ok
15:10:09.0202 0x0750  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:10:09.0203 0x0750  secdrv - ok
15:10:09.0210 0x0750  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:10:09.0212 0x0750  seclogon - ok
15:10:09.0218 0x0750  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:10:09.0221 0x0750  SENS - ok
15:10:09.0226 0x0750  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:10:09.0229 0x0750  SensrSvc - ok
15:10:09.0234 0x0750  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:10:09.0235 0x0750  Serenum - ok
15:10:09.0242 0x0750  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:10:09.0245 0x0750  Serial - ok
15:10:09.0250 0x0750  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:10:09.0251 0x0750  sermouse - ok
15:10:09.0265 0x0750  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:10:09.0270 0x0750  SessionEnv - ok
15:10:09.0274 0x0750  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:10:09.0276 0x0750  sffdisk - ok
15:10:09.0281 0x0750  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:10:09.0282 0x0750  sffp_mmc - ok
15:10:09.0287 0x0750  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:10:09.0289 0x0750  sffp_sd - ok
15:10:09.0293 0x0750  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:10:09.0295 0x0750  sfloppy - ok
15:10:09.0308 0x0750  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:10:09.0317 0x0750  SharedAccess - ok
15:10:09.0332 0x0750  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:10:09.0342 0x0750  ShellHWDetection - ok
15:10:09.0348 0x0750  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:10:09.0350 0x0750  SiSRaid2 - ok
15:10:09.0356 0x0750  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:10:09.0359 0x0750  SiSRaid4 - ok
15:10:09.0371 0x0750  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:10:09.0378 0x0750  SkypeUpdate - ok
15:10:09.0385 0x0750  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:10:09.0388 0x0750  Smb - ok
15:10:09.0397 0x0750  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:10:09.0400 0x0750  SNMPTRAP - ok
15:10:09.0404 0x0750  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:10:09.0406 0x0750  spldr - ok
15:10:09.0424 0x0750  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:10:09.0438 0x0750  Spooler - ok
15:10:09.0524 0x0750  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:10:09.0607 0x0750  sppsvc - ok
15:10:09.0623 0x0750  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:10:09.0627 0x0750  sppuinotify - ok
15:10:09.0643 0x0750  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:10:09.0653 0x0750  srv - ok
15:10:09.0667 0x0750  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:10:09.0677 0x0750  srv2 - ok
15:10:09.0685 0x0750  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:10:09.0690 0x0750  srvnet - ok
15:10:09.0699 0x0750  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:10:09.0705 0x0750  SSDPSRV - ok
15:10:09.0712 0x0750  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:10:09.0716 0x0750  SstpSvc - ok
15:10:09.0743 0x0750  [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:10:09.0765 0x0750  Steam Client Service - ok
15:10:09.0772 0x0750  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:10:09.0773 0x0750  stexstor - ok
15:10:09.0792 0x0750  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:10:09.0807 0x0750  stisvc - ok
15:10:09.0814 0x0750  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:10:09.0816 0x0750  storflt - ok
15:10:09.0820 0x0750  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
15:10:09.0823 0x0750  StorSvc - ok
15:10:09.0828 0x0750  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:10:09.0830 0x0750  storvsc - ok
15:10:09.0834 0x0750  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:10:09.0836 0x0750  swenum - ok
15:10:09.0855 0x0750  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:10:09.0869 0x0750  swprv - ok
15:10:09.0876 0x0750  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
15:10:09.0878 0x0750  Synth3dVsc - ok
15:10:09.0923 0x0750  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:10:09.0964 0x0750  SysMain - ok
15:10:09.0974 0x0750  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:10:09.0978 0x0750  TabletInputService - ok
15:10:09.0989 0x0750  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:10:09.0998 0x0750  TapiSrv - ok
15:10:10.0004 0x0750  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:10:10.0008 0x0750  TBS - ok
15:10:10.0056 0x0750  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:10:10.0100 0x0750  Tcpip - ok
15:10:10.0151 0x0750  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:10:10.0186 0x0750  TCPIP6 - ok
15:10:10.0197 0x0750  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:10:10.0199 0x0750  tcpipreg - ok
15:10:10.0206 0x0750  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:10:10.0207 0x0750  TDPIPE - ok
15:10:10.0212 0x0750  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:10:10.0214 0x0750  TDTCP - ok
15:10:10.0221 0x0750  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:10:10.0225 0x0750  tdx - ok
15:10:10.0231 0x0750  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:10:10.0233 0x0750  TermDD - ok
15:10:10.0238 0x0750  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
15:10:10.0240 0x0750  terminpt - ok
15:10:10.0260 0x0750  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:10:10.0274 0x0750  TermService - ok
15:10:10.0281 0x0750  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:10:10.0284 0x0750  Themes - ok
15:10:10.0290 0x0750  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:10:10.0292 0x0750  THREADORDER - ok
15:10:10.0300 0x0750  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:10:10.0304 0x0750  TrkWks - ok
15:10:10.0313 0x0750  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:10:10.0318 0x0750  TrustedInstaller - ok
15:10:10.0326 0x0750  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:10:10.0328 0x0750  tssecsrv - ok
15:10:10.0334 0x0750  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:10:10.0337 0x0750  TsUsbFlt - ok
15:10:10.0342 0x0750  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:10:10.0344 0x0750  TsUsbGD - ok
15:10:10.0351 0x0750  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
15:10:10.0355 0x0750  tsusbhub - ok
15:10:10.0362 0x0750  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:10:10.0365 0x0750  tunnel - ok
15:10:10.0371 0x0750  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:10:10.0373 0x0750  uagp35 - ok
15:10:10.0385 0x0750  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:10:10.0394 0x0750  udfs - ok
15:10:10.0403 0x0750  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:10:10.0406 0x0750  UI0Detect - ok
15:10:10.0412 0x0750  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:10:10.0415 0x0750  uliagpkx - ok
15:10:10.0420 0x0750  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:10:10.0422 0x0750  umbus - ok
15:10:10.0427 0x0750  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:10:10.0428 0x0750  UmPass - ok
15:10:10.0437 0x0750  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:10:10.0444 0x0750  UmRdpService - ok
15:10:10.0457 0x0750  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:10:10.0467 0x0750  upnphost - ok
15:10:10.0474 0x0750  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:10.0477 0x0750  usbccgp - ok
15:10:10.0484 0x0750  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:10:10.0487 0x0750  usbcir - ok
15:10:10.0493 0x0750  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:10:10.0495 0x0750  usbehci - ok
15:10:10.0501 0x0750  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:10:10.0503 0x0750  usbfilter - ok
15:10:10.0515 0x0750  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:10:10.0524 0x0750  usbhub - ok
15:10:10.0530 0x0750  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:10:10.0532 0x0750  usbohci - ok
15:10:10.0537 0x0750  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:10:10.0539 0x0750  usbprint - ok
15:10:10.0545 0x0750  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:10:10.0547 0x0750  usbscan - ok
15:10:10.0554 0x0750  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:10.0557 0x0750  USBSTOR - ok
15:10:10.0563 0x0750  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:10:10.0565 0x0750  usbuhci - ok
15:10:10.0570 0x0750  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:10:10.0573 0x0750  UxSms - ok
15:10:10.0579 0x0750  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
15:10:10.0581 0x0750  VaultSvc - ok
15:10:10.0586 0x0750  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:10:10.0588 0x0750  vdrvroot - ok
15:10:10.0605 0x0750  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:10:10.0619 0x0750  vds - ok
15:10:10.0625 0x0750  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:10.0627 0x0750  vga - ok
15:10:10.0632 0x0750  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:10:10.0633 0x0750  VgaSave - ok
15:10:10.0637 0x0750  VGPU - ok
15:10:10.0647 0x0750  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:10:10.0653 0x0750  vhdmp - ok
15:10:10.0658 0x0750  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:10:10.0659 0x0750  viaide - ok
15:10:10.0668 0x0750  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:10:10.0673 0x0750  vmbus - ok
15:10:10.0679 0x0750  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:10:10.0680 0x0750  VMBusHID - ok
15:10:10.0687 0x0750  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:10:10.0690 0x0750  volmgr - ok
15:10:10.0703 0x0750  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:10:10.0712 0x0750  volmgrx - ok
15:10:10.0724 0x0750  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:10:10.0732 0x0750  volsnap - ok
15:10:10.0740 0x0750  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:10:10.0744 0x0750  vsmraid - ok
15:10:10.0787 0x0750  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:10:10.0825 0x0750  VSS - ok
15:10:10.0833 0x0750  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:10:10.0835 0x0750  vwifibus - ok
15:10:10.0841 0x0750  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:10:10.0843 0x0750  vwififlt - ok
15:10:10.0858 0x0750  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:10:10.0869 0x0750  W32Time - ok
15:10:10.0877 0x0750  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:10:10.0878 0x0750  WacomPen - ok
15:10:10.0885 0x0750  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:10:10.0888 0x0750  WANARP - ok
15:10:10.0893 0x0750  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:10:10.0895 0x0750  Wanarpv6 - ok
15:10:10.0934 0x0750  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:10:10.0970 0x0750  wbengine - ok
15:10:10.0982 0x0750  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:10:10.0988 0x0750  WbioSrvc - ok
15:10:11.0000 0x0750  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:10:11.0011 0x0750  wcncsvc - ok
15:10:11.0017 0x0750  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:10:11.0020 0x0750  WcsPlugInService - ok
15:10:11.0025 0x0750  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:10:11.0027 0x0750  Wd - ok
15:10:11.0051 0x0750  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:10:11.0070 0x0750  Wdf01000 - ok
15:10:11.0078 0x0750  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:10:11.0082 0x0750  WdiServiceHost - ok
15:10:11.0087 0x0750  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:10:11.0090 0x0750  WdiSystemHost - ok
15:10:11.0100 0x0750  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:10:11.0108 0x0750  WebClient - ok
15:10:11.0119 0x0750  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:10:11.0126 0x0750  Wecsvc - ok
15:10:11.0133 0x0750  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:10:11.0138 0x0750  wercplsupport - ok
15:10:11.0144 0x0750  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:10:11.0148 0x0750  WerSvc - ok
15:10:11.0153 0x0750  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:10:11.0154 0x0750  WfpLwf - ok
15:10:11.0159 0x0750  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:10:11.0161 0x0750  WIMMount - ok
15:10:11.0165 0x0750  WinDefend - ok
15:10:11.0173 0x0750  WinHttpAutoProxySvc - ok
15:10:11.0188 0x0750  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:10:11.0195 0x0750  Winmgmt - ok
15:10:11.0247 0x0750  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:10:11.0293 0x0750  WinRM - ok
15:10:11.0308 0x0750  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:10:11.0310 0x0750  WinUsb - ok
15:10:11.0335 0x0750  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:10:11.0356 0x0750  Wlansvc - ok
15:10:11.0363 0x0750  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:10:11.0364 0x0750  WmiAcpi - ok
15:10:11.0376 0x0750  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:10:11.0382 0x0750  wmiApSrv - ok
15:10:11.0385 0x0750  WMPNetworkSvc - ok
15:10:11.0391 0x0750  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:10:11.0394 0x0750  WPCSvc - ok
15:10:11.0401 0x0750  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:10:11.0407 0x0750  WPDBusEnum - ok
15:10:11.0412 0x0750  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:10:11.0413 0x0750  ws2ifsl - ok
15:10:11.0420 0x0750  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:10:11.0425 0x0750  wscsvc - ok
15:10:11.0429 0x0750  WSearch - ok
15:10:11.0496 0x0750  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:10:11.0555 0x0750  wuauserv - ok
15:10:11.0569 0x0750  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:10:11.0572 0x0750  WudfPf - ok
15:10:11.0584 0x0750  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:11.0589 0x0750  WUDFRd - ok
15:10:11.0596 0x0750  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:10:11.0601 0x0750  wudfsvc - ok
15:10:11.0610 0x0750  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:10:11.0617 0x0750  WwanSvc - ok
15:10:11.0625 0x0750  ================ Scan global ===============================
15:10:11.0630 0x0750  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:10:11.0640 0x0750  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
15:10:11.0654 0x0750  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
15:10:11.0662 0x0750  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:10:11.0675 0x0750  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:10:11.0684 0x0750  [ Global ] - ok
15:10:11.0684 0x0750  ================ Scan MBR ==================================
15:10:11.0687 0x0750  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:10:11.0732 0x0750  \Device\Harddisk0\DR0 - ok
15:10:11.0733 0x0750  ================ Scan VBR ==================================
15:10:11.0735 0x0750  [ 62D2B4C55857F387E7D14CC2115B78BB ] \Device\Harddisk0\DR0\Partition1
15:10:11.0737 0x0750  \Device\Harddisk0\DR0\Partition1 - ok
15:10:11.0739 0x0750  [ 4B15345AC09F2F1F606E53AF4742A44F ] \Device\Harddisk0\DR0\Partition2
15:10:11.0741 0x0750  \Device\Harddisk0\DR0\Partition2 - ok
15:10:11.0742 0x0750  ================ Scan generic autorun ======================
15:10:11.0938 0x0750  [ BB23287E44B06B964DB44195DF3C795B, 99434A35624B0E56C0E1AB5733AFE0A4CEADAE5BEF6E87F580E5FAC52B9327BE ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
15:10:12.0082 0x0750  RTHDVCPL - ok
15:10:12.0105 0x0750  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
15:10:12.0107 0x0750  BCSSync - ok
15:10:12.0118 0x0750  [ 89B250C786AAF611C5F0E7BE7D400C57, C9241330915C21A5BEA1CEE8C6EC9DE34450594036F2CF8ABB42E6EBD7AC5DCF ] C:\Program Files (x86)\PDF24\pdf24.exe
15:10:12.0121 0x0750  PDFPrint - ok
15:10:12.0154 0x0750  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:12.0180 0x0750  Sidebar - ok
15:10:12.0188 0x0750  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:12.0192 0x0750  mctadmin - ok
15:10:12.0224 0x0750  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:12.0244 0x0750  Sidebar - ok
15:10:12.0252 0x0750  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:12.0255 0x0750  mctadmin - ok
15:10:12.0262 0x0750  [ 1EFF19C6EAA9024D7938227DB5D207C9, C42B2596ABEC15E598E0AC2B65DFD67AA73A6DACAE1A1DD34AADF7818FC08924 ] C:\Users\mama\AppData\Local\Communication-pick\communication-lesson.exe
15:10:12.0262 0x0750  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Communication-pick\communication-lesson.exe. md5: 1EFF19C6EAA9024D7938227DB5D207C9, sha256: C42B2596ABEC15E598E0AC2B65DFD67AA73A6DACAE1A1DD34AADF7818FC08924
15:10:12.0262 0x0750  communication-stand - detected LockedFile.Multi.Generic ( 1 )
15:10:15.0260 0x0750  communication-stand ( LockedFile.Multi.Generic ) - warning
15:10:18.0125 0x0750  [ 19B20EB1B8752F522749FF33C240D481, 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9 ] C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
15:10:18.0125 0x0750  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe. md5: 19B20EB1B8752F522749FF33C240D481, sha256: 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9
15:10:18.0140 0x0750  nature-shoe - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
15:10:20.0978 0x0750  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - infected
15:10:20.0978 0x0750  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
15:10:24.0020 0x0750  Object send P2P result: true
15:10:26.0813 0x0750  Skype - ok
15:10:26.0828 0x0750  [ 2F0BFF5362B2EEFE2D0965C0247F5CAA, A385E359BC5840AFB16166BCAFAAE01B02CB0EE994370DE169C43EDD03FDC7B6 ] C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\utility_frequency.exe
15:10:26.0844 0x0750  firewire - ok
15:10:26.0844 0x0750  [ 631DDE988A57A9469E8BA2C34BD21718, 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80 ] C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
15:10:26.0844 0x0750  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe. md5: 631DDE988A57A9469E8BA2C34BD21718, sha256: 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80
15:10:26.0875 0x0750  while-object - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
15:10:29.0761 0x0750  Object required for P2P: [ 631DDE988A57A9469E8BA2C34BD21718 ] C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
15:10:32.0709 0x0750  Object send P2P result: true
15:10:32.0709 0x0750  while-object ( Trojan-Spy.Win32.ZBot.gen ) - infected
15:10:32.0709 0x0750  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
15:10:36.0329 0x0750  Object send P2P result: true
15:10:39.0651 0x0750  [ 1E919DF4309A08C3F8A20E39A73E06EB, 8F0D9CE72E5C26F0B5F41E58E01644F23EA70D5D0ED8D5474A5AFDEC78795F4A ] C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\versamodule_eurocard.exe
15:10:39.0667 0x0750  ddr_sdram - ok
15:10:39.0683 0x0750  [ 19B20EB1B8752F522749FF33C240D481, 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9 ] C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
15:10:39.0683 0x0750  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe. md5: 19B20EB1B8752F522749FF33C240D481, sha256: 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9
15:10:39.0683 0x0750  nature-shoe - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
15:10:39.0683 0x0750  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - infected
15:10:39.0683 0x0750  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
15:10:43.0099 0x0750  Object send P2P result: true
15:10:47.0015 0x0750  [ 631DDE988A57A9469E8BA2C34BD21718, 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80 ] C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
15:10:47.0015 0x0750  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe. md5: 631DDE988A57A9469E8BA2C34BD21718, sha256: 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80
15:10:47.0030 0x0750  while-object - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
15:10:47.0030 0x0750  Object required for P2P: [ 631DDE988A57A9469E8BA2C34BD21718 ] C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
15:10:50.0369 0x0750  Object send P2P result: true
15:10:50.0369 0x0750  while-object ( Trojan-Spy.Win32.ZBot.gen ) - infected
15:10:50.0369 0x0750  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
15:10:53.0286 0x0750  Object send P2P result: true
15:10:56.0578 0x0750  Win FW state via NFP2: enabled
15:10:59.0354 0x0750  ============================================================
15:10:59.0354 0x0750  Scan finished
15:10:59.0354 0x0750  ============================================================
15:10:59.0370 0x0950  Detected object count: 5
15:10:59.0370 0x0950  Actual detected object count: 5
15:11:39.0801 0x0950  communication-stand ( LockedFile.Multi.Generic ) - skipped by user
15:11:39.0801 0x0950  communication-stand ( LockedFile.Multi.Generic ) - User select action: Skip 
15:11:39.0817 0x0950  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
15:11:39.0817 0x0950  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
15:11:39.0817 0x0950  while-object ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
15:11:39.0817 0x0950  while-object ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
15:11:39.0817 0x0950  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
15:11:39.0817 0x0950  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
15:11:39.0817 0x0950  while-object ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
15:11:39.0817 0x0950  while-object ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip 
15:11:42.0063 0x1374  Deinitialize success


Alt 18.07.2015, 09:18   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.
__________________
--> Trojaner - wie erkenne ich, ob er entfernt ist?

