| |
| |||||||
Log-Analyse und Auswertung: Mails werden automatisch versendetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.09.2015, 19:33
| #1 |
 |  Mails werden automatisch versendet Hallo zusammen, seit ein paar Tagen werden automatisch E-Mails an einige Kontakte in EssentialsPIM Pro Network versendet, Die tauchen aber nicht in den "Gesendeten" oder anderswo auf. Die Emails haben immer den gleichen Titel: (FW:Impotant) Hey! Important message, please visit hxxp://....... hier steht immer ein anderer Link. Windows 8.1 64bit Virenprogramm Avira Antivirus Pro EssentialsPIM Pro 6.55 Network Edition (u.a. zum Mailversand) Passwörter habe ich gleich geändert, dass Problem ist aber wahrscheinlich noch da. Habe gehört, dass es auch keine Infektion sein kann und nur die Mail-Absenderkennung verwendet wird. Aber das erklärt leider nicht die Kenntnis über die Kontaktadressen. Habe Euch auch gleich mal FRST nach Eurer Anleitung ausgeführt und die Log´s: FRST.txt und Addition.txt gepostet. Vielen Dank im vorraus. Geändert von strommueller (26.09.2015 um 19:50 Uhr) |
|
26.09.2015, 20:12
| #2 |
| /// the machine /// TB-Ausbilder    | Mails werden automatisch versendet Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
26.09.2015, 21:42
| #3 |
| |  Mails werden automatisch versendet Ok,
__________________hier FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von XXXXXXX (Administrator) auf ALPHA (26-09-2015 20:25:58)
Gestartet von D:\Users\XXXXXXX\Desktop
Geladene Profile: XXXXXXX (Verfügbare Profile: XXXXXXX)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3810510583-669268903-27390416-1001\...\MountPoints2: {c2bf905c-3223-11e4-8292-002618f37a0c} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-3810510583-669268903-27390416-1001\...\MountPoints2: {f64fafd6-c77c-11e4-830e-002618f37a0c} - "H:\LGAutoRun.exe"
HKU\S-1-5-21-3810510583-669268903-27390416-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7C9CF590-28A9-45F4-8A18-7139AC342E21}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\XXXXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\jg9wpz3m.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: anonymoX - C:\Users\XXXXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\jg9wpz3m.default\Extensions\client@anonymox.net.xpi [2014-10-19]
FF Extension: Adblock Plus - C:\Users\XXXXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\jg9wpz3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2012-05-18] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2785280 2012-05-18] (Firebird Project) [Datei ist nicht signiert]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-26 16:55 - 2015-09-26 20:26 - 00000000 ____D C:\FRST
2015-09-24 21:57 - 2015-09-25 08:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-24 21:47 - 2015-09-24 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-24 21:35 - 2015-09-24 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 11:49 - 2015-09-12 11:49 - 00000000 ____D C:\Users\XXXXXXX\AppData\Local\PDFCreator
2015-09-12 11:16 - 2015-09-12 11:16 - 00001484 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-09-12 11:16 - 2015-09-12 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-09-10 14:34 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 14:34 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 14:34 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 14:34 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 14:34 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-10 14:34 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 14:34 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 14:34 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 14:34 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-10 14:34 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 14:34 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 14:34 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 14:33 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 14:33 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 14:33 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 14:33 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 14:33 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 14:33 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 14:33 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 14:33 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 14:33 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 14:33 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 14:33 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 14:33 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 14:33 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 14:33 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 14:33 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 14:33 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 14:33 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 14:33 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 14:33 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 14:32 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 14:32 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 14:32 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 14:32 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 14:32 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 14:32 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 14:32 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 14:32 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 14:32 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 14:32 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-10 14:32 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 14:32 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-10 14:32 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 14:32 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 14:32 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 14:32 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 14:32 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-10 14:32 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-10 14:32 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 14:32 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 14:32 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 14:32 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 14:32 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 14:32 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 14:32 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 14:32 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 14:32 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 14:32 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 14:32 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 14:32 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-10 14:32 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-10 14:32 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 14:32 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-10 14:32 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-10 14:32 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 14:32 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-10 14:32 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-10 14:32 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 14:32 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-10 14:32 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-10 14:32 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-10 14:32 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-10 14:32 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-10 14:32 - 2015-07-13 21:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-10 14:32 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-10 14:32 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 14:32 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-10 14:32 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-26 20:22 - 2014-07-12 03:02 - 01674445 _____ C:\Windows\WindowsUpdate.log
2015-09-26 20:08 - 2014-07-12 04:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-26 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-26 17:39 - 2014-07-30 00:34 - 00003100 _____ C:\Windows\System32\Tasks\ZDB-JobNr-01
2015-09-26 17:39 - 2014-07-30 00:34 - 00000364 _____ C:\Windows\Tasks\ZDB-JobNr-01.job
2015-09-26 17:38 - 2014-07-12 03:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-26 17:38 - 2013-08-22 16:46 - 00125054 _____ C:\Windows\setupact.log
2015-09-26 17:38 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-25 10:46 - 2014-07-12 03:09 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3810510583-669268903-27390416-1001
2015-09-25 08:46 - 2014-07-12 04:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-25 08:46 - 2014-03-18 03:50 - 00419452 _____ C:\Windows\PFRO.log
2015-09-24 23:00 - 2014-10-23 22:22 - 00000362 _____ C:\Windows\Tasks\ZDB-JobNr-02.job
2015-09-24 21:53 - 2014-07-27 18:58 - 00001097 _____ C:\Users\Public\Desktop\EssentialPIM Pro.lnk
2015-09-24 21:46 - 2014-07-12 03:37 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-24 21:46 - 2014-07-12 03:37 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-09-24 03:06 - 2014-07-12 05:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-24 00:01 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-22 09:27 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-21 21:08 - 2014-07-12 04:11 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-19 04:18 - 2014-12-27 01:57 - 00003556 _____ C:\Windows\system32\TeamViewer10_Hooks.log
2015-09-19 04:18 - 2014-12-27 01:57 - 00000989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-15 03:18 - 2014-12-12 10:51 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-12-12 10:51 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 22:21 - 2014-07-12 05:12 - 00000000 ____D C:\Users\XXXXXXX\AppData\Roaming\KeePass
