| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Email-Adresse versendet SpammailsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.09.2015, 17:45
| #1 |
| |  Email-Adresse versendet Spammails Hallo zusammen, ich habe seit einigen Tagen das Problem, dass von meinem Mailaccount Spammails verschickt werden. Es ist mir unbekannt wo ich mir diesen Virus eingefangen habe oder ob es sich tatsächlich um einen Virus handelt, jedoch wurde mir von einem Bekannten empfohlen mein Problem hier an zusprechen. Ich habe mein Passwort geändert, aber das veränderte nichts an der Lage und es wurden weiterhin Spammails versendet. Auch habe ich auf allen Geräten (Laptop(Windwos 8.1) und Smartphone(Android)) die mit der Emailadresse in Verbindung stehen einen Virenscan durch geführt bei beiden wurde jedoch nichts gefunden(Hier zu habe ich keine Logs mehr.). Wie in den goldenen Regeln beschrieben habe ich nun die drei Programme benutzt und habe Logs erstellt. Ich hoffe das ihr mir helfen könnt. Defogger: defogger_disable.log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:00 on 29/09/2015 (*****)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
durchgeführt von ***** (Administrator) auf X75V (29-09-2015 17:02:22)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** & UpdatusUser (Verfügbare Profile: ***** & UpdatusUser)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-10] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-05] ()
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\spotify.exe [7535672 2015-09-10] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Policies\Explorer\DisallowRun: [1] firefox.exe
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {3448ea64-ee3a-11e3-befc-08606e4c35fc} - "F:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {49c230f1-ad5d-11e3-beee-08606e4c35fc} - "F:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {4f2c859f-72f7-11e4-bf22-08606e4c35fc} - "F:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {824887c6-2e6f-11e3-bea7-08606e4c35fc} - "G:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1008\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{6E7F3371-D941-4CC4-9896-A6088121ED37}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{ED68718E-4F13-41D3-8285-B7D0E3D13572}: [NameServer] 192.168.0.1,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=648BEE85DE7B06C6
URLSearchHook: [S-1-5-21-226644849-438525468-1118309550-1008] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=648BEE85DE7B06C6
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395162201&from=smt&uid=HitachiXHTS545050A7E380_TEJ51139DJNS7SDJNS7SX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-18] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml [2014-03-18]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-06-09]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (YouTube Unblocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-08-12]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-18]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-05-04] (EasyAntiCheat Ltd)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-22] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]
U4 secdrv; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 17:02 - 2015-09-29 17:03 - 00017189 _____ C:\Users\*****\Downloads\FRST.txt
2015-09-29 17:02 - 2015-09-29 17:02 - 00000000 ____D C:\FRST
2015-09-29 17:01 - 2015-09-29 17:01 - 02192384 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-09-29 17:00 - 2015-09-29 17:00 - 00000472 _____ C:\Users\*****\Downloads\defogger_disable.log
2015-09-29 17:00 - 2015-09-29 17:00 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-09-29 16:59 - 2015-09-29 16:59 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2015-09-25 17:40 - 2015-09-26 19:54 - 00091836 _____ C:\Users\*****\Desktop\Die Hexer.odt
2015-09-25 16:05 - 2015-09-25 16:05 - 00000222 _____ C:\Users\*****\Desktop\Europa Universalis IV.url
2015-09-25 13:03 - 2015-09-25 13:08 - 00000619 _____ C:\Users\*****\Desktop\Über Katzen.txt
2015-09-23 20:16 - 2015-09-23 20:16 - 00000221 _____ C:\Users\*****\Desktop\Victoria Revolutions.url
2015-09-22 17:29 - 2015-09-24 21:19 - 00058932 _____ C:\Users\*****\Desktop\*****Charakterisierung.odt
2015-09-16 16:17 - 2015-09-23 18:41 - 00000000 ____D C:\Users\*****\Desktop\Writing Excuses 5
2015-09-12 16:06 - 2015-09-18 18:04 - 00000000 ____D C:\Users\*****\Downloads\FTG_1_3_29Dec
2015-09-12 16:05 - 2015-09-12 16:06 - 18820710 _____ C:\Users\*****\Downloads\FTG_1_3_29Dec.7z
2015-09-12 13:16 - 2015-09-18 17:25 - 00000221 _____ C:\Users\*****\Desktop\For The Glory.url
2015-09-11 16:57 - 2015-09-11 16:57 - 00000222 _____ C:\Users\*****\Desktop\Crusader Kings Complete.url
2015-09-11 16:46 - 2015-09-29 13:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-11 16:46 - 2015-09-11 16:46 - 00000975 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-11 16:46 - 2015-09-11 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-10 21:50 - 2015-09-10 22:55 - 00000000 ____D C:\Program Files (x86)\C-evo
2015-09-10 13:00 - 2015-09-10 22:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\C-evo
2015-09-08 22:48 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 22:48 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 22:48 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 22:48 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 22:48 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 22:48 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 22:48 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 22:48 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 22:48 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:48 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:48 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:48 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:48 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 22:48 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 22:48 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 22:48 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 22:48 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 22:48 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 22:48 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 22:48 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 22:48 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 22:48 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 22:48 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 22:48 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 22:48 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 22:48 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 22:47 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 22:47 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:47 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 22:47 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 22:47 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:47 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 22:47 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 22:47 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:47 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:47 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 22:47 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 22:47 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 22:47 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 22:47 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 22:47 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-06 21:24 - 2015-09-06 21:24 - 00000847 _____ C:\Users\*****\AppData\Local\recently-used.xbel
2015-09-06 17:51 - 2015-09-06 17:53 - 04762478 _____ C:\Users\*****\Desktop\Weltkarte-blank.svg
2015-09-06 14:33 - 2015-09-06 14:33 - 00000087 ____H C:\Users\*****\Desktop\.~lock.Homo faber.MP4#
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 17:00 - 2014-01-12 21:30 - 00000000 ____D C:\Users\*****
2015-09-29 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-29 16:51 - 2013-02-08 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-29 16:40 - 2014-09-11 02:34 - 01052502 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-29 16:30 - 2013-09-02 14:21 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-29 14:00 - 2014-05-19 14:00 - 00002096 _____ C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-4.job
2015-09-29 13:59 - 2014-05-19 13:59 - 00003450 _____ C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-3.job
2015-09-29 13:17 - 2013-02-05 12:58 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-226644849-438525468-1118309550-1001
2015-09-29 13:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-29 13:06 - 2014-03-18 20:40 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A674EFEF-598F-41CF-A610-7C4F5B9A8590}
2015-09-29 13:02 - 2014-01-12 22:24 - 00000000 __RDO C:\Users\*****\SkyDrive
2015-09-29 13:02 - 2013-10-08 19:40 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e.job
2015-09-28 16:57 - 2013-05-04 13:52 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2015-09-28 16:52 - 2015-01-10 23:51 - 00000000 ____D C:\Users\*****\Desktop\Schulische Dolument K1
2015-09-28 15:16 - 2013-05-04 13:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2015-09-24 17:40 - 2015-04-22 21:12 - 00000000 ____D C:\Users\*****\Videos\Documents\My Games
2015-09-24 16:08 - 2014-06-18 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-24 16:08 - 2014-03-11 23:11 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird
2015-09-24 07:42 - 2015-01-02 18:42 - 00038778 _____ C:\WINDOWS\setupact.log
2015-09-24 07:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 21:44 - 2013-04-10 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-22 21:41 - 2013-05-07 22:07 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 21:41 - 2013-04-10 19:25 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 19:56 - 2015-07-04 16:13 - 00000000 ____D C:\Program Files (x86)\TripleA
2015-09-22 17:53 - 2013-02-08 19:47 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-22 16:58 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 17:35 - 2013-12-16 19:49 - 00025418 _____ C:\Users\*****\Videos\Documents\Unbenannt 1.odt
2015-09-18 17:25 - 2013-12-10 14:27 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e
2015-09-18 17:25 - 2013-09-02 14:21 - 00004100 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 14:42 - 2013-06-05 14:19 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2015-09-16 13:55 - 2013-09-02 14:21 - 00000000 ____D C:\Users\*****\AppData\Local\Google
2015-09-15 03:18 - 2015-03-13 14:04 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-13 14:04 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 13:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-13 20:23 - 2015-03-29 18:42 - 00000000 ____D C:\Users\*****\Desktop\Projekte
2015-09-12 01:17 - 2013-11-14 09:27 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-12 01:17 - 2013-11-14 09:11 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-12 01:17 - 2013-11-14 09:11 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-11 17:31 - 2015-01-27 20:29 - 00072952 _____ C:\WINDOWS\DirectX.log
2015-09-11 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-11 14:00 - 2013-08-22 16:44 - 00497528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 13:57 - 2015-01-02 16:53 - 00215154 _____ C:\WINDOWS\PFRO.log
2015-09-10 23:43 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-10 23:39 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 22:55 - 2015-04-10 01:12 - 00000651 _____ C:\Users\*****\Videos\Documents\Uninstall STAR WARS The Old Republic.log
2015-09-09 13:34 - 2013-08-31 21:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:50 - 2014-05-26 17:51 - 00000000 ____D C:\Users\*****\.gimp-2.8
2015-09-06 21:24 - 2014-05-27 13:17 - 00000000 ____D C:\Users\*****\AppData\Local\gtk-2.0
2015-09-03 15:07 - 2013-04-10 19:25 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-06 21:24 - 2015-09-06 21:24 - 0000847 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2013-12-20 14:30 - 2013-12-20 14:30 - 0007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\bitool.dll
C:\Users\*****\AppData\Local\Temp\BRSVC_18420437_hlp.exe
C:\Users\*****\AppData\Local\Temp\comver.dll
C:\Users\*****\AppData\Local\Temp\EBU252A.exe
C:\Users\*****\AppData\Local\Temp\EBU3CAA.DLL
C:\Users\*****\AppData\Local\Temp\iiuninst.exe
C:\Users\*****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\*****\AppData\Local\Temp\project1.exe
C:\Users\*****\AppData\Local\Temp\utt4E33.tmp.exe
C:\Users\*****\AppData\Local\Temp\utt8D59.tmp.exe
C:\Users\*****\AppData\Local\Temp\uttE996.tmp.exe
C:\Users\*****\AppData\Local\Temp\uttEDC.tmp.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-24 08:03
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
durchgeführt von ***** (2015-09-29 17:05:59)
Gestartet von C:\Users\*****\Downloads
Windows 8.1 (X64) (2014-01-12 20:20:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-226644849-438525468-1118309550-500 - Administrator - Disabled)
***** (S-1-5-21-226644849-438525468-1118309550-1001 - Administrator - Enabled) => C:\Users\*****
Gast (S-1-5-21-226644849-438525468-1118309550-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-226644849-438525468-1118309550-1008 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Amazon Amazon Music) (Version: 3.0.0.564 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Crusader Kings Complete (HKLM-x32\...\Steam App 204940) (Version: - Paradox Development Studio)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
For The Glory (HKLM-x32\...\Steam App 42810) (Version: - Crystal Empire Games)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Lazarus 1.2.6 (HKLM\...\lazarus_is1) (Version: 1.2.6 - Lazarus Team)
LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C3F92D0-3EC5-4CD4-9D5E-1E7834B65BB8}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MTX (HKLM-x32\...\{6583D00E-0924-4950-8BE9-5D09FE70B333}) (Version: 1.0.0 - mektek.net)
NVIDIA Grafiktreiber 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.44 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Panthers World At War v8.20 (HKLM-x32\...\spwawv820Public) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TripleA Version 1_8_0_7 (HKLM-x32\...\TripleAVersion1_8_0_7) (Version: - )
Victoria: Revolutions (HKLM-x32\...\Steam App 42980) (Version: - Paradox Development Studio)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
25-09-2015 16:53:51 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0CD7022C-207F-4D7C-AB42-2B53769E5F97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1451BA1D-0A93-4659-AD48-398ACEABA375} - System32\Tasks\{529E2F68-F18F-435E-955A-9AA63562B1C6} => pcalua.exe -a C:\Users\*****\Downloads\superpower_demo\superpower_demo.exe -d C:\Users\*****\Downloads\superpower_demo
Task: {1CCAD141-400E-4B2A-87F8-445CD93041BE} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe <==== ACHTUNG
Task: {1D3D9376-14F5-436F-950D-DAE38EA9BDDF} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ACHTUNG
Task: {23DFE59E-7289-447C-8A77-6512DBB27EE0} - System32\Tasks\{8AEE9BD8-936F-496C-AF90-B163DED2C9C0} => pcalua.exe -a C:\Users\*****\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {245C34AE-FC9F-4A78-B0D1-CD68DA362C10} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2C0FF274-6E11-4A73-BDD0-2B53D72DFDBC} - System32\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-4 => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-4.exe <==== ACHTUNG
Task: {379ABEBC-5E4E-471D-9550-5C7A0AB8B1C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {39EB7719-0AC4-44B9-8E2A-2117CC372B53} - System32\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-3 => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-3.exe <==== ACHTUNG
Task: {3A52FB0B-29E2-43AC-BE6B-FAA205EA274A} - System32\Tasks\{06E41BAD-B555-49F9-A008-C1FEB747BE48} => pcalua.exe -a F:\DIRECTX\DX80eng.exe -d F:\DIRECTX
Task: {3AB7FE60-F149-4550-A16F-A1C2D5F07225} - System32\Tasks\{61774690-BF5F-43C2-A5DD-34CDBF967CF3} => pcalua.exe -a C:\Users\*****\Downloads\SWTOR_setup.exe -d C:\Users\*****\Downloads
Task: {3B8297F8-A24F-451D-8EAD-75CCFD34D9EF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {69A68A91-8512-40A1-B02C-3AAA8767855B} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe <==== ACHTUNG
Task: {83FE478F-FA99-4086-846E-D9EE215540AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9C5F4FB6-6AD0-4B89-88CA-B64FA2B93DF4} - System32\Tasks\{121C2716-463A-4A3F-8796-EE57D9B93E10} => pcalua.exe -a "C:\Program Files (x86)\Cossacks - Back To War\clancher.exe" -d "C:\Program Files (x86)\Cossacks - Back To War"
Task: {A6D8807C-52FD-40AA-9E46-339E27B61528} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B9AD16E0-6C62-4BD7-9B35-ABFE53E1D757} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CE71724D-A73D-46A2-A16D-39DCD82D767A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {D5C21810-AD50-42D9-B898-F57A95CBDF2A} - System32\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DDF73BA4-2CDB-4927-8053-BFAA8A55C1EC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {F6FCD16F-E6AE-4595-ADF2-A26E9FB58855} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {FB240927-8785-4962-9405-5E65A2CC8F5F} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-3.job => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-3.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\396a931f-cee7-452b-9e97-17f0a91e645a-4.job => C:\Program Files (x86)\Fpro_1.2\396a931f-cee7-452b-9e97-17f0a91e645a-4.exeͣ/xIQAcpD /WEWpnDndJ='Fpro_1.2' /LDHwgMPS C:\Program Files (x86)\Fpro_1.2\54253.xpi' /DCIbr=54253 /zsnuLl='001361' /SCeZS='verticals-' /YKnFuZWCG='0' /dSbBW=CDA21D3DBDD3431CBB976DC553BCB432IE /SEwGt=de39ee7379786d4030d2492779ff503f /Lhoyz=1_34_05_12 /OqFigLps=1.34.5.12 /HCVtWm=1400500761 /IRKwsXs=http:/stats.clientstaticserv.com /CoqeIeAEI=http:/errors.clientstaticserv.com /ycCENAi=300 /wJrxwWMb=2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com /DxSKtSLu=0.94 /FcMTBQVI=a2ab9302c551a480499719932d6d5b0f92bfa4cf8298a479280d575352ee81de1com54253 /wWjedjQb=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54253.rdf /bxwMo='Fpro_1.2' /nVqQT='Feven Shopping Companion' /liPYuTd='Freeven' /JndaGCGI=ch /WojsYJSUB /bNiuEuS /huqWq /hqqjc='http:/update.clientstaticserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-10 09:13 - 2013-12-10 09:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-12 21:25 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-25 19:32 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 19:32 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2013-12-10 09:13 - 2013-12-10 09:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\*****\SkyDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\Pictures\Wallpaper\fantasy-wallpapers-and-backgrounds---w8themes-lfz7euzv.jpg
HKU\S-1-5-21-226644849-438525468-1118309550-1008\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1 - 208.67.222.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{67D594D2-F82F-4389-BB9B-4BB46FB07CC5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{2FB36D09-DE1B-45B3-9231-28ADB7F04866}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{37D992DB-D0EB-4983-B3AC-77E85A5F04DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8F9A7C91-901C-41B7-B8AD-F279202DC8B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [UDP Query User{428A4F20-58E5-46ED-A593-CF461ACBEEEF}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{494B296B-CDCB-4107-B75A-CE68BAC74765}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{67906FA9-6A96-48AA-94AB-8EB99A25E9DA}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{42294A46-F8A9-48F7-A8AD-AF9D7E15E8F1}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9AD39FCE-FFE8-4BC9-9169-1572DCD3E50D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F4741AB-6AE3-4BFB-9041-3BDC96242A14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A43FC8A9-E66F-4306-B6CC-63529D9D4628}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2165F1D0-E5E4-452C-9558-7471B7B8117D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C4271F25-7D9C-4120-8BC7-66E2ABF02A85}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F4DCD1ED-672A-41EF-A1CB-30723E5000A6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{DB944307-F563-40D2-8200-4DC3DB4D626D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0EEAF1EE-E58C-4410-A813-93A1D5802E96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{CB572686-B503-4944-973C-0427C4720481}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{FEC7F19A-AB6F-4073-AD79-AD632AE79AF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{67E675B3-482C-4E01-B9A6-72A1C8AF7545}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{70CB9FAD-40D6-4DDE-9A3C-EF5AFBFCA769}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8C7327CA-ED43-488F-B7B4-1F577A6343BB}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A7617BE4-A167-41B2-A16F-339A569ADB96}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{95812A6C-0D3C-4C72-B447-BAAA673EAF65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{68EADB22-4F2D-4B79-B173-CC79C9C3208F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{8A7E644B-3681-488C-85C6-5CF19CBFB454}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3B9D192C-4D37-4388-A710-63D8BBFD4C71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{1057B2E7-7325-468C-9394-AB08D6DBBC5D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A07944D3-B217-4E31-A190-ECF041F4DDF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{75281AAF-6639-49F5-AAEE-5386A0857752}C:\program files (x86)\diablo ii\game.exe] => (Allow) C:\program files (x86)\diablo ii\game.exe