Alt 19.07.2015, 10:19   #7
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Code:
ATTFilter
11:13:19.0908 0x0138  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:13:22.0358 0x0138  ============================================================
11:13:22.0358 0x0138  Current date / time: 2015/07/19 11:13:22.0358
11:13:22.0358 0x0138  SystemInfo:
11:13:22.0358 0x0138  
11:13:22.0358 0x0138  OS Version: 6.1.7601 ServicePack: 1.0
11:13:22.0358 0x0138  Product type: Workstation
11:13:22.0359 0x0138  ComputerName: MAMA-PC
11:13:22.0359 0x0138  UserName: mama
11:13:22.0359 0x0138  Windows directory: C:\Windows
11:13:22.0359 0x0138  System windows directory: C:\Windows
11:13:22.0359 0x0138  Running under WOW64
11:13:22.0359 0x0138  Processor architecture: Intel x64
11:13:22.0359 0x0138  Number of processors: 2
11:13:22.0359 0x0138  Page size: 0x1000
11:13:22.0359 0x0138  Boot type: Normal boot
11:13:22.0359 0x0138  ============================================================
11:13:22.0393 0x0138  System UUID: {FE51E0AA-F1F0-4734-4DD1-E5B6CA6F5909}
11:13:22.0656 0x0138  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:13:22.0660 0x0138  ============================================================
11:13:22.0660 0x0138  \Device\Harddisk0\DR0:
11:13:22.0660 0x0138  MBR partitions:
11:13:22.0660 0x0138  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:13:22.0660 0x0138  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
11:13:22.0660 0x0138  ============================================================
11:13:22.0661 0x0138  C: <-> \Device\Harddisk0\DR0\Partition2
11:13:22.0661 0x0138  ============================================================
11:13:22.0661 0x0138  Initialize success
11:13:22.0661 0x0138  ============================================================
11:13:24.0036 0x1194  ============================================================
11:13:24.0036 0x1194  Scan started
11:13:24.0037 0x1194  Mode: Manual; 
11:13:24.0037 0x1194  ============================================================
11:13:24.0037 0x1194  KSN ping started
11:13:26.0700 0x1194  KSN ping finished: true
11:13:26.0917 0x1194  ================ Scan system memory ========================
11:13:26.0917 0x1194  System memory - ok
11:13:26.0917 0x1194  ================ Scan services =============================
11:13:26.0956 0x1194  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:13:26.0961 0x1194  1394ohci - ok
11:13:26.0982 0x1194  [ EB2290ED2AFEA6D9C9773B818F2C1EA3, 7CC151FD71E0F32C106A6699B54E9C18CC43859A98B5A891646DD7FAEF9FFC54 ] 19779303        C:\Windows\system32\drivers\19262229.sys
11:13:26.0999 0x1194  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:13:27.0005 0x1194  ACPI - ok
11:13:27.0011 0x1194  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:13:27.0012 0x1194  AcpiPmi - ok
11:13:27.0018 0x1194  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:13:27.0020 0x1194  AdobeARMservice - ok
11:13:27.0044 0x1194  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:13:27.0050 0x1194  AdobeFlashPlayerUpdateSvc - ok
11:13:27.0066 0x1194  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:13:27.0075 0x1194  adp94xx - ok
11:13:27.0089 0x1194  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:13:27.0095 0x1194  adpahci - ok
11:13:27.0104 0x1194  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:13:27.0108 0x1194  adpu320 - ok
11:13:27.0116 0x1194  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:13:27.0118 0x1194  AeLookupSvc - ok
11:13:27.0136 0x1194  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
11:13:27.0146 0x1194  AFD - ok
11:13:27.0152 0x1194  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:13:27.0153 0x1194  agp440 - ok
11:13:27.0160 0x1194  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:13:27.0162 0x1194  ALG - ok
11:13:27.0167 0x1194  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:13:27.0168 0x1194  aliide - ok
11:13:27.0180 0x1194  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:13:27.0185 0x1194  AMD External Events Utility - ok
11:13:27.0189 0x1194  AMD FUEL Service - ok
11:13:27.0195 0x1194  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:13:27.0196 0x1194  amdide - ok
11:13:27.0202 0x1194  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:13:27.0203 0x1194  AmdK8 - ok
11:13:27.0653 0x1194  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:13:28.0011 0x1194  amdkmdag - ok
11:13:28.0071 0x1194  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:13:28.0083 0x1194  amdkmdap - ok
11:13:28.0089 0x1194  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:13:28.0091 0x1194  AmdPPM - ok
11:13:28.0100 0x1194  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:13:28.0103 0x1194  amdsata - ok
11:13:28.0112 0x1194  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:13:28.0115 0x1194  amdsbs - ok
11:13:28.0122 0x1194  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:13:28.0123 0x1194  amdxata - ok
11:13:28.0130 0x1194  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
11:13:28.0132 0x1194  amd_sata - ok
11:13:28.0137 0x1194  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
11:13:28.0138 0x1194  amd_xata - ok
11:13:28.0144 0x1194  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:13:28.0145 0x1194  AODDriver4.3 - ok
11:13:28.0151 0x1194  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
11:13:28.0153 0x1194  AppID - ok
11:13:28.0158 0x1194  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:13:28.0159 0x1194  AppIDSvc - ok
11:13:28.0166 0x1194  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
11:13:28.0168 0x1194  Appinfo - ok
11:13:28.0178 0x1194  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:13:28.0182 0x1194  AppMgmt - ok
11:13:28.0190 0x1194  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:13:28.0192 0x1194  arc - ok
11:13:28.0200 0x1194  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:13:28.0202 0x1194  arcsas - ok
11:13:28.0218 0x1194  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:13:28.0219 0x1194  aspnet_state - ok
11:13:28.0224 0x1194  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:13:28.0225 0x1194  AsyncMac - ok
11:13:28.0231 0x1194  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:13:28.0232 0x1194  atapi - ok
11:13:28.0240 0x1194  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:13:28.0243 0x1194  AtiHDAudioService - ok
11:13:28.0264 0x1194  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:13:28.0277 0x1194  AudioEndpointBuilder - ok
11:13:28.0297 0x1194  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:13:28.0309 0x1194  AudioSrv - ok
11:13:28.0319 0x1194  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:13:28.0322 0x1194  AxInstSV - ok
11:13:28.0337 0x1194  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:13:28.0346 0x1194  b06bdrv - ok
11:13:28.0357 0x1194  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:13:28.0363 0x1194  b57nd60a - ok
11:13:28.0374 0x1194  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:13:28.0377 0x1194  BDESVC - ok
11:13:28.0382 0x1194  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:13:28.0382 0x1194  Beep - ok
11:13:28.0403 0x1194  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:13:28.0417 0x1194  BFE - ok
11:13:28.0443 0x1194  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:13:28.0461 0x1194  BITS - ok
11:13:28.0467 0x1194  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:13:28.0469 0x1194  blbdrive - ok
11:13:28.0475 0x1194  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:13:28.0478 0x1194  bowser - ok
11:13:28.0484 0x1194  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:13:28.0485 0x1194  BrFiltLo - ok
11:13:28.0490 0x1194  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:13:28.0490 0x1194  BrFiltUp - ok
11:13:28.0499 0x1194  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:13:28.0502 0x1194  Browser - ok
11:13:28.0515 0x1194  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:13:28.0520 0x1194  Brserid - ok
11:13:28.0526 0x1194  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:13:28.0527 0x1194  BrSerWdm - ok
11:13:28.0532 0x1194  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:13:28.0533 0x1194  BrUsbMdm - ok
11:13:28.0538 0x1194  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:13:28.0538 0x1194  BrUsbSer - ok
11:13:28.0547 0x1194  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:13:28.0549 0x1194  BTHMODEM - ok
11:13:28.0557 0x1194  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:13:28.0559 0x1194  bthserv - ok
11:13:28.0568 0x1194  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:13:28.0570 0x1194  cdfs - ok
11:13:28.0579 0x1194  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:13:28.0582 0x1194  cdrom - ok
11:13:28.0590 0x1194  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:13:28.0592 0x1194  CertPropSvc - ok
11:13:28.0598 0x1194  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:13:28.0599 0x1194  circlass - ok
11:13:28.0613 0x1194  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:13:28.0620 0x1194  CLFS - ok
11:13:28.0629 0x1194  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:13:28.0631 0x1194  clr_optimization_v2.0.50727_32 - ok
11:13:28.0638 0x1194  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:13:28.0640 0x1194  clr_optimization_v2.0.50727_64 - ok
11:13:28.0652 0x1194  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:13:28.0654 0x1194  clr_optimization_v4.0.30319_32 - ok
11:13:28.0664 0x1194  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:13:28.0666 0x1194  clr_optimization_v4.0.30319_64 - ok
11:13:28.0671 0x1194  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:13:28.0672 0x1194  CmBatt - ok
11:13:28.0678 0x1194  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:13:28.0678 0x1194  cmdide - ok
11:13:28.0696 0x1194  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:13:28.0704 0x1194  CNG - ok
11:13:28.0711 0x1194  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:13:28.0712 0x1194  Compbatt - ok
11:13:28.0717 0x1194  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:13:28.0719 0x1194  CompositeBus - ok
11:13:28.0724 0x1194  COMSysApp - ok
11:13:28.0731 0x1194  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:13:28.0731 0x1194  crcdisk - ok
11:13:28.0742 0x1194  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:13:28.0746 0x1194  CryptSvc - ok
11:13:28.0762 0x1194  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:13:28.0772 0x1194  CSC - ok
11:13:28.0794 0x1194  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:13:28.0807 0x1194  CscService - ok
11:13:28.0828 0x1194  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:13:28.0839 0x1194  DcomLaunch - ok
11:13:28.0850 0x1194  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:13:28.0856 0x1194  defragsvc - ok
11:13:28.0863 0x1194  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:13:28.0865 0x1194  DfsC - ok
11:13:28.0878 0x1194  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:13:28.0884 0x1194  Dhcp - ok
11:13:28.0918 0x1194  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:13:28.0942 0x1194  DiagTrack - ok
11:13:28.0950 0x1194  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:13:28.0951 0x1194  discache - ok
11:13:28.0957 0x1194  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:13:28.0958 0x1194  Disk - ok
11:13:28.0965 0x1194  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:13:28.0967 0x1194  dmvsc - ok
11:13:28.0976 0x1194  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:13:28.0981 0x1194  Dnscache - ok
11:13:28.0991 0x1194  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:13:28.0997 0x1194  dot3svc - ok
11:13:29.0006 0x1194  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:13:29.0010 0x1194  DPS - ok
11:13:29.0015 0x1194  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:13:29.0015 0x1194  drmkaud - ok
11:13:29.0043 0x1194  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:13:29.0062 0x1194  DXGKrnl - ok
11:13:29.0073 0x1194  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
11:13:29.0076 0x1194  E1G60 - ok
11:13:29.0083 0x1194  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:13:29.0086 0x1194  EapHost - ok
11:13:29.0165 0x1194  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:13:29.0228 0x1194  ebdrv - ok
11:13:29.0241 0x1194  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
11:13:29.0243 0x1194  EFS - ok
11:13:29.0265 0x1194  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:13:29.0279 0x1194  ehRecvr - ok
11:13:29.0286 0x1194  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:13:29.0289 0x1194  ehSched - ok
11:13:29.0306 0x1194  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:13:29.0316 0x1194  elxstor - ok
11:13:29.0322 0x1194  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:13:29.0323 0x1194  ErrDev - ok
11:13:29.0342 0x1194  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:13:29.0351 0x1194  EventSystem - ok
11:13:29.0359 0x1194  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:13:29.0363 0x1194  exfat - ok
11:13:29.0372 0x1194  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:13:29.0376 0x1194  fastfat - ok
11:13:29.0396 0x1194  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:13:29.0410 0x1194  Fax - ok
11:13:29.0417 0x1194  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:13:29.0418 0x1194  fdc - ok
11:13:29.0423 0x1194  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:13:29.0424 0x1194  fdPHost - ok
11:13:29.0429 0x1194  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:13:29.0431 0x1194  FDResPub - ok
11:13:29.0437 0x1194  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:13:29.0439 0x1194  FileInfo - ok
11:13:29.0444 0x1194  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:13:29.0446 0x1194  Filetrace - ok
11:13:29.0451 0x1194  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:13:29.0452 0x1194  flpydisk - ok
11:13:29.0462 0x1194  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:13:29.0468 0x1194  FltMgr - ok
11:13:29.0499 0x1194  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
11:13:29.0522 0x1194  FontCache - ok
11:13:29.0529 0x1194  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:13:29.0531 0x1194  FontCache3.0.0.0 - ok
11:13:29.0537 0x1194  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:13:29.0538 0x1194  FsDepends - ok
11:13:29.0545 0x1194  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:13:29.0546 0x1194  Fs_Rec - ok
11:13:29.0556 0x1194  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:13:29.0561 0x1194  fvevol - ok
11:13:29.0568 0x1194  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:13:29.0570 0x1194  gagp30kx - ok
11:13:29.0592 0x1194  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:13:29.0607 0x1194  gpsvc - ok
11:13:29.0613 0x1194  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:13:29.0615 0x1194  hcw85cir - ok
11:13:29.0630 0x1194  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:13:29.0637 0x1194  HdAudAddService - ok
11:13:29.0646 0x1194  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:13:29.0649 0x1194  HDAudBus - ok
11:13:29.0654 0x1194  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:13:29.0655 0x1194  HidBatt - ok
11:13:29.0663 0x1194  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:13:29.0665 0x1194  HidBth - ok
11:13:29.0671 0x1194  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:13:29.0672 0x1194  HidIr - ok
11:13:29.0677 0x1194  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:13:29.0679 0x1194  hidserv - ok
11:13:29.0685 0x1194  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:13:29.0686 0x1194  HidUsb - ok
11:13:29.0693 0x1194  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:13:29.0695 0x1194  hkmsvc - ok
11:13:29.0705 0x1194  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:13:29.0710 0x1194  HomeGroupListener - ok
11:13:29.0720 0x1194  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:13:29.0724 0x1194  HomeGroupProvider - ok
11:13:29.0731 0x1194  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:13:29.0733 0x1194  HpSAMD - ok
11:13:29.0740 0x1194  [ 2C4DE764EAB27C09C265F9B7CDF24D13, 1CBA082A7579A7B50DE1DC45F11BC9DA5E16B2555737E0986247E0CDEF2E6524 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
11:13:29.0743 0x1194  HPSIService - ok
11:13:29.0766 0x1194  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:13:29.0781 0x1194  HTTP - ok
11:13:29.0787 0x1194  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:13:29.0788 0x1194  hwpolicy - ok
11:13:29.0796 0x1194  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:13:29.0798 0x1194  i8042prt - ok
11:13:29.0815 0x1194  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:13:29.0823 0x1194  iaStorV - ok
11:13:29.0847 0x1194  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:13:29.0863 0x1194  idsvc - ok
11:13:29.0871 0x1194  IEEtwCollectorService - ok
11:13:29.0877 0x1194  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:13:29.0878 0x1194  iirsp - ok
11:13:29.0903 0x1194  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:13:29.0921 0x1194  IKEEXT - ok
11:13:30.0030 0x1194  [ 7641FFE251E30993D037C2A6613CED59, 93A7AD4FD7A593613A8BF43F3F2AA44969C47E8417E930F70A0E06FA8E52CB58 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:13:30.0113 0x1194  IntcAzAudAddService - ok
11:13:30.0131 0x1194  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:13:30.0131 0x1194  intelide - ok
11:13:30.0138 0x1194  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:13:30.0139 0x1194  intelppm - ok
11:13:30.0146 0x1194  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:13:30.0149 0x1194  IPBusEnum - ok
11:13:30.0156 0x1194  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:13:30.0157 0x1194  IpFilterDriver - ok
11:13:30.0176 0x1194  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:13:30.0187 0x1194  iphlpsvc - ok
11:13:30.0195 0x1194  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:13:30.0197 0x1194  IPMIDRV - ok
11:13:30.0205 0x1194  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:13:30.0207 0x1194  IPNAT - ok
11:13:30.0212 0x1194  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:13:30.0213 0x1194  IRENUM - ok
11:13:30.0219 0x1194  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:13:30.0219 0x1194  isapnp - ok
11:13:30.0231 0x1194  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:13:30.0236 0x1194  iScsiPrt - ok
11:13:30.0243 0x1194  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:13:30.0244 0x1194  kbdclass - ok
11:13:30.0249 0x1194  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:13:30.0251 0x1194  kbdhid - ok
11:13:30.0256 0x1194  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
11:13:30.0258 0x1194  KeyIso - ok
11:13:30.0265 0x1194  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:13:30.0267 0x1194  KSecDD - ok
11:13:30.0276 0x1194  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:13:30.0279 0x1194  KSecPkg - ok
11:13:30.0284 0x1194  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:13:30.0285 0x1194  ksthunk - ok
11:13:30.0298 0x1194  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:13:30.0306 0x1194  KtmRm - ok