2015-09-13 11:41 - 2013-08-22 16:44 - 00467184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 10:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-12 16:57 - 2014-03-18 12:03 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 16:57 - 2014-03-18 11:25 - 00726688 _____ C:\Windows\system32\perfh007.dat
2015-09-12 16:57 - 2014-03-18 11:25 - 00151380 _____ C:\Windows\system32\perfc007.dat
2015-09-12 11:44 - 2014-07-16 16:57 - 00000000 ____D C:\Users\XXXXXXX\AppData\Roaming\vlc
2015-09-12 11:16 - 2014-12-27 01:05 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-09-11 11:31 - 2014-07-27 16:07 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2015-09-11 11:31 - 2014-07-27 16:07 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2015-09-11 11:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-11 11:00 - 2014-07-12 03:53 - 00000000 ____D C:\Windows\system32\MRT
2015-09-11 10:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-10 14:39 - 2014-03-18 11:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 12:44 - 2014-07-12 03:04 - 00000000 ____D C:\Users\XXXXXXX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-13 12:52 - 2015-07-24 09:34 - 0008192 _____ () C:\Users\XXXXXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Einige Dateien in TEMP:
====================
C:\Users\XXXXXXX\AppData\Local\Temp\avgnt.exe
C:\Users\XXXXXXX\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp413zlu.dll
C:\Users\XXXXXXX\AppData\Local\Temp\epim_install.exe
C:\Users\XXXXXXX\AppData\Local\Temp\FFSetup3.7.0.0.exe
C:\Users\XXXXXXX\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\XXXXXXX\AppData\Local\Temp\nvStInst.exe
C:\Users\XXXXXXX\AppData\Local\Temp\ochelper.dll
C:\Users\XXXXXXX\AppData\Local\Temp\ochelper.exe
C:\Users\XXXXXXX\AppData\Local\Temp\ose00001.exe
C:\Users\XXXXXXX\AppData\Local\Temp\vlc-2.1.5-win64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-25 08:58
==================== Ende von FRST.txt ============================
und hier der Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von XXXXXXX (2015-09-26 20:26:49)
Gestartet von D:\Users\XXXXXXX\Desktop
Windows 8.1 (X64) (2014-07-12 01:04:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3810510583-669268903-27390416-500 - Administrator - Disabled)
XXXXXXX (S-1-5-21-3810510583-669268903-27390416-1001 - Administrator - Enabled) => C:\Users\XXXXXXX
Gast (S-1-5-21-3810510583-669268903-27390416-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
EssentialPIM Pro (HKLM-x32\...\EssentialPIM Pro) (Version: 6.55 - Astonsoft Ltd)
Firebird 2.1.5.18496 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.5.18496 - Firebird Project)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
HP LJ300-400 color M351-M451 (HKLM-x32\...\{15CA73D8-3C82-4BAE-86CD-945BF9620516}) (Version: 5.0.12200.630 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM351M451DSService (x32 Version: 001.001.05164 - Hewlett-Packard) Hidden
HPLaserJet300-400ColorM351-M451Series_HelpLearnCenter_SI (HKLM-x32\...\{BD019D8F-25B9-49D6-B301-07AFF65E35DD}) (Version: 1.02.0000 - Hewlett-Packard)
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM351_M451LaserJetService (x32 Version: 005.021.00132 - Hewlett-Packard) Hidden
hppToolboxProxyM351 (x32 Version: 035.024.006 - HP) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM351_M451 (x32 Version: 050.034.0131 - Hewlett-Packard) Hidden
InstanceFinder (x32 Version: 020.021.004 - HP) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LibreOffice 4.3 Help Pack (German) (HKLM-x32\...\{D46E6B22-8CB8-4ADE-B820-ADF29F4FEF21}) (Version: 4.3.7.2 - The Document Foundation)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 de)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5738 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
ToolboxProxy (x32 Version: 035.024.006 - HP) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Z-DBackup (HKLM-x32\...\{6AF2CB89-30AB-45E5-9A68-B6B428E0E6DF}) (Version: 6.2.0.9 - IMU Andreas Baumann)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3810510583-669268903-27390416-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XXXXXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay Keine Datei
==================== Wiederherstellungspunkte =========================
05-09-2015 17:58:29 Geplanter Prüfpunkt
10-09-2015 14:36:30 Windows Update
12-09-2015 11:10:38 Installed LibreOffice 4.4.5.2
20-09-2015 06:19:50 Geplanter Prüfpunkt
26-09-2015 13:14:48 Avira PC Cleaner - 26.09.2015 13:14
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {203A36AD-9904-4F00-BA98-A56331E27BE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {20D52BC6-4B77-4019-AC5A-28B48D9AB32B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {588B9FBB-03F7-48A2-A4D5-1E43FBD783D7} - System32\Tasks\xxx => powershell
Task: {6A079E55-DE80-4F0B-BADB-EB7A10605A00} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {749AE7DD-8E77-4E86-8559-CDC20491DAC1} - System32\Tasks\ZDB-JobNr-01 => C:\Program Files (x86)\Z-DBackup\ZDBackup.exe [2015-07-17] (IMU-BerliNet)
Task: {945CAA03-1450-4D49-AB67-845D26D53E7B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {AC906E1B-6975-4F0C-836E-463DB638A4D6} - System32\Tasks\Datensicherung und Herunterfahren => powershell
Task: {B74EFCB7-DE52-4148-A447-1F2BBFC00E28} - System32\Tasks\Telefonerinnerung => powershell
Task: {E2DE1B0A-B91D-437A-A227-54915F673C11} - System32\Tasks\ZDB-JobNr-02 => C:\Program Files (x86)\Z-DBackup\ZDBackup.exe [2015-07-17] (IMU-BerliNet)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ZDB-JobNr-01.job => C:\Program Files (x86)\Z-DBackup\ZDBackup.exe
Task: C:\Windows\Tasks\ZDB-JobNr-02.job => C:\Program Files (x86)\Z-DBackup\ZDBackup.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-07-12 03:17 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3810510583-669268903-27390416-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C0CAE8C5-A290-4E03-9EF3-2B3ABB0C4174}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{58772656-4884-41B1-8C41-6B41CB2FCE4C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{89DB1A54-EAE4-43FA-ACCB-7663F77DD78C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FFAD1636-38AF-487A-8808-4B0BC0B981B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C46A09A3-803D-4217-87B3-E18AA43DAE82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA93E6F1-F2B1-45D8-B1CC-B3C0662EC8A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CBCCC2B6-D17C-4229-955C-186C5A9F7C57}C:\program files (x86)\essentialpim pro\essentialpim.exe] => (Allow) C:\program files (x86)\essentialpim pro\essentialpim.exe
FirewallRules: [UDP Query User{DAF980A1-AFD1-430F-AD91-EF249416804B}C:\program files (x86)\essentialpim pro\essentialpim.exe] => (Allow) C:\program files (x86)\essentialpim pro\essentialpim.exe
FirewallRules: [TCP Query User{13926C60-8B86-45B3-A4A8-4C8E4AEEADA4}C:\program files (x86)\essentialpim pro\essentialpim.exe] => (Block) C:\program files (x86)\essentialpim pro\essentialpim.exe
FirewallRules: [UDP Query User{085C4440-94E1-49EE-B31E-C4F2819EFF72}C:\program files (x86)\essentialpim pro\essentialpim.exe] => (Block) C:\program files (x86)\essentialpim pro\essentialpim.exe
FirewallRules: [{E68E01E3-7FC9-4C5F-AA81-EE9EF21F07F9}] => (Allow) %ProgramFiles% (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
FirewallRules: [{7232C7C9-AA73-47BD-884D-1914ACD83150}] => (Allow) %ProgramFiles% (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
FirewallRules: [{2CD0EAD2-66E7-4C60-AA90-03D6DC3A9E62}] => (Allow) %ProgramFiles% (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
FirewallRules: [{DDBF0A24-4737-4EC6-9819-C2C76903DE4D}] => (Allow) %ProgramFiles% (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
FirewallRules: [TCP Query User{96B0929B-7DA3-4A42-92F0-30032A1B627E}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{F50882D9-A770-4BC0-8F3B-96CE8FF68C6E}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{099AC93F-23D1-4898-927B-27D3068E1492}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4252BFF-1E09-4E95-B71E-6CC797DD8E08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F4E762C9-26FC-49CB-B454-F058FBC7771B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AD0CD26F-F535-4B4F-B36E-F472FC285F3F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F9500C20-D340-447E-99FA-9E7A07D18E46}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{7A12A1F6-D09B-4AA8-979F-9B7E309FFC7E}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{068A1E7D-2951-4F78-A265-2D63FC5DD385}D:\users\XXXXXXX\downloads\ffinstonline.exe] => (Allow) D:\users\XXXXXXX\downloads\ffinstonline.exe
FirewallRules: [UDP Query User{4E4C6A81-B039-4D0D-8C73-26C7F9F6317F}D:\users\XXXXXXX\downloads\ffinstonline.exe] => (Allow) D:\users\XXXXXXX\downloads\ffinstonline.exe
FirewallRules: [TCP Query User{715EC787-530D-40DC-90C3-3F0975E3EDE2}C:\users\XXXXXXX\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light] => (Allow) C:\users\XXXXXXX\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light
FirewallRules: [UDP Query User{6BBD44EC-C19D-473E-81ED-644F988EEB81}C:\users\XXXXXXX\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light] => (Allow) C:\users\XXXXXXX\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light
FirewallRules: [TCP Query User{545547EF-E346-440B-9734-2B17C704E71F}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{C7BDA4F1-9406-4806-A057-AF6E04C7DD7F}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{D12A56C7-BB4B-4550-B116-B661192D5705}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1B947CD5-C9E2-49FB-A044-8F7A2236952E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E8ED8A31-F9DC-4E84-ADE9-59B302D8AE1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BDBF53BE-54CB-42BE-9081-B962E8E8BC59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/26/2015 02:02:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009311a
ID des fehlerhaften Prozesses: 0x744
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5
Error: (09/26/2015 02:00:56 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]