FirewallRules: [UDP Query User{BEFE5CC8-DA46-4446-B4C4-ABA8602A5177}C:\program files (x86)\diablo ii\game.exe] => (Allow) C:\program files (x86)\diablo ii\game.exe
FirewallRules: [{80B031A7-6284-4122-86AE-DA7B9AE4C407}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{69025271-9DEF-4B8C-9BFF-9CCECD1DAB8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{831F3016-70DB-4176-A243-4AB9C12F0233}C:\program files (x86)\lan\warcraft iii(mal)\war3.exe] => (Allow) C:\program files (x86)\lan\warcraft iii(mal)\war3.exe
FirewallRules: [UDP Query User{FC6CD3D4-923E-49F9-A1CE-58628E4F3E75}C:\program files (x86)\lan\warcraft iii(mal)\war3.exe] => (Allow) C:\program files (x86)\lan\warcraft iii(mal)\war3.exe
FirewallRules: [TCP Query User{E0679817-AA04-4B40-948F-F1F5945A5B04}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1A449BA5-86E4-4AFD-91A9-486BE5FDADE8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{841C5AEA-6698-4C10-8AB6-6388BB157EA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C2181E2E-8358-487A-A0BC-0D192892C1BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1C477534-6B51-4610-AC84-049D73158AAE}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{C05F3E98-11CC-4837-9298-F85FE48769C2}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{371E56DC-E413-4327-B2E3-B032CD753678}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{208AA150-A7CF-42EF-AF83-7F9A18B671C4}] => (Allow) D:\Programme\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{564D2FDB-DAE8-4B79-B9FF-DB7D9C9C322A}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C5A7FC4C-B81C-4061-8720-0F021BC49B32}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [TCP Query User{46C979C8-7A00-4D32-A0A1-73F5D3A52C8A}C:\users\*****\appdata\local\temp\rarsfx0\hl.exe] => (Allow) C:\users\*****\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [UDP Query User{507777D5-32DF-42A1-9ADF-BABD9F0F2EC8}C:\users\*****\appdata\local\temp\rarsfx0\hl.exe] => (Allow) C:\users\*****\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [{405A91A0-DF6E-4C39-BFD7-23559884E1D9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{487EA5A9-3EB9-4D18-A396-F9205ED74AE3}C:\users\*****\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\*****\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A0275951-520D-4E1D-B89A-2BF969282D6A}C:\users\*****\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\*****\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{81E813FB-2BDE-4058-9FCC-25E2DCBAD30D}D:\programme\warcraft iii(mal)\war3.exe] => (Allow) D:\programme\warcraft iii(mal)\war3.exe
FirewallRules: [UDP Query User{3D9C7E41-A50A-4CBA-AFC7-52939FF4ACD8}D:\programme\warcraft iii(mal)\war3.exe] => (Allow) D:\programme\warcraft iii(mal)\war3.exe
FirewallRules: [TCP Query User{456A3D2C-7116-4463-913A-B2B4FF4EC1CC}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Block) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [UDP Query User{8D9835D9-4B16-45AC-9B9E-525DAD1062CE}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Block) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [TCP Query User{A67424CC-6F9C-443E-8CA1-7C9EF79C58B8}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Allow) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [UDP Query User{DFA3486C-B899-4286-8FB4-2EC32D712ECC}C:\users\*****\desktop\call of duty 1\codmp.exe] => (Allow) C:\users\*****\desktop\call of duty 1\codmp.exe
FirewallRules: [TCP Query User{38E8B46C-9226-4761-8C4C-6B7B45C1D84F}C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe] => (Allow) C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe
FirewallRules: [UDP Query User{E4A84709-F9EB-49D2-B4C3-968F633B3698}C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe] => (Allow) C:\program files (x86)\dreamcatcher\superpower 2 - demo\joshua.exe
FirewallRules: [TCP Query User{13E5C847-C4C0-4025-8299-BE1DB13C6F4C}C:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2C828627-80B3-4E81-A377-4FD146E5F4D2}C:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [TCP Query User{50A751AB-BEAE-4716-B8FE-D44297C9E7ED}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [UDP Query User{BAC5E4B4-2AC4-41BB-B73D-8E3D8716E30F}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [{CE8D7331-68E7-4D4C-8900-C162E3519D2A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{A67675CF-458B-4479-A18B-1DA61C28AEBA}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{D4B6425E-B778-4646-9B1B-B4E088E976CB}C:\games\brutal nature\brutal nature.exe] => (Allow) C:\games\brutal nature\brutal nature.exe
FirewallRules: [UDP Query User{D794E8AA-F163-4114-BB1D-8DB54EE3BDB2}C:\games\brutal nature\brutal nature.exe] => (Allow) C:\games\brutal nature\brutal nature.exe
FirewallRules: [TCP Query User{9F6FED97-5280-4202-80C3-BC9EBDDB3720}C:\games\brutal nature\server.exe] => (Allow) C:\games\brutal nature\server.exe
FirewallRules: [UDP Query User{5CB568E2-9871-4423-9BCA-3F2E92F11D7C}C:\games\brutal nature\server.exe] => (Allow) C:\games\brutal nature\server.exe
FirewallRules: [{91982B92-AB7A-4543-A3F5-144F0095FD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{B8B5718E-ECB2-4AC5-A9AA-AEACEBE5D906}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{2A1932D0-A437-4DEC-BA82-3678E42C8F3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{C01BBD9B-47E4-4841-82D8-94B1DC899E08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{EF4B69DB-E942-46A9-A199-9AF5991A53F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria Revolutions\Victoria.exe
FirewallRules: [{E5F78EF7-DBC7-4C81-981A-99E7623EFE08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria Revolutions\Victoria.exe
FirewallRules: [TCP Query User{6EBE1A51-99E3-4561-9677-6069132A27EE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2AC88B9C-F357-4B98-A197-6D7E0749D654}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{43D7C61B-E635-4C1F-88CF-8BDCACD8EDF2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F12CC767-7189-4351-BF43-35A494F3FF53}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CD639FDC-36BD-437C-869A-BA5C83B66F35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings\Crusaders.exe
FirewallRules: [{42FBEA24-3C1B-4F27-B52E-1A8617D8027E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings\Crusaders.exe
FirewallRules: [{43EA244B-ED05-4112-9BFA-27F9EE8906A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{C3664441-8E25-40DB-844A-680FA9A8CAC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{C23B6E91-7E10-4126-962C-3B5BB52905AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{5C72F6D1-08AF-4CC0-B32C-E305736B98B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{1739A3CF-C640-4429-8F08-92080C1E1118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For The Glory\FTG.exe
FirewallRules: [{81FAA714-85E6-4EA9-A6E5-9A01BA2060C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\For The Glory\FTG.exe
FirewallRules: [{C4F2885F-1F9F-4D4F-A953-29E862620F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{DB80D8CA-5ED5-456C-88EF-C2D87A20F3F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{ACA6223D-256C-43E6-8CF5-4620E9F7418C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/29/2015 01:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52365657
Error: (09/29/2015 01:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52365657
Error: (09/29/2015 01:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/28/2015 10:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19735
Error: (09/28/2015 10:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19735
Error: (09/28/2015 10:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/28/2015 10:28:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18391
Error: (09/28/2015 10:28:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18391
Error: (09/28/2015 10:28:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/28/2015 10:28:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17079
Systemfehler:
=============
Error: (09/29/2015 05:03:33 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
Error: (09/24/2015 08:28:23 AM) (Source: DCOM) (EventID: 10010) (User: X75V)
Description: {5C65F4B0-3651-4514-B207-D10CB699B14B}
Error: (09/24/2015 07:43:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (09/23/2015 10:33:44 PM) (Source: volsnap) (EventID: 29) (User: )
Description: Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.
Error: (09/24/2015 07:42:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 23.09.2015 um 21:09:06 unerwartet heruntergefahren.
Error: (09/22/2015 07:33:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (09/22/2015 07:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (09/22/2015 07:29:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2015 07:29:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2015 07:28:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 22.09.2015 um 18:52:44 unerwartet heruntergefahren.
CodeIntegrity:
===================================
Date: 2014-08-23 23:06:17.807
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-23 23:06:17.461
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-05-19 17:24:27.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-05-19 17:24:27.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-08 09:31:35.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{A205656D-699F-4A4A-89AE-AE9DCA026565}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-08 09:31:32.427
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D251598-9F2B-415C-9A5F-FED204F376AF}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-01-29 15:11:07.022
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-29 15:10:56.182
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-29 15:03:50.276
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-29 15:03:13.624
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3979.71 MB
Verfügbarer physikalischer RAM: 2126.46 MB
Summe virtueller Speicher: 5946.79 MB
Verfügbarer virtueller Speicher: 3536.48 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:146.48 GB) (Free:34.79 GB) NTFS
Drive d: () (Fixed) (Total:97.65 GB) (Free:80.59 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 944CB54D)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Gmer.log Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-29 18:07:42
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545050A7E380 rev.GG2OA6C0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\*****\AppData\Local\Temp\pxldipob.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff9600024b300 15 bytes [00, 0B, F2, 01, 00, 06, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff9600024b310 8 bytes [00, D7, FB, FF, 00, D3, CD, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ff9dd393e10 7 bytes JMP 00007ffadaa602d0
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ff9dd393e20 7 bytes JMP 00007ffadaa60308
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ff9dd4439b0 7 bytes JMP 00007ffadaa603b0
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ff9dd443ef0 7 bytes JMP 00007ffadaa60340
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ff9dd443fe0 7 bytes JMP 00007ffadaa60378
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ff9dd4706c0 7 bytes JMP 00007ffadaa60228
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ff9dd470730 7 bytes JMP 00007ffadaa60298
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ff9dd470760 7 bytes JMP 00007ffadaa60260
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ff9daa721d0 5 bytes JMP 00007ffadaa60180
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ff9daa729d0 7 bytes JMP 00007ffadaa600d8
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ff9daa74310 5 bytes JMP 00007ffadaa60110
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ff9daa78d80 5 bytes JMP 00007ffadaa60148
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ff9db116d90 10 bytes JMP 00007ffadaa60490
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ff9db1274a0 5 bytes JMP 00007ffadaa60458
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ff9db127560 1 byte JMP 00007ffadaa603e8
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 00007ff9db127562 7 bytes {JMP 0xffffffffff938e88}
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ff9db136b10 5 bytes JMP 00007ffadaa60420
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ff9dd4d1500 8 bytes JMP 00007ffadaa601b8
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ff9dd4d1750 8 bytes JMP 00007ffadaa601f0
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ff9d8547750 5 bytes JMP 00007ffad85300d8
.text C:\WINDOWS\System32\dwm.exe[4808] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ff9d8548ee0 5 bytes JMP 00007ffad8530110
---- Threads - GMER 2.1 ----
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2012] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2016] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2020] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2024] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2028] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2032] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2036] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2040] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2044] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:852] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1164] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1172] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1096] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2360] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2364] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2368] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2376] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2380] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2388] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2392] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2476] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2512] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2516] 0000000076f94a00
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:5132] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:6084] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2548] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2640] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:6076] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2784] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1180] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:5520] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3448] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3696] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3404] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:3472] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:1276] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2920] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:824] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:4520] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:2528] 0000000073b029e1
Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [1804:5172] 0000000073b029e1
Thread C:\WINDOWS\system32\csrss.exe [4256:3664] fffff9600097e2d0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1568708270
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
---- EOF - GMER 2.1 ----
MFG CrshdBounty |
|
29.09.2015, 17:57
| #2 |
| /// the machine /// TB-Ausbilder    | Email-Adresse versendet Spammails hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.09.2015, 19:47
| #3 |
| | Email-Adresse versendet Spammails Erst einmal vielen Dank für die schnelle Antwort. Im weiteren sind die Logs gesammelt. Ich habe sie nicht in eine Antwort packen können also kommen sie in zwei.
__________________Mbar: (Hat etwas gefunden und sich darum gekümmert.) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.30.05
rootkit: v2015.09.22.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18036
***** :: X75V [administrator]
30.09.2015 15:49:24
mbar-log-2015-09-30 (15-49-24).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 438205
Time elapsed: 1 hour(s), 24 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKU\S-1-5-21-226644849-438525468-1118309550-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWRUN|1 (Security.Hijack) -> Data: firefox.exe -> Delete on reboot. [43cacf67c7c4ed49607a7450fe059c64]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
1.Log: Code:
ATTFilter 19:52:20.0282 0x1720 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:54:29.0535 0x1720 ============================================================
19:54:29.0535 0x1720 Current date / time: 2015/09/30 19:54:29.0535
19:54:29.0535 0x1720 SystemInfo:
19:54:29.0535 0x1720
19:54:29.0535 0x1720 OS Version: 6.3.9600 ServicePack: 0.0
19:54:29.0535 0x1720 Product type: Workstation
19:54:29.0535 0x1720 ComputerName: X75V
19:54:29.0535 0x1720 UserName: *****
19:54:29.0535 0x1720 Windows directory: C:\WINDOWS
19:54:29.0535 0x1720 System windows directory: C:\WINDOWS
19:54:29.0535 0x1720 Running under WOW64
19:54:29.0535 0x1720 Processor architecture: Intel x64
19:54:29.0535 0x1720 Number of processors: 4
19:54:29.0535 0x1720 Page size: 0x1000
19:54:29.0535 0x1720 Boot type: Normal boot
19:54:29.0535 0x1720 ============================================================
19:54:30.0754 0x1720 KLMD registered as C:\WINDOWS\system32\drivers\05801360.sys
19:54:31.0973 0x1720 System UUID: {D12FAD76-92E2-D2A8-BF8A-B6A7A275F8A9}
19:54:34.0926 0x1720 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:34.0958 0x1720 ============================================================
19:54:34.0958 0x1720 \Device\Harddisk0\DR0:
19:54:34.0958 0x1720 MBR partitions:
19:54:34.0958 0x1720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
19:54:34.0958 0x1720 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F800, BlocksNum 0x124F8000
19:54:34.0958 0x1720 ============================================================
19:54:35.0036 0x1720 C: <-> \Device\Harddisk0\DR0\Partition2
19:54:35.0067 0x1720 D: <-> \Device\Harddisk0\DR0\Partition1
19:54:35.0067 0x1720 ============================================================
19:54:35.0067 0x1720 Initialize success
19:54:35.0067 0x1720 ============================================================
19:55:21.0825 0x0e54 ============================================================
19:55:21.0825 0x0e54 Scan started
19:55:21.0825 0x0e54 Mode: Manual; SigCheck; TDLFS;
19:55:21.0825 0x0e54 ============================================================
19:55:21.0825 0x0e54 KSN ping started
19:55:24.0509 0x0e54 KSN ping finished: true
19:55:27.0254 0x0e54 ================ Scan system memory ========================
19:55:27.0254 0x0e54 System memory - ok
19:55:27.0254 0x0e54 ================ Scan services =============================
19:55:27.0457 0x0e54 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:55:27.0723 0x0e54 1394ohci - ok
19:55:27.0769 0x0e54 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:55:27.0816 0x0e54 3ware - ok
19:55:27.0910 0x0e54 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:55:27.0988 0x0e54 ACPI - ok
19:55:28.0019 0x0e54 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:55:28.0066 0x0e54 acpiex - ok
19:55:28.0082 0x0e54 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:55:28.0129 0x0e54 acpipagr - ok
19:55:28.0160 0x0e54 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:55:28.0285 0x0e54 AcpiPmi - ok
19:55:28.0332 0x0e54 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:55:28.0379 0x0e54 acpitime - ok
19:55:28.0504 0x0e54 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:55:28.0519 0x0e54 AdobeARMservice - ok
19:55:28.0645 0x0e54 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:55:28.0676 0x0e54 AdobeFlashPlayerUpdateSvc - ok
19:55:28.0785 0x0e54 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:55:28.0895 0x0e54 ADP80XX - ok
19:55:28.0942 0x0e54 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
19:55:29.0113 0x0e54 AeLookupSvc - ok
19:55:29.0191 0x0e54 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:55:29.0473 0x0e54 AFD - ok
19:55:29.0504 0x0e54 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
19:55:29.0535 0x0e54 agp440 - ok
19:55:29.0582 0x0e54 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:55:29.0676 0x0e54 ahcache - ok
19:55:29.0723 0x0e54 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
19:55:29.0848 0x0e54 ALG - ok
19:55:29.0863 0x0e54 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:55:29.0973 0x0e54 AmdK8 - ok
19:55:30.0020 0x0e54 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:55:30.0082 0x0e54 AmdPPM - ok
19:55:30.0114 0x0e54 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:55:30.0145 0x0e54 amdsata - ok
19:55:30.0207 0x0e54 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:55:30.0317 0x0e54 amdsbs - ok
19:55:30.0332 0x0e54 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:55:30.0364 0x0e54 amdxata - ok
19:55:30.0504 0x0e54 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
19:55:30.0660 0x0e54 AntiVirMailService - ok
19:55:30.0739 0x0e54 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:55:30.0817 0x0e54 AntiVirSchedulerService - ok