11:13:30.0316 0x1194  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:13:30.0323 0x1194  LanmanServer - ok
11:13:30.0330 0x1194  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:13:30.0334 0x1194  LanmanWorkstation - ok
11:13:30.0345 0x1194  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:13:30.0346 0x1194  lltdio - ok
11:13:30.0357 0x1194  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:13:30.0364 0x1194  lltdsvc - ok
11:13:30.0369 0x1194  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:13:30.0371 0x1194  lmhosts - ok
11:13:30.0380 0x1194  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:13:30.0383 0x1194  LSI_FC - ok
11:13:30.0390 0x1194  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:13:30.0392 0x1194  LSI_SAS - ok
11:13:30.0398 0x1194  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:13:30.0400 0x1194  LSI_SAS2 - ok
11:13:30.0409 0x1194  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:13:30.0411 0x1194  LSI_SCSI - ok
11:13:30.0418 0x1194  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:13:30.0421 0x1194  luafv - ok
11:13:30.0427 0x1194  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:13:30.0429 0x1194  Mcx2Svc - ok
11:13:30.0436 0x1194  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:13:30.0437 0x1194  megasas - ok
11:13:30.0448 0x1194  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:13:30.0454 0x1194  MegaSR - ok
11:13:30.0461 0x1194  Microsoft SharePoint Workspace Audit Service - ok
11:13:30.0467 0x1194  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:13:30.0469 0x1194  MMCSS - ok
11:13:30.0474 0x1194  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:13:30.0476 0x1194  Modem - ok
11:13:30.0482 0x1194  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:13:30.0483 0x1194  monitor - ok
11:13:30.0489 0x1194  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:13:30.0491 0x1194  mouclass - ok
11:13:30.0496 0x1194  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:13:30.0497 0x1194  mouhid - ok
11:13:30.0505 0x1194  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:13:30.0508 0x1194  mountmgr - ok
11:13:30.0515 0x1194  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:13:30.0519 0x1194  MozillaMaintenance - ok
11:13:30.0527 0x1194  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:13:30.0530 0x1194  mpio - ok
11:13:30.0537 0x1194  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:13:30.0539 0x1194  mpsdrv - ok
11:13:30.0565 0x1194  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:13:30.0584 0x1194  MpsSvc - ok
11:13:30.0593 0x1194  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:13:30.0596 0x1194  MRxDAV - ok
11:13:30.0604 0x1194  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:13:30.0607 0x1194  mrxsmb - ok
11:13:30.0618 0x1194  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:13:30.0624 0x1194  mrxsmb10 - ok
11:13:30.0632 0x1194  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:13:30.0635 0x1194  mrxsmb20 - ok
11:13:30.0641 0x1194  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:13:30.0642 0x1194  msahci - ok
11:13:30.0650 0x1194  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:13:30.0653 0x1194  msdsm - ok
11:13:30.0661 0x1194  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:13:30.0664 0x1194  MSDTC - ok
11:13:30.0674 0x1194  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:13:30.0675 0x1194  Msfs - ok
11:13:30.0679 0x1194  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:13:30.0680 0x1194  mshidkmdf - ok
11:13:30.0685 0x1194  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:13:30.0687 0x1194  msisadrv - ok
11:13:30.0696 0x1194  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:13:30.0700 0x1194  MSiSCSI - ok
11:13:30.0705 0x1194  msiserver - ok
11:13:30.0710 0x1194  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:13:30.0711 0x1194  MSKSSRV - ok
11:13:30.0716 0x1194  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:13:30.0716 0x1194  MSPCLOCK - ok
11:13:30.0722 0x1194  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:13:30.0722 0x1194  MSPQM - ok
11:13:30.0735 0x1194  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:13:30.0742 0x1194  MsRPC - ok
11:13:30.0754 0x1194  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:13:30.0755 0x1194  mssmbios - ok
11:13:30.0762 0x1194  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:13:30.0763 0x1194  MSTEE - ok
11:13:30.0771 0x1194  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:13:30.0772 0x1194  MTConfig - ok
11:13:30.0777 0x1194  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:13:30.0779 0x1194  Mup - ok
11:13:30.0785 0x1194  [ 705E9675014EB688BEDD967B1ABECF19, 7FA4B0A5120DD415C5D3F3BE56C69455647029332DC2E9B4E9874AF3C34F89AD ] mvusbews        C:\Windows\system32\Drivers\mvusbews.sys
11:13:30.0786 0x1194  mvusbews - ok
11:13:30.0803 0x1194  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:13:30.0814 0x1194  napagent - ok
11:13:30.0827 0x1194  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:13:30.0833 0x1194  NativeWifiP - ok
11:13:30.0859 0x1194  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:13:30.0877 0x1194  NDIS - ok
11:13:30.0885 0x1194  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:13:30.0886 0x1194  NdisCap - ok
11:13:30.0891 0x1194  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:13:30.0892 0x1194  NdisTapi - ok
11:13:30.0898 0x1194  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:13:30.0900 0x1194  Ndisuio - ok
11:13:30.0908 0x1194  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:13:30.0911 0x1194  NdisWan - ok
11:13:30.0917 0x1194  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:13:30.0919 0x1194  NDProxy - ok
11:13:30.0925 0x1194  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:13:30.0926 0x1194  NetBIOS - ok
11:13:30.0937 0x1194  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:13:30.0944 0x1194  NetBT - ok
11:13:30.0951 0x1194  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
11:13:30.0954 0x1194  Netlogon - ok
11:13:30.0967 0x1194  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:13:30.0977 0x1194  Netman - ok
11:13:30.0985 0x1194  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:13:30.0988 0x1194  NetMsmqActivator - ok
11:13:30.0995 0x1194  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:13:30.0998 0x1194  NetPipeActivator - ok
11:13:31.0014 0x1194  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:13:31.0025 0x1194  netprofm - ok
11:13:31.0052 0x1194  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
11:13:31.0069 0x1194  netr28ux - ok
11:13:31.0078 0x1194  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:13:31.0081 0x1194  NetTcpActivator - ok
11:13:31.0087 0x1194  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:13:31.0090 0x1194  NetTcpPortSharing - ok
11:13:31.0096 0x1194  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:13:31.0098 0x1194  nfrd960 - ok
11:13:31.0109 0x1194  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:13:31.0116 0x1194  NlaSvc - ok
11:13:31.0122 0x1194  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:13:31.0124 0x1194  Npfs - ok
11:13:31.0129 0x1194  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:13:31.0132 0x1194  nsi - ok
11:13:31.0137 0x1194  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:13:31.0138 0x1194  nsiproxy - ok
11:13:31.0185 0x1194  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:13:31.0217 0x1194  Ntfs - ok
11:13:31.0225 0x1194  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:13:31.0226 0x1194  Null - ok
11:13:31.0236 0x1194  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:13:31.0240 0x1194  nvraid - ok
11:13:31.0249 0x1194  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:13:31.0252 0x1194  nvstor - ok
11:13:31.0260 0x1194  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:13:31.0262 0x1194  nv_agp - ok
11:13:31.0269 0x1194  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:13:31.0270 0x1194  ohci1394 - ok
11:13:31.0282 0x1194  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:13:31.0285 0x1194  ose - ok
11:13:31.0404 0x1194  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:13:31.0497 0x1194  osppsvc - ok
11:13:31.0526 0x1194  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:13:31.0533 0x1194  p2pimsvc - ok
11:13:31.0549 0x1194  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:13:31.0558 0x1194  p2psvc - ok
11:13:31.0566 0x1194  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:13:31.0568 0x1194  Parport - ok
11:13:31.0575 0x1194  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:13:31.0577 0x1194  partmgr - ok
11:13:31.0587 0x1194  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:13:31.0592 0x1194  PcaSvc - ok
11:13:31.0601 0x1194  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:13:31.0604 0x1194  pci - ok
11:13:31.0609 0x1194  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:13:31.0611 0x1194  pciide - ok
11:13:31.0621 0x1194  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:13:31.0625 0x1194  pcmcia - ok
11:13:31.0630 0x1194  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:13:31.0632 0x1194  pcw - ok
11:13:31.0652 0x1194  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:13:31.0665 0x1194  PEAUTH - ok
11:13:31.0702 0x1194  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:13:31.0729 0x1194  PeerDistSvc - ok
11:13:31.0750 0x1194  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:13:31.0751 0x1194  PerfHost - ok
11:13:31.0794 0x1194  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:13:31.0822 0x1194  pla - ok
11:13:31.0842 0x1194  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:13:31.0851 0x1194  PlugPlay - ok
11:13:31.0857 0x1194  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:13:31.0859 0x1194  PNRPAutoReg - ok
11:13:31.0871 0x1194  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:13:31.0878 0x1194  PNRPsvc - ok
11:13:31.0895 0x1194  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:13:31.0905 0x1194  PolicyAgent - ok
11:13:31.0916 0x1194  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:13:31.0922 0x1194  Power - ok
11:13:31.0930 0x1194  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:13:31.0932 0x1194  PptpMiniport - ok
11:13:31.0938 0x1194  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:13:31.0940 0x1194  Processor - ok
11:13:31.0949 0x1194  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:13:31.0955 0x1194  ProfSvc - ok
11:13:31.0960 0x1194  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
11:13:31.0962 0x1194  ProtectedStorage - ok
11:13:31.0970 0x1194  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:13:31.0973 0x1194  Psched - ok
11:13:32.0012 0x1194  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:13:32.0042 0x1194  ql2300 - ok
11:13:32.0052 0x1194  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:13:32.0055 0x1194  ql40xx - ok
11:13:32.0066 0x1194  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:13:32.0072 0x1194  QWAVE - ok
11:13:32.0078 0x1194  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:13:32.0080 0x1194  QWAVEdrv - ok
11:13:32.0084 0x1194  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:13:32.0085 0x1194  RasAcd - ok
11:13:32.0092 0x1194  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:13:32.0093 0x1194  RasAgileVpn - ok
11:13:32.0100 0x1194  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:13:32.0103 0x1194  RasAuto - ok
11:13:32.0111 0x1194  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:13:32.0113 0x1194  Rasl2tp - ok
11:13:32.0127 0x1194  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:13:32.0134 0x1194  RasMan - ok
11:13:32.0142 0x1194  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:13:32.0145 0x1194  RasPppoe - ok
11:13:32.0152 0x1194  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:13:32.0154 0x1194  RasSstp - ok
11:13:32.0166 0x1194  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:13:32.0172 0x1194  rdbss - ok
11:13:32.0178 0x1194  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:13:32.0179 0x1194  rdpbus - ok
11:13:32.0184 0x1194  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:13:32.0185 0x1194  RDPCDD - ok
11:13:32.0198 0x1194  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:13:32.0201 0x1194  RDPDR - ok
11:13:32.0206 0x1194  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:13:32.0206 0x1194  RDPENCDD - ok
11:13:32.0216 0x1194  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:13:32.0217 0x1194  RDPREFMP - ok
11:13:32.0226 0x1194  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:13:32.0227 0x1194  RdpVideoMiniport - ok
11:13:32.0236 0x1194  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:13:32.0241 0x1194  RDPWD - ok
11:13:32.0251 0x1194  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:13:32.0255 0x1194  rdyboost - ok
11:13:32.0263 0x1194  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:13:32.0266 0x1194  RemoteAccess - ok
11:13:32.0276 0x1194  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:13:32.0280 0x1194  RemoteRegistry - ok
11:13:32.0286 0x1194  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:13:32.0289 0x1194  RpcEptMapper - ok
11:13:32.0294 0x1194  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:13:32.0296 0x1194  RpcLocator - ok
11:13:32.0312 0x1194  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:13:32.0324 0x1194  RpcSs - ok
11:13:32.0332 0x1194  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:13:32.0334 0x1194  rspndr - ok
11:13:32.0361 0x1194  [ 6F593C7B14264FE2C6F3B96165BD95E5, 4D38B4EAFE5B5EAD409250DEA1FD45860751A9E8477D3775E97FF386895182A2 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:13:32.0378 0x1194  RTL8167 - ok
11:13:32.0384 0x1194  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:13:32.0385 0x1194  s3cap - ok
11:13:32.0391 0x1194  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
11:13:32.0393 0x1194  SamSs - ok
11:13:32.0399 0x1194  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:13:32.0401 0x1194  sbp2port - ok
11:13:32.0410 0x1194  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:13:32.0416 0x1194  SCardSvr - ok
11:13:32.0422 0x1194  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:13:32.0423 0x1194  scfilter - ok
11:13:32.0452 0x1194  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:13:32.0475 0x1194  Schedule - ok
11:13:32.0484 0x1194  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:13:32.0486 0x1194  SCPolicySvc - ok
11:13:32.0494 0x1194  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:13:32.0499 0x1194  SDRSVC - ok
11:13:32.0504 0x1194  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:13:32.0505 0x1194  secdrv - ok
11:13:32.0513 0x1194  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:13:32.0516 0x1194  seclogon - ok
11:13:32.0524 0x1194  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:13:32.0528 0x1194  SENS - ok
11:13:32.0533 0x1194  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:13:32.0536 0x1194  SensrSvc - ok
11:13:32.0541 0x1194  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:13:32.0542 0x1194  Serenum - ok
11:13:32.0549 0x1194  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:13:32.0552 0x1194  Serial - ok
11:13:32.0557 0x1194  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:13:32.0558 0x1194  sermouse - ok
11:13:32.0576 0x1194  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:13:32.0580 0x1194  SessionEnv - ok
11:13:32.0585 0x1194  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:13:32.0586 0x1194  sffdisk - ok
11:13:32.0591 0x1194  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:13:32.0592 0x1194  sffp_mmc - ok
11:13:32.0597 0x1194  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:13:32.0598 0x1194  sffp_sd - ok
11:13:32.0603 0x1194  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:13:32.0604 0x1194  sfloppy - ok
11:13:32.0618 0x1194  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:13:32.0626 0x1194  SharedAccess - ok
11:13:32.0639 0x1194  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:13:32.0649 0x1194  ShellHWDetection - ok
11:13:32.0654 0x1194  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:13:32.0656 0x1194  SiSRaid2 - ok
11:13:32.0663 0x1194  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:13:32.0665 0x1194  SiSRaid4 - ok
11:13:32.0676 0x1194  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:13:32.0682 0x1194  SkypeUpdate - ok
11:13:32.0689 0x1194  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:13:32.0692 0x1194  Smb - ok
11:13:32.0702 0x1194  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:13:32.0704 0x1194  SNMPTRAP - ok
11:13:32.0709 0x1194  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:13:32.0711 0x1194  spldr - ok
11:13:32.0729 0x1194  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:13:32.0742 0x1194  Spooler - ok
11:13:32.0830 0x1194  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:13:32.0896 0x1194  sppsvc - ok
11:13:32.0911 0x1194  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:13:32.0913 0x1194  sppuinotify - ok
11:13:32.0930 0x1194  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:13:32.0940 0x1194  srv - ok
11:13:32.0955 0x1194  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:13:32.0963 0x1194  srv2 - ok
11:13:32.0972 0x1194  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:13:32.0975 0x1194  srvnet - ok
11:13:32.0985 0x1194  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:13:32.0990 0x1194  SSDPSRV - ok
11:13:32.0998 0x1194  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:13:33.0001 0x1194  SstpSvc - ok
11:13:33.0026 0x1194  [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:13:33.0041 0x1194  Steam Client Service - ok
11:13:33.0048 0x1194  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:13:33.0049 0x1194  stexstor - ok
11:13:33.0068 0x1194  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:13:33.0082 0x1194  stisvc - ok
11:13:33.0092 0x1194  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:13:33.0093 0x1194  storflt - ok
11:13:33.0098 0x1194  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
11:13:33.0101 0x1194  StorSvc - ok
11:13:33.0106 0x1194  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:13:33.0107 0x1194  storvsc - ok
11:13:33.0113 0x1194  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:13:33.0114 0x1194  swenum - ok
11:13:33.0129 0x1194  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:13:33.0141 0x1194  swprv - ok
11:13:33.0148 0x1194  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
11:13:33.0150 0x1194  Synth3dVsc - ok
11:13:33.0195 0x1194  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:13:33.0230 0x1194  SysMain - ok
11:13:33.0240 0x1194  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:13:33.0244 0x1194  TabletInputService - ok
11:13:33.0256 0x1194  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:13:33.0263 0x1194  TapiSrv - ok
11:13:33.0269 0x1194  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:13:33.0272 0x1194  TBS - ok
11:13:33.0322 0x1194  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:13:33.0358 0x1194  Tcpip - ok
11:13:33.0410 0x1194  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:13:33.0447 0x1194  TCPIP6 - ok