Error: (09/26/2015 02:36:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 4.4.5.2, Zeitstempel: 0x55b155ef
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000a326c
ID des fehlerhaften Prozesses: 0x1308
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Vollständiger Name des fehlerhaften Pakets: soffice.bin4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: soffice.bin5
Error: (09/24/2015 12:01:35 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]
Error: (09/23/2015 03:11:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003d86e
ID des fehlerhaften Prozesses: 0x11a4
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5
Error: (09/23/2015 12:01:32 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]
Error: (09/22/2015 01:10:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009311a
ID des fehlerhaften Prozesses: 0x768
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5
Error: (09/21/2015 10:28:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]
Error: (09/21/2015 10:27:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.3.5716, Zeitstempel: 0x55ddb213
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.3.5716, Zeitstempel: 0x55dda062
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e250
ID des fehlerhaften Prozesses: 0x1730
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (09/21/2015 02:49:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 4.4.5.2, Zeitstempel: 0x55b155ef
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000a326c
ID des fehlerhaften Prozesses: 0x126c
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Vollständiger Name des fehlerhaften Pakets: soffice.bin4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: soffice.bin5
Systemfehler:
=============
Error: (09/26/2015 02:02:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/26/2015 01:50:58 PM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/26/2015 01:50:28 PM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/25/2015 10:47:04 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/25/2015 10:46:34 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/24/2015 09:01:13 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/24/2015 09:00:43 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/24/2015 08:50:37 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/24/2015 08:50:06 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/24/2015 08:40:10 AM) (Source: DCOM) (EventID: 10010) (User: Alpha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II X2 240 Processor
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 4095.29 MB
Verfügbarer physikalischer RAM: 3000.27 MB
Summe virtueller Speicher: 4799.29 MB
Verfügbarer virtueller Speicher: 3263.38 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:195.31 GB) (Free:158.15 GB) NTFS
Drive d: (Daten Alpha 1) (Fixed) (Total:400.65 GB) (Free:277.2 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (Daten Alpha 2) (Fixed) (Total:400.65 GB) (Free:400.34 GB) NTFS
Drive f: (Daten Alpha 3) (Fixed) (Total:400.65 GB) (Free:400.45 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 01430143)
Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=400.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=400.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=400.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
 |
|
27.09.2015, 13:57
| #4 |
| /// the machine /// TB-Ausbilder | Mails werden automatisch versendet hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.09.2015, 15:52
| #5 |
| | Mails werden automatisch versendet Hallo Schrauber, danke für deine Hilfe am "heiligen" Sonntag  mbar.exe hat nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.27.04
rootkit: v2015.09.22.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18036
XXXXXXX :: ALPHA [administrator]
27.09.2015 15:47:18
mbar-log-2015-09-27 (15-47-18).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 366359
Time elapsed: 44 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
aber auch hier keine Funde: Code:
ATTFilter 16:39:45.0333 0x04cc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:39:53.0188 0x04cc ============================================================
16:39:53.0188 0x04cc Current date / time: 2015/09/27 16:39:53.0188
16:39:53.0188 0x04cc SystemInfo:
16:39:53.0188 0x04cc
16:39:53.0188 0x04cc OS Version: 6.3.9600 ServicePack: 0.0
16:39:53.0188 0x04cc Product type: Workstation
16:39:53.0188 0x04cc ComputerName: ALPHA
16:39:53.0188 0x04cc UserName: XXXXXXX
16:39:53.0188 0x04cc Windows directory: C:\Windows
16:39:53.0188 0x04cc System windows directory: C:\Windows
16:39:53.0188 0x04cc Running under WOW64
16:39:53.0188 0x04cc Processor architecture: Intel x64
16:39:53.0188 0x04cc Number of processors: 2
16:39:53.0188 0x04cc Page size: 0x1000
16:39:53.0188 0x04cc Boot type: Normal boot
16:39:53.0188 0x04cc ============================================================
16:39:53.0548 0x04cc KLMD registered as C:\Windows\system32\drivers\33539261.sys
16:39:54.0078 0x04cc System UUID: {73F819BC-2B11-689C-21CB-8C9CD6671FC0}
16:39:55.0448 0x04cc Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:39:55.0463 0x04cc ============================================================
16:39:55.0463 0x04cc \Device\Harddisk0\DR0:
16:39:55.0463 0x04cc MBR partitions:
16:39:55.0463 0x04cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1869D800
16:39:55.0463 0x04cc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1869E598, BlocksNum 0x3214EACE
16:39:55.0463 0x04cc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4A7ED066, BlocksNum 0x3214AC0D
16:39:55.0463 0x04cc \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x7C937C73, BlocksNum 0x3214EACE
16:39:55.0463 0x04cc ============================================================
16:39:55.0488 0x04cc C: <-> \Device\Harddisk0\DR0\Partition1
16:39:55.0528 0x04cc D: <-> \Device\Harddisk0\DR0\Partition2
16:39:55.0573 0x04cc E: <-> \Device\Harddisk0\DR0\Partition3
16:39:55.0608 0x04cc F: <-> \Device\Harddisk0\DR0\Partition4
16:39:55.0608 0x04cc ============================================================
16:39:55.0608 0x04cc Initialize success
16:39:55.0608 0x04cc ============================================================
16:40:36.0413 0x10f8 ============================================================
16:40:36.0413 0x10f8 Scan started
16:40:36.0413 0x10f8 Mode: Manual; SigCheck; TDLFS;
16:40:36.0413 0x10f8 ============================================================
16:40:36.0413 0x10f8 KSN ping started
16:40:38.0763 0x10f8 KSN ping finished: true
16:40:40.0403 0x10f8 ================ Scan system memory ========================
16:40:40.0403 0x10f8 System memory - ok
16:40:40.0408 0x10f8 ================ Scan services =============================
16:40:40.0628 0x10f8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
16:40:40.0888 0x10f8 1394ohci - ok
16:40:40.0968 0x10f8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
16:40:41.0013 0x10f8 3ware - ok
16:40:41.0098 0x10f8 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:40:41.0193 0x10f8 ACPI - ok
16:40:41.0228 0x10f8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
16:40:41.0273 0x10f8 acpiex - ok
16:40:41.0288 0x10f8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
16:40:41.0348 0x10f8 acpipagr - ok
16:40:41.0363 0x10f8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
16:40:41.0428 0x10f8 AcpiPmi - ok
16:40:41.0443 0x10f8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
16:40:41.0498 0x10f8 acpitime - ok
16:40:41.0613 0x10f8 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:40:41.0643 0x10f8 AdobeARMservice - ok
16:40:41.0798 0x10f8 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:40:41.0838 0x10f8 AdobeFlashPlayerUpdateSvc - ok
16:40:41.0928 0x10f8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
16:40:42.0038 0x10f8 ADP80XX - ok
16:40:42.0103 0x10f8 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:40:42.0223 0x10f8 AeLookupSvc - ok
16:40:42.0333 0x10f8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
16:40:42.0508 0x10f8 AFD - ok
16:40:42.0538 0x10f8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:40:42.0578 0x10f8 agp440 - ok
16:40:42.0603 0x10f8 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
16:40:42.0678 0x10f8 ahcache - ok
16:40:42.0713 0x10f8 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
16:40:42.0788 0x10f8 ALG - ok
16:40:42.0823 0x10f8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
16:40:42.0908 0x10f8 AmdK8 - ok
16:40:42.0943 0x10f8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
16:40:43.0008 0x10f8 AmdPPM - ok
16:40:43.0043 0x10f8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:40:43.0088 0x10f8 amdsata - ok
16:40:43.0133 0x10f8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:40:43.0198 0x10f8 amdsbs - ok
16:40:43.0213 0x10f8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:40:43.0248 0x10f8 amdxata - ok
16:40:43.0378 0x10f8 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:40:43.0523 0x10f8 AntiVirMailService - ok
16:40:43.0583 0x10f8 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:40:43.0668 0x10f8 AntiVirSchedulerService - ok
16:40:43.0728 0x10f8 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:40:43.0808 0x10f8 AntiVirService - ok
16:40:43.0908 0x10f8 [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:40:44.0028 0x10f8 AntiVirWebService - ok
16:40:44.0078 0x10f8 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
16:40:44.0198 0x10f8 AppID - ok
16:40:44.0238 0x10f8 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:40:44.0293 0x10f8 AppIDSvc - ok
16:40:44.0333 0x10f8 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
16:40:44.0413 0x10f8 Appinfo - ok
16:40:44.0483 0x10f8 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
16:40:44.0623 0x10f8 AppReadiness - ok
16:40:44.0758 0x10f8 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
16:40:44.0933 0x10f8 AppXSvc - ok
16:40:44.0983 0x10f8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:40:45.0033 0x10f8 arcsas - ok