19:55:30.0879 0x0e54 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:55:30.0942 0x0e54 AntiVirService - ok
19:55:31.0067 0x0e54 [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
19:55:31.0176 0x0e54 AntiVirWebService - ok
19:55:31.0239 0x0e54 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:55:31.0395 0x0e54 AppID - ok
19:55:31.0410 0x0e54 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:55:31.0473 0x0e54 AppIDSvc - ok
19:55:31.0504 0x0e54 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:55:31.0629 0x0e54 Appinfo - ok
19:55:31.0754 0x0e54 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:55:31.0770 0x0e54 Apple Mobile Device Service - ok
19:55:31.0864 0x0e54 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:55:32.0004 0x0e54 AppReadiness - ok
19:55:32.0161 0x0e54 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:55:32.0379 0x0e54 AppXSvc - ok
19:55:32.0442 0x0e54 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:55:32.0489 0x0e54 arcsas - ok
19:55:32.0520 0x0e54 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:55:32.0536 0x0e54 atapi - ok
19:55:32.0848 0x0e54 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
19:55:33.0281 0x0e54 athr - ok
19:55:33.0343 0x0e54 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:55:33.0468 0x0e54 AudioEndpointBuilder - ok
19:55:33.0562 0x0e54 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:55:33.0671 0x0e54 Audiosrv - ok
19:55:33.0734 0x0e54 [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:55:33.0782 0x0e54 avgntflt - ok
19:55:33.0826 0x0e54 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:55:33.0861 0x0e54 avipbb - ok
19:55:33.0913 0x0e54 [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
19:55:33.0959 0x0e54 Avira.OE.ServiceHost - ok
19:55:33.0991 0x0e54 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:55:34.0022 0x0e54 avkmgr - ok
19:55:34.0069 0x0e54 [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
19:55:34.0106 0x0e54 avnetflt - ok
19:55:34.0153 0x0e54 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:55:34.0271 0x0e54 AxInstSV - ok
19:55:34.0353 0x0e54 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:55:34.0424 0x0e54 b06bdrv - ok
19:55:34.0456 0x0e54 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:55:34.0556 0x0e54 BasicDisplay - ok
19:55:34.0618 0x0e54 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:55:34.0774 0x0e54 BasicRender - ok
19:55:34.0817 0x0e54 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:55:34.0837 0x0e54 bcmfn2 - ok
19:55:34.0902 0x0e54 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:55:35.0045 0x0e54 BDESVC - ok
19:55:35.0090 0x0e54 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:55:35.0183 0x0e54 Beep - ok
19:55:35.0308 0x0e54 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
19:55:35.0465 0x0e54 BFE - ok
19:55:35.0574 0x0e54 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
19:55:35.0730 0x0e54 BITS - ok
19:55:35.0808 0x0e54 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:55:35.0871 0x0e54 Bonjour Service - ok
19:55:35.0886 0x0e54 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:55:35.0980 0x0e54 bowser - ok
19:55:36.0027 0x0e54 BRDriver64_1_3_3_E02B25FC - ok
19:55:36.0090 0x0e54 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:55:36.0261 0x0e54 BrokerInfrastructure - ok
19:55:36.0308 0x0e54 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
19:55:36.0418 0x0e54 Browser - ok
19:55:36.0433 0x0e54 BTCFilterService - ok
19:55:36.0480 0x0e54 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:55:36.0527 0x0e54 BthAvrcpTg - ok
19:55:36.0574 0x0e54 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:55:36.0652 0x0e54 BthHFEnum - ok
19:55:36.0715 0x0e54 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:55:36.0762 0x0e54 bthhfhid - ok
19:55:36.0809 0x0e54 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:55:36.0934 0x0e54 BthHFSrv - ok
19:55:36.0980 0x0e54 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:55:37.0027 0x0e54 BTHMODEM - ok
19:55:37.0090 0x0e54 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
19:55:37.0199 0x0e54 bthserv - ok
19:55:37.0246 0x0e54 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:55:37.0355 0x0e54 cdfs - ok
19:55:37.0387 0x0e54 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:55:37.0418 0x0e54 cdrom - ok
19:55:37.0480 0x0e54 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:55:37.0574 0x0e54 CertPropSvc - ok
19:55:37.0621 0x0e54 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:55:37.0668 0x0e54 circlass - ok
19:55:37.0730 0x0e54 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:55:37.0858 0x0e54 CLFS - ok
19:55:38.0015 0x0e54 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:55:38.0128 0x0e54 CmBatt - ok
19:55:38.0206 0x0e54 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:55:38.0284 0x0e54 CNG - ok
19:55:38.0346 0x0e54 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
19:55:38.0405 0x0e54 CompositeBus - ok
19:55:38.0414 0x0e54 COMSysApp - ok
19:55:38.0450 0x0e54 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:55:38.0533 0x0e54 condrv - ok
19:55:38.0643 0x0e54 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:55:38.0689 0x0e54 cphs - ok
19:55:38.0732 0x0e54 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:55:38.0872 0x0e54 CryptSvc - ok
19:55:38.0904 0x0e54 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
19:55:38.0935 0x0e54 dam - ok
19:55:39.0055 0x0e54 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:55:39.0229 0x0e54 DcomLaunch - ok
19:55:39.0310 0x0e54 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:55:39.0438 0x0e54 defragsvc - ok
19:55:39.0501 0x0e54 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:55:39.0596 0x0e54 DeviceAssociationService - ok
19:55:39.0643 0x0e54 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:55:39.0721 0x0e54 DeviceInstall - ok
19:55:39.0768 0x0e54 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:55:39.0893 0x0e54 Dfsc - ok
19:55:39.0924 0x0e54 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:55:39.0955 0x0e54 dg_ssudbus - ok
19:55:40.0034 0x0e54 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:55:40.0182 0x0e54 Dhcp - ok
19:55:40.0354 0x0e54 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:55:40.0675 0x0e54 DiagTrack - ok
19:55:40.0736 0x0e54 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:55:40.0774 0x0e54 disk - ok
19:55:40.0800 0x0e54 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:55:40.0900 0x0e54 dmvsc - ok
19:55:40.0963 0x0e54 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:55:41.0036 0x0e54 Dnscache - ok
19:55:41.0083 0x0e54 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:55:41.0209 0x0e54 dot3svc - ok
19:55:41.0273 0x0e54 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
19:55:41.0355 0x0e54 DPS - ok
19:55:41.0407 0x0e54 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:55:41.0444 0x0e54 drmkaud - ok
19:55:41.0503 0x0e54 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:55:41.0577 0x0e54 DsmSvc - ok
19:55:41.0751 0x0e54 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:55:41.0920 0x0e54 DXGKrnl - ok
19:55:42.0024 0x0e54 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:55:42.0144 0x0e54 Eaphost - ok
19:55:42.0154 0x0e54 EasyAntiCheat - ok
19:55:42.0473 0x0e54 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:55:43.0048 0x0e54 ebdrv - ok
19:55:43.0101 0x0e54 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
19:55:43.0146 0x0e54 EFS - ok
19:55:43.0190 0x0e54 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:55:43.0233 0x0e54 EhStorClass - ok
19:55:43.0271 0x0e54 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:55:43.0323 0x0e54 EhStorTcgDrv - ok
19:55:43.0351 0x0e54 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:55:43.0406 0x0e54 ErrDev - ok
19:55:43.0480 0x0e54 esgiguard - ok
19:55:43.0579 0x0e54 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
19:55:43.0883 0x0e54 EventSystem - ok
19:55:43.0948 0x0e54 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:55:44.0106 0x0e54 exfat - ok
19:55:44.0166 0x0e54 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:55:44.0209 0x0e54 fastfat - ok
19:55:44.0295 0x0e54 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
19:55:44.0452 0x0e54 Fax - ok
19:55:44.0480 0x0e54 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:55:44.0534 0x0e54 fdc - ok
19:55:44.0567 0x0e54 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:55:44.0666 0x0e54 fdPHost - ok
19:55:44.0711 0x0e54 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:55:44.0768 0x0e54 FDResPub - ok
19:55:44.0816 0x0e54 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:55:45.0093 0x0e54 fhsvc - ok
19:55:45.0181 0x0e54 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:55:45.0249 0x0e54 FileInfo - ok
19:55:45.0326 0x0e54 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:55:45.0485 0x0e54 Filetrace - ok
19:55:45.0522 0x0e54 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:55:45.0585 0x0e54 flpydisk - ok
19:55:45.0679 0x0e54 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:55:45.0758 0x0e54 FltMgr - ok
19:55:45.0939 0x0e54 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\WINDOWS\system32\FntCache.dll
19:55:46.0270 0x0e54 FontCache - ok
19:55:46.0569 0x0e54 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:55:46.0609 0x0e54 FontCache3.0.0.0 - ok
19:55:46.0691 0x0e54 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:55:46.0730 0x0e54 FsDepends - ok
19:55:46.0827 0x0e54 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:55:46.0873 0x0e54 Fs_Rec - ok
19:55:47.0034 0x0e54 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:55:47.0115 0x0e54 fvevol - ok
19:55:47.0174 0x0e54 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
19:55:47.0242 0x0e54 FxPPM - ok
19:55:47.0274 0x0e54 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
19:55:47.0309 0x0e54 gagp30kx - ok
19:55:47.0360 0x0e54 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:55:47.0382 0x0e54 GEARAspiWDM - ok
19:55:47.0433 0x0e54 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:55:47.0489 0x0e54 gencounter - ok
19:55:47.0557 0x0e54 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:55:47.0599 0x0e54 GPIOClx0101 - ok
19:55:47.0807 0x0e54 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:55:48.0052 0x0e54 gpsvc - ok
19:55:48.0158 0x0e54 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:48.0189 0x0e54 gupdate - ok
19:55:48.0207 0x0e54 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:48.0242 0x0e54 gupdatem - ok
19:55:48.0324 0x0e54 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
19:55:48.0427 0x0e54 HdAudAddService - ok
19:55:48.0469 0x0e54 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:55:48.0594 0x0e54 HDAudBus - ok
19:55:48.0645 0x0e54 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:55:48.0699 0x0e54 HidBatt - ok
19:55:48.0747 0x0e54 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:55:48.0956 0x0e54 HidBth - ok
19:55:49.0011 0x0e54 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:55:49.0091 0x0e54 hidi2c - ok
19:55:49.0133 0x0e54 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:55:49.0175 0x0e54 HidIr - ok
19:55:49.0223 0x0e54 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:55:49.0320 0x0e54 hidserv - ok
19:55:49.0372 0x0e54 [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
19:55:49.0400 0x0e54 HIDSwitch - ok
19:55:49.0441 0x0e54 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:55:49.0592 0x0e54 HidUsb - ok
19:55:49.0648 0x0e54 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
19:55:49.0779 0x0e54 hkmsvc - ok
19:55:49.0855 0x0e54 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:55:50.0010 0x0e54 HomeGroupListener - ok
19:55:50.0120 0x0e54 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:55:50.0225 0x0e54 HomeGroupProvider - ok
19:55:50.0304 0x0e54 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:55:50.0388 0x0e54 HpSAMD - ok
19:55:50.0628 0x0e54 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:55:50.0928 0x0e54 HTTP - ok
19:55:50.0979 0x0e54 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:55:51.0030 0x0e54 hwpolicy - ok
19:55:51.0062 0x0e54 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:55:51.0263 0x0e54 hyperkbd - ok
19:55:51.0369 0x0e54 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:55:51.0468 0x0e54 HyperVideo - ok
19:55:51.0563 0x0e54 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:55:51.0829 0x0e54 i8042prt - ok
19:55:51.0880 0x0e54 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:55:51.0903 0x0e54 iaLPSSi_GPIO - ok
19:55:51.0927 0x0e54 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:55:51.0958 0x0e54 iaLPSSi_I2C - ok
19:55:52.0061 0x0e54 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:55:52.0142 0x0e54 iaStorAV - ok
19:55:52.0215 0x0e54 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:55:52.0320 0x0e54 iaStorV - ok
19:55:52.0332 0x0e54 IEEtwCollectorService - ok
19:55:52.0829 0x0e54 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:55:53.0409 0x0e54 igfx - ok
19:55:53.0650 0x0e54 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:55:53.0869 0x0e54 IKEEXT - ok
19:55:53.0952 0x0e54 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:55:54.0035 0x0e54 intelide - ok
19:55:54.0118 0x0e54 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:55:54.0173 0x0e54 intelpep - ok
19:55:54.0256 0x0e54 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:55:54.0346 0x0e54 intelppm - ok
19:55:54.0399 0x0e54 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:55:54.0593 0x0e54 IpFilterDriver - ok
19:55:54.0785 0x0e54 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:55:54.0990 0x0e54 iphlpsvc - ok
19:55:55.0114 0x0e54 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:55:55.0500 0x0e54 IPMIDRV - ok
19:55:55.0556 0x0e54 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:55:55.0691 0x0e54 IPNAT - ok
19:55:55.0777 0x0e54 [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:55:55.0868 0x0e54 iPod Service - ok
19:55:55.0909 0x0e54 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:55:55.0983 0x0e54 IRENUM - ok
19:55:56.0031 0x0e54 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:55:56.0054 0x0e54 isapnp - ok
19:55:56.0124 0x0e54 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:55:56.0175 0x0e54 iScsiPrt - ok
19:55:56.0207 0x0e54 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:55:56.0243 0x0e54 kbdclass - ok
19:55:56.0296 0x0e54 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:55:56.0327 0x0e54 kbdhid - ok
19:55:56.0372 0x0e54 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:55:56.0503 0x0e54 kdnic - ok
19:55:56.0523 0x0e54 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
19:55:56.0560 0x0e54 KeyIso - ok
19:55:56.0615 0x0e54 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:55:56.0650 0x0e54 KSecDD - ok
19:55:56.0703 0x0e54 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:55:56.0746 0x0e54 KSecPkg - ok
19:55:56.0843 0x0e54 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:55:56.0934 0x0e54 ksthunk - ok
19:55:57.0078 0x0e54 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:55:57.0143 0x0e54 KtmRm - ok
19:55:57.0195 0x0e54 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
19:55:57.0222 0x0e54 L1C - ok
19:55:57.0291 0x0e54 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:55:57.0391 0x0e54 LanmanServer - ok
19:55:57.0454 0x0e54 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:55:57.0508 0x0e54 LanmanWorkstation - ok
19:55:57.0589 0x0e54 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
19:55:57.0720 0x0e54 lfsvc - ok
19:55:57.0770 0x0e54 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:55:57.0812 0x0e54 lltdio - ok
19:55:57.0858 0x0e54 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:55:57.0925 0x0e54 lltdsvc - ok
19:55:57.0963 0x0e54 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:55:58.0065 0x0e54 lmhosts - ok
19:55:58.0114 0x0e54 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:55:58.0141 0x0e54 LSI_SAS - ok
19:55:58.0163 0x0e54 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:55:58.0188 0x0e54 LSI_SAS2 - ok
19:55:58.0205 0x0e54 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:55:58.0232 0x0e54 LSI_SAS3 - ok
19:55:58.0249 0x0e54 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:55:58.0270 0x0e54 LSI_SSS - ok
19:55:58.0345 0x0e54 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
19:55:58.0543 0x0e54 LSM - ok
19:55:58.0592 0x0e54 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:55:58.0743 0x0e54 luafv - ok
19:55:58.0789 0x0e54 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:55:58.0836 0x0e54 megasas - ok
19:55:58.0913 0x0e54 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:55:59.0000 0x0e54 megasr - ok
19:55:59.0045 0x0e54 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
19:55:59.0070 0x0e54 MEIx64 - ok
19:55:59.0118 0x0e54 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
19:55:59.0206 0x0e54 MMCSS - ok
19:55:59.0262 0x0e54 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:55:59.0317 0x0e54 Modem - ok
19:55:59.0358 0x0e54 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:55:59.0538 0x0e54 monitor - ok
19:55:59.0549 0x0e54 motccgp - ok
19:55:59.0563 0x0e54 motccgpfl - ok
19:55:59.0573 0x0e54 motmodem - ok
19:55:59.0586 0x0e54 MotoSwitchService - ok
19:55:59.0598 0x0e54 Motousbnet - ok
19:55:59.0609 0x0e54 motusbdevice - ok
19:55:59.0646 0x0e54 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:55:59.0682 0x0e54 mouclass - ok
19:55:59.0758 0x0e54 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:55:59.0834 0x0e54 mouhid - ok
19:55:59.0901 0x0e54 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:55:59.0940 0x0e54 mountmgr - ok
19:55:59.0995 0x0e54 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:00.0040 0x0e54 MozillaMaintenance - ok
19:56:00.0098 0x0e54 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:56:00.0218 0x0e54 mpsdrv - ok
19:56:00.0346 0x0e54 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:56:00.0468 0x0e54 MpsSvc - ok
19:56:00.0521 0x0e54 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:56:00.0593 0x0e54 MRxDAV - ok
19:56:00.0670 0x0e54 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:56:00.0844 0x0e54 mrxsmb - ok
19:56:00.0915 0x0e54 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:56:01.0026 0x0e54 mrxsmb10 - ok
19:56:01.0060 0x0e54 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:56:01.0124 0x0e54 mrxsmb20 - ok
19:56:01.0194 0x0e54 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
19:56:01.0246 0x0e54 MsBridge - ok
19:56:01.0305 0x0e54 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:56:01.0351 0x0e54 MSDTC - ok
19:56:01.0405 0x0e54 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:56:01.0453 0x0e54 Msfs - ok
19:56:01.0492 0x0e54 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:56:01.0526 0x0e54 msgpiowin32 - ok
19:56:01.0549 0x0e54 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:56:01.0595 0x0e54 mshidkmdf - ok
19:56:01.0625 0x0e54 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:56:01.0674 0x0e54 mshidumdf - ok
19:56:01.0714 0x0e54 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:56:01.0744 0x0e54 msisadrv - ok
19:56:01.0796 0x0e54 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:56:01.0863 0x0e54 MSiSCSI - ok
19:56:01.0872 0x0e54 msiserver - ok
19:56:01.0916 0x0e54 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:56:01.0971 0x0e54 MSKSSRV - ok
19:56:02.0020 0x0e54 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:56:02.0106 0x0e54 MsLldp - ok
19:56:02.0122 0x0e54 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:56:02.0175 0x0e54 MSPCLOCK - ok
19:56:02.0208 0x0e54 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:56:02.0258 0x0e54 MSPQM - ok
19:56:02.0307 0x0e54 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:56:02.0379 0x0e54 MsRPC - ok
19:56:02.0444 0x0e54 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:56:02.0475 0x0e54 mssmbios - ok
19:56:02.0544 0x0e54 MSSQL$SQLEXPRESS - ok
19:56:02.0625 0x0e54 [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:56:02.0652 0x0e54 MSSQLServerADHelper100 - ok
19:56:02.0668 0x0e54 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:56:02.0718 0x0e54 MSTEE - ok
19:56:03.0129 0x0e54 [ CB4A082AF58D1A0969F931816D5CFB05, 4C5EBAF60E320F671F0127635141BE4A7E13C4D640ECD113460A1915D9A7348D ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
19:56:03.0577 0x0e54 msvsmon90 - ok
19:56:03.0616 0x0e54 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:56:03.0647 0x0e54 MTConfig - ok
19:56:03.0669 0x0e54 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:56:03.0703 0x0e54 Mup - ok
19:56:03.0745 0x0e54 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:56:03.0780 0x0e54 mvumis - ok
19:56:03.0887 0x0e54 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
19:56:03.0971 0x0e54 napagent - ok
19:56:04.0037 0x0e54 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:56:04.0157 0x0e54 NativeWifiP - ok
19:56:04.0217 0x0e54 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:56:04.0305 0x0e54 NcaSvc - ok
19:56:04.0360 0x0e54 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:56:04.0466 0x0e54 NcbService - ok
19:56:04.0521 0x0e54 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:56:04.0645 0x0e54 NcdAutoSetup - ok