11:13:33.0459 0x1194  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:13:33.0460 0x1194  tcpipreg - ok
11:13:33.0467 0x1194  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:13:33.0469 0x1194  TDPIPE - ok
11:13:33.0474 0x1194  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:13:33.0475 0x1194  TDTCP - ok
11:13:33.0484 0x1194  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:13:33.0486 0x1194  tdx - ok
11:13:33.0492 0x1194  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:13:33.0494 0x1194  TermDD - ok
11:13:33.0500 0x1194  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
11:13:33.0501 0x1194  terminpt - ok
11:13:33.0521 0x1194  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:13:33.0535 0x1194  TermService - ok
11:13:33.0542 0x1194  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:13:33.0546 0x1194  Themes - ok
11:13:33.0556 0x1194  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:13:33.0559 0x1194  THREADORDER - ok
11:13:33.0568 0x1194  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:13:33.0572 0x1194  TrkWks - ok
11:13:33.0584 0x1194  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:13:33.0588 0x1194  TrustedInstaller - ok
11:13:33.0596 0x1194  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:13:33.0598 0x1194  tssecsrv - ok
11:13:33.0603 0x1194  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:13:33.0605 0x1194  TsUsbFlt - ok
11:13:33.0610 0x1194  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:13:33.0611 0x1194  TsUsbGD - ok
11:13:33.0619 0x1194  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
11:13:33.0622 0x1194  tsusbhub - ok
11:13:33.0629 0x1194  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:13:33.0632 0x1194  tunnel - ok
11:13:33.0638 0x1194  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:13:33.0639 0x1194  uagp35 - ok
11:13:33.0652 0x1194  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:13:33.0659 0x1194  udfs - ok
11:13:33.0669 0x1194  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:13:33.0672 0x1194  UI0Detect - ok
11:13:33.0678 0x1194  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:13:33.0680 0x1194  uliagpkx - ok
11:13:33.0685 0x1194  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:13:33.0687 0x1194  umbus - ok
11:13:33.0692 0x1194  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:13:33.0693 0x1194  UmPass - ok
11:13:33.0702 0x1194  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:13:33.0707 0x1194  UmRdpService - ok
11:13:33.0721 0x1194  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:13:33.0729 0x1194  upnphost - ok
11:13:33.0737 0x1194  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:13:33.0739 0x1194  usbccgp - ok
11:13:33.0746 0x1194  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:13:33.0748 0x1194  usbcir - ok
11:13:33.0754 0x1194  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:13:33.0755 0x1194  usbehci - ok
11:13:33.0762 0x1194  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
11:13:33.0763 0x1194  usbfilter - ok
11:13:33.0776 0x1194  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:13:33.0783 0x1194  usbhub - ok
11:13:33.0788 0x1194  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:13:33.0790 0x1194  usbohci - ok
11:13:33.0795 0x1194  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:13:33.0796 0x1194  usbprint - ok
11:13:33.0803 0x1194  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:13:33.0805 0x1194  usbscan - ok
11:13:33.0812 0x1194  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:13:33.0814 0x1194  USBSTOR - ok
11:13:33.0819 0x1194  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:13:33.0820 0x1194  usbuhci - ok
11:13:33.0826 0x1194  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:13:33.0829 0x1194  UxSms - ok
11:13:33.0835 0x1194  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
11:13:33.0837 0x1194  VaultSvc - ok
11:13:33.0842 0x1194  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:13:33.0843 0x1194  vdrvroot - ok
11:13:33.0860 0x1194  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:13:33.0873 0x1194  vds - ok
11:13:33.0879 0x1194  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:13:33.0881 0x1194  vga - ok
11:13:33.0885 0x1194  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:13:33.0887 0x1194  VgaSave - ok
11:13:33.0891 0x1194  VGPU - ok
11:13:33.0901 0x1194  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:13:33.0906 0x1194  vhdmp - ok
11:13:33.0911 0x1194  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:13:33.0912 0x1194  viaide - ok
11:13:33.0921 0x1194  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:13:33.0926 0x1194  vmbus - ok
11:13:33.0932 0x1194  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:13:33.0933 0x1194  VMBusHID - ok
11:13:33.0939 0x1194  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:13:33.0940 0x1194  volmgr - ok
11:13:33.0953 0x1194  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:13:33.0960 0x1194  volmgrx - ok
11:13:33.0972 0x1194  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:13:33.0977 0x1194  volsnap - ok
11:13:33.0986 0x1194  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:13:33.0990 0x1194  vsmraid - ok
11:13:34.0032 0x1194  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:13:34.0063 0x1194  VSS - ok
11:13:34.0072 0x1194  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:13:34.0074 0x1194  vwifibus - ok
11:13:34.0080 0x1194  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:13:34.0082 0x1194  vwififlt - ok
11:13:34.0095 0x1194  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:13:34.0104 0x1194  W32Time - ok
11:13:34.0112 0x1194  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:13:34.0113 0x1194  WacomPen - ok
11:13:34.0122 0x1194  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:13:34.0124 0x1194  WANARP - ok
11:13:34.0129 0x1194  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:13:34.0132 0x1194  Wanarpv6 - ok
11:13:34.0171 0x1194  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:13:34.0201 0x1194  wbengine - ok
11:13:34.0213 0x1194  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:13:34.0220 0x1194  WbioSrvc - ok
11:13:34.0233 0x1194  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:13:34.0241 0x1194  wcncsvc - ok
11:13:34.0248 0x1194  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:13:34.0250 0x1194  WcsPlugInService - ok
11:13:34.0255 0x1194  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:13:34.0256 0x1194  Wd - ok
11:13:34.0279 0x1194  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:13:34.0294 0x1194  Wdf01000 - ok
11:13:34.0302 0x1194  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:13:34.0306 0x1194  WdiServiceHost - ok
11:13:34.0311 0x1194  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:13:34.0316 0x1194  WdiSystemHost - ok
11:13:34.0327 0x1194  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:13:34.0333 0x1194  WebClient - ok
11:13:34.0344 0x1194  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:13:34.0350 0x1194  Wecsvc - ok
11:13:34.0357 0x1194  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:13:34.0360 0x1194  wercplsupport - ok
11:13:34.0368 0x1194  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:13:34.0371 0x1194  WerSvc - ok
11:13:34.0376 0x1194  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:13:34.0377 0x1194  WfpLwf - ok
11:13:34.0384 0x1194  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:13:34.0385 0x1194  WIMMount - ok
11:13:34.0389 0x1194  WinDefend - ok
11:13:34.0398 0x1194  WinHttpAutoProxySvc - ok
11:13:34.0413 0x1194  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:13:34.0419 0x1194  Winmgmt - ok
11:13:34.0469 0x1194  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
11:13:34.0509 0x1194  WinRM - ok
11:13:34.0525 0x1194  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
11:13:34.0526 0x1194  WinUsb - ok
11:13:34.0551 0x1194  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:13:34.0569 0x1194  Wlansvc - ok
11:13:34.0576 0x1194  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:13:34.0577 0x1194  WmiAcpi - ok
11:13:34.0591 0x1194  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:13:34.0595 0x1194  wmiApSrv - ok
11:13:34.0599 0x1194  WMPNetworkSvc - ok
11:13:34.0606 0x1194  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:13:34.0608 0x1194  WPCSvc - ok
11:13:34.0616 0x1194  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:13:34.0620 0x1194  WPDBusEnum - ok
11:13:34.0625 0x1194  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:13:34.0626 0x1194  ws2ifsl - ok
11:13:34.0633 0x1194  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:13:34.0637 0x1194  wscsvc - ok
11:13:34.0641 0x1194  WSearch - ok
11:13:34.0710 0x1194  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:13:34.0759 0x1194  wuauserv - ok
11:13:34.0774 0x1194  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:13:34.0776 0x1194  WudfPf - ok
11:13:34.0786 0x1194  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:13:34.0790 0x1194  WUDFRd - ok
11:13:34.0799 0x1194  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:13:34.0802 0x1194  wudfsvc - ok
11:13:34.0812 0x1194  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:13:34.0818 0x1194  WwanSvc - ok
11:13:34.0826 0x1194  ================ Scan global ===============================
11:13:34.0831 0x1194  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:13:34.0842 0x1194  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:13:34.0856 0x1194  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:13:34.0864 0x1194  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:13:34.0878 0x1194  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:13:34.0886 0x1194  [ Global ] - ok
11:13:34.0886 0x1194  ================ Scan MBR ==================================
11:13:34.0889 0x1194  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:13:34.0936 0x1194  \Device\Harddisk0\DR0 - ok
11:13:34.0937 0x1194  ================ Scan VBR ==================================
11:13:34.0939 0x1194  [ 62D2B4C55857F387E7D14CC2115B78BB ] \Device\Harddisk0\DR0\Partition1
11:13:34.0941 0x1194  \Device\Harddisk0\DR0\Partition1 - ok
11:13:34.0944 0x1194  [ 4B15345AC09F2F1F606E53AF4742A44F ] \Device\Harddisk0\DR0\Partition2
11:13:34.0946 0x1194  \Device\Harddisk0\DR0\Partition2 - ok
11:13:34.0946 0x1194  ================ Scan generic autorun ======================
11:13:35.0138 0x1194  [ BB23287E44B06B964DB44195DF3C795B, 99434A35624B0E56C0E1AB5733AFE0A4CEADAE5BEF6E87F580E5FAC52B9327BE ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:13:35.0287 0x1194  RTHDVCPL - ok
11:13:35.0307 0x1194  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
11:13:35.0308 0x1194  BCSSync - ok
11:13:35.0319 0x1194  [ 89B250C786AAF611C5F0E7BE7D400C57, C9241330915C21A5BEA1CEE8C6EC9DE34450594036F2CF8ABB42E6EBD7AC5DCF ] C:\Program Files (x86)\PDF24\pdf24.exe
11:13:35.0323 0x1194  PDFPrint - ok
11:13:35.0326 0x1194  {27AABFC0-6827-424D-9141-FAECA56AB232} - ok
11:13:35.0358 0x1194  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:13:35.0378 0x1194  Sidebar - ok
11:13:35.0386 0x1194  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:13:35.0388 0x1194  mctadmin - ok
11:13:35.0419 0x1194  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:13:35.0439 0x1194  Sidebar - ok
11:13:35.0448 0x1194  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:13:35.0450 0x1194  mctadmin - ok
11:13:35.0459 0x1194  [ 6F47CF93A4977E542351D542608EB7DA, E463BAF957F069C7E65FC9F2BE147D73BB0791C47572876892BED8794F064B0E ] C:\Users\mama\AppData\Local\Communicationconnect\communication-damage.exe
11:13:35.0459 0x1194  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Communicationconnect\communication-damage.exe. md5: 6F47CF93A4977E542351D542608EB7DA, sha256: E463BAF957F069C7E65FC9F2BE147D73BB0791C47572876892BED8794F064B0E
11:13:35.0459 0x1194  communication-stand - detected LockedFile.Multi.Generic ( 1 )
11:13:38.0286 0x1194  communication-stand ( LockedFile.Multi.Generic ) - warning
11:13:41.0014 0x1194  [ 19B20EB1B8752F522749FF33C240D481, 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9 ] C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
11:13:41.0014 0x1194  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe. md5: 19B20EB1B8752F522749FF33C240D481, sha256: 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9
11:13:41.0023 0x1194  nature-shoe - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
11:13:43.0863 0x1194  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - infected
11:13:43.0863 0x1194  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
11:13:46.0716 0x1194  Object send P2P result: true
11:13:49.0436 0x1194  Skype - ok
11:13:49.0457 0x1194  [ 631DDE988A57A9469E8BA2C34BD21718, 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80 ] C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
11:13:49.0458 0x1194  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe. md5: 631DDE988A57A9469E8BA2C34BD21718, sha256: 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80
11:13:49.0494 0x1194  while-object - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
11:13:52.0401 0x1194  while-object ( Trojan-Spy.Win32.ZBot.gen ) - infected
11:13:52.0401 0x1194  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
11:13:55.0256 0x1194  Object send P2P result: true
11:13:57.0990 0x1194  [ 90D6C9E1503813F83D067179E5749E87, F673FA65874BEB1A8512E32D073B53C6B609320A322C10576B071F4CF135AF5D ] C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\tdd_wcdma.exe
11:13:57.0997 0x1194  firewire - ok
11:13:58.0007 0x1194  [ CB72EBD5BE388A7A41F5BCDC2861B22E, 5F7E513E556FF7366E5200C2325BB7784B9EDE84AB4444DEF2116EC91D5FA788 ] C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\volt_ampere.exe
11:13:58.0011 0x1194  ddr_sdram - ok
11:13:58.0021 0x1194  [ 19B20EB1B8752F522749FF33C240D481, 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9 ] C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
11:13:58.0021 0x1194  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe. md5: 19B20EB1B8752F522749FF33C240D481, sha256: 94D6EF3CF12BCAE2734B2A6C24C9D21A75350CF864E1A474757FBEED2F7FF1D9
11:13:58.0023 0x1194  nature-shoe - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
11:13:58.0023 0x1194  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - infected
11:13:58.0024 0x1194  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe
11:14:00.0860 0x1194  Object send P2P result: true
11:14:04.0100 0x1194  [ 631DDE988A57A9469E8BA2C34BD21718, 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80 ] C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
11:14:04.0100 0x1194  Suspicious file ( NoAccess ): C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe. md5: 631DDE988A57A9469E8BA2C34BD21718, sha256: 5BA28EA6ED83E2C650F5AF32EBD1012158EC506F9F131A6096B54D6D5717CC80
11:14:04.0114 0x1194  while-object - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
11:14:04.0115 0x1194  while-object ( Trojan-Spy.Win32.ZBot.gen ) - infected
11:14:04.0115 0x1194  Force sending object to P2P due to detect: C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe
11:14:07.0390 0x1194  Object send P2P result: true
11:14:10.0640 0x1194  Have new async UDS detects: 2
11:14:10.0641 0x1194  firewire - detected UDS:DangerousObject.Multi.Generic ( 0 )
11:14:10.0641 0x1194  firewire ( UDS:DangerousObject.Multi.Generic ) - infected
11:14:10.0641 0x1194  Force sending object to P2P due to detect: C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\tdd_wcdma.exe
11:14:13.0955 0x1194  Object send P2P result: true
11:14:17.0900 0x1194  ddr_sdram - detected UDS:DangerousObject.Multi.Generic ( 0 )
11:14:17.0900 0x1194  ddr_sdram ( UDS:DangerousObject.Multi.Generic ) - infected
11:14:17.0900 0x1194  Force sending object to P2P due to detect: C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\volt_ampere.exe
11:14:21.0140 0x1194  Object send P2P result: true
11:14:24.0214 0x1194  Win FW state via NFP2: enabled
11:14:26.0923 0x1194  ============================================================
11:14:26.0923 0x1194  Scan finished
11:14:26.0923 0x1194  ============================================================
11:14:26.0942 0x10a8  Detected object count: 7
11:14:26.0942 0x10a8  Actual detected object count: 7
11:14:39.0143 0x10a8  communication-stand ( LockedFile.Multi.Generic ) - skipped by user
11:14:39.0143 0x10a8  communication-stand ( LockedFile.Multi.Generic ) - User select action: Skip 
11:14:39.0164 0x10a8  C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe - copied to quarantine
11:14:39.0164 0x10a8  HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows\CurrentVersion\Run:nature-shoe - will be deleted on reboot
11:14:39.0164 0x10a8  C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe - will be deleted on reboot
11:14:39.0165 0x10a8  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete 
11:14:39.0176 0x10a8  C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe - copied to quarantine
11:14:39.0177 0x10a8  HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows\CurrentVersion\Run:while-object - will be deleted on reboot
11:14:39.0177 0x10a8  C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe - will be deleted on reboot
11:14:39.0177 0x10a8  while-object ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete 
11:14:39.0188 0x10a8  C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe - copied to quarantine
11:14:39.0188 0x10a8  HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:nature-shoe - will be deleted on reboot
11:14:39.0188 0x10a8  C:\Users\mama\AppData\Local\Temp\Nature_discount\nature-been.exe - will be deleted on reboot
11:14:39.0189 0x10a8  nature-shoe ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete 
11:14:39.0198 0x10a8  C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe - copied to quarantine
11:14:39.0199 0x10a8  HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:while-object - will be deleted on reboot
11:14:39.0199 0x10a8  C:\Users\mama\AppData\Local\Temp\While-partner\while-watch.exe - will be deleted on reboot
11:14:39.0199 0x10a8  while-object ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete 
11:14:39.0214 0x10a8  C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\tdd_wcdma.exe - copied to quarantine
11:14:39.0215 0x10a8  HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows\CurrentVersion\Run:firewire - will be deleted on reboot
11:14:39.0215 0x10a8  C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\tdd_wcdma.exe - will be deleted on reboot
11:14:39.0215 0x10a8  firewire ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
11:14:39.0228 0x10a8  C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\volt_ampere.exe - copied to quarantine
11:14:39.0228 0x10a8  HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:ddr_sdram - will be deleted on reboot
11:14:39.0228 0x10a8  C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\volt_ampere.exe - will be deleted on reboot
11:14:39.0228 0x10a8  ddr_sdram ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
11:14:39.0251 0x10a8  KLMD registered as C:\Windows\system32\drivers\52475007.sys
11:14:42.0856 0x0d50  Deinitialize success