16:40:45.0058 0x10f8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
16:40:45.0098 0x10f8 atapi - ok
16:40:45.0153 0x10f8 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:40:45.0258 0x10f8 AudioEndpointBuilder - ok
16:40:45.0343 0x10f8 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:40:45.0468 0x10f8 Audiosrv - ok
16:40:45.0503 0x10f8 [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:40:45.0548 0x10f8 avgntflt - ok
16:40:45.0598 0x10f8 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:40:45.0643 0x10f8 avipbb - ok
16:40:45.0713 0x10f8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:40:45.0738 0x10f8 avkmgr - ok
16:40:45.0773 0x10f8 [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
16:40:45.0818 0x10f8 avnetflt - ok
16:40:45.0863 0x10f8 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:40:45.0943 0x10f8 AxInstSV - ok
16:40:45.0998 0x10f8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:40:46.0088 0x10f8 b06bdrv - ok
16:40:46.0113 0x10f8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
16:40:46.0218 0x10f8 BasicDisplay - ok
16:40:46.0233 0x10f8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
16:40:46.0318 0x10f8 BasicRender - ok
16:40:46.0338 0x10f8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
16:40:46.0363 0x10f8 bcmfn2 - ok
16:40:46.0428 0x10f8 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
16:40:46.0523 0x10f8 BDESVC - ok
16:40:46.0548 0x10f8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
16:40:46.0613 0x10f8 Beep - ok
16:40:46.0718 0x10f8 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\Windows\System32\bfe.dll
16:40:46.0858 0x10f8 BFE - ok
16:40:46.0958 0x10f8 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
16:40:47.0118 0x10f8 BITS - ok
16:40:47.0153 0x10f8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:40:47.0233 0x10f8 bowser - ok
16:40:47.0293 0x10f8 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:40:47.0378 0x10f8 BrokerInfrastructure - ok
16:40:47.0433 0x10f8 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
16:40:47.0498 0x10f8 Browser - ok
16:40:47.0528 0x10f8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
16:40:47.0583 0x10f8 BthAvrcpTg - ok
16:40:47.0618 0x10f8 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
16:40:47.0673 0x10f8 BthHFEnum - ok
16:40:47.0693 0x10f8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
16:40:47.0753 0x10f8 bthhfhid - ok
16:40:47.0818 0x10f8 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
16:40:47.0938 0x10f8 BthHFSrv - ok
16:40:47.0968 0x10f8 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
16:40:48.0038 0x10f8 BTHMODEM - ok
16:40:48.0083 0x10f8 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
16:40:48.0148 0x10f8 bthserv - ok
16:40:48.0193 0x10f8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:40:48.0273 0x10f8 cdfs - ok
16:40:48.0308 0x10f8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
16:40:48.0353 0x10f8 cdrom - ok
16:40:48.0393 0x10f8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
16:40:48.0468 0x10f8 CertPropSvc - ok
16:40:48.0493 0x10f8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
16:40:48.0543 0x10f8 circlass - ok
16:40:48.0603 0x10f8 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
16:40:48.0673 0x10f8 CLFS - ok
16:40:48.0723 0x10f8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
16:40:48.0778 0x10f8 CmBatt - ok
16:40:48.0858 0x10f8 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
16:40:48.0953 0x10f8 CNG - ok
16:40:48.0983 0x10f8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
16:40:49.0038 0x10f8 CompositeBus - ok
16:40:49.0053 0x10f8 COMSysApp - ok
16:40:49.0088 0x10f8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
16:40:49.0163 0x10f8 condrv - ok
16:40:49.0218 0x10f8 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:40:49.0308 0x10f8 CryptSvc - ok
16:40:49.0333 0x10f8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
16:40:49.0378 0x10f8 dam - ok
16:40:49.0478 0x10f8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:40:49.0618 0x10f8 DcomLaunch - ok
16:40:49.0698 0x10f8 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
16:40:49.0853 0x10f8 defragsvc - ok
16:40:49.0923 0x10f8 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
16:40:50.0013 0x10f8 DeviceAssociationService - ok
16:40:50.0043 0x10f8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
16:40:50.0098 0x10f8 DeviceInstall - ok
16:40:50.0138 0x10f8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
16:40:50.0238 0x10f8 Dfsc - ok
16:40:50.0283 0x10f8 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:40:50.0318 0x10f8 dg_ssudbus - ok
16:40:50.0388 0x10f8 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
16:40:50.0503 0x10f8 Dhcp - ok
16:40:50.0653 0x10f8 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
16:40:50.0868 0x10f8 DiagTrack - ok
16:40:50.0918 0x10f8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
16:40:50.0963 0x10f8 disk - ok
16:40:50.0988 0x10f8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
16:40:51.0083 0x10f8 dmvsc - ok
16:40:51.0138 0x10f8 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:40:51.0203 0x10f8 Dnscache - ok
16:40:51.0283 0x10f8 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
16:40:51.0388 0x10f8 dot3svc - ok
16:40:51.0433 0x10f8 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
16:40:51.0508 0x10f8 DPS - ok
16:40:51.0543 0x10f8 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:40:51.0578 0x10f8 drmkaud - ok
16:40:51.0628 0x10f8 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
16:40:51.0693 0x10f8 DsmSvc - ok
16:40:51.0843 0x10f8 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:40:52.0028 0x10f8 DXGKrnl - ok
16:40:52.0068 0x10f8 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
16:40:52.0143 0x10f8 Eaphost - ok
16:40:52.0403 0x10f8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:40:52.0768 0x10f8 ebdrv - ok
16:40:52.0818 0x10f8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
16:40:52.0863 0x10f8 EFS - ok
16:40:52.0898 0x10f8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
16:40:52.0943 0x10f8 EhStorClass - ok
16:40:52.0978 0x10f8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:40:53.0028 0x10f8 EhStorTcgDrv - ok
16:40:53.0048 0x10f8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
16:40:53.0093 0x10f8 ErrDev - ok
16:40:53.0148 0x10f8 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
16:40:53.0238 0x10f8 EventSystem - ok
16:40:53.0268 0x10f8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
16:40:53.0358 0x10f8 exfat - ok
16:40:53.0393 0x10f8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:40:53.0423 0x10f8 fastfat - ok
16:40:53.0483 0x10f8 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
16:40:53.0593 0x10f8 Fax - ok
16:40:53.0618 0x10f8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
16:40:53.0668 0x10f8 fdc - ok
16:40:53.0703 0x10f8 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
16:40:53.0778 0x10f8 fdPHost - ok
16:40:53.0818 0x10f8 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
16:40:53.0868 0x10f8 FDResPub - ok
16:40:53.0913 0x10f8 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
16:40:53.0998 0x10f8 fhsvc - ok
16:40:54.0028 0x10f8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:40:54.0073 0x10f8 FileInfo - ok
16:40:54.0108 0x10f8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:40:54.0178 0x10f8 Filetrace - ok
16:40:54.0248 0x10f8 [ 66DDE64F0B1C738B1879FFFC3EBDC50C, 80FE8B499A1B56BE157EC094BE181E7931FD276149B43160D0560D9AEA662A0D ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
16:40:54.0268 0x10f8 FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic ( 1 )
16:40:56.0618 0x10f8 Detect skipped due to KSN trusted
16:40:56.0618 0x10f8 FirebirdGuardianDefaultInstance - ok
16:40:56.0843 0x10f8 [ 6BEFD92FDD20A9AEF21BE6CD61EF96AB, 1208F755F654B7DAA75E7CE1D2C70D4AE62CC13DA062C9A33394DFBFD7CFECCE ] FirebirdServerDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
16:40:57.0093 0x10f8 FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic ( 1 )
16:40:59.0433 0x10f8 Detect skipped due to KSN trusted
16:40:59.0433 0x10f8 FirebirdServerDefaultInstance - ok
16:40:59.0453 0x10f8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
16:40:59.0498 0x10f8 flpydisk - ok
16:40:59.0558 0x10f8 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:40:59.0633 0x10f8 FltMgr - ok
16:40:59.0768 0x10f8 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\Windows\system32\FntCache.dll
16:40:59.0963 0x10f8 FontCache - ok
16:41:00.0003 0x10f8 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:41:00.0043 0x10f8 FsDepends - ok
16:41:00.0078 0x10f8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:41:00.0118 0x10f8 Fs_Rec - ok
16:41:00.0198 0x10f8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:41:00.0293 0x10f8 fvevol - ok
16:41:00.0328 0x10f8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
16:41:00.0373 0x10f8 FxPPM - ok
16:41:00.0403 0x10f8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:41:00.0443 0x10f8 gagp30kx - ok
16:41:00.0478 0x10f8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
16:41:00.0518 0x10f8 gencounter - ok
16:41:00.0563 0x10f8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
16:41:00.0613 0x10f8 GPIOClx0101 - ok
16:41:00.0753 0x10f8 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
16:41:00.0908 0x10f8 gpsvc - ok
16:41:00.0983 0x10f8 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:41:01.0063 0x10f8 HdAudAddService - ok
16:41:01.0103 0x10f8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
16:41:01.0228 0x10f8 HDAudBus - ok
16:41:01.0243 0x10f8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
16:41:01.0293 0x10f8 HidBatt - ok
16:41:01.0348 0x10f8 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
16:41:01.0408 0x10f8 HidBth - ok
16:41:01.0428 0x10f8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
16:41:01.0468 0x10f8 hidi2c - ok