19:56:04.0780 0x0e54 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:56:04.0920 0x0e54 NDIS - ok
19:56:04.0973 0x0e54 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:56:05.0022 0x0e54 NdisCap - ok
19:56:05.0064 0x0e54 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:56:05.0155 0x0e54 NdisImPlatform - ok
19:56:05.0201 0x0e54 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:56:05.0325 0x0e54 NdisTapi - ok
19:56:05.0392 0x0e54 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:56:05.0502 0x0e54 Ndisuio - ok
19:56:05.0534 0x0e54 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:56:05.0610 0x0e54 NdisVirtualBus - ok
19:56:05.0653 0x0e54 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:56:05.0710 0x0e54 NdisWan - ok
19:56:05.0737 0x0e54 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:56:05.0800 0x0e54 NdisWanLegacy - ok
19:56:05.0850 0x0e54 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:56:05.0903 0x0e54 NDProxy - ok
19:56:05.0955 0x0e54 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:56:06.0079 0x0e54 Ndu - ok
19:56:06.0123 0x0e54 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:56:06.0176 0x0e54 NetBIOS - ok
19:56:06.0230 0x0e54 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:56:06.0339 0x0e54 NetBT - ok
19:56:06.0357 0x0e54 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
19:56:06.0393 0x0e54 Netlogon - ok
19:56:06.0448 0x0e54 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
19:56:06.0505 0x0e54 Netman - ok
19:56:06.0620 0x0e54 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:56:06.0707 0x0e54 netprofm - ok
19:56:06.0790 0x0e54 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:06.0831 0x0e54 NetTcpPortSharing - ok
19:56:06.0884 0x0e54 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
19:56:07.0009 0x0e54 netvsc - ok
19:56:07.0062 0x0e54 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:56:07.0168 0x0e54 NlaSvc - ok
19:56:07.0217 0x0e54 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:56:07.0271 0x0e54 Npfs - ok
19:56:07.0313 0x0e54 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:56:07.0397 0x0e54 npsvctrig - ok
19:56:07.0436 0x0e54 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
19:56:07.0498 0x0e54 nsi - ok
19:56:07.0543 0x0e54 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:56:07.0595 0x0e54 nsiproxy - ok
19:56:07.0801 0x0e54 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:56:08.0034 0x0e54 Ntfs - ok
19:56:08.0154 0x0e54 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
19:56:08.0204 0x0e54 Null - ok
19:56:09.0292 0x0e54 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:56:10.0277 0x0e54 nvlddmkm - ok
19:56:10.0414 0x0e54 [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
19:56:10.0438 0x0e54 nvpciflt - ok
19:56:10.0577 0x0e54 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:56:10.0618 0x0e54 nvraid - ok
19:56:10.0649 0x0e54 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:56:10.0696 0x0e54 nvstor - ok
19:56:10.0804 0x0e54 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
19:56:10.0899 0x0e54 nvsvc - ok
19:56:11.0063 0x0e54 [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB, 31415162853CEAE68B98D09D350225C16D94F325650DB38F90D18D034B759014 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:56:11.0181 0x0e54 nvUpdatusService - ok
19:56:11.0216 0x0e54 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
19:56:11.0255 0x0e54 nv_agp - ok
19:56:11.0326 0x0e54 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:56:11.0445 0x0e54 p2pimsvc - ok
19:56:11.0529 0x0e54 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:56:11.0625 0x0e54 p2psvc - ok
19:56:11.0658 0x0e54 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:56:11.0696 0x0e54 Parport - ok
19:56:11.0750 0x0e54 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:56:11.0788 0x0e54 partmgr - ok
19:56:11.0869 0x0e54 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:56:11.0958 0x0e54 PcaSvc - ok
19:56:12.0023 0x0e54 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
19:56:12.0078 0x0e54 pci - ok
19:56:12.0119 0x0e54 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:56:12.0147 0x0e54 pciide - ok
19:56:12.0180 0x0e54 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:56:12.0220 0x0e54 pcmcia - ok
19:56:12.0259 0x0e54 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:56:12.0292 0x0e54 pcw - ok
19:56:12.0336 0x0e54 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:56:12.0382 0x0e54 pdc - ok
19:56:12.0521 0x0e54 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:56:12.0687 0x0e54 PEAUTH - ok
19:56:12.0861 0x0e54 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:56:12.0974 0x0e54 PerfHost - ok
19:56:13.0222 0x0e54 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
19:56:13.0385 0x0e54 pla - ok
19:56:13.0441 0x0e54 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:56:13.0483 0x0e54 PlugPlay - ok
19:56:13.0529 0x0e54 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:56:13.0586 0x0e54 PNRPAutoReg - ok
19:56:13.0636 0x0e54 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:56:13.0702 0x0e54 PNRPsvc - ok
19:56:13.0772 0x0e54 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:56:13.0841 0x0e54 PolicyAgent - ok
19:56:13.0892 0x0e54 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
19:56:14.0010 0x0e54 Power - ok
19:56:14.0312 0x0e54 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:56:14.0702 0x0e54 PrintNotify - ok
19:56:14.0784 0x0e54 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:56:14.0855 0x0e54 Processor - ok
19:56:14.0930 0x0e54 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:56:15.0075 0x0e54 ProfSvc - ok
19:56:15.0127 0x0e54 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
19:56:15.0168 0x0e54 Psched - ok
19:56:15.0240 0x0e54 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:56:15.0312 0x0e54 QWAVE - ok
19:56:15.0368 0x0e54 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:56:15.0418 0x0e54 QWAVEdrv - ok
19:56:15.0450 0x0e54 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:56:15.0495 0x0e54 RasAcd - ok
19:56:15.0543 0x0e54 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:56:15.0605 0x0e54 RasAuto - ok
19:56:15.0706 0x0e54 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:56:15.0798 0x0e54 RasMan - ok
19:56:15.0841 0x0e54 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:56:15.0897 0x0e54 RasPppoe - ok
19:56:15.0966 0x0e54 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:56:16.0178 0x0e54 rdbss - ok
19:56:16.0236 0x0e54 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:56:16.0319 0x0e54 rdpbus - ok
19:56:16.0351 0x0e54 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:56:16.0432 0x0e54 RDPDR - ok
19:56:16.0492 0x0e54 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:56:16.0523 0x0e54 RdpVideoMiniport - ok
19:56:16.0586 0x0e54 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:56:16.0639 0x0e54 rdyboost - ok
19:56:16.0737 0x0e54 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
19:56:16.0857 0x0e54 ReFS - ok
19:56:16.0917 0x0e54 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:56:16.0967 0x0e54 RemoteAccess - ok
19:56:17.0021 0x0e54 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:56:17.0115 0x0e54 RemoteRegistry - ok
19:56:17.0166 0x0e54 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:56:17.0221 0x0e54 RpcEptMapper - ok
19:56:17.0265 0x0e54 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
19:56:17.0372 0x0e54 RpcLocator - ok
19:56:17.0479 0x0e54 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:56:17.0577 0x0e54 RpcSs - ok
19:56:17.0624 0x0e54 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:56:17.0685 0x0e54 rspndr - ok
19:56:17.0712 0x0e54 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:56:17.0761 0x0e54 s3cap - ok
19:56:17.0801 0x0e54 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
19:56:17.0838 0x0e54 SamSs - ok
19:56:17.0887 0x0e54 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:56:17.0928 0x0e54 sbp2port - ok
19:56:17.0995 0x0e54 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:56:18.0067 0x0e54 SCardSvr - ok
19:56:18.0113 0x0e54 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:56:18.0176 0x0e54 ScDeviceEnum - ok
19:56:18.0226 0x0e54 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:56:18.0260 0x0e54 scfilter - ok
19:56:18.0396 0x0e54 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:56:18.0577 0x0e54 Schedule - ok
19:56:18.0630 0x0e54 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:56:18.0747 0x0e54 SCPolicySvc - ok
19:56:18.0815 0x0e54 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:56:18.0865 0x0e54 sdbus - ok
19:56:18.0919 0x0e54 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:56:18.0954 0x0e54 sdstor - ok
19:56:19.0015 0x0e54 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
19:56:19.0073 0x0e54 seclogon - ok
19:56:19.0117 0x0e54 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
19:56:19.0165 0x0e54 SENS - ok
19:56:19.0236 0x0e54 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:56:19.0334 0x0e54 SensrSvc - ok
19:56:19.0379 0x0e54 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:56:19.0414 0x0e54 SerCx - ok
19:56:19.0462 0x0e54 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:56:19.0504 0x0e54 SerCx2 - ok
19:56:19.0523 0x0e54 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:56:19.0556 0x0e54 Serenum - ok
19:56:19.0590 0x0e54 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:56:19.0647 0x0e54 Serial - ok
19:56:19.0691 0x0e54 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:56:19.0739 0x0e54 sermouse - ok
19:56:19.0818 0x0e54 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:56:19.0979 0x0e54 SessionEnv - ok
19:56:20.0037 0x0e54 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:56:20.0097 0x0e54 sfloppy - ok
19:56:20.0185 0x0e54 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:56:20.0268 0x0e54 SharedAccess - ok
19:56:20.0380 0x0e54 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:56:20.0537 0x0e54 ShellHWDetection - ok
19:56:20.0571 0x0e54 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:56:20.0608 0x0e54 SiSRaid2 - ok
19:56:20.0661 0x0e54 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:56:20.0698 0x0e54 SiSRaid4 - ok
19:56:20.0793 0x0e54 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:20.0860 0x0e54 SkypeUpdate - ok
19:56:20.0901 0x0e54 [ AAAFE0A885F12E66775F2E9537E283F0, CD83759C4C3AB7DE3A806187DA6CBE39D48E4EFB8120695C819B6146D52B4CB4 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:56:20.0927 0x0e54 SmbDrvI - ok
19:56:20.0971 0x0e54 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
19:56:21.0023 0x0e54 smphost - ok
19:56:21.0077 0x0e54 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:56:21.0129 0x0e54 SNMPTRAP - ok
19:56:21.0214 0x0e54 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:56:21.0294 0x0e54 spaceport - ok
19:56:21.0346 0x0e54 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:56:21.0385 0x0e54 SpbCx - ok
19:56:21.0500 0x0e54 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:56:21.0691 0x0e54 Spooler - ok
19:56:22.0328 0x0e54 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:56:23.0206 0x0e54 sppsvc - ok
19:56:23.0366 0x0e54 [ EB2FD937449B7ACEB39372F875EB8E78, ED99556AF0E342F534FE8A1B24C254FEE841CBD683CD3528B2D05C809765EAC3 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:56:23.0424 0x0e54 SQLAgent$SQLEXPRESS - ok
19:56:23.0509 0x0e54 [ 99DE6ACFA5CA83FAD6A765C81C6F129F, E152BEBFA302BDB1BEF53F1B4C710BE2EA6DC5AD9D04704575B73B1D464CD582 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:56:23.0577 0x0e54 SQLBrowser - ok
19:56:23.0705 0x0e54 [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:56:23.0737 0x0e54 SQLWriter - ok
19:56:23.0813 0x0e54 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:56:24.0008 0x0e54 srv - ok
19:56:24.0114 0x0e54 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:56:24.0246 0x0e54 srv2 - ok
19:56:24.0432 0x0e54 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:56:24.0613 0x0e54 srvnet - ok
19:56:24.0732 0x0e54 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:56:24.0889 0x0e54 SSDPSRV - ok
19:56:24.0940 0x0e54 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:56:25.0115 0x0e54 SstpSvc - ok
19:56:25.0169 0x0e54 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:56:25.0211 0x0e54 ssudmdm - ok
19:56:25.0318 0x0e54 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:56:25.0414 0x0e54 Steam Client Service - ok
19:56:25.0466 0x0e54 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:56:25.0494 0x0e54 stexstor - ok
19:56:25.0592 0x0e54 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:56:25.0752 0x0e54 stisvc - ok
19:56:25.0781 0x0e54 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:56:25.0817 0x0e54 storahci - ok
19:56:25.0859 0x0e54 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:56:25.0888 0x0e54 storflt - ok
19:56:25.0939 0x0e54 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:56:25.0970 0x0e54 stornvme - ok
19:56:26.0010 0x0e54 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:56:26.0087 0x0e54 StorSvc - ok
19:56:26.0132 0x0e54 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:56:26.0160 0x0e54 storvsc - ok
19:56:26.0202 0x0e54 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:56:26.0249 0x0e54 svsvc - ok
19:56:26.0300 0x0e54 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:56:26.0327 0x0e54 swenum - ok
19:56:26.0424 0x0e54 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
19:56:26.0509 0x0e54 swprv - ok
19:56:26.0575 0x0e54 [ 5385DA405FDAAB0BD2AF0B24723FBA46, 0C50CC3F2D97E2087EF477948DF8CBC41662835F6CC222D66A8E3F9EE4168DD1 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:56:26.0622 0x0e54 SynTP - ok
19:56:26.0744 0x0e54 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
19:56:26.0918 0x0e54 SysMain - ok
19:56:26.0974 0x0e54 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:56:27.0047 0x0e54 SystemEventsBroker - ok
19:56:27.0094 0x0e54 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:56:27.0175 0x0e54 TabletInputService - ok
19:56:27.0239 0x0e54 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:56:27.0341 0x0e54 TapiSrv - ok
19:56:27.0538 0x0e54 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:56:27.0744 0x0e54 Tcpip - ok
19:56:27.0881 0x0e54 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:56:28.0103 0x0e54 TCPIP6 - ok
19:56:28.0174 0x0e54 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:56:28.0246 0x0e54 tcpipreg - ok
19:56:28.0296 0x0e54 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:56:28.0326 0x0e54 tdx - ok
19:56:28.0372 0x0e54 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:56:28.0393 0x0e54 terminpt - ok
19:56:28.0575 0x0e54 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
19:56:28.0655 0x0e54 TermService - ok
19:56:28.0702 0x0e54 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
19:56:28.0735 0x0e54 Themes - ok
19:56:28.0784 0x0e54 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
19:56:28.0807 0x0e54 THREADORDER - ok
19:56:28.0861 0x0e54 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
19:56:28.0942 0x0e54 TimeBroker - ok
19:56:28.0969 0x0e54 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
19:56:28.0996 0x0e54 TPM - ok
19:56:29.0039 0x0e54 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:56:29.0069 0x0e54 TrkWks - ok
19:56:29.0134 0x0e54 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:56:29.0221 0x0e54 TrustedInstaller - ok
19:56:29.0265 0x0e54 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
19:56:29.0357 0x0e54 TsUsbFlt - ok
19:56:29.0399 0x0e54 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:56:29.0460 0x0e54 TsUsbGD - ok
19:56:29.0488 0x0e54 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:56:29.0540 0x0e54 tunnel - ok
19:56:29.0585 0x0e54 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
19:56:29.0604 0x0e54 uagp35 - ok
19:56:29.0687 0x0e54 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:56:29.0715 0x0e54 UASPStor - ok
19:56:29.0892 0x0e54 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
19:56:30.0175 0x0e54 UCX01000 - ok
19:56:30.0285 0x0e54 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:56:30.0379 0x0e54 udfs - ok
19:56:30.0430 0x0e54 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:56:30.0447 0x0e54 UEFI - ok
19:56:30.0511 0x0e54 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:56:30.0567 0x0e54 UI0Detect - ok
19:56:30.0606 0x0e54 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
19:56:30.0629 0x0e54 uliagpkx - ok
19:56:30.0673 0x0e54 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:56:30.0777 0x0e54 umbus - ok
19:56:30.0795 0x0e54 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:56:30.0826 0x0e54 UmPass - ok
19:56:30.0871 0x0e54 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:56:30.0976 0x0e54 UmRdpService - ok
19:56:31.0092 0x0e54 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:56:31.0156 0x0e54 upnphost - ok
19:56:31.0205 0x0e54 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:56:31.0292 0x0e54 USBAAPL64 - ok
19:56:31.0351 0x0e54 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:56:31.0502 0x0e54 usbaudio - ok
19:56:31.0563 0x0e54 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:56:31.0587 0x0e54 usbccgp - ok
19:56:31.0649 0x0e54 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:56:31.0687 0x0e54 usbcir - ok
19:56:31.0744 0x0e54 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:56:31.0776 0x0e54 usbehci - ok
19:56:31.0871 0x0e54 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:56:31.0911 0x0e54 usbhub - ok
19:56:32.0025 0x0e54 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:56:32.0074 0x0e54 USBHUB3 - ok
19:56:32.0223 0x0e54 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:56:32.0535 0x0e54 usbohci - ok
19:56:32.0565 0x0e54 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:56:32.0647 0x0e54 usbprint - ok
19:56:32.0689 0x0e54 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:56:32.0713 0x0e54 USBSTOR - ok
19:56:32.0746 0x0e54 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:56:32.0805 0x0e54 usbuhci - ok
19:56:32.0873 0x0e54 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
19:56:32.0921 0x0e54 usbvideo - ok
19:56:32.0984 0x0e54 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:56:33.0014 0x0e54 USBXHCI - ok
19:56:33.0034 0x0e54 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:56:33.0053 0x0e54 VaultSvc - ok
19:56:33.0098 0x0e54 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:56:33.0113 0x0e54 vdrvroot - ok
19:56:33.0246 0x0e54 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
19:56:33.0416 0x0e54 vds - ok
19:56:33.0502 0x0e54 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:56:33.0524 0x0e54 VerifierExt - ok
19:56:33.0588 0x0e54 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:56:33.0629 0x0e54 vhdmp - ok
19:56:33.0672 0x0e54 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
19:56:33.0687 0x0e54 viaide - ok
19:56:33.0727 0x0e54 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:56:33.0744 0x0e54 vmbus - ok
19:56:33.0759 0x0e54 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:56:33.0775 0x0e54 VMBusHID - ok
19:56:33.0833 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:56:33.0871 0x0e54 vmicguestinterface - ok
19:56:33.0894 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
19:56:33.0929 0x0e54 vmicheartbeat - ok
19:56:33.0951 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:56:33.0986 0x0e54 vmickvpexchange - ok
19:56:34.0008 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
19:56:34.0044 0x0e54 vmicrdv - ok
19:56:34.0069 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
19:56:34.0105 0x0e54 vmicshutdown - ok
19:56:34.0127 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
19:56:34.0165 0x0e54 vmictimesync - ok
19:56:34.0187 0x0e54 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
19:56:34.0224 0x0e54 vmicvss - ok
19:56:34.0300 0x0e54 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:56:34.0317 0x0e54 volmgr - ok
19:56:34.0335 0x0e54 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:56:34.0367 0x0e54 volmgrx - ok
19:56:34.0637 0x0e54 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:56:34.0661 0x0e54 volsnap - ok
19:56:34.0754 0x0e54 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:56:34.0770 0x0e54 vpci - ok
19:56:34.0800 0x0e54 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:56:34.0820 0x0e54 vsmraid - ok
19:56:34.0907 0x0e54 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
19:56:35.0002 0x0e54 VSS - ok
19:56:35.0047 0x0e54 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:56:35.0077 0x0e54 VSTXRAID - ok
19:56:35.0152 0x0e54 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:56:35.0247 0x0e54 vwifibus - ok
19:56:35.0290 0x0e54 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
19:56:35.0343 0x0e54 vwififlt - ok
19:56:35.0350 0x0e54 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
19:56:35.0385 0x0e54 vwifimp - ok
19:56:35.0435 0x0e54 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
19:56:35.0544 0x0e54 W32Time - ok
19:56:35.0573 0x0e54 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:56:35.0613 0x0e54 WacomPen - ok
19:56:35.0905 0x0e54 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
19:56:36.0156 0x0e54 wbengine - ok
19:56:36.0369 0x0e54 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:56:36.0592 0x0e54 WbioSrvc - ok