Alt 19.07.2015, 10:20   #8
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Code:
ATTFilter
11:17:22.0021 0x0908  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:17:22.0271 0x0908  ============================================================
11:17:22.0271 0x0908  Current date / time: 2015/07/19 11:17:22.0271
11:17:22.0271 0x0908  SystemInfo:
11:17:22.0271 0x0908  
11:17:22.0271 0x0908  OS Version: 6.1.7601 ServicePack: 1.0
11:17:22.0271 0x0908  Product type: Workstation
11:17:22.0271 0x0908  ComputerName: MAMA-PC
11:17:22.0271 0x0908  UserName: mama
11:17:22.0271 0x0908  Windows directory: C:\Windows
11:17:22.0271 0x0908  System windows directory: C:\Windows
11:17:22.0271 0x0908  Running under WOW64
11:17:22.0271 0x0908  Processor architecture: Intel x64
11:17:22.0271 0x0908  Number of processors: 2
11:17:22.0271 0x0908  Page size: 0x1000
11:17:22.0271 0x0908  Boot type: Normal boot
11:17:22.0271 0x0908  ============================================================
11:17:22.0271 0x0908  BG loaded
11:17:22.0365 0x0908  System UUID: {FE51E0AA-F1F0-4734-4DD1-E5B6CA6F5909}
11:17:22.0770 0x0908  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:22.0770 0x0908  ============================================================
11:17:22.0770 0x0908  \Device\Harddisk0\DR0:
11:17:22.0770 0x0908  MBR partitions:
11:17:22.0770 0x0908  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:17:22.0770 0x0908  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
11:17:22.0770 0x0908  ============================================================
11:17:22.0770 0x0908  C: <-> \Device\Harddisk0\DR0\Partition2
11:17:22.0770 0x0908  ============================================================
11:17:22.0770 0x0908  Initialize success
11:17:22.0770 0x0908  ============================================================
11:17:27.0154 0x0afc  ============================================================
11:17:27.0154 0x0afc  Scan started
11:17:27.0154 0x0afc  Mode: Manual; 
11:17:27.0154 0x0afc  ============================================================
11:17:27.0154 0x0afc  KSN ping started
11:17:29.0899 0x0afc  KSN ping finished: true
11:17:30.0087 0x0afc  ================ Scan system memory ========================
11:17:30.0087 0x0afc  System memory - ok
11:17:30.0087 0x0afc  ================ Scan services =============================
11:17:30.0133 0x0afc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:17:30.0133 0x0afc  1394ohci - ok
11:17:30.0165 0x0afc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:17:30.0165 0x0afc  ACPI - ok
11:17:30.0165 0x0afc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:17:30.0165 0x0afc  AcpiPmi - ok
11:17:30.0180 0x0afc  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:17:30.0180 0x0afc  AdobeARMservice - ok
11:17:30.0196 0x0afc  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:17:30.0211 0x0afc  AdobeFlashPlayerUpdateSvc - ok
11:17:30.0227 0x0afc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:17:30.0243 0x0afc  adp94xx - ok
11:17:30.0243 0x0afc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:17:30.0258 0x0afc  adpahci - ok
11:17:30.0258 0x0afc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:17:30.0274 0x0afc  adpu320 - ok
11:17:30.0274 0x0afc  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:17:30.0274 0x0afc  AeLookupSvc - ok
11:17:30.0289 0x0afc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
11:17:30.0305 0x0afc  AFD - ok
11:17:30.0321 0x0afc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:17:30.0321 0x0afc  agp440 - ok
11:17:30.0321 0x0afc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:17:30.0321 0x0afc  ALG - ok
11:17:30.0336 0x0afc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:17:30.0336 0x0afc  aliide - ok
11:17:30.0336 0x0afc  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:17:30.0352 0x0afc  AMD External Events Utility - ok
11:17:30.0352 0x0afc  AMD FUEL Service - ok
11:17:30.0352 0x0afc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:17:30.0352 0x0afc  amdide - ok
11:17:30.0367 0x0afc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:17:30.0367 0x0afc  AmdK8 - ok
11:17:30.0804 0x0afc  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:17:31.0147 0x0afc  amdkmdag - ok
11:17:31.0194 0x0afc  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:17:31.0210 0x0afc  amdkmdap - ok
11:17:31.0210 0x0afc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:17:31.0210 0x0afc  AmdPPM - ok
11:17:31.0225 0x0afc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:17:31.0225 0x0afc  amdsata - ok
11:17:31.0241 0x0afc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:17:31.0241 0x0afc  amdsbs - ok
11:17:31.0241 0x0afc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:17:31.0257 0x0afc  amdxata - ok
11:17:31.0257 0x0afc  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
11:17:31.0257 0x0afc  amd_sata - ok
11:17:31.0257 0x0afc  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
11:17:31.0272 0x0afc  amd_xata - ok
11:17:31.0272 0x0afc  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:17:31.0272 0x0afc  AODDriver4.3 - ok
11:17:31.0272 0x0afc  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
11:17:31.0288 0x0afc  AppID - ok
11:17:31.0288 0x0afc  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:17:31.0288 0x0afc  AppIDSvc - ok
11:17:31.0288 0x0afc  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
11:17:31.0288 0x0afc  Appinfo - ok
11:17:31.0303 0x0afc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:17:31.0303 0x0afc  AppMgmt - ok
11:17:31.0319 0x0afc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:17:31.0319 0x0afc  arc - ok
11:17:31.0319 0x0afc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:17:31.0335 0x0afc  arcsas - ok
11:17:31.0335 0x0afc  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:17:31.0350 0x0afc  aspnet_state - ok
11:17:31.0350 0x0afc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:31.0350 0x0afc  AsyncMac - ok
11:17:31.0350 0x0afc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:17:31.0366 0x0afc  atapi - ok
11:17:31.0366 0x0afc  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:17:31.0366 0x0afc  AtiHDAudioService - ok
11:17:31.0381 0x0afc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:17:31.0397 0x0afc  AudioEndpointBuilder - ok
11:17:31.0428 0x0afc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:17:31.0428 0x0afc  AudioSrv - ok
11:17:31.0444 0x0afc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:17:31.0444 0x0afc  AxInstSV - ok
11:17:31.0459 0x0afc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:17:31.0475 0x0afc  b06bdrv - ok
11:17:31.0491 0x0afc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:17:31.0491 0x0afc  b57nd60a - ok
11:17:31.0506 0x0afc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:17:31.0506 0x0afc  BDESVC - ok
11:17:31.0506 0x0afc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:17:31.0506 0x0afc  Beep - ok
11:17:31.0522 0x0afc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:17:31.0537 0x0afc  BFE - ok
11:17:31.0569 0x0afc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:17:31.0584 0x0afc  BITS - ok
11:17:31.0600 0x0afc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:17:31.0600 0x0afc  blbdrive - ok
11:17:31.0600 0x0afc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:17:31.0600 0x0afc  bowser - ok
11:17:31.0615 0x0afc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:17:31.0615 0x0afc  BrFiltLo - ok
11:17:31.0615 0x0afc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:17:31.0615 0x0afc  BrFiltUp - ok
11:17:31.0631 0x0afc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:17:31.0631 0x0afc  Browser - ok
11:17:31.0631 0x0afc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:17:31.0647 0x0afc  Brserid - ok
11:17:31.0647 0x0afc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:31.0647 0x0afc  BrSerWdm - ok
11:17:31.0662 0x0afc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:31.0662 0x0afc  BrUsbMdm - ok
11:17:31.0662 0x0afc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:31.0662 0x0afc  BrUsbSer - ok
11:17:31.0678 0x0afc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:17:31.0678 0x0afc  BTHMODEM - ok
11:17:31.0678 0x0afc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:17:31.0678 0x0afc  bthserv - ok
11:17:31.0693 0x0afc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:17:31.0693 0x0afc  cdfs - ok
11:17:31.0709 0x0afc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:17:31.0709 0x0afc  cdrom - ok
11:17:31.0709 0x0afc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:17:31.0709 0x0afc  CertPropSvc - ok
11:17:31.0725 0x0afc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:17:31.0725 0x0afc  circlass - ok
11:17:31.0740 0x0afc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:17:31.0740 0x0afc  CLFS - ok
11:17:31.0756 0x0afc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:31.0756 0x0afc  clr_optimization_v2.0.50727_32 - ok
11:17:31.0771 0x0afc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:17:31.0771 0x0afc  clr_optimization_v2.0.50727_64 - ok
11:17:31.0771 0x0afc  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:31.0787 0x0afc  clr_optimization_v4.0.30319_32 - ok
11:17:31.0803 0x0afc  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:17:31.0803 0x0afc  clr_optimization_v4.0.30319_64 - ok
11:17:31.0803 0x0afc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:17:31.0803 0x0afc  CmBatt - ok
11:17:31.0818 0x0afc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:17:31.0818 0x0afc  cmdide - ok
11:17:31.0834 0x0afc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:17:31.0834 0x0afc  CNG - ok
11:17:31.0849 0x0afc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:17:31.0849 0x0afc  Compbatt - ok
11:17:31.0849 0x0afc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:17:31.0849 0x0afc  CompositeBus - ok
11:17:31.0865 0x0afc  COMSysApp - ok
11:17:31.0865 0x0afc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:17:31.0865 0x0afc  crcdisk - ok
11:17:31.0881 0x0afc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:17:31.0881 0x0afc  CryptSvc - ok
11:17:31.0896 0x0afc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:17:31.0912 0x0afc  CSC - ok
11:17:31.0927 0x0afc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:17:31.0943 0x0afc  CscService - ok
11:17:31.0959 0x0afc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:17:31.0974 0x0afc  DcomLaunch - ok
11:17:31.0974 0x0afc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:17:31.0990 0x0afc  defragsvc - ok
11:17:31.0990 0x0afc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:17:31.0990 0x0afc  DfsC - ok
11:17:32.0005 0x0afc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:17:32.0021 0x0afc  Dhcp - ok
11:17:32.0052 0x0afc  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:17:32.0068 0x0afc  DiagTrack - ok
11:17:32.0083 0x0afc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:17:32.0083 0x0afc  discache - ok
11:17:32.0083 0x0afc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:17:32.0083 0x0afc  Disk - ok
11:17:32.0099 0x0afc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:17:32.0099 0x0afc  dmvsc - ok
11:17:32.0099 0x0afc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:17:32.0115 0x0afc  Dnscache - ok
11:17:32.0115 0x0afc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:17:32.0130 0x0afc  dot3svc - ok
11:17:32.0130 0x0afc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:17:32.0130 0x0afc  DPS - ok
11:17:32.0146 0x0afc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:17:32.0146 0x0afc  drmkaud - ok
11:17:32.0177 0x0afc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:17:32.0193 0x0afc  DXGKrnl - ok
11:17:32.0193 0x0afc  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
11:17:32.0208 0x0afc  E1G60 - ok
11:17:32.0208 0x0afc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:17:32.0208 0x0afc  EapHost - ok
11:17:32.0286 0x0afc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:17:32.0364 0x0afc  ebdrv - ok
11:17:32.0364 0x0afc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
11:17:32.0380 0x0afc  EFS - ok
11:17:32.0395 0x0afc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:17:32.0411 0x0afc  ehRecvr - ok
11:17:32.0411 0x0afc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:17:32.0411 0x0afc  ehSched - ok
11:17:32.0427 0x0afc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:17:32.0442 0x0afc  elxstor - ok
11:17:32.0458 0x0afc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:17:32.0458 0x0afc  ErrDev - ok
11:17:32.0473 0x0afc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:17:32.0473 0x0afc  EventSystem - ok
11:17:32.0489 0x0afc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:17:32.0489 0x0afc  exfat - ok
11:17:32.0505 0x0afc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:17:32.0505 0x0afc  fastfat - ok
11:17:32.0520 0x0afc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:17:32.0536 0x0afc  Fax - ok
11:17:32.0551 0x0afc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:17:32.0551 0x0afc  fdc - ok
11:17:32.0551 0x0afc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:17:32.0551 0x0afc  fdPHost - ok
11:17:32.0567 0x0afc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:17:32.0567 0x0afc  FDResPub - ok
11:17:32.0567 0x0afc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:17:32.0567 0x0afc  FileInfo - ok
11:17:32.0583 0x0afc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:17:32.0583 0x0afc  Filetrace - ok
11:17:32.0583 0x0afc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:17:32.0583 0x0afc  flpydisk - ok
11:17:32.0598 0x0afc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:17:32.0598 0x0afc  FltMgr - ok
11:17:32.0629 0x0afc  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
11:17:32.0645 0x0afc  FontCache - ok
11:17:32.0661 0x0afc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:32.0661 0x0afc  FontCache3.0.0.0 - ok
11:17:32.0661 0x0afc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:17:32.0676 0x0afc  FsDepends - ok
11:17:32.0676 0x0afc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:17:32.0676 0x0afc  Fs_Rec - ok
11:17:32.0692 0x0afc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:17:32.0692 0x0afc  fvevol - ok
11:17:32.0692 0x0afc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:17:32.0707 0x0afc  gagp30kx - ok
11:17:32.0723 0x0afc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:17:32.0739 0x0afc  gpsvc - ok
11:17:32.0754 0x0afc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:17:32.0754 0x0afc  hcw85cir - ok
11:17:32.0754 0x0afc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:32.0770 0x0afc  HdAudAddService - ok
11:17:32.0785 0x0afc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:17:32.0785 0x0afc  HDAudBus - ok
11:17:32.0785 0x0afc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:17:32.0785 0x0afc  HidBatt - ok
11:17:32.0801 0x0afc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:17:32.0801 0x0afc  HidBth - ok
11:17:32.0801 0x0afc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:17:32.0801 0x0afc  HidIr - ok
11:17:32.0817 0x0afc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:17:32.0817 0x0afc  hidserv - ok
11:17:32.0817 0x0afc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:17:32.0817 0x0afc  HidUsb - ok
11:17:32.0832 0x0afc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:17:32.0832 0x0afc  hkmsvc - ok
11:17:32.0832 0x0afc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:32.0848 0x0afc  HomeGroupListener - ok
11:17:32.0848 0x0afc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:32.0863 0x0afc  HomeGroupProvider - ok
11:17:32.0863 0x0afc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:17:32.0863 0x0afc  HpSAMD - ok
11:17:32.0879 0x0afc  [ 2C4DE764EAB27C09C265F9B7CDF24D13, 1CBA082A7579A7B50DE1DC45F11BC9DA5E16B2555737E0986247E0CDEF2E6524 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
11:17:32.0879 0x0afc  HPSIService - ok
11:17:32.0895 0x0afc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:17:32.0910 0x0afc  HTTP - ok
11:17:32.0926 0x0afc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:17:32.0926 0x0afc  hwpolicy - ok
11:17:32.0926 0x0afc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:17:32.0926 0x0afc  i8042prt - ok
11:17:32.0941 0x0afc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:17:32.0957 0x0afc  iaStorV - ok
11:17:32.0988 0x0afc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:33.0004 0x0afc  idsvc - ok
11:17:33.0004 0x0afc  IEEtwCollectorService - ok
11:17:33.0019 0x0afc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:17:33.0019 0x0afc  iirsp - ok
11:17:33.0035 0x0afc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:17:33.0066 0x0afc  IKEEXT - ok
11:17:33.0160 0x0afc  [ 7641FFE251E30993D037C2A6613CED59, 93A7AD4FD7A593613A8BF43F3F2AA44969C47E8417E930F70A0E06FA8E52CB58 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:17:33.0238 0x0afc  IntcAzAudAddService - ok
11:17:33.0253 0x0afc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:17:33.0253 0x0afc  intelide - ok
11:17:33.0269 0x0afc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:17:33.0269 0x0afc  intelppm - ok
11:17:33.0269 0x0afc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:17:33.0285 0x0afc  IPBusEnum - ok
11:17:33.0285 0x0afc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:33.0285 0x0afc  IpFilterDriver - ok
11:17:33.0300 0x0afc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:17:33.0316 0x0afc  iphlpsvc - ok
11:17:33.0316 0x0afc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:17:33.0331 0x0afc  IPMIDRV - ok
11:17:33.0331 0x0afc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:17:33.0331 0x0afc  IPNAT - ok
11:17:33.0331 0x0afc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:17:33.0347 0x0afc  IRENUM - ok
11:17:33.0347 0x0afc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:17:33.0347 0x0afc  isapnp - ok
11:17:33.0363 0x0afc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:17:33.0363 0x0afc  iScsiPrt - ok
11:17:33.0378 0x0afc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:17:33.0378 0x0afc  kbdclass - ok
11:17:33.0378 0x0afc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:17:33.0378 0x0afc  kbdhid - ok
11:17:33.0378 0x0afc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
11:17:33.0378 0x0afc  KeyIso - ok
11:17:33.0394 0x0afc  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:17:33.0394 0x0afc  KSecDD - ok
11:17:33.0409 0x0afc  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:17:33.0409 0x0afc  KSecPkg - ok
11:17:33.0409 0x0afc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:17:33.0409 0x0afc  ksthunk - ok
11:17:33.0425 0x0afc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:17:33.0441 0x0afc  KtmRm - ok
11:17:33.0441 0x0afc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:17:33.0456 0x0afc  LanmanServer - ok
11:17:33.0456 0x0afc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:33.0456 0x0afc  LanmanWorkstation - ok
11:17:33.0472 0x0afc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:17:33.0472 0x0afc  lltdio - ok
11:17:33.0487 0x0afc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:17:33.0487 0x0afc  lltdsvc - ok
11:17:33.0487 0x0afc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:17:33.0487 0x0afc  lmhosts - ok
11:17:33.0503 0x0afc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:17:33.0503 0x0afc  LSI_FC - ok
11:17:33.0519 0x0afc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:17:33.0519 0x0afc  LSI_SAS - ok
11:17:33.0519 0x0afc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:17:33.0519 0x0afc  LSI_SAS2 - ok
11:17:33.0534 0x0afc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:17:33.0534 0x0afc  LSI_SCSI - ok
11:17:33.0534 0x0afc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:17:33.0550 0x0afc  luafv - ok
11:17:33.0550 0x0afc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:17:33.0550 0x0afc  Mcx2Svc - ok
11:17:33.0565 0x0afc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:17:33.0565 0x0afc  megasas - ok
11:17:33.0565 0x0afc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:17:33.0581 0x0afc  MegaSR - ok
11:17:33.0581 0x0afc  Microsoft SharePoint Workspace Audit Service - ok
11:17:33.0597 0x0afc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:17:33.0597 0x0afc  MMCSS - ok
11:17:33.0597 0x0afc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:17:33.0597 0x0afc  Modem - ok
11:17:33.0612 0x0afc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:17:33.0612 0x0afc  monitor - ok
11:17:33.0612 0x0afc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:17:33.0612 0x0afc  mouclass - ok
11:17:33.0628 0x0afc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:17:33.0628 0x0afc  mouhid - ok
11:17:33.0628 0x0afc  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:17:33.0628 0x0afc  mountmgr - ok
11:17:33.0643 0x0afc  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:17:33.0643 0x0afc  MozillaMaintenance - ok
11:17:33.0643 0x0afc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:17:33.0659 0x0afc  mpio - ok
11:17:33.0659 0x0afc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:17:33.0659 0x0afc  mpsdrv - ok
11:17:33.0690 0x0afc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:17:33.0706 0x0afc  MpsSvc - ok
11:17:33.0706 0x0afc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:17:33.0721 0x0afc  MRxDAV - ok
11:17:33.0721 0x0afc  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:33.0721 0x0afc  mrxsmb - ok
11:17:33.0737 0x0afc  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:33.0737 0x0afc  mrxsmb10 - ok
11:17:33.0753 0x0afc  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:33.0753 0x0afc  mrxsmb20 - ok
11:17:33.0753 0x0afc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:17:33.0753 0x0afc  msahci - ok
11:17:33.0768 0x0afc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:17:33.0768 0x0afc  msdsm - ok
11:17:33.0784 0x0afc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:17:33.0784 0x0afc  MSDTC - ok
11:17:33.0799 0x0afc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:17:33.0799 0x0afc  Msfs - ok
11:17:33.0799 0x0afc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:17:33.0799 0x0afc  mshidkmdf - ok
11:17:33.0799 0x0afc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:17:33.0799 0x0afc  msisadrv - ok
11:17:33.0815 0x0afc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:17:33.0815 0x0afc  MSiSCSI - ok
11:17:33.0815 0x0afc  msiserver - ok
11:17:33.0831 0x0afc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:17:33.0831 0x0afc  MSKSSRV - ok
11:17:33.0831 0x0afc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:33.0831 0x0afc  MSPCLOCK - ok
11:17:33.0846 0x0afc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:17:33.0846 0x0afc  MSPQM - ok
11:17:33.0846 0x0afc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:17:33.0862 0x0afc  MsRPC - ok
11:17:33.0862 0x0afc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:17:33.0862 0x0afc  mssmbios - ok
11:17:33.0877 0x0afc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:17:33.0877 0x0afc  MSTEE - ok
11:17:33.0877 0x0afc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:17:33.0877 0x0afc  MTConfig - ok
11:17:33.0893 0x0afc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:17:33.0893 0x0afc  Mup - ok
11:17:33.0893 0x0afc  [ 705E9675014EB688BEDD967B1ABECF19, 7FA4B0A5120DD415C5D3F3BE56C69455647029332DC2E9B4E9874AF3C34F89AD ] mvusbews        C:\Windows\system32\Drivers\mvusbews.sys
11:17:33.0893 0x0afc  mvusbews - ok
11:17:33.0909 0x0afc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:17:33.0924 0x0afc  napagent - ok
11:17:33.0940 0x0afc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:17:33.0940 0x0afc  NativeWifiP - ok
11:17:33.0971 0x0afc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:17:33.0987 0x0afc  NDIS - ok
11:17:33.0987 0x0afc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:34.0002 0x0afc  NdisCap - ok
11:17:34.0002 0x0afc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:34.0002 0x0afc  NdisTapi - ok
11:17:34.0002 0x0afc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:34.0002 0x0afc  Ndisuio - ok
11:17:34.0018 0x0afc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:34.0018 0x0afc  NdisWan - ok
11:17:34.0033 0x0afc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:17:34.0033 0x0afc  NDProxy - ok
11:17:34.0033 0x0afc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:17:34.0033 0x0afc  NetBIOS - ok
11:17:34.0049 0x0afc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:17:34.0049 0x0afc  NetBT - ok
11:17:34.0049 0x0afc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
11:17:34.0065 0x0afc  Netlogon - ok
11:17:34.0065 0x0afc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:17:34.0080 0x0afc  Netman - ok
11:17:34.0080 0x0afc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:34.0096 0x0afc  NetMsmqActivator - ok
11:17:34.0096 0x0afc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:34.0096 0x0afc  NetPipeActivator - ok