16:41:01.0488 0x10f8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
16:41:01.0528 0x10f8 HidIr - ok
16:41:01.0568 0x10f8 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
16:41:01.0643 0x10f8 hidserv - ok
16:41:01.0673 0x10f8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
16:41:01.0758 0x10f8 HidUsb - ok
16:41:01.0808 0x10f8 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
16:41:01.0893 0x10f8 hkmsvc - ok
16:41:01.0938 0x10f8 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:41:02.0018 0x10f8 HomeGroupListener - ok
16:41:02.0088 0x10f8 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:41:02.0178 0x10f8 HomeGroupProvider - ok
16:41:02.0233 0x10f8 [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
16:41:02.0258 0x10f8 HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
16:41:04.0593 0x10f8 Detect skipped due to KSN trusted
16:41:04.0593 0x10f8 HP DS Service - ok
16:41:04.0643 0x10f8 [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
16:41:04.0668 0x10f8 HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
16:41:07.0008 0x10f8 Detect skipped due to KSN trusted
16:41:07.0008 0x10f8 HP LaserJet Service - ok
16:41:07.0038 0x10f8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:41:07.0078 0x10f8 HpSAMD - ok
16:41:07.0183 0x10f8 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:41:07.0323 0x10f8 HTTP - ok
16:41:07.0353 0x10f8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:41:07.0393 0x10f8 hwpolicy - ok
16:41:07.0408 0x10f8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
16:41:07.0453 0x10f8 hyperkbd - ok
16:41:07.0473 0x10f8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
16:41:07.0508 0x10f8 HyperVideo - ok
16:41:07.0548 0x10f8 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
16:41:07.0623 0x10f8 i8042prt - ok
16:41:07.0638 0x10f8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:41:07.0668 0x10f8 iaLPSSi_GPIO - ok
16:41:07.0688 0x10f8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:41:07.0728 0x10f8 iaLPSSi_I2C - ok
16:41:07.0798 0x10f8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
16:41:07.0873 0x10f8 iaStorAV - ok
16:41:07.0938 0x10f8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:41:08.0013 0x10f8 iaStorV - ok
16:41:08.0028 0x10f8 IEEtwCollectorService - ok
16:41:08.0143 0x10f8 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\Windows\System32\ikeext.dll
16:41:08.0283 0x10f8 IKEEXT - ok
16:41:08.0308 0x10f8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
16:41:08.0358 0x10f8 intelide - ok
16:41:08.0403 0x10f8 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
16:41:08.0438 0x10f8 intelpep - ok
16:41:08.0478 0x10f8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
16:41:08.0533 0x10f8 intelppm - ok
16:41:08.0568 0x10f8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:41:08.0693 0x10f8 IpFilterDriver - ok
16:41:08.0798 0x10f8 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:41:08.0918 0x10f8 iphlpsvc - ok
16:41:08.0963 0x10f8 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
16:41:09.0063 0x10f8 IPMIDRV - ok
16:41:09.0088 0x10f8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:41:09.0163 0x10f8 IPNAT - ok
16:41:09.0188 0x10f8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:41:09.0228 0x10f8 IRENUM - ok
16:41:09.0268 0x10f8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:41:09.0313 0x10f8 isapnp - ok
16:41:09.0373 0x10f8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
16:41:09.0438 0x10f8 iScsiPrt - ok
16:41:09.0473 0x10f8 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
16:41:09.0513 0x10f8 kbdclass - ok
16:41:09.0568 0x10f8 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
16:41:09.0618 0x10f8 kbdhid - ok
16:41:09.0648 0x10f8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
16:41:09.0703 0x10f8 kdnic - ok
16:41:09.0728 0x10f8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
16:41:09.0773 0x10f8 KeyIso - ok
16:41:09.0813 0x10f8 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:41:09.0858 0x10f8 KSecDD - ok
16:41:09.0913 0x10f8 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:41:09.0963 0x10f8 KSecPkg - ok
16:41:09.0988 0x10f8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:41:10.0033 0x10f8 ksthunk - ok
16:41:10.0088 0x10f8 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:41:10.0153 0x10f8 KtmRm - ok
16:41:10.0208 0x10f8 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:41:10.0298 0x10f8 LanmanServer - ok
16:41:10.0353 0x10f8 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:41:10.0438 0x10f8 LanmanWorkstation - ok
16:41:10.0513 0x10f8 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
16:41:10.0633 0x10f8 lfsvc - ok
16:41:10.0663 0x10f8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:41:10.0718 0x10f8 lltdio - ok
16:41:10.0758 0x10f8 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:41:10.0838 0x10f8 lltdsvc - ok
16:41:10.0873 0x10f8 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:41:10.0938 0x10f8 lmhosts - ok
16:41:10.0978 0x10f8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:41:11.0028 0x10f8 LSI_SAS - ok
16:41:11.0048 0x10f8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:41:11.0093 0x10f8 LSI_SAS2 - ok
16:41:11.0113 0x10f8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
16:41:11.0168 0x10f8 LSI_SAS3 - ok
16:41:11.0198 0x10f8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
16:41:11.0238 0x10f8 LSI_SSS - ok
16:41:11.0343 0x10f8 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
16:41:11.0478 0x10f8 LSM - ok
16:41:11.0508 0x10f8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
16:41:11.0623 0x10f8 luafv - ok
16:41:11.0643 0x10f8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
16:41:11.0683 0x10f8 megasas - ok
16:41:11.0753 0x10f8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
16:41:11.0853 0x10f8 megasr - ok
16:41:11.0903 0x10f8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
16:41:11.0983 0x10f8 MMCSS - ok
16:41:11.0998 0x10f8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
16:41:12.0058 0x10f8 Modem - ok
16:41:12.0088 0x10f8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
16:41:12.0153 0x10f8 monitor - ok
16:41:12.0178 0x10f8 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
16:41:12.0218 0x10f8 mouclass - ok
16:41:12.0263 0x10f8 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
16:41:12.0318 0x10f8 mouhid - ok
16:41:12.0353 0x10f8 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:41:12.0408 0x10f8 mountmgr - ok
16:41:12.0458 0x10f8 [ E96D4881189E3241A80EE54EFAB02E00, 13DC3174A2A5CF20C63C3EA5E2FF4060B15B40B02CCB29B41EC7A53047B69D9F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:41:12.0493 0x10f8 MozillaMaintenance - ok
16:41:12.0528 0x10f8 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:41:12.0568 0x10f8 mpsdrv - ok
16:41:12.0623 0x10f8 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:41:12.0688 0x10f8 MpsSvc - ok
16:41:12.0733 0x10f8 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:41:12.0798 0x10f8 MRxDAV - ok
16:41:12.0863 0x10f8 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:41:12.0963 0x10f8 mrxsmb - ok
16:41:13.0023 0x10f8 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:41:13.0123 0x10f8 mrxsmb10 - ok
16:41:13.0163 0x10f8 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:41:13.0228 0x10f8 mrxsmb20 - ok
16:41:13.0258 0x10f8 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
16:41:13.0323 0x10f8 MsBridge - ok
16:41:13.0378 0x10f8 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
16:41:13.0428 0x10f8 MSDTC - ok
16:41:13.0483 0x10f8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:41:13.0533 0x10f8 Msfs - ok
16:41:13.0568 0x10f8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
16:41:13.0613 0x10f8 msgpiowin32 - ok
16:41:13.0638 0x10f8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:41:13.0693 0x10f8 mshidkmdf - ok
16:41:13.0713 0x10f8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
16:41:13.0753 0x10f8 mshidumdf - ok
16:41:13.0793 0x10f8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:41:13.0848 0x10f8 msisadrv - ok
16:41:13.0883 0x10f8 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:41:13.0918 0x10f8 MSiSCSI - ok
16:41:13.0928 0x10f8 msiserver - ok
16:41:13.0943 0x10f8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:41:13.0963 0x10f8 MSKSSRV - ok
16:41:13.0983 0x10f8 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
16:41:14.0033 0x10f8 MsLldp - ok
16:41:14.0043 0x10f8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:41:14.0058 0x10f8 MSPCLOCK - ok
16:41:14.0068 0x10f8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:41:14.0098 0x10f8 MSPQM - ok
16:41:14.0133 0x10f8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:41:14.0183 0x10f8 MsRPC - ok
16:41:14.0203 0x10f8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
16:41:14.0223 0x10f8 mssmbios - ok
16:41:14.0233 0x10f8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:41:14.0263 0x10f8 MSTEE - ok
16:41:14.0283 0x10f8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
16:41:14.0313 0x10f8 MTConfig - ok
16:41:14.0343 0x10f8 [ 640617B6E682A150C36BE39D78547F6C, 784F712E9DC3EEE81F07946BBA08AA2BEAC7B3961E430B75043645EF7ECA715C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
16:41:14.0358 0x10f8 MTsensor - ok
16:41:14.0378 0x10f8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
16:41:14.0398 0x10f8 Mup - ok
16:41:14.0418 0x10f8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
16:41:14.0438 0x10f8 mvumis - ok
16:41:14.0493 0x10f8 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
16:41:14.0543 0x10f8 napagent - ok
16:41:14.0583 0x10f8 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:41:14.0633 0x10f8 NativeWifiP - ok
16:41:14.0663 0x10f8 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
16:41:14.0713 0x10f8 NcaSvc - ok
16:41:14.0743 0x10f8 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
16:41:14.0798 0x10f8 NcbService - ok
16:41:14.0833 0x10f8 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