19:56:36.0767 0x0e54 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:56:36.0858 0x0e54 Wcmsvc - ok
19:56:36.0972 0x0e54 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:56:37.0054 0x0e54 wcncsvc - ok
19:56:37.0102 0x0e54 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:56:37.0241 0x0e54 WcsPlugInService - ok
19:56:37.0285 0x0e54 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:56:37.0320 0x0e54 WdBoot - ok
19:56:37.0441 0x0e54 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:56:37.0545 0x0e54 Wdf01000 - ok
19:56:37.0611 0x0e54 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:56:37.0666 0x0e54 WdFilter - ok
19:56:37.0715 0x0e54 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:56:37.0788 0x0e54 WdiServiceHost - ok
19:56:37.0803 0x0e54 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:56:37.0860 0x0e54 WdiSystemHost - ok
19:56:37.0901 0x0e54 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:56:37.0949 0x0e54 WdNisDrv - ok
19:56:37.0987 0x0e54 WdNisSvc - ok
19:56:38.0059 0x0e54 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
19:56:38.0159 0x0e54 WebClient - ok
19:56:38.0259 0x0e54 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:56:38.0332 0x0e54 Wecsvc - ok
19:56:38.0372 0x0e54 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:56:38.0445 0x0e54 WEPHOSTSVC - ok
19:56:38.0485 0x0e54 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:56:38.0625 0x0e54 wercplsupport - ok
19:56:38.0678 0x0e54 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:56:38.0744 0x0e54 WerSvc - ok
19:56:38.0798 0x0e54 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:56:38.0832 0x0e54 WFPLWFS - ok
19:56:38.0882 0x0e54 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:56:38.0914 0x0e54 WiaRpc - ok
19:56:38.0945 0x0e54 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:56:38.0968 0x0e54 WIMMount - ok
19:56:38.0975 0x0e54 WinDefend - ok
19:56:39.0080 0x0e54 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:56:39.0183 0x0e54 WinHttpAutoProxySvc - ok
19:56:39.0273 0x0e54 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:56:39.0377 0x0e54 Winmgmt - ok
19:56:39.0617 0x0e54 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:56:39.0900 0x0e54 WinRM - ok
19:56:39.0989 0x0e54 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
19:56:40.0055 0x0e54 WinUsb - ok
19:56:40.0257 0x0e54 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:56:40.0548 0x0e54 WlanSvc - ok
19:56:40.0734 0x0e54 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:56:40.0920 0x0e54 wlidsvc - ok
19:56:40.0975 0x0e54 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:56:40.0998 0x0e54 WmiAcpi - ok
19:56:41.0065 0x0e54 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:56:41.0167 0x0e54 wmiApSrv - ok
19:56:41.0199 0x0e54 WMPNetworkSvc - ok
19:56:41.0278 0x0e54 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:56:41.0331 0x0e54 Wof - ok
19:56:41.0505 0x0e54 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:56:41.0711 0x0e54 workfolderssvc - ok
19:56:41.0760 0x0e54 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:56:41.0785 0x0e54 wpcfltr - ok
19:56:41.0842 0x0e54 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
19:56:42.0014 0x0e54 WPCSvc - ok
19:56:42.0065 0x0e54 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:56:42.0149 0x0e54 WPDBusEnum - ok
19:56:42.0201 0x0e54 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:56:42.0231 0x0e54 WpdUpFltr - ok
19:56:42.0280 0x0e54 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:56:42.0335 0x0e54 ws2ifsl - ok
19:56:42.0386 0x0e54 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:56:42.0475 0x0e54 wscsvc - ok
19:56:42.0483 0x0e54 WSearch - ok
19:56:42.0737 0x0e54 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
19:56:43.0124 0x0e54 WSService - ok
19:56:43.0452 0x0e54 [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:56:43.0874 0x0e54 wuauserv - ok
19:56:43.0936 0x0e54 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:56:44.0030 0x0e54 WudfPf - ok
19:56:44.0108 0x0e54 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0171 0x0e54 WUDFRd - ok
19:56:44.0186 0x0e54 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0217 0x0e54 WUDFSensorLP - ok
19:56:44.0280 0x0e54 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:56:44.0327 0x0e54 wudfsvc - ok
19:56:44.0358 0x0e54 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdComp C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0389 0x0e54 WUDFWpdComp - ok
19:56:44.0421 0x0e54 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0452 0x0e54 WUDFWpdFs - ok
19:56:44.0483 0x0e54 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
19:56:44.0530 0x0e54 WUDFWpdMtp - ok
19:56:44.0603 0x0e54 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:56:44.0686 0x0e54 WwanSvc - ok
19:56:44.0702 0x0e54 ================ Scan global ===============================
19:56:44.0764 0x0e54 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
19:56:44.0827 0x0e54 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
19:56:44.0889 0x0e54 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
19:56:44.0952 0x0e54 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
19:56:44.0983 0x0e54 [ Global ] - ok
19:56:44.0983 0x0e54 ================ Scan MBR ==================================
19:56:44.0999 0x0e54 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:56:45.0752 0x0e54 \Device\Harddisk0\DR0 - ok
19:56:45.0767 0x0e54 ================ Scan VBR ==================================
19:56:45.0767 0x0e54 [ 3E11DBB9BBAB905839083B3D45D63D77 ] \Device\Harddisk0\DR0\Partition1
19:56:45.0783 0x0e54 \Device\Harddisk0\DR0\Partition1 - ok
19:56:45.0799 0x0e54 [ 2AB5562AE31A11B41FE145C67364D6D2 ] \Device\Harddisk0\DR0\Partition2
19:56:45.0861 0x0e54 \Device\Harddisk0\DR0\Partition2 - ok
19:56:45.0861 0x0e54 ================ Scan generic autorun ======================
19:56:45.0908 0x0e54 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
19:56:45.0955 0x0e54 IgfxTray - ok
19:56:45.0986 0x0e54 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\WINDOWS\system32\hkcmd.exe
19:56:46.0041 0x0e54 HotKeysCmds - ok
19:56:46.0081 0x0e54 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
19:56:46.0133 0x0e54 Persistence - ok
19:56:46.0133 0x0e54 SynTPEnh - ok
19:56:46.0195 0x0e54 [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
19:56:46.0234 0x0e54 iTunesHelper - ok
19:56:46.0299 0x0e54 [ 9F60097061F79620C9C59FF37A61D852, 9B94C00CAA1F4DF95485F994576DA68B30635C628CFE3D6AE1811E6FEB1A56CA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:56:46.0321 0x0e54 APSDaemon - ok
19:56:46.0448 0x0e54 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
19:56:46.0526 0x0e54 avgnt - ok
19:56:46.0573 0x0e54 [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
19:56:46.0604 0x0e54 Avira Systray - ok
19:56:46.0920 0x0e54 [ DC6BA936E1DE11E648FB85A817C5182F, F1C27C08F84EEAC9DC5C26E57B9559F6006870E540CB2968494A3D34BAD109A7 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
19:56:47.0150 0x0e54 Spotify Web Helper - ok
19:56:47.0465 0x0e54 [ B0C5B0AC6D5AA99B78CEB418A6FF80D1, 9544B0DF4AAC6EC6399619784E3BBC1180977DA1ED25F4D89EE22DA7A195E79A ] C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe
19:56:47.0777 0x0e54 Amazon Music - ok
19:56:47.0958 0x0e54 [ 71DCFA65CC4349CF08BFFF7A14D8BAE4, 61DAE2C9EED97F325F449A77FB2E1AAAB90AA2329A0B7AE182B8A808017C11F0 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
19:56:48.0036 0x0e54 GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56 - ok
19:56:48.0119 0x0e54 Skype - ok
19:56:48.0446 0x0e54 [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
19:56:48.0680 0x0e54 Steam - ok
19:56:49.0289 0x0e54 [ 5E6E816F8F5B454329F8C013A70391B9, E7A9121EFA89FB5DF6EFCEDA9418B49511036DB40D6E631032665F80929FC3A0 ] C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
19:56:49.0971 0x0e54 Spotify - ok
19:56:50.0117 0x0e54 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:56:50.0237 0x0e54 WAB Migrate - ok
19:56:50.0240 0x0e54 Waiting for KSN requests completion. In queue: 130
19:56:51.0251 0x0e54 Waiting for KSN requests completion. In queue: 130
19:56:52.0251 0x0e54 Waiting for KSN requests completion. In queue: 130
19:56:53.0667 0x0e54 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
19:56:53.0668 0x0e54 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
19:56:53.0794 0x0e54 Win FW state via NFP2: enabled ( trusted )
19:56:57.0504 0x0e54 ============================================================
19:56:57.0504 0x0e54 Scan finished
19:56:57.0504 0x0e54 ============================================================
19:56:57.0536 0x1688 Detected object count: 0
19:56:57.0536 0x1688 Actual detected object count: 0
|
|
30.09.2015, 19:49
| #4 |
| | Email-Adresse versendet Spammails 2.Log: Code:
ATTFilter 20:23:09.0897 0x0e10 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:23:20.0497 0x0e10 ============================================================
20:23:20.0497 0x0e10 Current date / time: 2015/09/30 20:23:20.0497
20:23:20.0497 0x0e10 SystemInfo:
20:23:20.0497 0x0e10
20:23:20.0498 0x0e10 OS Version: 6.3.9600 ServicePack: 0.0
20:23:20.0498 0x0e10 Product type: Workstation
20:23:20.0498 0x0e10 ComputerName: X75V
20:23:20.0498 0x0e10 UserName: *****
20:23:20.0498 0x0e10 Windows directory: C:\WINDOWS
20:23:20.0498 0x0e10 System windows directory: C:\WINDOWS
20:23:20.0498 0x0e10 Running under WOW64
20:23:20.0498 0x0e10 Processor architecture: Intel x64
20:23:20.0498 0x0e10 Number of processors: 4
20:23:20.0498 0x0e10 Page size: 0x1000
20:23:20.0498 0x0e10 Boot type: Normal boot
20:23:20.0498 0x0e10 ============================================================
20:23:29.0229 0x0e10 KLMD registered as C:\WINDOWS\system32\drivers\76808410.sys
20:23:29.0827 0x0e10 System UUID: {D12FAD76-92E2-D2A8-BF8A-B6A7A275F8A9}
20:23:31.0142 0x0e10 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:31.0173 0x0e10 ============================================================
20:23:31.0173 0x0e10 \Device\Harddisk0\DR0:
20:23:31.0186 0x0e10 MBR partitions:
20:23:31.0186 0x0e10 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
20:23:31.0186 0x0e10 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F800, BlocksNum 0x124F8000
20:23:31.0186 0x0e10 ============================================================
20:23:31.0282 0x0e10 C: <-> \Device\Harddisk0\DR0\Partition2
20:23:31.0321 0x0e10 D: <-> \Device\Harddisk0\DR0\Partition1
20:23:31.0322 0x0e10 ============================================================
20:23:31.0322 0x0e10 Initialize success
20:23:31.0322 0x0e10 ============================================================
20:23:39.0491 0x0e10 ============================================================
20:23:39.0491 0x0e10 Scan started
20:23:39.0491 0x0e10 Mode: Manual; SigCheck; TDLFS;
20:23:39.0491 0x0e10 ============================================================
20:23:39.0491 0x0e10 KSN ping started
20:23:42.0010 0x0e10 KSN ping finished: true
20:24:19.0056 0x0e10 ================ Scan system memory ========================
20:24:19.0056 0x0e10 System memory - ok
20:24:19.0058 0x0e10 ================ Scan services =============================
20:24:19.0496 0x0e10 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:24:19.0750 0x0e10 1394ohci - ok
20:24:19.0837 0x0e10 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:24:19.0903 0x0e10 3ware - ok
20:24:20.0102 0x0e10 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:24:20.0188 0x0e10 ACPI - ok
20:24:20.0246 0x0e10 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:24:20.0298 0x0e10 acpiex - ok
20:24:20.0325 0x0e10 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:24:20.0400 0x0e10 acpipagr - ok
20:24:20.0444 0x0e10 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:24:20.0577 0x0e10 AcpiPmi - ok
20:24:20.0626 0x0e10 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:24:20.0695 0x0e10 acpitime - ok
20:24:20.0965 0x0e10 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:21.0002 0x0e10 AdobeARMservice - ok
20:24:21.0637 0x0e10 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:21.0774 0x0e10 AdobeFlashPlayerUpdateSvc - ok
20:24:21.0966 0x0e10 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:24:22.0084 0x0e10 ADP80XX - ok
20:24:22.0179 0x0e10 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:24:22.0341 0x0e10 AeLookupSvc - ok
20:24:22.0513 0x0e10 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:24:22.0787 0x0e10 AFD - ok
20:24:22.0823 0x0e10 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:24:22.0859 0x0e10 agp440 - ok
20:24:22.0895 0x0e10 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:24:23.0017 0x0e10 ahcache - ok
20:24:23.0060 0x0e10 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
20:24:23.0194 0x0e10 ALG - ok
20:24:23.0228 0x0e10 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:24:23.0354 0x0e10 AmdK8 - ok
20:24:23.0448 0x0e10 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:24:23.0515 0x0e10 AmdPPM - ok
20:24:23.0542 0x0e10 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:24:23.0589 0x0e10 amdsata - ok
20:24:23.0650 0x0e10 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:24:23.0758 0x0e10 amdsbs - ok
20:24:23.0789 0x0e10 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:24:23.0834 0x0e10 amdxata - ok
20:24:24.0092 0x0e10 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:24:24.0214 0x0e10 AntiVirMailService - ok
20:24:24.0291 0x0e10 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:24:24.0425 0x0e10 AntiVirSchedulerService - ok
20:24:24.0555 0x0e10 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:24:24.0609 0x0e10 AntiVirService - ok
20:24:24.0882 0x0e10 [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:24:24.0987 0x0e10 AntiVirWebService - ok
20:24:25.0076 0x0e10 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:24:25.0246 0x0e10 AppID - ok
20:24:25.0284 0x0e10 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:24:25.0346 0x0e10 AppIDSvc - ok
20:24:25.0385 0x0e10 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:24:25.0542 0x0e10 Appinfo - ok
20:24:25.0810 0x0e10 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:25.0846 0x0e10 Apple Mobile Device Service - ok
20:24:25.0972 0x0e10 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
20:24:26.0156 0x0e10 AppReadiness - ok
20:24:26.0462 0x0e10 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
20:24:26.0802 0x0e10 AppXSvc - ok
20:24:26.0856 0x0e10 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:24:26.0951 0x0e10 arcsas - ok
20:24:26.0989 0x0e10 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:24:27.0018 0x0e10 atapi - ok
20:24:27.0610 0x0e10 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:24:28.0101 0x0e10 athr - ok
20:24:28.0176 0x0e10 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:24:28.0322 0x0e10 AudioEndpointBuilder - ok
20:24:28.0412 0x0e10 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:24:28.0614 0x0e10 Audiosrv - ok
20:24:28.0690 0x0e10 [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:24:28.0755 0x0e10 avgntflt - ok
20:24:28.0824 0x0e10 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:24:28.0885 0x0e10 avipbb - ok
20:24:29.0028 0x0e10 [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
20:24:29.0061 0x0e10 Avira.OE.ServiceHost - ok
20:24:29.0092 0x0e10 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:24:29.0135 0x0e10 avkmgr - ok
20:24:29.0222 0x0e10 [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
20:24:29.0340 0x0e10 avnetflt - ok
20:24:29.0398 0x0e10 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:24:29.0500 0x0e10 AxInstSV - ok
20:24:29.0666 0x0e10 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:24:29.0774 0x0e10 b06bdrv - ok
20:24:29.0871 0x0e10 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:24:30.0000 0x0e10 BasicDisplay - ok
20:24:30.0074 0x0e10 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:24:30.0276 0x0e10 BasicRender - ok
20:24:30.0353 0x0e10 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
20:24:30.0398 0x0e10 bcmfn2 - ok
20:24:30.0477 0x0e10 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:24:30.0680 0x0e10 BDESVC - ok
20:24:30.0737 0x0e10 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:24:30.0865 0x0e10 Beep - ok
20:24:31.0086 0x0e10 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
20:24:31.0280 0x0e10 BFE - ok
20:24:31.0455 0x0e10 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
20:24:31.0633 0x0e10 BITS - ok
20:24:31.0755 0x0e10 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:31.0822 0x0e10 Bonjour Service - ok
20:24:31.0851 0x0e10 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:24:31.0997 0x0e10 bowser - ok
20:24:32.0074 0x0e10 BRDriver64_1_3_3_E02B25FC - ok
20:24:32.0138 0x0e10 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:24:32.0315 0x0e10 BrokerInfrastructure - ok
20:24:32.0368 0x0e10 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
20:24:32.0491 0x0e10 Browser - ok
20:24:32.0500 0x0e10 BTCFilterService - ok
20:24:32.0560 0x0e10 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:24:32.0617 0x0e10 BthAvrcpTg - ok
20:24:32.0652 0x0e10 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:24:32.0733 0x0e10 BthHFEnum - ok
20:24:32.0785 0x0e10 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:24:32.0849 0x0e10 bthhfhid - ok
20:24:32.0957 0x0e10 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
20:24:33.0085 0x0e10 BthHFSrv - ok
20:24:33.0131 0x0e10 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:24:33.0206 0x0e10 BTHMODEM - ok
20:24:33.0252 0x0e10 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
20:24:33.0360 0x0e10 bthserv - ok
20:24:33.0409 0x0e10 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:24:33.0518 0x0e10 cdfs - ok
20:24:33.0549 0x0e10 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:24:33.0602 0x0e10 cdrom - ok
20:24:33.0697 0x0e10 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:24:33.0792 0x0e10 CertPropSvc - ok
20:24:33.0839 0x0e10 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:24:33.0915 0x0e10 circlass - ok
20:24:34.0013 0x0e10 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:24:34.0079 0x0e10 CLFS - ok
20:24:34.0163 0x0e10 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:24:34.0265 0x0e10 CmBatt - ok
20:24:34.0320 0x0e10 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:24:34.0416 0x0e10 CNG - ok
20:24:34.0445 0x0e10 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:24:34.0504 0x0e10 CompositeBus - ok
20:24:34.0513 0x0e10 COMSysApp - ok
20:24:34.0541 0x0e10 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:24:34.0625 0x0e10 condrv - ok
20:24:34.0940 0x0e10 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:24:35.0006 0x0e10 cphs - ok
20:24:35.0059 0x0e10 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:24:35.0197 0x0e10 CryptSvc - ok
20:24:35.0237 0x0e10 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
20:24:35.0284 0x0e10 dam - ok
20:24:35.0468 0x0e10 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:24:35.0686 0x0e10 DcomLaunch - ok
20:24:35.0821 0x0e10 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:24:35.0953 0x0e10 defragsvc - ok
20:24:36.0051 0x0e10 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:24:36.0217 0x0e10 DeviceAssociationService - ok
20:24:36.0274 0x0e10 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:24:36.0359 0x0e10 DeviceInstall - ok
20:24:36.0393 0x0e10 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:24:36.0531 0x0e10 Dfsc - ok
20:24:36.0563 0x0e10 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:24:36.0603 0x0e10 dg_ssudbus - ok
20:24:36.0704 0x0e10 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:24:36.0852 0x0e10 Dhcp - ok
20:24:37.0165 0x0e10 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
20:24:37.0541 0x0e10 DiagTrack - ok
20:24:37.0639 0x0e10 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
20:24:37.0675 0x0e10 disk - ok
20:24:37.0690 0x0e10 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:24:37.0843 0x0e10 dmvsc - ok
20:24:37.0930 0x0e10 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:24:38.0008 0x0e10 Dnscache - ok
20:24:38.0093 0x0e10 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:24:38.0287 0x0e10 dot3svc - ok
20:24:38.0348 0x0e10 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
20:24:38.0434 0x0e10 DPS - ok
20:24:38.0476 0x0e10 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:24:38.0535 0x0e10 drmkaud - ok
20:24:38.0594 0x0e10 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:24:38.0655 0x0e10 DsmSvc - ok
20:24:38.0931 0x0e10 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:24:39.0179 0x0e10 DXGKrnl - ok
20:24:39.0228 0x0e10 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:24:39.0383 0x0e10 Eaphost - ok
20:24:39.0395 0x0e10 EasyAntiCheat - ok
20:24:39.0877 0x0e10 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:24:40.0367 0x0e10 ebdrv - ok
20:24:40.0436 0x0e10 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
20:24:40.0465 0x0e10 EFS - ok
20:24:40.0524 0x0e10 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:24:40.0563 0x0e10 EhStorClass - ok
20:24:40.0595 0x0e10 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:24:40.0633 0x0e10 EhStorTcgDrv - ok
20:24:40.0653 0x0e10 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:24:40.0714 0x0e10 ErrDev - ok
20:24:40.0838 0x0e10 esgiguard - ok