11:17:34.0111 0x0afc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:17:34.0127 0x0afc  netprofm - ok
11:17:34.0158 0x0afc  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
11:17:34.0174 0x0afc  netr28ux - ok
11:17:34.0174 0x0afc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:34.0189 0x0afc  NetTcpActivator - ok
11:17:34.0189 0x0afc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:34.0189 0x0afc  NetTcpPortSharing - ok
11:17:34.0205 0x0afc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:17:34.0205 0x0afc  nfrd960 - ok
11:17:34.0221 0x0afc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:17:34.0221 0x0afc  NlaSvc - ok
11:17:34.0221 0x0afc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:17:34.0221 0x0afc  Npfs - ok
11:17:34.0236 0x0afc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:17:34.0236 0x0afc  nsi - ok
11:17:34.0236 0x0afc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:17:34.0236 0x0afc  nsiproxy - ok
11:17:34.0283 0x0afc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:17:34.0314 0x0afc  Ntfs - ok
11:17:34.0330 0x0afc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:17:34.0330 0x0afc  Null - ok
11:17:34.0345 0x0afc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:17:34.0345 0x0afc  nvraid - ok
11:17:34.0361 0x0afc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:17:34.0361 0x0afc  nvstor - ok
11:17:34.0361 0x0afc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:17:34.0377 0x0afc  nv_agp - ok
11:17:34.0377 0x0afc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:17:34.0377 0x0afc  ohci1394 - ok
11:17:34.0392 0x0afc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:17:34.0392 0x0afc  ose - ok
11:17:34.0501 0x0afc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:17:34.0595 0x0afc  osppsvc - ok
11:17:34.0611 0x0afc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:17:34.0626 0x0afc  p2pimsvc - ok
11:17:34.0642 0x0afc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:17:34.0657 0x0afc  p2psvc - ok
11:17:34.0657 0x0afc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:17:34.0657 0x0afc  Parport - ok
11:17:34.0673 0x0afc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:17:34.0673 0x0afc  partmgr - ok
11:17:34.0673 0x0afc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:17:34.0689 0x0afc  PcaSvc - ok
11:17:34.0689 0x0afc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:17:34.0704 0x0afc  pci - ok
11:17:34.0704 0x0afc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:17:34.0704 0x0afc  pciide - ok
11:17:34.0720 0x0afc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:17:34.0720 0x0afc  pcmcia - ok
11:17:34.0720 0x0afc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:17:34.0735 0x0afc  pcw - ok
11:17:34.0751 0x0afc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:17:34.0767 0x0afc  PEAUTH - ok
11:17:34.0798 0x0afc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:17:34.0829 0x0afc  PeerDistSvc - ok
11:17:34.0845 0x0afc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:17:34.0845 0x0afc  PerfHost - ok
11:17:34.0891 0x0afc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:17:34.0923 0x0afc  pla - ok
11:17:34.0938 0x0afc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:17:34.0954 0x0afc  PlugPlay - ok
11:17:34.0954 0x0afc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:17:34.0954 0x0afc  PNRPAutoReg - ok
11:17:34.0969 0x0afc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:17:34.0969 0x0afc  PNRPsvc - ok
11:17:34.0985 0x0afc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:17:35.0001 0x0afc  PolicyAgent - ok
11:17:35.0016 0x0afc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:17:35.0016 0x0afc  Power - ok
11:17:35.0016 0x0afc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:17:35.0032 0x0afc  PptpMiniport - ok
11:17:35.0032 0x0afc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:17:35.0032 0x0afc  Processor - ok
11:17:35.0047 0x0afc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:17:35.0047 0x0afc  ProfSvc - ok
11:17:35.0047 0x0afc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:35.0063 0x0afc  ProtectedStorage - ok
11:17:35.0063 0x0afc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:17:35.0063 0x0afc  Psched - ok
11:17:35.0110 0x0afc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:17:35.0141 0x0afc  ql2300 - ok
11:17:35.0141 0x0afc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:17:35.0157 0x0afc  ql40xx - ok
11:17:35.0157 0x0afc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:17:35.0172 0x0afc  QWAVE - ok
11:17:35.0172 0x0afc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:17:35.0172 0x0afc  QWAVEdrv - ok
11:17:35.0188 0x0afc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:17:35.0188 0x0afc  RasAcd - ok
11:17:35.0188 0x0afc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:35.0188 0x0afc  RasAgileVpn - ok
11:17:35.0203 0x0afc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:17:35.0203 0x0afc  RasAuto - ok
11:17:35.0203 0x0afc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:35.0203 0x0afc  Rasl2tp - ok
11:17:35.0219 0x0afc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:17:35.0235 0x0afc  RasMan - ok
11:17:35.0235 0x0afc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:35.0235 0x0afc  RasPppoe - ok
11:17:35.0250 0x0afc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:17:35.0250 0x0afc  RasSstp - ok
11:17:35.0266 0x0afc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:17:35.0266 0x0afc  rdbss - ok
11:17:35.0266 0x0afc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:17:35.0266 0x0afc  rdpbus - ok
11:17:35.0281 0x0afc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:35.0281 0x0afc  RDPCDD - ok
11:17:35.0281 0x0afc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:17:35.0297 0x0afc  RDPDR - ok
11:17:35.0297 0x0afc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:17:35.0297 0x0afc  RDPENCDD - ok
11:17:35.0297 0x0afc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:17:35.0297 0x0afc  RDPREFMP - ok
11:17:35.0313 0x0afc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:17:35.0313 0x0afc  RdpVideoMiniport - ok
11:17:35.0328 0x0afc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:17:35.0328 0x0afc  RDPWD - ok
11:17:35.0344 0x0afc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:17:35.0344 0x0afc  rdyboost - ok
11:17:35.0359 0x0afc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:17:35.0359 0x0afc  RemoteAccess - ok
11:17:35.0359 0x0afc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:17:35.0375 0x0afc  RemoteRegistry - ok
11:17:35.0375 0x0afc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:17:35.0375 0x0afc  RpcEptMapper - ok
11:17:35.0391 0x0afc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:17:35.0391 0x0afc  RpcLocator - ok
11:17:35.0406 0x0afc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:17:35.0406 0x0afc  RpcSs - ok
11:17:35.0422 0x0afc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:17:35.0422 0x0afc  rspndr - ok
11:17:35.0453 0x0afc  [ 6F593C7B14264FE2C6F3B96165BD95E5, 4D38B4EAFE5B5EAD409250DEA1FD45860751A9E8477D3775E97FF386895182A2 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:35.0469 0x0afc  RTL8167 - ok
11:17:35.0469 0x0afc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:17:35.0469 0x0afc  s3cap - ok
11:17:35.0484 0x0afc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
11:17:35.0484 0x0afc  SamSs - ok
11:17:35.0484 0x0afc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:17:35.0484 0x0afc  sbp2port - ok
11:17:35.0500 0x0afc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:17:35.0500 0x0afc  SCardSvr - ok
11:17:35.0515 0x0afc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:17:35.0515 0x0afc  scfilter - ok
11:17:35.0531 0x0afc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:17:35.0562 0x0afc  Schedule - ok
11:17:35.0562 0x0afc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:17:35.0578 0x0afc  SCPolicySvc - ok
11:17:35.0578 0x0afc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:17:35.0578 0x0afc  SDRSVC - ok
11:17:35.0593 0x0afc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:17:35.0593 0x0afc  secdrv - ok
11:17:35.0593 0x0afc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:17:35.0593 0x0afc  seclogon - ok
11:17:35.0609 0x0afc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:17:35.0609 0x0afc  SENS - ok
11:17:35.0609 0x0afc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:17:35.0609 0x0afc  SensrSvc - ok
11:17:35.0625 0x0afc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:17:35.0625 0x0afc  Serenum - ok
11:17:35.0625 0x0afc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:17:35.0625 0x0afc  Serial - ok
11:17:35.0640 0x0afc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:17:35.0640 0x0afc  sermouse - ok
11:17:35.0656 0x0afc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:17:35.0656 0x0afc  SessionEnv - ok
11:17:35.0656 0x0afc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:17:35.0656 0x0afc  sffdisk - ok
11:17:35.0671 0x0afc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:17:35.0671 0x0afc  sffp_mmc - ok
11:17:35.0671 0x0afc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:17:35.0671 0x0afc  sffp_sd - ok
11:17:35.0671 0x0afc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:17:35.0687 0x0afc  sfloppy - ok
11:17:35.0687 0x0afc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:17:35.0703 0x0afc  SharedAccess - ok
11:17:35.0718 0x0afc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:17:35.0718 0x0afc  ShellHWDetection - ok
11:17:35.0734 0x0afc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:17:35.0734 0x0afc  SiSRaid2 - ok
11:17:35.0734 0x0afc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:17:35.0734 0x0afc  SiSRaid4 - ok
11:17:35.0749 0x0afc  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:17:35.0765 0x0afc  SkypeUpdate - ok
11:17:35.0765 0x0afc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:17:35.0765 0x0afc  Smb - ok
11:17:35.0781 0x0afc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:17:35.0781 0x0afc  SNMPTRAP - ok
11:17:35.0781 0x0afc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:17:35.0781 0x0afc  spldr - ok
11:17:35.0796 0x0afc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:17:35.0812 0x0afc  Spooler - ok
11:17:35.0890 0x0afc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:17:35.0968 0x0afc  sppsvc - ok
11:17:35.0983 0x0afc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:17:35.0983 0x0afc  sppuinotify - ok
11:17:35.0999 0x0afc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:17:35.0999 0x0afc  srv - ok
11:17:36.0015 0x0afc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:17:36.0030 0x0afc  srv2 - ok
11:17:36.0030 0x0afc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:17:36.0030 0x0afc  srvnet - ok
11:17:36.0046 0x0afc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:17:36.0046 0x0afc  SSDPSRV - ok
11:17:36.0061 0x0afc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:17:36.0061 0x0afc  SstpSvc - ok
11:17:36.0077 0x0afc  [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:17:36.0108 0x0afc  Steam Client Service - ok
11:17:36.0108 0x0afc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:17:36.0108 0x0afc  stexstor - ok
11:17:36.0139 0x0afc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:17:36.0139 0x0afc  stisvc - ok
11:17:36.0155 0x0afc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:17:36.0155 0x0afc  storflt - ok
11:17:36.0155 0x0afc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
11:17:36.0155 0x0afc  StorSvc - ok
11:17:36.0171 0x0afc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:17:36.0171 0x0afc  storvsc - ok
11:17:36.0171 0x0afc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:17:36.0171 0x0afc  swenum - ok
11:17:36.0186 0x0afc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:17:36.0202 0x0afc  swprv - ok
11:17:36.0202 0x0afc  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
11:17:36.0217 0x0afc  Synth3dVsc - ok
11:17:36.0249 0x0afc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:17:36.0295 0x0afc  SysMain - ok
11:17:36.0311 0x0afc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:17:36.0311 0x0afc  TabletInputService - ok
11:17:36.0327 0x0afc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:17:36.0327 0x0afc  TapiSrv - ok
11:17:36.0327 0x0afc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:17:36.0342 0x0afc  TBS - ok
11:17:36.0389 0x0afc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:17:36.0420 0x0afc  Tcpip - ok
11:17:36.0483 0x0afc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:17:36.0514 0x0afc  TCPIP6 - ok
11:17:36.0529 0x0afc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:17:36.0529 0x0afc  tcpipreg - ok
11:17:36.0529 0x0afc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:17:36.0529 0x0afc  TDPIPE - ok
11:17:36.0545 0x0afc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:17:36.0545 0x0afc  TDTCP - ok
11:17:36.0545 0x0afc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:17:36.0545 0x0afc  tdx - ok
11:17:36.0561 0x0afc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:17:36.0561 0x0afc  TermDD - ok
11:17:36.0561 0x0afc  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
11:17:36.0561 0x0afc  terminpt - ok
11:17:36.0576 0x0afc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:17:36.0607 0x0afc  TermService - ok
11:17:36.0607 0x0afc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:17:36.0607 0x0afc  Themes - ok
11:17:36.0623 0x0afc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:17:36.0623 0x0afc  THREADORDER - ok
11:17:36.0623 0x0afc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:17:36.0639 0x0afc  TrkWks - ok
11:17:36.0639 0x0afc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:17:36.0639 0x0afc  TrustedInstaller - ok
11:17:36.0654 0x0afc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:36.0654 0x0afc  tssecsrv - ok
11:17:36.0654 0x0afc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:17:36.0670 0x0afc  TsUsbFlt - ok
11:17:36.0670 0x0afc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:17:36.0670 0x0afc  TsUsbGD - ok
11:17:36.0670 0x0afc  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
11:17:36.0685 0x0afc  tsusbhub - ok
11:17:36.0685 0x0afc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:17:36.0685 0x0afc  tunnel - ok
11:17:36.0701 0x0afc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:17:36.0701 0x0afc  uagp35 - ok
11:17:36.0717 0x0afc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:17:36.0717 0x0afc  udfs - ok
11:17:36.0732 0x0afc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:17:36.0732 0x0afc  UI0Detect - ok
11:17:36.0748 0x0afc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:17:36.0748 0x0afc  uliagpkx - ok
11:17:36.0748 0x0afc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:17:36.0748 0x0afc  umbus - ok
11:17:36.0748 0x0afc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:17:36.0748 0x0afc  UmPass - ok
11:17:36.0763 0x0afc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:17:36.0763 0x0afc  UmRdpService - ok
11:17:36.0779 0x0afc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:17:36.0795 0x0afc  upnphost - ok
11:17:36.0795 0x0afc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:36.0810 0x0afc  usbccgp - ok
11:17:36.0810 0x0afc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:17:36.0810 0x0afc  usbcir - ok
11:17:36.0826 0x0afc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:17:36.0826 0x0afc  usbehci - ok
11:17:36.0826 0x0afc  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
11:17:36.0826 0x0afc  usbfilter - ok
11:17:36.0841 0x0afc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:17:36.0841 0x0afc  usbhub - ok
11:17:36.0857 0x0afc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:17:36.0857 0x0afc  usbohci - ok
11:17:36.0857 0x0afc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:17:36.0857 0x0afc  usbprint - ok
11:17:36.0873 0x0afc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:17:36.0873 0x0afc  usbscan - ok
11:17:36.0873 0x0afc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:36.0873 0x0afc  USBSTOR - ok
11:17:36.0888 0x0afc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:17:36.0888 0x0afc  usbuhci - ok
11:17:36.0888 0x0afc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:17:36.0888 0x0afc  UxSms - ok
11:17:36.0904 0x0afc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
11:17:36.0904 0x0afc  VaultSvc - ok
11:17:36.0904 0x0afc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:17:36.0904 0x0afc  vdrvroot - ok
11:17:36.0919 0x0afc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:17:36.0935 0x0afc  vds - ok
11:17:36.0935 0x0afc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:36.0951 0x0afc  vga - ok
11:17:36.0951 0x0afc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:17:36.0951 0x0afc  VgaSave - ok
11:17:36.0951 0x0afc  VGPU - ok
11:17:36.0966 0x0afc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:17:36.0966 0x0afc  vhdmp - ok
11:17:36.0982 0x0afc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:17:36.0982 0x0afc  viaide - ok
11:17:36.0982 0x0afc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:17:36.0997 0x0afc  vmbus - ok
11:17:36.0997 0x0afc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:17:36.0997 0x0afc  VMBusHID - ok
11:17:36.0997 0x0afc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:17:37.0013 0x0afc  volmgr - ok
11:17:37.0013 0x0afc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:17:37.0029 0x0afc  volmgrx - ok
11:17:37.0044 0x0afc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:17:37.0044 0x0afc  volsnap - ok
11:17:37.0060 0x0afc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:17:37.0060 0x0afc  vsmraid - ok
11:17:37.0107 0x0afc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:17:37.0138 0x0afc  VSS - ok
11:17:37.0138 0x0afc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:17:37.0138 0x0afc  vwifibus - ok
11:17:37.0153 0x0afc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:17:37.0153 0x0afc  vwififlt - ok
11:17:37.0169 0x0afc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:17:37.0169 0x0afc  W32Time - ok
11:17:37.0185 0x0afc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:17:37.0185 0x0afc  WacomPen - ok
11:17:37.0185 0x0afc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:17:37.0200 0x0afc  WANARP - ok
11:17:37.0200 0x0afc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:17:37.0200 0x0afc  Wanarpv6 - ok
11:17:37.0231 0x0afc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:17:37.0278 0x0afc  wbengine - ok
11:17:37.0278 0x0afc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:17:37.0294 0x0afc  WbioSrvc - ok
11:17:37.0309 0x0afc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:17:37.0309 0x0afc  wcncsvc - ok
11:17:37.0325 0x0afc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:17:37.0325 0x0afc  WcsPlugInService - ok
11:17:37.0325 0x0afc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:17:37.0325 0x0afc  Wd - ok
11:17:37.0356 0x0afc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:17:37.0372 0x0afc  Wdf01000 - ok
11:17:37.0372 0x0afc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:17:37.0387 0x0afc  WdiServiceHost - ok
11:17:37.0387 0x0afc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:17:37.0387 0x0afc  WdiSystemHost - ok
11:17:37.0403 0x0afc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:17:37.0403 0x0afc  WebClient - ok
11:17:37.0419 0x0afc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:17:37.0419 0x0afc  Wecsvc - ok
11:17:37.0434 0x0afc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:17:37.0434 0x0afc  wercplsupport - ok
11:17:37.0434 0x0afc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:17:37.0450 0x0afc  WerSvc - ok
11:17:37.0450 0x0afc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:17:37.0450 0x0afc  WfpLwf - ok
11:17:37.0450 0x0afc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:17:37.0450 0x0afc  WIMMount - ok
11:17:37.0465 0x0afc  WinDefend - ok
11:17:37.0465 0x0afc  WinHttpAutoProxySvc - ok
11:17:37.0481 0x0afc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:17:37.0481 0x0afc  Winmgmt - ok
11:17:37.0543 0x0afc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
11:17:37.0575 0x0afc  WinRM - ok
11:17:37.0590 0x0afc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
11:17:37.0590 0x0afc  WinUsb - ok
11:17:37.0621 0x0afc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:17:37.0637 0x0afc  Wlansvc - ok
11:17:37.0653 0x0afc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:17:37.0653 0x0afc  WmiAcpi - ok
11:17:37.0653 0x0afc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:17:37.0668 0x0afc  wmiApSrv - ok
11:17:37.0668 0x0afc  WMPNetworkSvc - ok
11:17:37.0668 0x0afc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:17:37.0684 0x0afc  WPCSvc - ok
11:17:37.0684 0x0afc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:17:37.0684 0x0afc  WPDBusEnum - ok
11:17:37.0684 0x0afc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:17:37.0699 0x0afc  ws2ifsl - ok
11:17:37.0699 0x0afc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:17:37.0699 0x0afc  wscsvc - ok
11:17:37.0699 0x0afc  WSearch - ok
11:17:37.0777 0x0afc  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:17:37.0824 0x0afc  wuauserv - ok
11:17:37.0840 0x0afc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:17:37.0840 0x0afc  WudfPf - ok
11:17:37.0840 0x0afc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:37.0855 0x0afc  WUDFRd - ok
11:17:37.0855 0x0afc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:17:37.0855 0x0afc  wudfsvc - ok
11:17:37.0871 0x0afc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:17:37.0887 0x0afc  WwanSvc - ok
11:17:37.0887 0x0afc  ================ Scan global ===============================
11:17:37.0887 0x0afc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:17:37.0902 0x0afc  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:17:37.0918 0x0afc  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:17:37.0918 0x0afc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:17:37.0933 0x0afc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:17:37.0933 0x0afc  [ Global ] - ok
11:17:37.0933 0x0afc  ================ Scan MBR ==================================
11:17:37.0949 0x0afc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:17:37.0980 0x0afc  \Device\Harddisk0\DR0 - ok
11:17:37.0980 0x0afc  ================ Scan VBR ==================================
11:17:37.0996 0x0afc  [ 62D2B4C55857F387E7D14CC2115B78BB ] \Device\Harddisk0\DR0\Partition1
11:17:37.0996 0x0afc  \Device\Harddisk0\DR0\Partition1 - ok
11:17:37.0996 0x0afc  [ 4B15345AC09F2F1F606E53AF4742A44F ] \Device\Harddisk0\DR0\Partition2
11:17:37.0996 0x0afc  \Device\Harddisk0\DR0\Partition2 - ok
11:17:37.0996 0x0afc  ================ Scan generic autorun ======================
11:17:38.0183 0x0afc  [ BB23287E44B06B964DB44195DF3C795B, 99434A35624B0E56C0E1AB5733AFE0A4CEADAE5BEF6E87F580E5FAC52B9327BE ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:17:38.0355 0x0afc  RTHDVCPL - ok
11:17:38.0370 0x0afc  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
11:17:38.0386 0x0afc  BCSSync - ok
11:17:38.0386 0x0afc  [ 89B250C786AAF611C5F0E7BE7D400C57, C9241330915C21A5BEA1CEE8C6EC9DE34450594036F2CF8ABB42E6EBD7AC5DCF ] C:\Program Files (x86)\PDF24\pdf24.exe
11:17:38.0401 0x0afc  PDFPrint - ok
11:17:38.0417 0x0afc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:17:38.0448 0x0afc  Sidebar - ok
11:17:38.0464 0x0afc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:17:38.0464 0x0afc  mctadmin - ok
11:17:38.0495 0x0afc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:17:38.0511 0x0afc  Sidebar - ok
11:17:38.0511 0x0afc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:17:38.0511 0x0afc  mctadmin - ok
11:17:38.0526 0x0afc  [ 6F47CF93A4977E542351D542608EB7DA, E463BAF957F069C7E65FC9F2BE147D73BB0791C47572876892BED8794F064B0E ] C:\Users\mama\AppData\Local\Communicationconnect\communication-damage.exe
11:17:38.0526 0x0afc  communication-stand - ok
11:17:38.0542 0x0afc  nature-shoe - ok
11:17:38.0542 0x0afc  Skype - ok
11:17:38.0542 0x0afc  while-object - ok
11:17:38.0542 0x0afc  firewire - ok
11:17:38.0542 0x0afc  ddr_sdram - ok
11:17:38.0542 0x0afc  nature-shoe - ok
11:17:38.0557 0x0afc  while-object - ok
11:17:38.0557 0x0afc  Waiting for KSN requests completion. In queue: 219
11:17:39.0571 0x0afc  Waiting for KSN requests completion. In queue: 219
11:17:40.0585 0x0afc  Waiting for KSN requests completion. In queue: 219
11:17:41.0599 0x0afc  Waiting for KSN requests completion. In queue: 219
11:17:42.0676 0x0afc  Win FW state via NFP2: enabled
11:17:45.0453 0x0afc  ============================================================
11:17:45.0453 0x0afc  Scan finished
11:17:45.0453 0x0afc  ============================================================
11:17:45.0453 0x09d4  Detected object count: 0
11:17:45.0453 0x09d4  Actual detected object count: 0
11:17:48.0822 0x0ac4  Deinitialize success