16:41:14.0913 0x10f8 NcdAutoSetup - ok
16:41:15.0033 0x10f8 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:41:15.0178 0x10f8 NDIS - ok
16:41:15.0218 0x10f8 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:41:15.0268 0x10f8 NdisCap - ok
16:41:15.0308 0x10f8 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
16:41:15.0368 0x10f8 NdisImPlatform - ok
16:41:15.0398 0x10f8 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:41:15.0443 0x10f8 NdisTapi - ok
16:41:15.0508 0x10f8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:41:15.0578 0x10f8 Ndisuio - ok
16:41:15.0603 0x10f8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
16:41:15.0658 0x10f8 NdisVirtualBus - ok
16:41:15.0698 0x10f8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:41:15.0763 0x10f8 NdisWan - ok
16:41:15.0788 0x10f8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
16:41:15.0848 0x10f8 NdisWanLegacy - ok
16:41:15.0888 0x10f8 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:41:15.0938 0x10f8 NDProxy - ok
16:41:15.0978 0x10f8 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
16:41:16.0053 0x10f8 Ndu - ok
16:41:16.0098 0x10f8 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
16:41:16.0123 0x10f8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:41:18.0478 0x10f8 Detect skipped due to KSN trusted
16:41:18.0478 0x10f8 Net Driver HPZ12 - ok
16:41:18.0508 0x10f8 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:41:18.0558 0x10f8 NetBIOS - ok
16:41:18.0608 0x10f8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:41:18.0703 0x10f8 NetBT - ok
16:41:18.0733 0x10f8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
16:41:18.0773 0x10f8 Netlogon - ok
16:41:18.0833 0x10f8 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
16:41:18.0888 0x10f8 Netman - ok
16:41:18.0973 0x10f8 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
16:41:19.0053 0x10f8 netprofm - ok
16:41:19.0143 0x10f8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:41:19.0243 0x10f8 NetTcpPortSharing - ok
16:41:19.0288 0x10f8 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
16:41:19.0358 0x10f8 netvsc - ok
16:41:19.0423 0x10f8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
16:41:19.0518 0x10f8 NlaSvc - ok
16:41:19.0558 0x10f8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:41:19.0608 0x10f8 Npfs - ok
16:41:19.0633 0x10f8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
16:41:19.0693 0x10f8 npsvctrig - ok
16:41:19.0743 0x10f8 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
16:41:19.0808 0x10f8 nsi - ok
16:41:19.0843 0x10f8 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:41:19.0888 0x10f8 nsiproxy - ok
16:41:20.0088 0x10f8 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:41:20.0323 0x10f8 Ntfs - ok
16:41:20.0353 0x10f8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
16:41:20.0393 0x10f8 Null - ok
16:41:21.0413 0x10f8 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:41:22.0483 0x10f8 nvlddmkm - ok
16:41:22.0613 0x10f8 [ 37B0088B8E7F2A8AD0AE2281A70E0D13, 50256EEADBBC5CCCF3EBAEB9020D91EDB9961E7404BD41067A4290362BE6962F ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
16:41:22.0673 0x10f8 NVNET - ok
16:41:22.0853 0x10f8 [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:41:23.0003 0x10f8 NvNetworkService - ok
16:41:23.0048 0x10f8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:41:23.0098 0x10f8 nvraid - ok
16:41:23.0148 0x10f8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:41:23.0193 0x10f8 nvstor - ok
16:41:23.0278 0x10f8 [ 3ABCD8F8853FEB12B961E9A48FC12133, 58255D53E810EE0D89FA2F1DC9D6208BF44F3C0FDE74A9264FB740024F1EDD44 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:41:23.0308 0x10f8 NvStreamKms - ok
16:41:23.0318 0x10f8 NvStreamSvc - ok
16:41:23.0433 0x10f8 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:41:23.0548 0x10f8 nvsvc - ok
16:41:23.0578 0x10f8 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:41:23.0613 0x10f8 nvvad_WaveExtensible - ok
16:41:23.0633 0x10f8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:41:23.0688 0x10f8 nv_agp - ok
16:41:23.0733 0x10f8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:41:23.0813 0x10f8 p2pimsvc - ok
16:41:23.0863 0x10f8 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
16:41:23.0938 0x10f8 p2psvc - ok
16:41:23.0963 0x10f8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
16:41:24.0008 0x10f8 Parport - ok
16:41:24.0058 0x10f8 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:41:24.0108 0x10f8 partmgr - ok
16:41:24.0183 0x10f8 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:41:24.0268 0x10f8 PcaSvc - ok
16:41:24.0328 0x10f8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
16:41:24.0393 0x10f8 pci - ok
16:41:24.0423 0x10f8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
16:41:24.0458 0x10f8 pciide - ok
16:41:24.0483 0x10f8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:41:24.0548 0x10f8 pcmcia - ok
16:41:24.0568 0x10f8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
16:41:24.0608 0x10f8 pcw - ok
16:41:24.0653 0x10f8 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
16:41:24.0693 0x10f8 pdc - ok
16:41:24.0743 0x10f8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:41:24.0833 0x10f8 PEAUTH - ok
16:41:24.0908 0x10f8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:41:25.0003 0x10f8 PerfHost - ok
16:41:25.0168 0x10f8 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
16:41:25.0333 0x10f8 pla - ok
16:41:25.0378 0x10f8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:41:25.0423 0x10f8 PlugPlay - ok
16:41:25.0468 0x10f8 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
16:41:25.0483 0x10f8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:41:27.0823 0x10f8 Detect skipped due to KSN trusted
16:41:27.0823 0x10f8 Pml Driver HPZ12 - ok
16:41:27.0858 0x10f8 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:41:27.0903 0x10f8 PNRPAutoReg - ok
16:41:27.0958 0x10f8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:41:28.0023 0x10f8 PNRPsvc - ok
16:41:28.0083 0x10f8 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:41:28.0153 0x10f8 PolicyAgent - ok
16:41:28.0228 0x10f8 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
16:41:28.0323 0x10f8 Power - ok
16:41:28.0638 0x10f8 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:41:28.0948 0x10f8 PrintNotify - ok
16:41:28.0993 0x10f8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
16:41:29.0038 0x10f8 Processor - ok
16:41:29.0083 0x10f8 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
16:41:29.0178 0x10f8 ProfSvc - ok
16:41:29.0218 0x10f8 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:41:29.0283 0x10f8 Psched - ok
16:41:29.0338 0x10f8 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
16:41:29.0423 0x10f8 QWAVE - ok
16:41:29.0453 0x10f8 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:41:29.0493 0x10f8 QWAVEdrv - ok
16:41:29.0523 0x10f8 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:41:29.0573 0x10f8 RasAcd - ok
16:41:29.0628 0x10f8 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
16:41:29.0683 0x10f8 RasAuto - ok
16:41:29.0753 0x10f8 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
16:41:29.0843 0x10f8 RasMan - ok
16:41:29.0863 0x10f8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:41:29.0918 0x10f8 RasPppoe - ok
16:41:29.0978 0x10f8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:41:30.0118 0x10f8 rdbss - ok
16:41:30.0158 0x10f8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
16:41:30.0213 0x10f8 rdpbus - ok
16:41:30.0253 0x10f8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:41:30.0318 0x10f8 RDPDR - ok
16:41:30.0378 0x10f8 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:41:30.0413 0x10f8 RdpVideoMiniport - ok
16:41:30.0453 0x10f8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:41:30.0513 0x10f8 rdyboost - ok
16:41:30.0608 0x10f8 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
16:41:30.0743 0x10f8 ReFS - ok
16:41:30.0803 0x10f8 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:41:30.0853 0x10f8 RemoteAccess - ok
16:41:30.0903 0x10f8 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:41:30.0968 0x10f8 RemoteRegistry - ok
16:41:31.0003 0x10f8 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:41:31.0063 0x10f8 RpcEptMapper - ok
16:41:31.0093 0x10f8 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
16:41:31.0158 0x10f8 RpcLocator - ok
16:41:31.0253 0x10f8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
16:41:31.0353 0x10f8 RpcSs - ok
16:41:31.0383 0x10f8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:41:31.0453 0x10f8 rspndr - ok
16:41:31.0478 0x10f8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
16:41:31.0528 0x10f8 s3cap - ok
16:41:31.0573 0x10f8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
16:41:31.0618 0x10f8 SamSs - ok
16:41:31.0648 0x10f8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:41:31.0698 0x10f8 sbp2port - ok
16:41:31.0753 0x10f8 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:41:31.0818 0x10f8 SCardSvr - ok
16:41:31.0853 0x10f8 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
16:41:31.0918 0x10f8 ScDeviceEnum - ok
16:41:31.0938 0x10f8 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:41:31.0978 0x10f8 scfilter - ok
16:41:32.0108 0x10f8 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
16:41:32.0268 0x10f8 Schedule - ok
16:41:32.0323 0x10f8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:41:32.0368 0x10f8 SCPolicySvc - ok
16:41:32.0433 0x10f8 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
16:41:32.0508 0x10f8 sdbus - ok
16:41:32.0543 0x10f8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
16:41:32.0588 0x10f8 sdstor - ok
16:41:32.0608 0x10f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:41:32.0688 0x10f8 secdrv - ok
16:41:32.0738 0x10f8 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
16:41:32.0798 0x10f8 seclogon - ok
16:41:32.0828 0x10f8 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
16:41:32.0888 0x10f8 SENS - ok