20:24:40.0930 0x0e10 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
20:24:41.0118 0x0e10 EventSystem - ok
20:24:41.0149 0x0e10 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:24:41.0284 0x0e10 exfat - ok
20:24:41.0381 0x0e10 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:24:41.0442 0x0e10 fastfat - ok
20:24:41.0609 0x0e10 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
20:24:41.0797 0x0e10 Fax - ok
20:24:41.0838 0x0e10 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:24:41.0922 0x0e10 fdc - ok
20:24:41.0958 0x0e10 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:24:42.0053 0x0e10 fdPHost - ok
20:24:42.0102 0x0e10 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:24:42.0169 0x0e10 FDResPub - ok
20:24:42.0228 0x0e10 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:24:42.0350 0x0e10 fhsvc - ok
20:24:42.0399 0x0e10 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:24:42.0466 0x0e10 FileInfo - ok
20:24:42.0528 0x0e10 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:24:42.0596 0x0e10 Filetrace - ok
20:24:42.0635 0x0e10 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:24:42.0689 0x0e10 flpydisk - ok
20:24:42.0769 0x0e10 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:24:42.0837 0x0e10 FltMgr - ok
20:24:42.0988 0x0e10 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\WINDOWS\system32\FntCache.dll
20:24:43.0269 0x0e10 FontCache - ok
20:24:43.0483 0x0e10 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:43.0514 0x0e10 FontCache3.0.0.0 - ok
20:24:43.0570 0x0e10 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:24:43.0607 0x0e10 FsDepends - ok
20:24:43.0672 0x0e10 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:24:43.0702 0x0e10 Fs_Rec - ok
20:24:43.0859 0x0e10 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:24:43.0945 0x0e10 fvevol - ok
20:24:44.0021 0x0e10 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:24:44.0108 0x0e10 FxPPM - ok
20:24:44.0142 0x0e10 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:24:44.0186 0x0e10 gagp30kx - ok
20:24:44.0241 0x0e10 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:24:44.0274 0x0e10 GEARAspiWDM - ok
20:24:44.0335 0x0e10 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:24:44.0410 0x0e10 gencounter - ok
20:24:44.0488 0x0e10 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:24:44.0545 0x0e10 GPIOClx0101 - ok
20:24:44.0707 0x0e10 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:24:44.0930 0x0e10 gpsvc - ok
20:24:45.0059 0x0e10 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:45.0083 0x0e10 gupdate - ok
20:24:45.0100 0x0e10 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:45.0127 0x0e10 gupdatem - ok
20:24:45.0269 0x0e10 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:24:45.0388 0x0e10 HdAudAddService - ok
20:24:45.0433 0x0e10 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:24:45.0571 0x0e10 HDAudBus - ok
20:24:45.0613 0x0e10 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:24:45.0676 0x0e10 HidBatt - ok
20:24:45.0747 0x0e10 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:24:45.0866 0x0e10 HidBth - ok
20:24:45.0890 0x0e10 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:24:45.0939 0x0e10 hidi2c - ok
20:24:45.0980 0x0e10 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:24:46.0030 0x0e10 HidIr - ok
20:24:46.0070 0x0e10 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
20:24:46.0177 0x0e10 hidserv - ok
20:24:46.0229 0x0e10 [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
20:24:46.0257 0x0e10 HIDSwitch - ok
20:24:46.0287 0x0e10 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:24:46.0429 0x0e10 HidUsb - ok
20:24:46.0471 0x0e10 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:24:46.0623 0x0e10 hkmsvc - ok
20:24:46.0698 0x0e10 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:24:46.0799 0x0e10 HomeGroupListener - ok
20:24:46.0895 0x0e10 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:24:46.0964 0x0e10 HomeGroupProvider - ok
20:24:47.0212 0x0e10 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:24:47.0256 0x0e10 HpSAMD - ok
20:24:47.0409 0x0e10 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:24:47.0534 0x0e10 HTTP - ok
20:24:47.0557 0x0e10 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:24:47.0585 0x0e10 hwpolicy - ok
20:24:47.0609 0x0e10 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:24:47.0675 0x0e10 hyperkbd - ok
20:24:47.0716 0x0e10 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:24:47.0782 0x0e10 HyperVideo - ok
20:24:47.0836 0x0e10 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:24:47.0960 0x0e10 i8042prt - ok
20:24:48.0016 0x0e10 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:24:48.0054 0x0e10 iaLPSSi_GPIO - ok
20:24:48.0085 0x0e10 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:24:48.0128 0x0e10 iaLPSSi_I2C - ok
20:24:48.0248 0x0e10 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
20:24:48.0375 0x0e10 iaStorAV - ok
20:24:48.0442 0x0e10 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:24:48.0519 0x0e10 iaStorV - ok
20:24:48.0532 0x0e10 IEEtwCollectorService - ok
20:24:49.0351 0x0e10 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:24:49.0985 0x0e10 igfx - ok
20:24:50.0218 0x0e10 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:24:50.0363 0x0e10 IKEEXT - ok
20:24:50.0421 0x0e10 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:24:50.0465 0x0e10 intelide - ok
20:24:50.0511 0x0e10 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
20:24:50.0544 0x0e10 intelpep - ok
20:24:50.0585 0x0e10 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:24:50.0647 0x0e10 intelppm - ok
20:24:50.0690 0x0e10 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:24:50.0819 0x0e10 IpFilterDriver - ok
20:24:51.0045 0x0e10 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:24:51.0193 0x0e10 iphlpsvc - ok
20:24:51.0237 0x0e10 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:24:51.0417 0x0e10 IPMIDRV - ok
20:24:51.0445 0x0e10 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:24:51.0546 0x0e10 IPNAT - ok
20:24:51.0715 0x0e10 [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:24:51.0817 0x0e10 iPod Service - ok
20:24:51.0878 0x0e10 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:24:51.0941 0x0e10 IRENUM - ok
20:24:52.0033 0x0e10 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:24:52.0073 0x0e10 isapnp - ok
20:24:52.0186 0x0e10 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:24:52.0279 0x0e10 iScsiPrt - ok
20:24:52.0309 0x0e10 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:24:52.0350 0x0e10 kbdclass - ok
20:24:52.0398 0x0e10 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:24:52.0436 0x0e10 kbdhid - ok
20:24:52.0485 0x0e10 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:24:52.0636 0x0e10 kdnic - ok
20:24:52.0659 0x0e10 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
20:24:52.0692 0x0e10 KeyIso - ok
20:24:52.0751 0x0e10 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:24:52.0794 0x0e10 KSecDD - ok
20:24:52.0875 0x0e10 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:24:52.0937 0x0e10 KSecPkg - ok
20:24:52.0984 0x0e10 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:24:53.0055 0x0e10 ksthunk - ok
20:24:53.0097 0x0e10 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:24:53.0170 0x0e10 KtmRm - ok
20:24:53.0242 0x0e10 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
20:24:53.0289 0x0e10 L1C - ok
20:24:53.0406 0x0e10 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:24:53.0515 0x0e10 LanmanServer - ok
20:24:53.0571 0x0e10 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:24:53.0628 0x0e10 LanmanWorkstation - ok
20:24:53.0784 0x0e10 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
20:24:54.0019 0x0e10 lfsvc - ok
20:24:54.0062 0x0e10 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:24:54.0136 0x0e10 lltdio - ok
20:24:54.0250 0x0e10 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:24:54.0324 0x0e10 lltdsvc - ok
20:24:54.0354 0x0e10 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:24:54.0475 0x0e10 lmhosts - ok
20:24:54.0530 0x0e10 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:24:54.0584 0x0e10 LSI_SAS - ok
20:24:54.0610 0x0e10 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:24:54.0662 0x0e10 LSI_SAS2 - ok
20:24:54.0721 0x0e10 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:24:54.0806 0x0e10 LSI_SAS3 - ok
20:24:54.0842 0x0e10 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:24:54.0892 0x0e10 LSI_SSS - ok
20:24:55.0085 0x0e10 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
20:24:55.0271 0x0e10 LSM - ok
20:24:55.0317 0x0e10 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:24:55.0453 0x0e10 luafv - ok
20:24:55.0492 0x0e10 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:24:55.0538 0x0e10 megasas - ok
20:24:55.0658 0x0e10 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
20:24:55.0762 0x0e10 megasr - ok
20:24:55.0846 0x0e10 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
20:24:55.0880 0x0e10 MEIx64 - ok
20:24:55.0931 0x0e10 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:24:56.0030 0x0e10 MMCSS - ok
20:24:56.0075 0x0e10 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:24:56.0136 0x0e10 Modem - ok
20:24:56.0160 0x0e10 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:24:56.0250 0x0e10 monitor - ok
20:24:56.0260 0x0e10 motccgp - ok
20:24:56.0270 0x0e10 motccgpfl - ok
20:24:56.0281 0x0e10 motmodem - ok
20:24:56.0291 0x0e10 MotoSwitchService - ok
20:24:56.0301 0x0e10 Motousbnet - ok
20:24:56.0312 0x0e10 motusbdevice - ok
20:24:56.0348 0x0e10 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:24:56.0390 0x0e10 mouclass - ok
20:24:56.0450 0x0e10 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:24:56.0500 0x0e10 mouhid - ok
20:24:56.0558 0x0e10 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:24:56.0598 0x0e10 mountmgr - ok
20:24:56.0674 0x0e10 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:56.0725 0x0e10 MozillaMaintenance - ok
20:24:56.0778 0x0e10 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:24:56.0861 0x0e10 mpsdrv - ok
20:24:57.0062 0x0e10 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:24:57.0217 0x0e10 MpsSvc - ok
20:24:57.0308 0x0e10 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:24:57.0404 0x0e10 MRxDAV - ok
20:24:57.0524 0x0e10 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:24:57.0699 0x0e10 mrxsmb - ok
20:24:57.0784 0x0e10 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:24:57.0894 0x0e10 mrxsmb10 - ok
20:24:57.0928 0x0e10 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:24:57.0992 0x0e10 mrxsmb20 - ok
20:24:58.0052 0x0e10 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:24:58.0095 0x0e10 MsBridge - ok
20:24:58.0142 0x0e10 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:24:58.0192 0x0e10 MSDTC - ok
20:24:58.0264 0x0e10 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:24:58.0332 0x0e10 Msfs - ok
20:24:58.0384 0x0e10 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:24:58.0423 0x0e10 msgpiowin32 - ok
20:24:58.0473 0x0e10 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:24:58.0530 0x0e10 mshidkmdf - ok
20:24:58.0560 0x0e10 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:24:58.0619 0x0e10 mshidumdf - ok
20:24:58.0649 0x0e10 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:24:58.0685 0x0e10 msisadrv - ok
20:24:58.0765 0x0e10 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:24:58.0829 0x0e10 MSiSCSI - ok
20:24:58.0839 0x0e10 msiserver - ok
20:24:58.0896 0x0e10 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:24:58.0957 0x0e10 MSKSSRV - ok
20:24:59.0011 0x0e10 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:24:59.0106 0x0e10 MsLldp - ok
20:24:59.0125 0x0e10 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:24:59.0177 0x0e10 MSPCLOCK - ok
20:24:59.0199 0x0e10 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:24:59.0258 0x0e10 MSPQM - ok
20:24:59.0353 0x0e10 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:24:59.0450 0x0e10 MsRPC - ok
20:24:59.0511 0x0e10 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:24:59.0557 0x0e10 mssmbios - ok
20:24:59.0717 0x0e10 MSSQL$SQLEXPRESS - ok
20:24:59.0872 0x0e10 [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:24:59.0954 0x0e10 MSSQLServerADHelper100 - ok
20:24:59.0993 0x0e10 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:25:00.0051 0x0e10 MSTEE - ok
20:25:00.0944 0x0e10 [ CB4A082AF58D1A0969F931816D5CFB05, 4C5EBAF60E320F671F0127635141BE4A7E13C4D640ECD113460A1915D9A7348D ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
20:25:01.0581 0x0e10 msvsmon90 - ok
20:25:01.0629 0x0e10 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:25:01.0681 0x0e10 MTConfig - ok
20:25:01.0705 0x0e10 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:25:01.0739 0x0e10 Mup - ok
20:25:01.0792 0x0e10 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:25:01.0844 0x0e10 mvumis - ok
20:25:01.0958 0x0e10 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:25:02.0080 0x0e10 napagent - ok
20:25:02.0186 0x0e10 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:25:02.0341 0x0e10 NativeWifiP - ok
20:25:02.0407 0x0e10 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:25:02.0511 0x0e10 NcaSvc - ok
20:25:02.0591 0x0e10 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
20:25:02.0724 0x0e10 NcbService - ok
20:25:02.0779 0x0e10 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
20:25:02.0901 0x0e10 NcdAutoSetup - ok
20:25:03.0132 0x0e10 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:25:03.0298 0x0e10 NDIS - ok
20:25:03.0343 0x0e10 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:25:03.0422 0x0e10 NdisCap - ok
20:25:03.0478 0x0e10 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:25:03.0597 0x0e10 NdisImPlatform - ok
20:25:03.0637 0x0e10 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:25:03.0723 0x0e10 NdisTapi - ok
20:25:03.0773 0x0e10 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:25:03.0869 0x0e10 Ndisuio - ok
20:25:03.0891 0x0e10 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:25:03.0954 0x0e10 NdisVirtualBus - ok
20:25:04.0034 0x0e10 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:25:04.0091 0x0e10 NdisWan - ok
20:25:04.0140 0x0e10 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:25:04.0193 0x0e10 NdisWanLegacy - ok
20:25:04.0263 0x0e10 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:25:04.0317 0x0e10 NDProxy - ok
20:25:04.0357 0x0e10 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:25:04.0489 0x0e10 Ndu - ok
20:25:04.0548 0x0e10 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:25:04.0609 0x0e10 NetBIOS - ok
20:25:04.0685 0x0e10 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:25:04.0829 0x0e10 NetBT - ok
20:25:04.0860 0x0e10 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
20:25:04.0895 0x0e10 Netlogon - ok
20:25:05.0011 0x0e10 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
20:25:05.0066 0x0e10 Netman - ok
20:25:05.0175 0x0e10 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:25:05.0249 0x0e10 netprofm - ok
20:25:05.0495 0x0e10 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:05.0605 0x0e10 NetTcpPortSharing - ok
20:25:05.0652 0x0e10 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
20:25:05.0783 0x0e10 netvsc - ok
20:25:05.0876 0x0e10 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:25:06.0011 0x0e10 NlaSvc - ok
20:25:06.0074 0x0e10 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:25:06.0152 0x0e10 Npfs - ok
20:25:06.0204 0x0e10 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:25:06.0299 0x0e10 npsvctrig - ok
20:25:06.0349 0x0e10 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:25:06.0438 0x0e10 nsi - ok
20:25:06.0479 0x0e10 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:25:06.0535 0x0e10 nsiproxy - ok
20:25:06.0965 0x0e10 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:25:07.0229 0x0e10 Ntfs - ok
20:25:07.0278 0x0e10 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
20:25:07.0330 0x0e10 Null - ok
20:25:08.0759 0x0e10 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:25:10.0070 0x0e10 nvlddmkm - ok
20:25:10.0173 0x0e10 [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
20:25:10.0201 0x0e10 nvpciflt - ok
20:25:10.0270 0x0e10 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:25:10.0314 0x0e10 nvraid - ok
20:25:10.0360 0x0e10 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:25:10.0431 0x0e10 nvstor - ok
20:25:10.0571 0x0e10 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
20:25:10.0665 0x0e10 nvsvc - ok
20:25:10.0858 0x0e10 [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB, 31415162853CEAE68B98D09D350225C16D94F325650DB38F90D18D034B759014 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:25:11.0020 0x0e10 nvUpdatusService - ok
20:25:11.0063 0x0e10 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:25:11.0136 0x0e10 nv_agp - ok
20:25:11.0246 0x0e10 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
20:25:11.0380 0x0e10 p2pimsvc - ok
20:25:11.0491 0x0e10 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
20:25:11.0582 0x0e10 p2psvc - ok
20:25:11.0611 0x0e10 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
20:25:11.0648 0x0e10 Parport - ok
20:25:11.0706 0x0e10 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
20:25:11.0750 0x0e10 partmgr - ok
20:25:11.0867 0x0e10 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
20:25:11.0968 0x0e10 PcaSvc - ok
20:25:12.0091 0x0e10 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
20:25:12.0164 0x0e10 pci - ok
20:25:12.0222 0x0e10 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
20:25:12.0251 0x0e10 pciide - ok
20:25:12.0282 0x0e10 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
20:25:12.0320 0x0e10 pcmcia - ok
20:25:12.0384 0x0e10 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
20:25:12.0419 0x0e10 pcw - ok
20:25:12.0461 0x0e10 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
20:25:12.0507 0x0e10 pdc - ok
20:25:12.0663 0x0e10 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
20:25:12.0864 0x0e10 PEAUTH - ok
20:25:13.0164 0x0e10 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
20:25:13.0286 0x0e10 PerfHost - ok
20:25:13.0656 0x0e10 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
20:25:13.0861 0x0e10 pla - ok
20:25:13.0932 0x0e10 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
20:25:13.0981 0x0e10 PlugPlay - ok
20:25:14.0031 0x0e10 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
20:25:14.0088 0x0e10 PNRPAutoReg - ok
20:25:14.0138 0x0e10 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
20:25:14.0196 0x0e10 PNRPsvc - ok
20:25:14.0262 0x0e10 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
20:25:14.0353 0x0e10 PolicyAgent - ok
20:25:14.0393 0x0e10 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
20:25:14.0511 0x0e10 Power - ok
20:25:14.0833 0x0e10 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:25:15.0235 0x0e10 PrintNotify - ok
20:25:15.0300 0x0e10 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
20:25:15.0400 0x0e10 Processor - ok
20:25:15.0443 0x0e10 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
20:25:15.0666 0x0e10 ProfSvc - ok
20:25:15.0718 0x0e10 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
20:25:15.0772 0x0e10 Psched - ok
20:25:15.0843 0x0e10 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
20:25:15.0913 0x0e10 QWAVE - ok
20:25:15.0960 0x0e10 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
20:25:16.0006 0x0e10 QWAVEdrv - ok
20:25:16.0030 0x0e10 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:25:16.0073 0x0e10 RasAcd - ok
20:25:16.0123 0x0e10 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:25:16.0181 0x0e10 RasAuto - ok
20:25:16.0308 0x0e10 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:25:16.0410 0x0e10 RasMan - ok
20:25:16.0455 0x0e10 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:25:16.0522 0x0e10 RasPppoe - ok
20:25:16.0633 0x0e10 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:25:16.0857 0x0e10 rdbss - ok
20:25:16.0905 0x0e10 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
20:25:17.0020 0x0e10 rdpbus - ok
20:25:17.0051 0x0e10 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
20:25:17.0133 0x0e10 RDPDR - ok
20:25:17.0184 0x0e10 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:25:17.0238 0x0e10 RdpVideoMiniport - ok
20:25:17.0310 0x0e10 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
20:25:17.0362 0x0e10 rdyboost - ok
20:25:17.0529 0x0e10 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
20:25:17.0689 0x0e10 ReFS - ok
20:25:17.0764 0x0e10 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:25:17.0813 0x0e10 RemoteAccess - ok
20:25:17.0892 0x0e10 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:25:18.0004 0x0e10 RemoteRegistry - ok
20:25:18.0057 0x0e10 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
20:25:18.0122 0x0e10 RpcEptMapper - ok
20:25:18.0157 0x0e10 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
20:25:18.0281 0x0e10 RpcLocator - ok
20:25:18.0481 0x0e10 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:25:18.0576 0x0e10 RpcSs - ok
20:25:18.0637 0x0e10 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:25:18.0695 0x0e10 rspndr - ok
20:25:18.0724 0x0e10 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
20:25:18.0781 0x0e10 s3cap - ok
20:25:18.0826 0x0e10 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