Alt 20.07.2015, 07:26   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.07.2015, 15:19   #10
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Code:
ATTFilter
ComboFix 15-07-20.01 - mama 20.07.2015  16:12:03.1.2 - x64
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.49.1031.18.4056.2698 [GMT 2:00]
ausgeführt von:: c:\users\mama\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mama\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9E513EF1-44EB-445B-BCFD-392BF9A217C7}.xps
c:\users\mama\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A04BBDB1-2467-42A7-8823-582CC2A92D4E}.xps
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-20 bis 2015-07-20  ))))))))))))))))))))))))))))))
.
.
2015-07-20 14:16 . 2015-07-20 14:16	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-20 14:14 . 2015-07-20 14:14	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{72D1982F-2418-4411-B50A-89175B959E52}\offreg.2148.dll
2015-07-19 09:13 . 2015-07-19 14:56	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-07-19 09:01 . 2015-07-19 14:57	--------	d--h--w-	c:\users\mama\AppData\Local\Communicationconnect
2015-07-17 12:39 . 2015-07-17 12:39	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-17 12:39 . 2015-07-18 07:39	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-17 12:39 . 2015-07-17 13:01	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-17 12:38 . 2015-07-17 13:00	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-17 11:09 . 2015-06-12 07:50	12221144	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{72D1982F-2418-4411-B50A-89175B959E52}\mpengine.dll
2015-07-16 10:45 . 2015-07-16 10:47	--------	d-----w-	C:\FRST
2015-07-16 07:06 . 2015-07-01 04:55	897088	----a-w-	c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2015-07-16 07:06 . 2015-07-01 02:31	188584	----a-w-	c:\program files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-07-16 07:06 . 2015-07-01 02:31	51880	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2015-07-15 19:07 . 2015-06-20 19:57	49664	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-07-15 18:40 . 2015-06-09 18:03	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2015-07-15 18:40 . 2015-06-09 18:03	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 18:40 . 2015-06-25 08:57	3207168	----a-w-	c:\windows\system32\win32k.sys
2015-07-15 18:40 . 2015-06-27 02:47	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2015-07-15 18:40 . 2015-06-27 02:43	5923840	----a-w-	c:\windows\system32\jscript9.dll
2015-07-15 18:40 . 2015-06-17 17:47	404992	----a-w-	c:\windows\system32\gdi32.dll
2015-07-15 18:40 . 2015-06-17 17:37	312320	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-07-15 18:40 . 2015-06-27 01:58	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2015-07-15 18:40 . 2015-06-27 01:39	4520448	----a-w-	c:\windows\SysWow64\jscript9.dll
2015-07-15 18:29 . 2015-06-11 17:56	7077376	----a-w-	c:\windows\system32\mstscax.dll
2015-07-15 18:29 . 2015-06-11 13:15	429568	----a-w-	c:\windows\system32\wksprt.exe
2015-07-02 10:09 . 2015-07-02 10:09	--------	d-----w-	c:\program files (x86)\PDF24
2015-06-28 18:27 . 2015-06-28 18:27	--------	d-----w-	c:\users\mama\Tracing
2015-06-28 18:26 . 2015-06-28 18:26	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-06-28 18:26 . 2015-06-28 18:26	--------	d-----r-	c:\program files (x86)\Skype
2015-06-23 23:29 . 2015-06-23 23:29	1217192	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-06-22 10:57 . 2015-06-22 10:57	--------	d-----w-	c:\users\mama\AppData\Local\ElevatedDiagnostics
2015-06-22 10:54 . 2015-06-22 10:54	--------	d-----w-	c:\users\mama\AppData\Local\Diagnostics
2015-06-21 08:54 . 2015-06-21 08:54	--------	d-----w-	c:\users\mama\AppData\Roaming\DigiOnline GmbH
2015-06-21 08:54 . 2015-06-21 08:54	--------	d-----w-	c:\program files (x86)\DigiOnline GmbH
2015-06-21 08:54 . 2015-06-21 08:54	--------	d-----w-	c:\users\mama\AppData\Local\Programs
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-16 05:58 . 2015-04-04 14:43	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-16 05:58 . 2015-04-04 14:43	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2011-03-08 19:49	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-23 11:30 . 2010-11-21 03:27	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-05-25 18:24 . 2015-06-11 12:07	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-11 12:07	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-11 12:07	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-11 12:07	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-11 12:07	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-11 12:07	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-11 12:07	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-11 12:07	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-11 12:07	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-11 12:07	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-11 12:07	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-11 12:07	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-11 12:07	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-11 12:07	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-11 12:07	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-11 12:07	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-11 12:07	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-11 12:07	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-11 12:07	112640	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-11 12:07	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-11 12:07	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-11 12:07	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-11 12:07	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-11 12:07	338432	----a-w-	c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-11 12:07	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-11 12:07	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-11 12:07	3989440	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-11 12:07	3934144	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-11 12:07	1310744	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-11 12:07	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-11 12:07	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-11 12:07	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-11 12:07	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-11 12:07	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-11 12:07	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-11 12:07	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-11 12:07	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-11 12:07	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-11 12:07	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-11 12:07	82944	----a-w-	c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-11 12:07	17408	----a-w-	c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-11 12:07	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-11 12:07	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-11 12:07	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2015-05-25 17:55 . 2015-06-11 12:07	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 12:07	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2015-05-25 17:00 . 2015-06-11 12:07	36864	----a-w-	c:\windows\system32\UtcResources.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-06-16 53282944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2015-07-02 217632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-04 05:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-03-26 8461528]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\mama\AppData\Roaming\Mozilla\Firefox\Profiles\k7ch3lys.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-communication-stand - c:\users\mama\AppData\Local\Communicationconnect\communication-damage.exe
Wow6432Node-HKCU-Run-firewire - c:\program files\Common Files\ATI Technologies\Multimedia\boiling_point\tdd_wcdma.exe
Wow6432Node-HKLM-Run-WebWeaver Desktop - (no file)
SafeBoot-17939969.sys
SafeBoot-19779303.sys
SafeBoot-32473862.sys
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
@DACL=(02 0000)
"ExcludeProfileDirs"="AppData\\Local;AppData\\LocalLow;$Recycle.Bin"
"BuildNumber"=dword:00001db1
"FirstLogon"=dword:00000000
"ParseAutoexec"="1"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-20  16:17:57
ComboFix-quarantined-files.txt  2015-07-20 14:17
.
Vor Suchlauf: 11 Verzeichnis(se), 153.861.226.496 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 154.213.203.968 Bytes frei
.
- - End Of File - - B36551D208A923A4C9451419DBAC2E55
A36C5E4F47E84449FF07ED3517B43A31