16:41:32.0938 0x10f8 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:41:33.0023 0x10f8 SensrSvc - ok
16:41:33.0048 0x10f8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
16:41:33.0093 0x10f8 SerCx - ok
16:41:33.0133 0x10f8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
16:41:33.0178 0x10f8 SerCx2 - ok
16:41:33.0203 0x10f8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
16:41:33.0258 0x10f8 Serenum - ok
16:41:33.0278 0x10f8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
16:41:33.0338 0x10f8 Serial - ok
16:41:33.0378 0x10f8 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
16:41:33.0428 0x10f8 sermouse - ok
16:41:33.0488 0x10f8 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
16:41:33.0578 0x10f8 SessionEnv - ok
16:41:33.0593 0x10f8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
16:41:33.0618 0x10f8 sfloppy - ok
16:41:33.0673 0x10f8 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:41:33.0713 0x10f8 SharedAccess - ok
16:41:33.0768 0x10f8 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:41:33.0853 0x10f8 ShellHWDetection - ok
16:41:33.0863 0x10f8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:41:33.0883 0x10f8 SiSRaid2 - ok
16:41:33.0893 0x10f8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:41:33.0918 0x10f8 SiSRaid4 - ok
16:41:33.0953 0x10f8 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
16:41:33.0988 0x10f8 smphost - ok
16:41:34.0018 0x10f8 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:41:34.0058 0x10f8 SNMPTRAP - ok
16:41:34.0098 0x10f8 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
16:41:34.0128 0x10f8 spaceport - ok
16:41:34.0148 0x10f8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
16:41:34.0168 0x10f8 SpbCx - ok
16:41:34.0218 0x10f8 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
16:41:34.0298 0x10f8 Spooler - ok
16:41:34.0543 0x10f8 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
16:41:34.0798 0x10f8 sppsvc - ok
16:41:34.0863 0x10f8 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:41:34.0998 0x10f8 srv - ok
16:41:35.0068 0x10f8 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:41:35.0193 0x10f8 srv2 - ok
16:41:35.0248 0x10f8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:41:35.0338 0x10f8 srvnet - ok
16:41:35.0393 0x10f8 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:41:35.0463 0x10f8 SSDPSRV - ok
16:41:35.0508 0x10f8 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:41:35.0558 0x10f8 SstpSvc - ok
16:41:35.0618 0x10f8 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:41:35.0658 0x10f8 ssudmdm - ok
16:41:35.0758 0x10f8 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:41:35.0813 0x10f8 Stereo Service - ok
16:41:35.0848 0x10f8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:41:35.0883 0x10f8 stexstor - ok
16:41:35.0968 0x10f8 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
16:41:36.0093 0x10f8 stisvc - ok
16:41:36.0118 0x10f8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
16:41:36.0163 0x10f8 storahci - ok
16:41:36.0208 0x10f8 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:41:36.0243 0x10f8 storflt - ok
16:41:36.0263 0x10f8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
16:41:36.0313 0x10f8 stornvme - ok
16:41:36.0338 0x10f8 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
16:41:36.0413 0x10f8 StorSvc - ok
16:41:36.0428 0x10f8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:41:36.0473 0x10f8 storvsc - ok
16:41:36.0498 0x10f8 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
16:41:36.0553 0x10f8 svsvc - ok
16:41:36.0603 0x10f8 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
16:41:36.0658 0x10f8 swenum - ok
16:41:36.0733 0x10f8 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
16:41:36.0848 0x10f8 swprv - ok
16:41:36.0983 0x10f8 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
16:41:37.0153 0x10f8 SysMain - ok
16:41:37.0213 0x10f8 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:41:37.0303 0x10f8 SystemEventsBroker - ok
16:41:37.0353 0x10f8 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:41:37.0423 0x10f8 TabletInputService - ok
16:41:37.0483 0x10f8 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
16:41:37.0568 0x10f8 TapiSrv - ok
16:41:37.0788 0x10f8 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:41:38.0078 0x10f8 Tcpip - ok
16:41:38.0278 0x10f8 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:41:38.0543 0x10f8 TCPIP6 - ok
16:41:38.0603 0x10f8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:41:38.0678 0x10f8 tcpipreg - ok
16:41:38.0758 0x10f8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:41:38.0813 0x10f8 tdx - ok
16:41:39.0283 0x10f8 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:41:39.0743 0x10f8 TeamViewer - ok
16:41:39.0803 0x10f8 [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
16:41:39.0858 0x10f8 teamviewervpn - ok
16:41:39.0888 0x10f8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
16:41:39.0928 0x10f8 terminpt - ok
16:41:40.0043 0x10f8 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
16:41:40.0168 0x10f8 TermService - ok
16:41:40.0213 0x10f8 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
16:41:40.0253 0x10f8 Themes - ok
16:41:40.0293 0x10f8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
16:41:40.0333 0x10f8 THREADORDER - ok
16:41:40.0393 0x10f8 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
16:41:40.0488 0x10f8 TimeBroker - ok
16:41:40.0533 0x10f8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
16:41:40.0583 0x10f8 TPM - ok
16:41:40.0638 0x10f8 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
16:41:40.0683 0x10f8 TrkWks - ok
16:41:40.0728 0x10f8 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:41:40.0808 0x10f8 TrustedInstaller - ok
16:41:40.0853 0x10f8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:41:40.0928 0x10f8 TsUsbFlt - ok
16:41:40.0973 0x10f8 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
16:41:41.0043 0x10f8 TsUsbGD - ok
16:41:41.0083 0x10f8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:41:41.0168 0x10f8 tunnel - ok
16:41:41.0183 0x10f8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:41:41.0223 0x10f8 uagp35 - ok
16:41:41.0263 0x10f8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
16:41:41.0303 0x10f8 UASPStor - ok
16:41:41.0353 0x10f8 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
16:41:41.0418 0x10f8 UCX01000 - ok
16:41:41.0483 0x10f8 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:41:41.0568 0x10f8 udfs - ok
16:41:41.0598 0x10f8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
16:41:41.0638 0x10f8 UEFI - ok
16:41:41.0693 0x10f8 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:41:41.0753 0x10f8 UI0Detect - ok
16:41:41.0773 0x10f8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:41:41.0813 0x10f8 uliagpkx - ok
16:41:41.0838 0x10f8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
16:41:41.0903 0x10f8 umbus - ok
16:41:41.0933 0x10f8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
16:41:41.0978 0x10f8 UmPass - ok
16:41:42.0028 0x10f8 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
16:41:42.0113 0x10f8 UmRdpService - ok
16:41:42.0188 0x10f8 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
16:41:42.0263 0x10f8 upnphost - ok
16:41:42.0308 0x10f8 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
16:41:42.0363 0x10f8 usbccgp - ok
16:41:42.0408 0x10f8 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
16:41:42.0458 0x10f8 usbcir - ok
16:41:42.0498 0x10f8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
16:41:42.0538 0x10f8 usbehci - ok
16:41:42.0608 0x10f8 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
16:41:42.0693 0x10f8 usbhub - ok
16:41:42.0773 0x10f8 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
16:41:42.0858 0x10f8 USBHUB3 - ok
16:41:42.0893 0x10f8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
16:41:43.0068 0x10f8 usbohci - ok
16:41:43.0098 0x10f8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
16:41:43.0153 0x10f8 usbprint - ok
16:41:43.0188 0x10f8 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys
16:41:43.0248 0x10f8 usbscan - ok
16:41:43.0298 0x10f8 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
16:41:43.0348 0x10f8 USBSTOR - ok
16:41:43.0383 0x10f8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
16:41:43.0428 0x10f8 usbuhci - ok
16:41:43.0498 0x10f8 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
16:41:43.0568 0x10f8 USBXHCI - ok
16:41:43.0593 0x10f8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
16:41:43.0638 0x10f8 VaultSvc - ok
16:41:43.0658 0x10f8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:41:43.0703 0x10f8 vdrvroot - ok
16:41:43.0843 0x10f8 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
16:41:44.0013 0x10f8 vds - ok
16:41:44.0053 0x10f8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
16:41:44.0108 0x10f8 VerifierExt - ok
16:41:44.0183 0x10f8 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
16:41:44.0278 0x10f8 vhdmp - ok
16:41:44.0293 0x10f8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
16:41:44.0333 0x10f8 viaide - ok
16:41:44.0358 0x10f8 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:41:44.0403 0x10f8 vmbus - ok
16:41:44.0428 0x10f8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
16:41:44.0473 0x10f8 VMBusHID - ok
16:41:44.0538 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:41:44.0618 0x10f8 vmicguestinterface - ok
16:41:44.0663 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
16:41:44.0743 0x10f8 vmicheartbeat - ok
16:41:44.0808 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:41:44.0888 0x10f8 vmickvpexchange - ok
16:41:44.0943 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
16:41:45.0023 0x10f8 vmicrdv - ok
16:41:45.0068 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
16:41:45.0123 0x10f8 vmicshutdown - ok
16:41:45.0158 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
16:41:45.0193 0x10f8 vmictimesync - ok
16:41:45.0223 0x10f8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