20:25:18.0861 0x0e10 SamSs - ok
20:25:18.0964 0x0e10 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
20:25:19.0002 0x0e10 sbp2port - ok
20:25:19.0070 0x0e10 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
20:25:19.0146 0x0e10 SCardSvr - ok
20:25:19.0192 0x0e10 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
20:25:19.0309 0x0e10 ScDeviceEnum - ok
20:25:19.0406 0x0e10 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:25:19.0465 0x0e10 scfilter - ok
20:25:19.0659 0x0e10 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:25:19.0924 0x0e10 Schedule - ok
20:25:19.0997 0x0e10 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
20:25:20.0079 0x0e10 SCPolicySvc - ok
20:25:20.0172 0x0e10 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
20:25:20.0261 0x0e10 sdbus - ok
20:25:20.0318 0x0e10 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
20:25:20.0410 0x0e10 sdstor - ok
20:25:20.0462 0x0e10 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
20:25:20.0541 0x0e10 seclogon - ok
20:25:20.0585 0x0e10 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
20:25:20.0632 0x0e10 SENS - ok
20:25:20.0738 0x0e10 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
20:25:20.0833 0x0e10 SensrSvc - ok
20:25:20.0904 0x0e10 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
20:25:20.0944 0x0e10 SerCx - ok
20:25:21.0000 0x0e10 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
20:25:21.0049 0x0e10 SerCx2 - ok
20:25:21.0070 0x0e10 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
20:25:21.0108 0x0e10 Serenum - ok
20:25:21.0137 0x0e10 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
20:25:21.0202 0x0e10 Serial - ok
20:25:21.0247 0x0e10 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
20:25:21.0294 0x0e10 sermouse - ok
20:25:21.0418 0x0e10 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
20:25:21.0619 0x0e10 SessionEnv - ok
20:25:21.0661 0x0e10 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
20:25:21.0711 0x0e10 sfloppy - ok
20:25:21.0834 0x0e10 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:25:21.0925 0x0e10 SharedAccess - ok
20:25:22.0034 0x0e10 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:25:22.0182 0x0e10 ShellHWDetection - ok
20:25:22.0206 0x0e10 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:25:22.0246 0x0e10 SiSRaid2 - ok
20:25:22.0319 0x0e10 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
20:25:22.0449 0x0e10 SiSRaid4 - ok
20:25:22.0649 0x0e10 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:25:22.0723 0x0e10 SkypeUpdate - ok
20:25:22.0827 0x0e10 [ AAAFE0A885F12E66775F2E9537E283F0, CD83759C4C3AB7DE3A806187DA6CBE39D48E4EFB8120695C819B6146D52B4CB4 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
20:25:22.0861 0x0e10 SmbDrvI - ok
20:25:22.0906 0x0e10 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
20:25:23.0000 0x0e10 smphost - ok
20:25:23.0046 0x0e10 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
20:25:23.0095 0x0e10 SNMPTRAP - ok
20:25:23.0212 0x0e10 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
20:25:23.0296 0x0e10 spaceport - ok
20:25:23.0370 0x0e10 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
20:25:23.0414 0x0e10 SpbCx - ok
20:25:23.0575 0x0e10 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
20:25:23.0767 0x0e10 Spooler - ok
20:25:24.0417 0x0e10 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
20:25:25.0130 0x0e10 sppsvc - ok
20:25:25.0341 0x0e10 [ EB2FD937449B7ACEB39372F875EB8E78, ED99556AF0E342F534FE8A1B24C254FEE841CBD683CD3528B2D05C809765EAC3 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:25:25.0412 0x0e10 SQLAgent$SQLEXPRESS - ok
20:25:25.0477 0x0e10 [ 99DE6ACFA5CA83FAD6A765C81C6F129F, E152BEBFA302BDB1BEF53F1B4C710BE2EA6DC5AD9D04704575B73B1D464CD582 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:25:25.0560 0x0e10 SQLBrowser - ok
20:25:25.0745 0x0e10 [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:25:25.0789 0x0e10 SQLWriter - ok
20:25:25.0903 0x0e10 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:25:26.0107 0x0e10 srv - ok
20:25:26.0290 0x0e10 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
20:25:26.0443 0x0e10 srv2 - ok
20:25:26.0510 0x0e10 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:25:26.0669 0x0e10 srvnet - ok
20:25:26.0751 0x0e10 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:25:26.0837 0x0e10 SSDPSRV - ok
20:25:26.0884 0x0e10 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
20:25:26.0952 0x0e10 SstpSvc - ok
20:25:27.0010 0x0e10 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:25:27.0063 0x0e10 ssudmdm - ok
20:25:27.0208 0x0e10 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:25:27.0286 0x0e10 Steam Client Service - ok
20:25:27.0357 0x0e10 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
20:25:27.0470 0x0e10 stexstor - ok
20:25:27.0643 0x0e10 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
20:25:27.0818 0x0e10 stisvc - ok
20:25:27.0840 0x0e10 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
20:25:27.0888 0x0e10 storahci - ok
20:25:27.0950 0x0e10 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
20:25:28.0001 0x0e10 storflt - ok
20:25:28.0054 0x0e10 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
20:25:28.0094 0x0e10 stornvme - ok
20:25:28.0146 0x0e10 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
20:25:28.0235 0x0e10 StorSvc - ok
20:25:28.0279 0x0e10 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
20:25:28.0363 0x0e10 storvsc - ok
20:25:28.0404 0x0e10 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
20:25:28.0475 0x0e10 svsvc - ok
20:25:28.0525 0x0e10 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
20:25:28.0567 0x0e10 swenum - ok
20:25:28.0707 0x0e10 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
20:25:28.0830 0x0e10 swprv - ok
20:25:28.0983 0x0e10 [ 5385DA405FDAAB0BD2AF0B24723FBA46, 0C50CC3F2D97E2087EF477948DF8CBC41662835F6CC222D66A8E3F9EE4168DD1 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:25:29.0056 0x0e10 SynTP - ok
20:25:29.0295 0x0e10 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
20:25:29.0513 0x0e10 SysMain - ok
20:25:29.0654 0x0e10 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:25:29.0750 0x0e10 SystemEventsBroker - ok
20:25:29.0807 0x0e10 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:25:29.0937 0x0e10 TabletInputService - ok
20:25:30.0089 0x0e10 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:25:30.0202 0x0e10 TapiSrv - ok
20:25:30.0522 0x0e10 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
20:25:30.0831 0x0e10 Tcpip - ok
20:25:31.0090 0x0e10 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:25:31.0327 0x0e10 TCPIP6 - ok
20:25:31.0378 0x0e10 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
20:25:31.0467 0x0e10 tcpipreg - ok
20:25:31.0522 0x0e10 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
20:25:31.0564 0x0e10 tdx - ok
20:25:31.0609 0x0e10 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
20:25:31.0646 0x0e10 terminpt - ok
20:25:31.0834 0x0e10 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
20:25:31.0987 0x0e10 TermService - ok
20:25:32.0050 0x0e10 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
20:25:32.0089 0x0e10 Themes - ok
20:25:32.0155 0x0e10 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
20:25:32.0192 0x0e10 THREADORDER - ok
20:25:32.0314 0x0e10 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
20:25:32.0415 0x0e10 TimeBroker - ok
20:25:32.0480 0x0e10 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
20:25:32.0526 0x0e10 TPM - ok
20:25:32.0600 0x0e10 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
20:25:32.0664 0x0e10 TrkWks - ok
20:25:32.0771 0x0e10 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:25:32.0862 0x0e10 TrustedInstaller - ok
20:25:32.0913 0x0e10 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
20:25:33.0021 0x0e10 TsUsbFlt - ok
20:25:33.0068 0x0e10 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:25:33.0147 0x0e10 TsUsbGD - ok
20:25:33.0183 0x0e10 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:25:33.0252 0x0e10 tunnel - ok
20:25:33.0312 0x0e10 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
20:25:33.0367 0x0e10 uagp35 - ok
20:25:33.0415 0x0e10 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
20:25:33.0458 0x0e10 UASPStor - ok
20:25:33.0551 0x0e10 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
20:25:33.0600 0x0e10 UCX01000 - ok
20:25:33.0683 0x0e10 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
20:25:33.0776 0x0e10 udfs - ok
20:25:33.0834 0x0e10 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
20:25:33.0868 0x0e10 UEFI - ok
20:25:33.0925 0x0e10 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
20:25:34.0018 0x0e10 UI0Detect - ok
20:25:34.0043 0x0e10 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
20:25:34.0105 0x0e10 uliagpkx - ok
20:25:34.0155 0x0e10 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
20:25:34.0210 0x0e10 umbus - ok
20:25:34.0232 0x0e10 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
20:25:34.0281 0x0e10 UmPass - ok
20:25:34.0376 0x0e10 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
20:25:34.0475 0x0e10 UmRdpService - ok
20:25:34.0612 0x0e10 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:25:34.0690 0x0e10 upnphost - ok
20:25:34.0743 0x0e10 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:25:34.0847 0x0e10 USBAAPL64 - ok
20:25:34.0893 0x0e10 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:25:35.0055 0x0e10 usbaudio - ok
20:25:35.0135 0x0e10 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
20:25:35.0191 0x0e10 usbccgp - ok
20:25:35.0260 0x0e10 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
20:25:35.0339 0x0e10 usbcir - ok
20:25:35.0398 0x0e10 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
20:25:35.0441 0x0e10 usbehci - ok
20:25:35.0598 0x0e10 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
20:25:35.0668 0x0e10 usbhub - ok
20:25:35.0780 0x0e10 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
20:25:35.0855 0x0e10 USBHUB3 - ok
20:25:35.0927 0x0e10 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
20:25:36.0226 0x0e10 usbohci - ok
20:25:36.0268 0x0e10 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
20:25:36.0357 0x0e10 usbprint - ok
20:25:36.0420 0x0e10 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:25:36.0478 0x0e10 USBSTOR - ok
20:25:36.0517 0x0e10 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
20:25:36.0581 0x0e10 usbuhci - ok
20:25:36.0697 0x0e10 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
20:25:36.0766 0x0e10 usbvideo - ok
20:25:36.0875 0x0e10 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:25:36.0935 0x0e10 USBXHCI - ok
20:25:36.0960 0x0e10 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
20:25:36.0993 0x0e10 VaultSvc - ok
20:25:37.0058 0x0e10 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
20:25:37.0089 0x0e10 vdrvroot - ok
20:25:37.0255 0x0e10 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
20:25:37.0452 0x0e10 vds - ok
20:25:37.0531 0x0e10 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
20:25:37.0583 0x0e10 VerifierExt - ok
20:25:37.0711 0x0e10 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
20:25:37.0880 0x0e10 vhdmp - ok
20:25:37.0931 0x0e10 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
20:25:37.0986 0x0e10 viaide - ok
20:25:38.0068 0x0e10 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
20:25:38.0154 0x0e10 vmbus - ok
20:25:38.0217 0x0e10 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
20:25:38.0263 0x0e10 VMBusHID - ok
20:25:38.0403 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:25:38.0472 0x0e10 vmicguestinterface - ok
20:25:38.0548 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
20:25:38.0618 0x0e10 vmicheartbeat - ok
20:25:38.0707 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:25:38.0790 0x0e10 vmickvpexchange - ok
20:25:38.0851 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
20:25:38.0916 0x0e10 vmicrdv - ok
20:25:39.0053 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
20:25:39.0124 0x0e10 vmicshutdown - ok
20:25:39.0202 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
20:25:39.0277 0x0e10 vmictimesync - ok
20:25:39.0341 0x0e10 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
20:25:39.0409 0x0e10 vmicvss - ok
20:25:39.0485 0x0e10 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
20:25:39.0520 0x0e10 volmgr - ok
20:25:39.0553 0x0e10 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
20:25:39.0614 0x0e10 volmgrx - ok
20:25:39.0690 0x0e10 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
20:25:39.0748 0x0e10 volsnap - ok
20:25:39.0781 0x0e10 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
20:25:39.0839 0x0e10 vpci - ok
20:25:39.0888 0x0e10 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
20:25:39.0947 0x0e10 vsmraid - ok
20:25:40.0139 0x0e10 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
20:25:40.0346 0x0e10 VSS - ok
20:25:40.0437 0x0e10 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
20:25:40.0544 0x0e10 VSTXRAID - ok
20:25:40.0645 0x0e10 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
20:25:40.0774 0x0e10 vwifibus - ok
20:25:40.0849 0x0e10 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:25:40.0920 0x0e10 vwififlt - ok
20:25:40.0971 0x0e10 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:25:41.0029 0x0e10 vwifimp - ok
20:25:41.0117 0x0e10 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
20:25:41.0256 0x0e10 W32Time - ok
20:25:41.0276 0x0e10 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
20:25:41.0326 0x0e10 WacomPen - ok
20:25:41.0559 0x0e10 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
20:25:41.0848 0x0e10 wbengine - ok
20:25:42.0001 0x0e10 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
20:25:42.0174 0x0e10 WbioSrvc - ok
20:25:42.0294 0x0e10 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
20:25:42.0378 0x0e10 Wcmsvc - ok
20:25:42.0467 0x0e10 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
20:25:42.0536 0x0e10 wcncsvc - ok
20:25:42.0594 0x0e10 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:25:42.0749 0x0e10 WcsPlugInService - ok
20:25:42.0798 0x0e10 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
20:25:42.0830 0x0e10 WdBoot - ok
20:25:42.0955 0x0e10 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
20:25:43.0099 0x0e10 Wdf01000 - ok
20:25:43.0176 0x0e10 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
20:25:43.0229 0x0e10 WdFilter - ok
20:25:43.0295 0x0e10 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
20:25:43.0384 0x0e10 WdiServiceHost - ok
20:25:43.0416 0x0e10 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
20:25:43.0462 0x0e10 WdiSystemHost - ok
20:25:43.0534 0x0e10 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:25:43.0571 0x0e10 WdNisDrv - ok
20:25:43.0623 0x0e10 WdNisSvc - ok
20:25:43.0692 0x0e10 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
20:25:43.0788 0x0e10 WebClient - ok
20:25:43.0863 0x0e10 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
20:25:43.0933 0x0e10 Wecsvc - ok
20:25:43.0974 0x0e10 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
20:25:44.0035 0x0e10 WEPHOSTSVC - ok
20:25:44.0077 0x0e10 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
20:25:44.0212 0x0e10 wercplsupport - ok
20:25:44.0269 0x0e10 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
20:25:44.0349 0x0e10 WerSvc - ok
20:25:44.0403 0x0e10 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:25:44.0452 0x0e10 WFPLWFS - ok
20:25:44.0496 0x0e10 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
20:25:44.0536 0x0e10 WiaRpc - ok
20:25:44.0582 0x0e10 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
20:25:44.0617 0x0e10 WIMMount - ok
20:25:44.0623 0x0e10 WinDefend - ok
20:25:44.0786 0x0e10 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:25:44.0901 0x0e10 WinHttpAutoProxySvc - ok
20:25:45.0009 0x0e10 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:25:45.0112 0x0e10 Winmgmt - ok
20:25:45.0395 0x0e10 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:25:45.0704 0x0e10 WinRM - ok
20:25:45.0778 0x0e10 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
20:25:45.0846 0x0e10 WinUsb - ok
20:25:45.0977 0x0e10 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
20:25:46.0179 0x0e10 WlanSvc - ok
20:25:46.0360 0x0e10 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
20:25:46.0561 0x0e10 wlidsvc - ok
20:25:46.0622 0x0e10 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
20:25:46.0649 0x0e10 WmiAcpi - ok
20:25:46.0722 0x0e10 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:25:46.0796 0x0e10 wmiApSrv - ok
20:25:46.0824 0x0e10 WMPNetworkSvc - ok
20:25:46.0909 0x0e10 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
20:25:46.0952 0x0e10 Wof - ok
20:25:47.0170 0x0e10 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
20:25:47.0424 0x0e10 workfolderssvc - ok
20:25:47.0474 0x0e10 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:25:47.0517 0x0e10 wpcfltr - ok
20:25:47.0578 0x0e10 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
20:25:47.0682 0x0e10 WPCSvc - ok
20:25:47.0733 0x0e10 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
20:25:47.0810 0x0e10 WPDBusEnum - ok
20:25:47.0849 0x0e10 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:25:47.0882 0x0e10 WpdUpFltr - ok
20:25:47.0938 0x0e10 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:25:47.0997 0x0e10 ws2ifsl - ok
20:25:48.0044 0x0e10 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
20:25:48.0156 0x0e10 wscsvc - ok
20:25:48.0165 0x0e10 WSearch - ok
20:25:48.0645 0x0e10 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
20:25:49.0049 0x0e10 WSService - ok
20:25:49.0440 0x0e10 [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
20:25:50.0022 0x0e10 wuauserv - ok
20:25:50.0134 0x0e10 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
20:25:50.0233 0x0e10 WudfPf - ok
20:25:50.0299 0x0e10 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0367 0x0e10 WUDFRd - ok
20:25:50.0461 0x0e10 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0515 0x0e10 WUDFSensorLP - ok
20:25:50.0577 0x0e10 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
20:25:50.0642 0x0e10 wudfsvc - ok
20:25:50.0701 0x0e10 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdComp C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0750 0x0e10 WUDFWpdComp - ok
20:25:50.0776 0x0e10 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0823 0x0e10 WUDFWpdFs - ok
20:25:50.0860 0x0e10 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
20:25:50.0907 0x0e10 WUDFWpdMtp - ok
20:25:51.0025 0x0e10 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
20:25:51.0102 0x0e10 WwanSvc - ok
20:25:51.0134 0x0e10 ================ Scan global ===============================
20:25:51.0221 0x0e10 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
20:25:51.0323 0x0e10 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
20:25:51.0389 0x0e10 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
20:25:51.0445 0x0e10 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
20:25:51.0473 0x0e10 [ Global ] - ok
20:25:51.0475 0x0e10 ================ Scan MBR ==================================
20:25:51.0525 0x0e10 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:25:52.0362 0x0e10 \Device\Harddisk0\DR0 - ok
20:25:52.0364 0x0e10 ================ Scan VBR ==================================
20:25:52.0391 0x0e10 [ 3E11DBB9BBAB905839083B3D45D63D77 ] \Device\Harddisk0\DR0\Partition1
20:25:52.0435 0x0e10 \Device\Harddisk0\DR0\Partition1 - ok
20:25:52.0453 0x0e10 [ 2AB5562AE31A11B41FE145C67364D6D2 ] \Device\Harddisk0\DR0\Partition2
20:25:52.0491 0x0e10 \Device\Harddisk0\DR0\Partition2 - ok
20:25:52.0492 0x0e10 ================ Scan generic autorun ======================
20:25:52.0548 0x0e10 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\WINDOWS\system32\igfxtray.exe
20:25:52.0588 0x0e10 IgfxTray - ok
20:25:52.0641 0x0e10 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\WINDOWS\system32\hkcmd.exe
20:25:52.0689 0x0e10 HotKeysCmds - ok
20:25:52.0770 0x0e10 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\WINDOWS\system32\igfxpers.exe
20:25:52.0828 0x0e10 Persistence - ok
20:25:52.0831 0x0e10 SynTPEnh - ok
20:25:52.0930 0x0e10 [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
20:25:52.0980 0x0e10 iTunesHelper - ok
20:25:53.0169 0x0e10 [ 9F60097061F79620C9C59FF37A61D852, 9B94C00CAA1F4DF95485F994576DA68B30635C628CFE3D6AE1811E6FEB1A56CA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:25:53.0205 0x0e10 APSDaemon - ok
20:25:53.0485 0x0e10 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:25:53.0572 0x0e10 avgnt - ok
20:25:53.0699 0x0e10 [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
20:25:53.0729 0x0e10 Avira Systray - ok
20:25:54.0074 0x0e10 [ DC6BA936E1DE11E648FB85A817C5182F, F1C27C08F84EEAC9DC5C26E57B9559F6006870E540CB2968494A3D34BAD109A7 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:25:54.0321 0x0e10 Spotify Web Helper - ok
20:25:54.0719 0x0e10 [ B0C5B0AC6D5AA99B78CEB418A6FF80D1, 9544B0DF4AAC6EC6399619784E3BBC1180977DA1ED25F4D89EE22DA7A195E79A ] C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe
20:25:55.0199 0x0e10 Amazon Music - ok
20:25:55.0525 0x0e10 [ 71DCFA65CC4349CF08BFFF7A14D8BAE4, 61DAE2C9EED97F325F449A77FB2E1AAAB90AA2329A0B7AE182B8A808017C11F0 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:25:55.0610 0x0e10 GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56 - ok