Alt 21.07.2015, 06:55   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.07.2015, 10:12   #12
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 21.07.2015
Suchlauf-Zeit: 10:47:50
Logdatei: mbamblog.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.07.21.02
Rootkit Datenbank: v2015.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: mama

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 352346
Verstrichene Zeit: 5 Min, 16 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
RiskWare.Tool.CK, C:\Users\mama\Documents\downloads\win_ori_machen.rar, In Quarantäne, [590d7f656228f343d05dd14a0cf628d8], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 21/07/2015 um 11:05:22
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (x64)
# Benutzername : mama - MAMA-PC
# Gestarted von : C:\Users\mama\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v39.0 (x86 de)


*************************

AdwCleaner[R0].txt - [1440 Bytes] - [21/07/2015 11:03:02]
AdwCleaner[S0].txt - [1352 Bytes] - [21/07/2015 11:05:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1411  Bytes] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Enterprise x64
Ran by mama on 21.07.2015 at 11:08:34,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\mama\AppData\Roaming\mozilla\firefox\profiles\k7ch3lys.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.07.2015 at 11:12:12,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 22.07.2015, 07:55   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


So, da wurde ja einiges entfernt.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.07.2015, 13:15   #14
Elisabeth7
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9871e2c8680c6f4995164809f7554897
# end=init
# utc_time=2015-07-22 11:18:59
# local_time=2015-07-22 01:18:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24923
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9871e2c8680c6f4995164809f7554897
# end=updated
# utc_time=2015-07-22 11:25:02
# local_time=2015-07-22 01:25:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9871e2c8680c6f4995164809f7554897
# engine=24923
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-22 11:48:24
# local_time=2015-07-22 01:48:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 189195554 0 0
# scanned=223362
# found=29
# cleaned=0
# scan_time=1401
sh=F21EE309BF474BD7D18479731EAA56DDB4632043 ft=1 fh=a831e3119a16f508 vn="Variante von Win32/Kryptik.DPZL Trojaner" ac=I fn="C:\Program Files\AMD\ATI.ACE\Fuel\ru\pulse_amplitude_modular\inorganic_chemistry.exe"
sh=A951173D2B84BE5A7F2539D1CAC3F06D3EFBBAA6 ft=1 fh=9a97c049561ada72 vn="Variante von Win32/Kryptik.DNPR Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\degrees_of_freedom.exe"
sh=532CEF934CDBC123403484FC8E00ACD4C2294A67 ft=1 fh=8a9b11fb380c7542 vn="Win32/TrojanDownloader.Nymaim.AV Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\voltage_regulator.exe"
sh=7E15EA459E45EE339AAF0201E11E5AED5A4156A2 ft=1 fh=9026c56708018520 vn="Variante von Win32/Kryptik.DQIZ Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_amplitude_modular\click_and_pop.exe"
sh=545534DD8ACE986AA0DDFABA208FD46ADA9909F3 ft=1 fh=c58ffc9afc9227e3 vn="Win32/TrojanDownloader.Nymaim.AL Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_amplitude_modular\computer_aided_manufacturing.exe"
sh=22216790B8770F019454009AF6C6AF921CA43BA8 ft=1 fh=e1dc043af17d8309 vn="Variante von Win32/Kryptik.DPZL Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_amplitude_modular\partition_locking.exe"
sh=BD16FA903489161C5AD2E965070037CC37084133 ft=1 fh=4dccd1f17d231715 vn="Variante von Win32/Kryptik.DPZL Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\avogadros_number.exe"
sh=47C2B3FED21E953BF9A92E95D259FD048F957104 ft=1 fh=13c03a9c0e40c989 vn="Variante von Win32/Kryptik.DMUM Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\debouncing.exe"
sh=6C9556A6DD14CC0C24FD78598679A2383DD21922 ft=1 fh=592df34b6de0d672 vn="Win32/TrojanDownloader.Nymaim.AL Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\frequency_bin.exe"
sh=292832F1918D6901DC1583C07247DCE6E1027487 ft=1 fh=cb57ca45bbb923d6 vn="Variante von Win32/Kryptik.DMUM Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\keep_out_area.exe"
sh=6C9556A6DD14CC0C24FD78598679A2383DD21922 ft=1 fh=592df34b6de0d672 vn="Win32/TrojanDownloader.Nymaim.AL Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\bravais_lattice.exe"
sh=292832F1918D6901DC1583C07247DCE6E1027487 ft=1 fh=cb57ca45bbb923d6 vn="Variante von Win32/Kryptik.DMUM Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\lithium_batteries.exe"
sh=47C2B3FED21E953BF9A92E95D259FD048F957104 ft=1 fh=13c03a9c0e40c989 vn="Variante von Win32/Kryptik.DMUM Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\max_inl_as_percent_fsr.exe"
sh=13B79B6209D7A23121CF9FD09879A96FFCDB37AE ft=1 fh=4b3072523585bcb0 vn="Win32/TrojanDownloader.Nymaim.AL Trojaner" ac=I fn="C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\measures_of_central_tendency.exe"
sh=C9CBFC9D79B3BCE21C225EBF91A507E7FBFED8AA ft=1 fh=6fc20d1dca8ac928 vn="Variante von Win32/Kryptik.DLVK Trojaner" ac=I fn="C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\van_der_waals_equation\wireless_local_loop.exe"
sh=C9CBFC9D79B3BCE21C225EBF91A507E7FBFED8AA ft=1 fh=6fc20d1dca8ac928 vn="Variante von Win32/Kryptik.DLVK Trojaner" ac=I fn="C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\pulse_frequency_modular\dew_point.exe"
sh=BD16FA903489161C5AD2E965070037CC37084133 ft=1 fh=4dccd1f17d231715 vn="Variante von Win32/Kryptik.DPZL Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.11.16\uds0001\file0000\tsk0000.dta"
sh=42761823309E396E6A6EB23E89FD84B502D5CB89 ft=1 fh=857c31659b291036 vn="Variante von Win32/Injector.CELD Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.11.16\zbot0000\file0000\tsk0000.dta"
sh=E3185B54113B88100D56CB48BA55DA2E3DE768F8 ft=1 fh=9cb86b15bd34217d vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.11.16\zbot0001\file0000\tsk0000.dta"
sh=42761823309E396E6A6EB23E89FD84B502D5CB89 ft=1 fh=857c31659b291036 vn="Variante von Win32/Injector.CELD Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.11.16\zbot0002\file0000\tsk0000.dta"
sh=E3185B54113B88100D56CB48BA55DA2E3DE768F8 ft=1 fh=9cb86b15bd34217d vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.11.16\zbot0003\file0000\tsk0000.dta"
sh=BD16FA903489161C5AD2E965070037CC37084133 ft=1 fh=4dccd1f17d231715 vn="Variante von Win32/Kryptik.DPZL Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.13.22\uds0001\file0000\tsk0000.dta"
sh=42761823309E396E6A6EB23E89FD84B502D5CB89 ft=1 fh=857c31659b291036 vn="Variante von Win32/Injector.CELD Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.13.22\zbot0000\file0000\tsk0000.dta"
sh=E3185B54113B88100D56CB48BA55DA2E3DE768F8 ft=1 fh=9cb86b15bd34217d vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.13.22\zbot0001\file0000\tsk0000.dta"
sh=42761823309E396E6A6EB23E89FD84B502D5CB89 ft=1 fh=857c31659b291036 vn="Variante von Win32/Injector.CELD Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.13.22\zbot0002\file0000\tsk0000.dta"
sh=E3185B54113B88100D56CB48BA55DA2E3DE768F8 ft=1 fh=9cb86b15bd34217d vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_11.13.22\zbot0003\file0000\tsk0000.dta"
sh=7968F8E94A81A9E57379B867D71B58A708974E1C ft=1 fh=eca55e76d140495f vn="Variante von Generik.CDZWUCX Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\19.07.2015_16.55.48\susp0000\file0000\tsk0000.dta"
sh=7D8CBEF4C6B634AFEDF1FBBC8BCEF185C65FA105 ft=1 fh=8b0bf2dac3dea070 vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mama\Documents\downloads\cnet_isw2_exe.exe"
sh=420CC3443CFF731F18C6A08C6C9BDCB41F32629F ft=1 fh=340f9af7abe68dcd vn="Variante von Win32/Skintrim.KF Trojaner" ac=I fn="C:\Users\mama\Documents\Maria-alt\Lokale Einstellungen\Anwendungsdaten\idxznqtg.exe"
Code:
ATTFilter
 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 18.0.0.209  
 Adobe Reader XI  
 Mozilla Firefox (39.0) 
 Mozilla Thunderbird (31.7.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by mama (administrator) on MAMA-PC on 22-07-2015 14:13:07
Running from C:\Users\mama\Downloads
Loaded Profiles: mama (Available Profiles: mama)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8461528 2015-03-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-02] (Geek Software GmbH)
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2633793881-2841567878-4254833180-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2DB9448A-FEBA-4767-953C-198C723A393B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AFC12B33-F661-422A-A025-A36070689609}: [DhcpNameServer] 10.1.1.1

FireFox:
========
FF ProfilePath: C:\Users\mama\AppData\Roaming\Mozilla\Firefox\Profiles\k7ch3lys.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 14:12 - 2015-07-22 14:12 - 00000000 ____D C:\Users\mama\Downloads\FRST-OlderVersion
2015-07-22 14:11 - 2015-07-22 14:11 - 00852662 _____ C:\Users\mama\Downloads\SecurityCheck.exe
2015-07-22 13:18 - 2015-07-22 13:18 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-22 13:17 - 2015-07-22 13:17 - 02870984 _____ (ESET) C:\Users\mama\Downloads\esetsmartinstaller_deu.exe
2015-07-21 11:12 - 2015-07-21 11:12 - 00000836 _____ C:\Users\mama\Desktop\JRT.txt
2015-07-21 11:07 - 2015-07-21 11:07 - 01798288 _____ (Malwarebytes Corporation) C:\Users\mama\Downloads\JRT.exe
2015-07-21 11:02 - 2015-07-21 11:05 - 00000000 ____D C:\AdwCleaner
2015-07-21 11:01 - 2015-07-21 11:01 - 02248704 _____ C:\Users\mama\Downloads\AdwCleaner_4.208.exe
2015-07-21 10:44 - 2015-07-21 10:44 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 10:44 - 2015-07-21 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-21 10:44 - 2015-07-21 10:44 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-21 10:44 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 10:44 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 10:40 - 2015-07-21 10:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\mama\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-21 10:30 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 10:30 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 10:30 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 10:30 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 10:30 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 10:30 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 10:30 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 10:30 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 10:30 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 10:30 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 16:17 - 2015-07-20 16:17 - 00020194 _____ C:\ComboFix.txt
2015-07-20 16:10 - 2015-07-20 16:18 - 00000000 ____D C:\Qoobox
2015-07-20 16:10 - 2015-07-20 16:16 - 00000000 ____D C:\Windows\erdnt
2015-07-20 16:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-20 16:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-20 16:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-20 16:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-20 16:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-20 16:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-20 16:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-20 16:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-20 09:40 - 2015-07-20 09:40 - 05632853 ____R (Swearware) C:\Users\mama\Downloads\ComboFix.exe
2015-07-19 11:13 - 2015-07-19 16:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-07-19 11:01 - 2015-07-19 16:57 - 00000000 ___HD C:\Users\mama\AppData\Local\Communicationconnect
2015-07-17 15:08 - 2015-07-17 15:09 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\mama\Downloads\tdsskiller.exe
2015-07-17 14:39 - 2015-07-21 10:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-17 14:39 - 2015-07-21 10:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-17 14:39 - 2015-07-18 09:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-17 14:38 - 2015-07-17 15:07 - 00000000 ____D C:\Users\mama\Desktop\mbar
2015-07-17 14:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-17 14:37 - 2015-07-17 14:37 - 00001492 _____ C:\Users\mama\Desktop\mbar-1.09.1.1004 - Verknüpfung.lnk
2015-07-17 14:35 - 2015-07-17 14:37 - 16502728 _____ (Malwarebytes Corp.) C:\Users\mama\Downloads\mbar-1.09.1.1004.exe
2015-07-17 13:19 - 2015-07-17 13:18 - 00416060 _____ C:\Users\mama\Desktop\Abmeldung Bettingen 07_07_15.jpeg
2015-07-16 20:18 - 2015-07-16 20:17 - 00455578 _____ C:\Users\mama\Desktop\Anmeldung Winterrieden 15_07_15.jpeg
2015-07-16 12:51 - 2015-07-16 20:30 - 00001400 _____ C:\Users\mama\Desktop\FRST64 - Verknüpfung.lnk
2015-07-16 12:46 - 2015-07-22 14:13 - 00006524 _____ C:\Users\mama\Downloads\FRST.txt
2015-07-16 12:46 - 2015-07-16 12:47 - 00020303 _____ C:\Users\mama\Downloads\Addition.txt
2015-07-16 12:45 - 2015-07-22 14:13 - 00000000 ____D C:\FRST
2015-07-16 12:45 - 2015-07-22 14:12 - 02135552 _____ (Farbar) C:\Users\mama\Downloads\FRST64.exe
2015-07-16 09:02 - 2015-07-16 09:02 - 00242928 _____ C:\Users\mama\Downloads\Firefox Setup Stub 39.0.exe
2015-07-15 21:50 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 21:50 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 21:50 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 21:50 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 21:50 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 21:50 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 21:50 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 21:50 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 21:07 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 21:07 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 21:07 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 21:07 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 21:07 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 21:07 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 21:07 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 21:07 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 21:07 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 21:07 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 21:07 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 21:07 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 21:07 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 21:07 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 21:07 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 21:07 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 21:07 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 21:07 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 21:07 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 21:07 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 21:07 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 21:07 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 21:07 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 21:07 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 21:07 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 21:07 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 21:07 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 21:07 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 21:07 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 21:07 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 21:07 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 21:07 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 21:07 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 21:07 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 21:07 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 21:07 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 21:07 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 21:07 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 21:07 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 21:07 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 21:07 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 21:07 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 21:07 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 21:07 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 20:40 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 20:40 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 20:40 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 20:40 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 20:40 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 20:40 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 20:40 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 20:40 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 20:40 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 20:37 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:37 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:37 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:37 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:37 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:37 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:37 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:37 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:37 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:37 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:37 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:37 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 20:29 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 20:29 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 20:28 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 20:28 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 20:28 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 20:28 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 20:28 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 20:28 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 20:28 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 20:28 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 20:28 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 20:28 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 20:28 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 20:28 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 20:28 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 20:28 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 20:28 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 20:28 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 20:28 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 20:28 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 20:28 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 20:28 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 20:28 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 20:28 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 20:28 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 20:28 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 20:28 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 20:28 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 20:28 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 20:28 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 20:28 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 20:28 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 20:28 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 20:28 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 20:28 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 20:28 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 20:28 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 20:28 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 20:28 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 20:28 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 20:28 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 20:28 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 20:28 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 20:28 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 20:28 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 20:28 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 20:28 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 20:28 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 20:28 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 20:28 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 20:28 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-02 12:09 - 2015-07-02 12:09 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-07-02 12:09 - 2015-07-02 12:09 - 00001063 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-07-02 12:09 - 2015-07-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-07-02 12:09 - 2015-07-02 12:09 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-07-02 12:07 - 2015-07-02 12:09 - 16390392 _____ (Geek Software GmbH ) C:\Users\mama\Downloads\pdf24-creator-7.0.2.exe
2015-06-30 16:08 - 2015-06-30 16:07 - 01002284 _____ C:\Users\mama\Desktop\MöbelII.jpeg
2015-06-30 16:07 - 2015-06-30 16:07 - 00850262 _____ C:\Users\mama\Desktop\Möbel I.jpeg.jpeg
2015-06-28 20:27 - 2015-06-28 20:27 - 00000000 ____D C:\Users\mama\Tracing
2015-06-28 20:26 - 2015-06-28 20:26 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-28 20:26 - 2015-06-28 20:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-28 20:26 - 2015-06-28 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-28 20:20 - 2015-06-28 20:21 - 01384064 _____ (Skype Technologies S.A.) C:\Users\mama\Downloads\SkypeSetup.exe
2015-06-24 01:29 - 2015-06-24 01:29 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 13:59 - 2015-03-26 19:24 - 01495523 _____ C:\Windows\WindowsUpdate.log
2015-07-22 13:56 - 2015-04-04 16:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-22 13:19 - 2010-11-21 08:22 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-07-22 13:19 - 2010-11-21 08:22 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-07-22 13:19 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-22 12:58 - 2009-07-14 06:45 - 00023808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-22 12:58 - 2009-07-14 06:45 - 00023808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-22 12:48 - 2015-03-28 12:26 - 00000000 ____D C:\Users\mama\Documents\Thunderbird
2015-07-22 12:46 - 2015-03-26 20:02 - 00003510 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-22 12:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 12:45 - 2009-07-14 06:51 - 00054897 _____ C:\Windows\setupact.log
2015-07-21 22:14 - 2015-03-26 21:43 - 00000000 ____D C:\Users\mama\AppData\Roaming\Skype
2015-07-21 12:01 - 2009-07-14 06:45 - 00408448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 11:06 - 2010-11-21 05:47 - 00064354 _____ C:\Windows\PFRO.log
2015-07-20 17:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-20 16:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-20 16:16 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-18 09:39 - 2015-06-09 08:47 - 00000000 ____D C:\ProgramData\vcgnty
2015-07-17 14:58 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\addins
2015-07-16 20:21 - 2015-03-26 20:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 20:19 - 2015-03-26 21:51 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 17:53 - 2015-03-28 12:38 - 00000000 ____D C:\Users\mama\Documents\thunderbird2
2015-07-16 17:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-16 12:35 - 2015-06-05 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-16 12:35 - 2015-03-26 19:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-16 09:06 - 2015-03-26 19:34 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-16 09:06 - 2015-03-26 19:34 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-16 07:58 - 2015-04-04 16:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 07:58 - 2015-04-04 16:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 07:58 - 2015-04-04 16:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 07:56 - 2015-03-26 20:59 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 07:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 20:56 - 2015-03-26 21:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 20:56 - 2015-03-26 21:49 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:41 - 2015-03-26 19:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-12 19:52 - 2015-05-17 17:53 - 00000000 ____D C:\Users\mama\Documents\Lesung Kindergarten
2015-07-03 10:32 - 2015-05-18 14:37 - 00000000 ____D C:\Users\mama\Desktop\Lesung Kindergarten
2015-07-03 08:43 - 2011-03-08 21:49 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-28 20:27 - 2015-03-26 19:24 - 00000000 ____D C:\Users\mama
2015-06-28 20:26 - 2015-03-26 21:43 - 00000000 ____D C:\ProgramData\Skype
2015-06-23 17:07 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 12:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-03-26 19:48 - 2015-03-26 19:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\mama\AppData\Local\Temp\Quarantine.exe
C:\Users\mama\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-19 16:54

==================== End of log ============================

Alt 23.07.2015, 07:07   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Trojaner - wie erkenne ich, ob er entfernt ist? - Standard

Trojaner - wie erkenne ich, ob er entfernt ist?


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Program Files\AMD\ATI.ACE\Fuel\ru\pulse_amplitude_modular\inorganic_chemistry.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\degrees_of_freedom.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\voltage_regulator.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_amplitude_modular\click_and_pop.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_amplitude_modular\computer_aided_manufacturing.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_amplitude_modular\partition_locking.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\avogadros_number.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\debouncing.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\frequency_bin.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\pulse_frequency_modular\keep_out_area.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\bravais_lattice.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\lithium_batteries.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\max_inl_as_percent_fsr.exe

C:\Program Files\Common Files\ATI Technologies\Multimedia\boiling_point\van_der_waals_equation\measures_of_central_tendency.exe

C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\van_der_waals_equation\wireless_local_loop.exe

C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\pulse_frequency_modular\dew_point.exe

C:\Users\mama\Documents\downloads\cnet_isw2_exe.exe

C:\Users\mama\Documents\Maria-alt\Lokale Einstellungen\Anwendungsdaten\idxznqtg.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 1 von 2 1 2

Themen zu Trojaner - wie erkenne ich, ob er entfernt ist?
compu, computer, entfern, entfernt, erkenne, heute, morgen, telekom, troja, trojaner, trojaner entfernt, wirklich


« Maus ruckelt und bewegt sich Verzögert. | Gdata geht auf 100% PC friert für Minuten ein »


Ähnliche Themen: Trojaner - wie erkenne ich, ob er entfernt ist?


  1. Ist der Trojaner entfernt?
    Plagegeister aller Art und deren Bekämpfung - 27.04.2014 (9)
  2. GVU-Trojaner - PC auf früheren Zeitpunkt zurück gesetzt - Wie kann ich nun sicher gehen,dass der Trojaner entfernt ist?
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (15)
  3. GVU-Trojaner entfernt
    Plagegeister aller Art und deren Bekämpfung - 23.12.2012 (1)
  4. GVU Trojaner entfernt?
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (8)
  5. BKA Trojaner - Ist er entfernt?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (7)
  6. Trojaner entfernt?
    Log-Analyse und Auswertung - 13.02.2012 (12)
  7. Anti Malware Doctor auf WIN 7 gehabt und entfernt. Richtig entfernt?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (13)
  8. Antivir Solution Pro entfernt - was muss noch entfernt werden?
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (22)
  9. av security suite entfernt -- alles entfernt?
    Log-Analyse und Auswertung - 12.07.2010 (1)
  10. Wie erkenne ich backdoor viren?
    Plagegeister aller Art und deren Bekämpfung - 18.09.2008 (3)
  11. Woran erkenne ich ob jmd Zugriff zu meinem Computer hat?
    Überwachung, Datenschutz und Spam - 20.07.2008 (14)
  12. wie erkenne ich meine soundkarte
    Mülltonne - 01.11.2007 (0)
  13. Wie erkenne ich was es ist???
    Plagegeister aller Art und deren Bekämpfung - 22.05.2006 (11)
  14. Wie erkenne ich einen Dialer?
    Plagegeister aller Art und deren Bekämpfung - 26.01.2006 (2)
  15. Wie erkenne ich denn W32.Sinnaka.A@mm?
    Plagegeister aller Art und deren Bekämpfung - 12.12.2005 (11)
  16. dailer wie erkenne ich die verbindung?
    Plagegeister aller Art und deren Bekämpfung - 24.04.2003 (14)
  17. Trojaner entfernt???
    Plagegeister aller Art und deren Bekämpfung - 08.04.2003 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner - wie erkenne ich, ob er entfernt ist? - Hallo, Von der Telekom kam ein Schreiben, dass auf unserem Computer ein Trojaner sei. Nun zeigte der PC heute morgen an, dass ein Trojaner entfernt wurde. Kann ich nun sicher - Trojaner - wie erkenne ich, ob er entfernt ist?...
Archiv
Du betrachtest: Trojaner - wie erkenne ich, ob er entfernt ist? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131