16:41:45.0263 0x10f8 vmicvss - ok
16:41:45.0273 0x10f8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:41:45.0298 0x10f8 volmgr - ok
16:41:45.0343 0x10f8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:41:45.0383 0x10f8 volmgrx - ok
16:41:45.0433 0x10f8 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:41:45.0468 0x10f8 volsnap - ok
16:41:45.0493 0x10f8 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
16:41:45.0513 0x10f8 vpci - ok
16:41:45.0538 0x10f8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:41:45.0563 0x10f8 vsmraid - ok
16:41:45.0658 0x10f8 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
16:41:45.0753 0x10f8 VSS - ok
16:41:45.0793 0x10f8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
16:41:45.0828 0x10f8 VSTXRAID - ok
16:41:45.0853 0x10f8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:41:45.0958 0x10f8 vwifibus - ok
16:41:46.0018 0x10f8 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
16:41:46.0123 0x10f8 W32Time - ok
16:41:46.0148 0x10f8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
16:41:46.0198 0x10f8 WacomPen - ok
16:41:46.0358 0x10f8 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
16:41:46.0563 0x10f8 wbengine - ok
16:41:46.0638 0x10f8 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:41:46.0733 0x10f8 WbioSrvc - ok
16:41:46.0788 0x10f8 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
16:41:46.0858 0x10f8 Wcmsvc - ok
16:41:46.0913 0x10f8 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:41:46.0988 0x10f8 wcncsvc - ok
16:41:47.0028 0x10f8 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:41:47.0088 0x10f8 WcsPlugInService - ok
16:41:47.0123 0x10f8 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
16:41:47.0168 0x10f8 WdBoot - ok
16:41:47.0268 0x10f8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:41:47.0368 0x10f8 Wdf01000 - ok
16:41:47.0423 0x10f8 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
16:41:47.0483 0x10f8 WdFilter - ok
16:41:47.0528 0x10f8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:41:47.0583 0x10f8 WdiServiceHost - ok
16:41:47.0598 0x10f8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:41:47.0658 0x10f8 WdiSystemHost - ok
16:41:47.0693 0x10f8 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
16:41:47.0738 0x10f8 WdNisDrv - ok
16:41:47.0763 0x10f8 WdNisSvc - ok
16:41:47.0808 0x10f8 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
16:41:47.0883 0x10f8 WebClient - ok
16:41:47.0938 0x10f8 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:41:48.0023 0x10f8 Wecsvc - ok
16:41:48.0073 0x10f8 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
16:41:48.0118 0x10f8 WEPHOSTSVC - ok
16:41:48.0173 0x10f8 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:41:48.0258 0x10f8 wercplsupport - ok
16:41:48.0298 0x10f8 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
16:41:48.0353 0x10f8 WerSvc - ok
16:41:48.0393 0x10f8 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
16:41:48.0443 0x10f8 WFPLWFS - ok
16:41:48.0488 0x10f8 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
16:41:48.0543 0x10f8 WiaRpc - ok
16:41:48.0568 0x10f8 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:41:48.0608 0x10f8 WIMMount - ok
16:41:48.0618 0x10f8 WinDefend - ok
16:41:48.0723 0x10f8 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:41:48.0838 0x10f8 WinHttpAutoProxySvc - ok
16:41:48.0903 0x10f8 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:41:48.0988 0x10f8 Winmgmt - ok
16:41:49.0223 0x10f8 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
16:41:49.0483 0x10f8 WinRM - ok
16:41:49.0558 0x10f8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
16:41:49.0598 0x10f8 WinUsb - ok
16:41:49.0738 0x10f8 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
16:41:49.0913 0x10f8 WlanSvc - ok
16:41:50.0078 0x10f8 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
16:41:50.0248 0x10f8 wlidsvc - ok
16:41:50.0288 0x10f8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
16:41:50.0333 0x10f8 WmiAcpi - ok
16:41:50.0393 0x10f8 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:41:50.0453 0x10f8 wmiApSrv - ok
16:41:50.0483 0x10f8 WMPNetworkSvc - ok
16:41:50.0543 0x10f8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
16:41:50.0598 0x10f8 Wof - ok
16:41:50.0773 0x10f8 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
16:41:50.0988 0x10f8 workfolderssvc - ok
16:41:51.0048 0x10f8 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
16:41:51.0088 0x10f8 wpcfltr - ok
16:41:51.0123 0x10f8 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:41:51.0168 0x10f8 WPCSvc - ok
16:41:51.0193 0x10f8 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:41:51.0283 0x10f8 WPDBusEnum - ok
16:41:51.0313 0x10f8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
16:41:51.0353 0x10f8 WpdUpFltr - ok
16:41:51.0373 0x10f8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:41:51.0428 0x10f8 ws2ifsl - ok
16:41:51.0478 0x10f8 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
16:41:51.0573 0x10f8 wscsvc - ok
16:41:51.0608 0x10f8 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
16:41:51.0643 0x10f8 WSDPrintDevice - ok
16:41:51.0663 0x10f8 WSearch - ok
16:41:51.0978 0x10f8 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
16:41:52.0388 0x10f8 WSService - ok
16:41:52.0708 0x10f8 [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:41:53.0088 0x10f8 wuauserv - ok
16:41:53.0143 0x10f8 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:41:53.0213 0x10f8 WudfPf - ok
16:41:53.0253 0x10f8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
16:41:53.0318 0x10f8 WUDFRd - ok
16:41:53.0373 0x10f8 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:41:53.0423 0x10f8 wudfsvc - ok
16:41:53.0458 0x10f8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
16:41:53.0508 0x10f8 WUDFWpdFs - ok
16:41:53.0538 0x10f8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
16:41:53.0593 0x10f8 WUDFWpdMtp - ok
16:41:53.0663 0x10f8 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:41:53.0743 0x10f8 WwanSvc - ok
16:41:53.0773 0x10f8 ================ Scan global ===============================
16:41:53.0813 0x10f8 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
16:41:53.0868 0x10f8 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
16:41:53.0918 0x10f8 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
16:41:53.0988 0x10f8 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
16:41:54.0018 0x10f8 [ Global ] - ok
16:41:54.0023 0x10f8 ================ Scan MBR ==================================
16:41:54.0043 0x10f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:41:54.0438 0x10f8 \Device\Harddisk0\DR0 - ok
16:41:54.0438 0x10f8 ================ Scan VBR ==================================
16:41:54.0443 0x10f8 [ 7DDD718E6CD1D4349C5D5C4868BFDDBD ] \Device\Harddisk0\DR0\Partition1
16:41:54.0513 0x10f8 \Device\Harddisk0\DR0\Partition1 - ok
16:41:54.0523 0x10f8 [ 95614751B1AB417401D8BCE7E2E12A90 ] \Device\Harddisk0\DR0\Partition2
16:41:54.0583 0x10f8 \Device\Harddisk0\DR0\Partition2 - ok
16:41:54.0593 0x10f8 [ 75D0F1A15C66C9FE7D66DE790D0E4058 ] \Device\Harddisk0\DR0\Partition3
16:41:54.0598 0x10f8 \Device\Harddisk0\DR0\Partition3 - ok
16:41:54.0608 0x10f8 [ B180D628F7B4878FC9FC446AE9171A23 ] \Device\Harddisk0\DR0\Partition4
16:41:54.0613 0x10f8 \Device\Harddisk0\DR0\Partition4 - ok
16:41:54.0618 0x10f8 ================ Scan generic autorun ======================
16:41:54.0843 0x10f8 [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:41:55.0043 0x10f8 NvBackend - ok
16:41:55.0108 0x10f8 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
16:41:55.0183 0x10f8 ShadowPlay - ok
16:41:55.0318 0x10f8 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:41:55.0408 0x10f8 avgnt - ok
16:41:55.0488 0x10f8 [ 9C99AF6C0C4892A83066FFA04265F95C, 18E94B8322960C56A7D0BEDF77D026F0318904ECC230B6121E97E6993B999B4F ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
16:41:55.0528 0x10f8 StatusAlerts - ok
16:41:55.0788 0x10f8 [ F1021BD18F1F726DAD6E00398FD1CCB6, A76FC4DFB1E9BFE0B920C78E36C1E77D4AA2224D37A26B26AD843D60949D2214 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
16:41:56.0038 0x10f8 KeePass 2 PreLoad - ok
16:41:56.0103 0x10f8 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
16:41:56.0133 0x10f8 HP Software Update - ok
16:41:56.0138 0x10f8 Waiting for KSN requests completion. In queue: 312
16:41:57.0143 0x10f8 Waiting for KSN requests completion. In queue: 312
16:41:58.0148 0x10f8 Waiting for KSN requests completion. In queue: 312
16:41:59.0193 0x10f8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
16:41:59.0193 0x10f8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
16:41:59.0203 0x10f8 Win FW state via NFP2: enabled ( trusted )
16:42:01.0558 0x10f8 ============================================================
16:42:01.0558 0x10f8 Scan finished
16:42:01.0558 0x10f8 ============================================================
16:42:01.0588 0x13f8 Detected object count: 0
16:42:01.0588 0x13f8 Actual detected object count: 0
das mal genauer anschauen. Vielen Dank für deine Unterstützung |
|
28.09.2015, 13:38
| #6 |
| /// the machine /// TB-Ausbilder | Mails werden automatisch versendet Account vom Handy löschen, neu anlegen, Passwort ändern. Malware ist da keine 
__________________ --> Mails werden automatisch versendet |
|
28.09.2015, 15:56
| #7 |
| | Mails werden automatisch versendet Hi Schrauber, supi  , werde den Account vom Handy löschen und neu anlegen.PW ist eh schon geändert worden. Nochmals vielen vielen Dank für Deine Hilfe |
|
29.09.2015, 12:10
| #8 |
| /// the machine /// TB-Ausbilder | Mails werden automatisch versendet Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Mails werden automatisch versendet |
| anderer, anleitung, antivirus, ausgeführt, automatisch, avira, code, edition, emails, essen, geändert, hallo zusammen, important, important message, infektion, mails, message, network, please, problem, programm, tagen, tauchen, titel, wahrscheinlich, zusammen |
Linear-Darstellung