20:25:55.0654 0x0e10 Skype - ok
20:25:56.0082 0x0e10 [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
20:25:56.0287 0x0e10 Steam - ok
20:25:57.0037 0x0e10 [ 5E6E816F8F5B454329F8C013A70391B9, E7A9121EFA89FB5DF6EFCEDA9418B49511036DB40D6E631032665F80929FC3A0 ] C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
20:25:57.0693 0x0e10 Spotify - ok
20:25:57.0808 0x0e10 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
20:25:57.0951 0x0e10 WAB Migrate - ok
20:25:57.0954 0x0e10 Waiting for KSN requests completion. In queue: 222
20:25:58.0955 0x0e10 Waiting for KSN requests completion. In queue: 222
20:25:59.0955 0x0e10 Waiting for KSN requests completion. In queue: 222
20:26:00.0984 0x0e10 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
20:26:01.0051 0x0e10 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
20:26:01.0069 0x0e10 Win FW state via NFP2: enabled ( trusted )
20:26:03.0515 0x0e10 ============================================================
20:26:03.0515 0x0e10 Scan finished
20:26:03.0515 0x0e10 ============================================================
20:26:03.0539 0x0c3c Detected object count: 0
20:26:03.0539 0x0c3c Actual detected object count: 0
|
|
01.10.2015, 18:22
| #5 |
| /// the machine /// TB-Ausbilder | Email-Adresse versendet Spammails Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.10.2015, 14:45
| #6 |
| | Email-Adresse versendet Spammails Danke wiedereinmal für die schnelle Antwort. Die Logs: 1.Malewarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.10.2015 Suchlaufzeit: 11:57 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.02.03 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: ***** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgebrochen Durchsuchte Objekte: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 1 Min., 22 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.009 - Bericht erstellt am 02/10/2015 um 14:55:09
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-30.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : ***** - X75V
# Gestartet von : C:\Users\*****\Desktop\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\Babylon
[-] Ordner Gelöscht : C:\ProgramData\Tarma Installer
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\Software_Updater
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\SoftwareUpdater
[-] Ordner Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Activeris
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Babylon
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\goforfiles
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.lyricsmode.com_0.localstorage
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.lyricsmode.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.moderndaybabylon.net_0.localstorage
[-] Datei Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.moderndaybabylon.net_0.localstorage-journal
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : BrowserProtect
[-] Task Gelöscht : GoforFilesUpdate
[-] Task Gelöscht : Software Updater
[-] Task Gelöscht : Software Updater Ui
[-] Task Gelöscht : amiupdaterExd
[-] Task Gelöscht : amiupdaterExi
[-] Task Gelöscht : Adobe Flash Player Updater
[-] Task Gelöscht : AdobeFlashPlayerUpdate
[-] Task Gelöscht : AdobeFlashPlayerUpdate 2
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
[-] Schlüssel Gelöscht : HKCU\Software\5d2d68bbd34be10
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\5d2d68bbd34be10
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
[-] Schlüssel Gelöscht : HKCU\Software\GoforFiles
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GoforFiles
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\IePlugin
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\BABSOLUTION
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\GoforFiles
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Softonic
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\re-markit
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\re-markit
[-] Daten Wiederhergestellt : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-226644849-438525468-1118309550-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
***** [ Internetbrowser ] *****
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : trovi.search
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npnkeeiehehhefofiekoflfedgehcdhl
[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pelmeidfhdlhlbjimpabfcbnnojbboma
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6805 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by Bosch on 02.10.2015 at 15:11:22,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_FB524861655B584465F1BA023A347E56
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\esellerate
Successfully deleted: [Folder] C:\Users\*****\Appdata\Local\com
~~~ Chrome
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.10.2015 at 15:18:03,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
durchgeführt von ***** (Administrator) auf X75V (02-10-2015 15:25:44)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** & (Verfügbare Profile: *****)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-29] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Amazon Music] => C:\Users\*****\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-05] ()
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-29] (Spotify Ltd)
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {3448ea64-ee3a-11e3-befc-08606e4c35fc} - "F:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {49c230f1-ad5d-11e3-beee-08606e4c35fc} - "F:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {4f2c859f-72f7-11e4-bf22-08606e4c35fc} - "F:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1001\...\MountPoints2: {824887c6-2e6f-11e3-bea7-08606e4c35fc} - "G:\Startme.exe"
HKU\S-1-5-21-226644849-438525468-1118309550-1008-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{6E7F3371-D941-4CC4-9896-A6088121ED37}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{ED68718E-4F13-41D3-8285-B7D0E3D13572}: [NameServer] 192.168.0.1,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-226644849-438525468-1118309550-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
URLSearchHook: [S-1-5-21-226644849-438525468-1118309550-1008-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-226644849-438525468-1118309550-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-18] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-06-09]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (ARC Welder) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR Extension: (__MSG_extName__) - C:\Users\*****\Videos\Documents\ageofcivilizations115full-androidoyunclub.apk_export_niDnY [2015-06-09]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-22] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-05-04] (EasyAntiCheat Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-22] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]
U4 secdrv; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-02 15:18 - 2015-10-02 15:18 - 00001340 _____ C:\Users\*****\Desktop\JRT.txt
2015-10-02 15:09 - 2015-10-02 15:09 - 01798976 _____ (Malwarebytes) C:\Users\*****\Desktop\JRT.exe
2015-10-02 15:01 - 2015-10-02 15:01 - 00006908 _____ C:\Users\*****\Desktop\AdwCleaner[C1].txt
2015-10-02 14:52 - 2015-10-02 14:55 - 00000000 ____D C:\AdwCleaner
2015-10-02 14:48 - 2015-10-02 14:48 - 01670656 _____ C:\Users\*****\Desktop\AdwCleaner_5.009.exe
2015-10-02 14:47 - 2015-10-02 14:47 - 00001226 _____ C:\Users\*****\Desktop\mbam.txt
2015-10-02 11:53 - 2015-10-02 14:47 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-02 11:53 - 2015-10-02 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-02 11:53 - 2015-10-02 11:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-02 11:53 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-02 11:53 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-02 11:50 - 2015-10-02 11:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-02 08:53 - 2015-10-02 08:53 - 00049541 _____ C:\Users\*****\Desktop\CharakterisierungNick.odt
2015-09-30 15:49 - 2015-10-02 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-30 15:48 - 2015-10-02 15:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-30 15:48 - 2015-10-02 11:55 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-30 15:45 - 2015-09-30 19:49 - 00000000 ____D C:\Users\*****\Desktop\mbar
2015-09-30 15:45 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-30 15:44 - 2015-09-30 15:44 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\*****\Downloads\tdsskiller.exe
2015-09-30 15:41 - 2015-09-30 15:42 - 16563352 _____ (Malwarebytes Corp.) C:\Users\*****\Downloads\mbar-1.09.3.1001.exe
2015-09-29 18:07 - 2015-09-29 18:34 - 00009743 _____ C:\Users\*****\Downloads\Gmer.log
2015-09-29 17:20 - 2015-09-29 17:20 - 00380416 _____ C:\Users\*****\Downloads\Gmer-19357.exe
2015-09-29 17:05 - 2015-09-29 18:36 - 00041422 _____ C:\Users\*****\Downloads\Addition.txt
2015-09-29 17:02 - 2015-10-02 15:25 - 00014759 _____ C:\Users\*****\Downloads\FRST.txt
2015-09-29 17:02 - 2015-10-02 15:25 - 00000000 ____D C:\FRST
2015-09-29 17:01 - 2015-09-29 17:01 - 02192384 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-09-29 17:00 - 2015-09-29 18:33 - 00000474 _____ C:\Users\*****\Downloads\defogger_disable.log
2015-09-29 17:00 - 2015-09-29 17:00 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-09-29 16:59 - 2015-09-29 16:59 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2015-09-25 17:40 - 2015-09-26 19:54 - 00091836 _____ C:\Users\*****\Desktop\Die Hexer.odt
2015-09-25 16:05 - 2015-09-25 16:05 - 00000222 _____ C:\Users\*****\Desktop\Europa Universalis IV.url
2015-09-25 13:03 - 2015-09-25 13:08 - 00000619 _____ C:\Users\*****\Desktop\Über Katzen.txt
2015-09-23 20:16 - 2015-09-23 20:16 - 00000221 _____ C:\Users\*****\Desktop\Victoria Revolutions.url
2015-09-22 17:29 - 2015-09-24 21:19 - 00058932 _____ C:\Users\*****\Desktop\HannesCharakterisierung.odt
2015-09-16 16:17 - 2015-09-23 18:41 - 00000000 ____D C:\Users\*****\Desktop\Writing Excuses 5
2015-09-12 16:06 - 2015-09-18 18:04 - 00000000 ____D C:\Users\*****\Downloads\FTG_1_3_29Dec
2015-09-12 16:05 - 2015-09-12 16:06 - 18820710 _____ C:\Users\*****\Downloads\FTG_1_3_29Dec.7z
2015-09-12 13:16 - 2015-09-18 17:25 - 00000221 _____ C:\Users\*****\Desktop\For The Glory.url
2015-09-11 16:57 - 2015-09-11 16:57 - 00000222 _____ C:\Users\*****\Desktop\Crusader Kings Complete.url
2015-09-11 16:46 - 2015-10-02 15:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-11 16:46 - 2015-10-02 14:47 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-11 16:46 - 2015-09-11 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-10 21:50 - 2015-09-10 22:55 - 00000000 ____D C:\Program Files (x86)\C-evo
2015-09-10 13:00 - 2015-09-10 22:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\C-evo
2015-09-08 22:48 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 22:48 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 22:48 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 22:48 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 22:48 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 22:48 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 22:48 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 22:48 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 22:48 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 22:48 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 22:48 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 22:48 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:48 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:48 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:48 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:48 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:48 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:48 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 22:48 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 22:48 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 22:48 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 22:48 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:48 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 22:48 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 22:48 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 22:48 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 22:48 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 22:48 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 22:48 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 22:48 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 22:48 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 22:48 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 22:48 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 22:48 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 22:48 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 22:48 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 22:48 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 22:47 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 22:47 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:47 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:47 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 22:47 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 22:47 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 22:47 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 22:47 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:47 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 22:47 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 22:47 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:47 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:47 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:47 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:47 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:47 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:47 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 22:47 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 22:47 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 22:47 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 22:47 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 22:47 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-06 21:24 - 2015-09-06 21:24 - 00000847 _____ C:\Users\*****\AppData\Local\recently-used.xbel
2015-09-06 17:51 - 2015-09-06 17:53 - 04762478 _____ C:\Users\*****\Desktop\Weltkarte-blank.svg
2015-09-06 14:33 - 2015-09-06 14:33 - 00000087 ____H C:\Users\*****\Desktop\.~lock.Homo faber.MP4#
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-02 15:18 - 2014-01-12 22:24 - 00000000 __RDO C:\Users\*****\SkyDrive
2015-10-02 15:18 - 2013-02-05 12:58 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-226644849-438525468-1118309550-1001
2015-10-02 15:00 - 2013-10-08 19:40 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e.job
2015-10-02 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-02 14:58 - 2015-01-02 18:42 - 00041319 _____ C:\WINDOWS\setupact.log
2015-10-02 14:58 - 2015-01-02 16:53 - 00221120 _____ C:\WINDOWS\PFRO.log
2015-10-02 14:58 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-02 14:57 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-02 14:54 - 2014-09-11 02:34 - 01376649 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-02 14:48 - 2015-06-12 13:16 - 00002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-10-02 14:48 - 2014-05-26 17:47 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-10-02 14:48 - 2014-01-12 21:35 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-02 14:48 - 2013-02-11 16:58 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-02 14:48 - 2013-02-10 18:56 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-02 14:47 - 2015-07-24 19:28 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-02 14:47 - 2015-03-03 15:43 - 00001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-02 14:47 - 2013-04-13 14:51 - 00000872 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-02 14:46 - 2015-03-24 03:03 - 00001847 _____ C:\Users\*****\Desktop\Spotify.lnk
2015-10-02 14:46 - 2014-11-05 01:22 - 00001512 _____ C:\Users\*****\Desktop\Lazarus.lnk
2015-10-02 14:46 - 2014-07-18 21:42 - 00000793 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Toribash.lnk
2015-10-02 14:46 - 2014-06-06 17:11 - 00001019 _____ C:\Users\*****\Desktop\yWriter5.lnk
2015-10-02 14:46 - 2014-06-03 17:23 - 00001127 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2015-10-02 14:46 - 2014-06-03 17:23 - 00001103 _____ C:\Users\*****\Desktop\FreeMind.lnk
2015-10-02 14:46 - 2014-01-12 22:21 - 00001450 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-02 14:46 - 2013-12-17 16:31 - 00002230 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2015-10-02 14:46 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-10-02 14:46 - 2013-05-19 23:09 - 00001555 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft.WindowsLive.Calendar.lnk
2015-10-02 14:46 - 2013-05-04 13:52 - 00001833 _____ C:\Users\v\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-10-02 14:30 - 2013-09-02 14:21 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 13:59 - 2014-03-18 20:40 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A674EFEF-598F-41CF-A610-7C4F5B9A8590}
2015-10-02 07:34 - 2015-01-10 23:51 - 00000000 ____D C:\Users\*****\Desktop\Schulische Dolument K1
2015-10-01 07:29 - 2013-11-14 09:27 - 01960188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-01 07:29 - 2013-11-14 09:11 - 00830894 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-01 07:29 - 2013-11-14 09:11 - 00183768 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-29 22:11 - 2013-05-04 13:52 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2015-09-29 21:33 - 2013-05-04 13:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2015-09-29 17:00 - 2014-01-12 21:30 - 00000000 ____D C:\Users\*****
2015-09-29 13:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-24 17:40 - 2015-04-22 21:12 - 00000000 ____D C:\Users\*****\Videos\Documents\My Games
2015-09-24 16:08 - 2014-06-18 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-24 16:08 - 2014-03-11 23:11 - 00000000 ____D C:\Users\*****\AppData\Local\Thunderbird
2015-09-22 21:44 - 2013-04-10 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-22 21:41 - 2013-05-07 22:07 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 21:41 - 2013-04-10 19:25 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 20:00 - 2014-07-30 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TripleA
2015-09-22 19:56 - 2015-07-04 16:13 - 00000000 ____D C:\Program Files (x86)\TripleA
2015-09-22 16:58 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 17:35 - 2013-12-16 19:49 - 00025418 _____ C:\Users\*****\Videos\Documents\Unbenannt 1.odt
2015-09-18 17:25 - 2013-12-10 14:27 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cec44d6a6b842e
2015-09-18 17:25 - 2013-09-02 14:21 - 00004100 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 14:42 - 2013-06-05 14:19 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2015-09-16 13:55 - 2013-09-02 14:21 - 00000000 ____D C:\Users\*****\AppData\Local\Google
2015-09-15 03:18 - 2015-03-13 14:04 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-13 14:04 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 13:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-13 20:23 - 2015-03-29 18:42 - 00000000 ____D C:\Users\*****\Desktop\Projekte
2015-09-11 17:31 - 2015-01-27 20:29 - 00072952 _____ C:\WINDOWS\DirectX.log
2015-09-11 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-11 14:00 - 2013-08-22 16:44 - 00497528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 23:39 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 22:55 - 2015-04-10 01:12 - 00000651 _____ C:\Users\*****\Videos\Documents\Uninstall STAR WARS The Old Republic.log
2015-09-09 13:34 - 2013-08-31 21:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:50 - 2014-05-26 17:51 - 00000000 ____D C:\Users\*****\.gimp-2.8
2015-09-06 21:24 - 2014-05-27 13:17 - 00000000 ____D C:\Users\*****\AppData\Local\gtk-2.0
2015-09-03 15:07 - 2013-04-10 19:25 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-06 21:24 - 2015-09-06 21:24 - 0000847 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2013-12-20 14:30 - 2013-12-20 14:30 - 0007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\BRSVC_18420437_hlp.exe
C:\Users\*****\AppData\Local\Temp\comver.dll
C:\Users\*****\AppData\Local\Temp\EBU252A.exe
C:\Users\*****\AppData\Local\Temp\EBU3CAA.DLL
C:\Users\*****\AppData\Local\Temp\iiuninst.exe
C:\Users\*****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\*****\AppData\Local\Temp\project1.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-02 15:18
==================== Ende von FRST.txt ============================
|
|
03.10.2015, 11:31
| #7 |
| /// the machine /// TB-Ausbilder | Email-Adresse versendet SpammailsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Email-Adresse versendet Spammails |
| akamai, antivir, antivirus, avira, bonjour, converter, cpu, desktop, device driver, dnsapi.dll, flash player, google, iexplore.exe, mozilla, mp3, problem, prozesse, registry, rundll, scan, server, software, spam versand von meinem account, svchost.exe, system, virus, warnung, windows |
Linear-Darstellung
